-
Notifications
You must be signed in to change notification settings - Fork 521
Use Cases
Security Onion is designed for many different use cases! Here are just a few examples.
Install Security Onion. Run Setup and configure network interfaces. Reboot, run Setup, and then choose Evaluation Mode.
Install Security Onion. Run Setup and configure network interfaces. Reboot, run Setup, choose Production Mode, and then choose Standalone.
Install Security Onion on the master server box. Run Setup and configure network interfaces. Reboot, run Setup, choose Production Mode, and then choose Master. Install Security Onion on one or more sensor boxes and then on each one: run Setup, configure network interfaces, reboot, run Setup choose Production Mode, and then choose Sensor.
Install Security Onion in a VM on your local desktop or laptop. Do NOT run Setup. Launch the Sguil client and connect to sguild on your Production Master Server. Launch the web browser and connect to Squert or ELSA on your Production Master Server.
- Introduction
- Use Cases
- Hardware Requirements
- Release Notes
- Download/Install
- Booting Issues
- After Installation
- UTC and Time Zones
- Services
- VirtualBox Walkthrough
- VMWare Walkthrough
- Videos
- Architecture
- Cheat Sheet
- Conference
- Elastic Stack
- Elastic Architecture
- Elasticsearch
- Logstash
- Kibana
- ElastAlert
- Curator
- FreqServer
- DomainStats
- Docker
- Redis
- Data Fields
- Beats
- Pre-Releases
- ELSA to Elastic
- Network Configuration
- Proxy Configuration
- Firewall/Hardening
- Email Configuration
- Integrating with other systems
- Changing IP Addresses
- NTP
- Managing Alerts
- Managing Rules
- Adding Local Rules
- Disabling Processes
- Filtering with BPF
- Adjusting PF_RING for traffic
- MySQL Tuning
- Adding a new disk
- High Performance Tuning
- Trimming PCAPs