<![CDATA[This study aims to design and validate a low-cost network security model based on open-source solutions by integrating Pi-hole and Quality of Service (QoS) as a technical implementation of ISO/IEC 27001:2022 controls for resource-constrained organizations. The implementation results demonstrate a significant improvement in security posture by blocking 14.1% of malicious and irrelevant DNS queries, while simultaneously enhancing network performance by reducing critical application latency by 45%. The key advantage of this model lies in its cost efficiency and its dual benefits of improved security and optimized performance within a single framework. However, the study also identifies limitations, particularly the potential for false positives that require manual whitelist management and reliance on trained personnel to ensure operational sustainability. The main contribution of this research is the provision of a simple, cost-effective, and standards-compliant technical framework, while also introducing a mathematical formulation to assess the trade-offs between security, performance, and cost. Future directions include integrating Intrusion Detection/Prevention Systems (IDS/IPS) for layered Defense and replicating the model into a turnkey security appliance that can be widely adopted by other organizations facing similar challenges.]]>
Copyrights © 2025
