info@techaven.co.zw +263 71 899 9646
Resources / Blog / 🛡️ Building a Virtualized Home Lab: Ente...
Cybersecurity Apr 20, 2026 4 min read 158 views

🛡️ Building a Virtualized Home Lab: Enterprise-Grade

Creating a home lab is a critical step for anyone beginning or advancing their career in cybersecurity whether in red teaming, blue teaming, or purple teaming.

BE
Beatitude Sithole
Published 2 months ago
🛡️ Building a Virtualized Home Lab: Enterprise-Grade

A well-configured lab provides hands-on experience, full control over testing environments, and the ability to experiment with misconfigurations, assess security strengths, and practice evasion techniques. For cybersecurity professionals, a home lab is not just beneficial, it’s indispensable.

This guide is for cybersecurity professionals (Red/Purple/Blue Team), anyone prepping for certifications like PJPT, PNPT, CPTS, OSCP, or launching a career in cybersecurity. This guide will walk you through setting up a virtualized, enterprise-grade cybersecurity lab to simulate real-world attack and defense scenarios.

🧠Why This Lab Matters

"The difference between theory and domination? Your own cyber battlefield.

Introduction

A well-structured virtualized home lab is essential for learning offensive security, penetration testing, and enterprise cybersecurity. This lab will simulate a real-world corporate network with:

  • Kali Linux (Attacker Machine)
  • Windows Server 2016 (Active Directory & Vulnerable Apps)
  • Windows 11 Client (Simulating an Endpoint)
  • Sophos Firewall Home Edition (Network Security)
  • Ubuntu Server (Hosting Wazuh SIEM for Monitoring - Network full visibility)

This guide provides a step-by-step walkthrough to set up this lab using VMware Workstation Pro (or VirtualBox).

Prerequisites

  1. Before starting, ensure you have:
  2. A powerful PC (Recommended: 16GB+ RAM, 200GB+ Storage, Intel VT-x/AMD-V Enabled)
  3. VMware Workstation Pro/VirtualBox (For Virtualization)
  4. Installation Files:

Step 1: Setting Up VMware/VirtualBox Networking

We’ll use custom network segments to simulate an enterprise environment:

  1. Open VMware Workstation → Edit → Virtual Network Editor
  2. Create Three Networks:
  • NAT (For Internet Access) – Default VMnet8
  • Internal Network (LAN - 192.168.1.0/24) – VMnet2
  • DMZ (For Wazuh & Firewall - 172.16.1.0/24) – VMnet3

(In VirtualBox, use Host-Only Adapters and Internal Networks instead.)


Step 2: Installing Kali Linux (Attacker Machine)

  1. Create a New VM (2 CPU Cores, 4GB RAM, 50GB Disk)
  2. Attach Kali ISO & Install (Select "Graphical Install")
  3. Configure Networking:
  • Primary AdapterNAT (VMnet8) (For internet access)
  • Secondary AdapterHost-Only (VMnet2) (For attacking the lab)
  1. Update Kali:
sudo apt update && sudo apt full-upgrade -y


Step 3: Installing Windows Server 2016 (Domain Controller)

  1. Create a New VM (2 CPU Cores, 4GB RAM, 100GB Disk)
  2. Attach Windows Server ISO & Install
  3. Set Up Active Directory:
  • Open Server Manager → Add Roles → Active Directory Domain Services
  • Promote to Domain Controller (Create a new forest: cyberlab.local)
  • Install DHCP & DNS roles
  1. Configure Networking:
  • Primary AdapterInternal Network (VMnet2)
  • Set Static IP192.168.1.10

🔧 Need help configuring AD? Follow this detailed guide


Step 4: Installing Windows 11 (Client Machine)

  1. Create a New VM (2 CPU Cores, 4GB RAM, 80GB Disk)
  2. Attach Windows 11 ISO & Install
  3. Join the Domain:
  • Set DNS to DC (192.168.1.10)
  • Go to Settings → System → About → Join Domain (cyberlab.local)
  1. Install Vulnerable Apps (Optional):
  • XAMPP with old PHP versions
  • Outdated software for exploitation practice


Step 5: Installing Sophos XG Firewall (Network Security)

  1. Create a New VM (2 CPU Cores, 4GB RAM, 50GB Disk)
  2. Attach Sophos ISO & Install
  3. Configure Interfaces:
  • WAN (VMnet8 - NAT) – For internet access
  • LAN (VMnet2 - 192.168.1.1) – For internal network
  • DMZ (VMnet3 - 172.16.1.1) – For Wazuh monitoring
  1. Set Up Firewall Rules:
  • Allow HTTP/HTTPS from LAN to WAN
  • Block ICMP Ping from External Networks
  • Enable Intrusion Prevention System (IPS)

📺 Need help configuring Sophos Firewall? Watch this YouTube step by step tutorial


Step 6: Installing Ubuntu Server (Wazuh SIEM for Monitoring)

  1. Create a New VM (2 CPU Cores, 8GB RAM, 100GB Disk)
  2. Attach Ubuntu ISO & Install
  3. Configure Networking:
  • Primary AdapterDMZ (VMnet3)
  • Static IP172.16.1.100
  1. Install Wazuh:
curl -sO <https://packages.wazuh.com/4.7/wazuh-install.sh> && sudo bash wazuh-install.sh --all-in-one
  1. Access Wazuh Dashboard:
  • Open https://172.16.1.100 in a browser

Need help installing Wazuh again? No help this time, you gotta figure it out 🥷


Step 7: Testing the Lab

  1. From Kali Linux:
  • Scan the network:
nmap -sV 192.168.1.0/24
  • Exploit a vulnerable service (e.g., EternalBlue on Windows Server).
  1. Check Wazuh Alerts for detected attacks.
  2. Test Sophos Firewall by attempting unauthorized connections

🚀 Congratulations! You’ve just built a highly functional, enterprise-style cybersecurity lab that mirrors real-world networks.

👀 Coming Next:

“Offensive Security: First Blood – Footprinting & Reconnaissance”

Stay tuned.

Share Twitter LinkedIn Back to Blog
In this article
4 min read 158 views
Ready to learn?
Join a Techaven course

Apply practical skills like the ones in this article in our hands-on courses.

Explore Courses