I have added 2 DNS servers, which are being run from 2 x Raspberry Pi's (1 x Raspberry Pi 3 and 1 Raspberry Pi Zero W). They sync their Gravity databases using Rsync. Both the Raspberry Pi's run on Diet Pi which is a lightweight OS. I have installed PiHole which is a Network-Wide Ad and Tracking blocker. This has been done to help prevent malicious pages, adverts, and tracking from taking place throughout the entire network. This has been beneficial not just on the laptops/computer but also for the Smart TV and mobile phones, which seem to have a large amount of data being sent to the manufacturers about their usage. I have also made both the DNS servers recursive. This makes the DNS servers authoritative and this means that my network is less likely to be sent to a phishing site hosted elsewhere.

I am planning on adding the following to my network:

1 x Access Point

1 x NGFW (Next Generation Firewall)

Once I have added the Access Point, I will be able to create separate VLANs and from there I will add all my IoT devices to the separate VLAN. I am doing this so that if one of the devices becomes compromised then they are separated from the network.

For additional security, I want to add an NGFW so that I can have greater control and visibility. I have basic controls on the Home Router where I am able to lock down ports, but I do not currently have access to an ACL.

I do have home lab capabilities on my main PC, in which I run VirtualBox. Through this, I am able to simulate many more devices such as Windows Server, Linux distributions, and experimental desktop environments that I don't want to have running on my daily machine. I have upgraded my machine to 32GB RAM and a 6C/12T CPU. I plan on upgrading the CPU so that I can provide greater resources to additional Virtual Machines.