I will cover my setup some more when I can find the time. At the moment I have two Aruba 2930F 8 ports switches, one Meraki 8 ports switch, two Aruba AP-515, an OpnSense Firewall running on old Checkpoint hardware and a smaller server running ESXi containing Home Assistant, Pi-Hole and a docker VM with Netbox. I also have a server with more memory and CPU in another DC where I run a ClearPass cluster, one Eve-NG server, LibreNMS, a Windows 2019 server running AD and PKI.
The plan now is to improve the security for wired and wireless and moving away from static VLANs and PSK based network to 802.1X with PEAP and EAP-TLS, for the IoT devices I will use MPSK. I will also add some profiling on both 802.1X and MPSK.
I will also install a smaller ClearPass server at home for backup if I loose the connection to the remote DC.