A lightweight version used strictly for analyzing pre-captured PCAP files rather than live network monitoring. Preparing Your Bootable Media
200GB minimum; SSDs are highly preferred for database performance.
Under the "Assets" section, click on the .iso file to begin the download. download security onion iso image
Used for enterprise environments. This separates the "Manager" node from "Forward" nodes (sensors) that sit on different parts of the network.
Before you burn the image to a USB drive or boot it in a Virtual Machine, you must verify that the file was not corrupted during the download. (Linux/macOS) or PowerShell (Windows). Run the checksum command: Used for enterprise environments
Whether you are a seasoned security analyst or a curious beginner, finding the right starting point for network monitoring is crucial. Security Onion is a free and open-source Linux distribution for threat hunting, enterprise security monitoring, and log management. It includes a massive suite of tools like Elasticsearch, Logstash, Kibana, Suricata, Zeek, and Wazuh.
Do you need help setting up a to get traffic to the ISO? (Linux/macOS) or PowerShell (Windows)
I can give you a step-by-step walkthrough for your specific setup.