Tonight we completed a final inventory of our hardware and identified the go-forward hardware for SCBG. We have a few systems that should be outstanding for phase 1 and are ready to get started after a couple more sessions.
We also permanently racked the firewall, switch, and KVM switch. As a consequence of this, the cables that were previously run for this gear no longer works, so we've striped all of the networking cables.
Next up, on January 31:
Establish cable routes for data, KVM, and power.
Re-cable every server such that they can be serviced independently.
Establish basic connectivity with the gateway from each host.
When everything above has been accomplished we'll build a basic remotely accessible VM lab on a single host. This lab will host a network segment for intentionally vulnerable training VMs, set to revert weekly.
Once we get that working regularly, I want to get a contained subnet built with packet capture & security onion upstream to host the known compromised hosts for forensic analysis.
After that it's on to phase 2.