Educause Security Discussion mailing list archives
Re: [External] [SECURITY] Security Onion - Hardware Recommendations
From: Jason Rinne <000001eec16a232b-dmarc-request () LISTSERV EDUCAUSE EDU>
Date: Thu, 11 Feb 2021 08:14:09 -0600
Hi Kevin, I knew there would be a lot of questions but I didn't know where to start to get the ball rolling. -I would say 1-2 users logged in and searching. -I would like to run suricata + zeek with this deployment but I don't know about full pcap. I doubt I have the budget for storing full pcap. *Jason Rinne* *Systems Administrator* 500 E College Street | Marshall, MO 65340 P| 660.831.4088 rinnej () moval edu | www.moval.edu <http://www.google.com/url?q=http%3A%2F%2Fwww.moval.edu%2F&sa=D&sntz=1&usg=AFQjCNGKt2IG1bGuzs-09SwzY5L1h8waMQ> [image: www.moval.edu] <http://www.moval.edu> On Thu, Feb 11, 2021 at 8:07 AM Kevin Wilcox <wilcoxkm () appstate edu> wrote:
Hi, Jason! What volume of data do you plan to pull in, how many users logged in and searching, are you running suricata + zeek, are you storing full pcap, there are lots of questions before any recommendations can be made =) kmw On Thu, Feb 11, 2021 at 8:50 AM Jason Rinne < 000001eec16a232b-dmarc-request () listserv educause edu> wrote:Does anyone have Security Onion running in their environment that would be willing to share your hardware specs? I had an older version of SO running before but only in a stand alone setup. I want to jump back in with the new version and need advice on hardware and deployment strategy. *Jason Rinne* *Systems Administrator* 500 E College Street | Marshall, MO 65340 P| 660.831.4088 rinnej () moval edu | www.moval.edu <http://www.google.com/url?q=http%3A%2F%2Fwww.moval.edu%2F&sa=D&sntz=1&usg=AFQjCNGKt2IG1bGuzs-09SwzY5L1h8waMQ> [image: www.moval.edu] <http://www.moval.edu> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Security Onion - Hardware Recommendations Jason Rinne (Feb 11)
- Re: [External] [SECURITY] Security Onion - Hardware Recommendations Kevin Wilcox (Feb 11)
- Re: [External] [SECURITY] Security Onion - Hardware Recommendations Jason Rinne (Feb 11)
- Re: Security Onion - Hardware Recommendations Foss, Henry L. (Feb 11)
- Re: [External] [SECURITY] Security Onion - Hardware Recommendations Kevin Wilcox (Feb 11)