Final Project Completed!

Project Overview

After months of intensive learning and hands-on work, I have successfully completed my final project for postgraduate studies in Cybersecurity Engineering. The aim of this project was to build a modern, modular and secure home network, leveraging open-source tools and containerization to maximize security, flexibility and ease of management.

The entire process required a lot of commitment and many hours of research, configuration, and troubleshooting. Every line of code and every Docker container deployed was the result of real-world problem-solving and continuous improvement.

Security Context

This project represents a practical implementation of multiple cybersecurity disciplines typically found in professional environments:

• Blue Team: Focused on defensive security, the system includes threat detection (Suricata), DNS filtering (Pi-hole, Unbound), firewall rules, and monitoring tools. It protects the home network by identifying and mitigating suspicious activity.
• SOC (Security Operations Center) Functionality: Although operating on a small scale, this system behaves similarly to a SOC by centralizing logs via Graylog, enabling alerting, and providing visibility into network and system activities.
• DevSecOps: Leveraging Docker, Docker Compose, and Portainer, the project incorporates modern DevOps principles with security embedded into the deployment pipeline.
• Privacy & Compliance: The setup enhances privacy and enforces responsible internet access.

What I Have Learned

• Advanced configuration and orchestration of Docker containers in real home network scenarios.
• Deploying and integrating multiple security solutions: DNS, Proxy, IDS, and more.
• Practical skills in monitoring, logging, and incident detection in a self-hosted environment.
• Efficient network segmentation and firewall rules, with focus on both security and performance.
• Container networking, persistent storage, automated log collection and real-time data visualization.
• Adapting solutions to low-resource hardware (Raspberry Pi 5) and troubleshooting compatibility issues (especially on ARM64).

This project was not just an academic task — it was a deep dive into modern cyber defense, with direct application in everyday life.

Source Code & Documentation

All source code, configuration files and step-by-step guides are open and available for everyone interested in practical cybersecurity:

• [Component Overview]: Home Network Guardian
• [Project configuration files]: Home Network Guardian - Docker-based Security System
• [ICYB Final Project]: Full Thesis (LaTeX and Html page)
• [Presentation - PL]: Final presentation (gamma.app)

Biggest Challenges

• Running enterprise-class tools (Graylog, Grafan, Suricata, Prometheus, Mongo DB) on limited hardware.
• Integrating logs and metrics from many sources into a single, clear dashboard.
• Ensuring security without losing usability for the whole family (safe browsing, filtering, privacy).
• Maintaining network stability during continuous changes and updates.

Personal Reflections

Completing this project was a great journey. I spent almost six months of focused work, countless evenings reading documentation, debugging and designing the architecture. I am proud of the result, but even more proud of the skills I gained and the knowledge I can now share.

I encourage everyone interested in practical cybersecurity to explore my code, guides, and diagrams. If you have any questions, ideas or feedback — feel free to contact me on LinkedIn.

This is not the end — just a milestone. There is still a lot to learn!

Thank You!

Thank you to everyone who supported me during this project: my family, colleagues, and all members of the open-source community.