Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks

[Doug Burks <doug.burks () gmail com>]

Hi Chase,

Here's one option.

First, install Security Onion (http://securityonion.net/) on your
cloud server.  Choose a server-only installation.

For the sensors, start with a small form factor box like HP
Microserver, Intel NUC, or Fit-PC with at least 2 NICs.  Install
Security Onion, choose a sensor-only installation.  It will prompt for
the hostname of your master server, give it the hostname of your cloud
server.  Enable Snort and whatever other sensor processes you'd like
to run.

You'll then be able to log into any of the GUIs on your cloud server
and manage the Snort alerts from all your sensors.

If you have any questions about Security Onion, please use our
security-onion mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Thanks,
Doug

On Wed, Jul 2, 2014 at 6:25 PM, Chase Turner <chase () stumpy com> wrote:
> Two requests in this posting:
>
> 1) Seeking pointers to a no-fuss micro-appliance and “how to” guide to host Snort on it — for deployment at family 
> members home networks to assess their network risks.  For example, http://utilite-computer.com/web/home or some other 
> physical form factor that does not require a whole lot of hand tuning and installing of hardware; and
>
> 2) Are there third-party cloud-centric monitoring strategies wherein those remotely provisioned snort deployments on 
> micro-appliances (at family member home networks in various states) can be consolidated into a central console for 
> review of security alerts and all?
>
>
>
>
> ------------------------------------------------------------------------------
> Open source business process management suite built on Java and Eclipse
> Turn processes into business applications with Bonita BPM Community Edition
> Quickly connect people, data, and systems into organized workflows
> Winner of BOSSIE, CODIE, OW2 and Gartner awards
> http://p.sf.net/sfu/Bonitasoft
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!



-- 
Doug Burks

------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!