Re: Snort production setup design

[sandeep dubey <sandeep.sanash () gmail com>]

Thanks Rodgers for reply,

I am running my production environment on public cloud Amazon Web Services
(AWS), where i don't have control for installing iso/img etc.

Is SecurityOnion equivalent to OSSIM ?

On Thu, Dec 17, 2015 at 7:03 PM, Rodgers, Anthony (DTMB) <
RodgersA1 () michigan gov> wrote:

> Can’t recommend SecurityOnion highly enough.
>
>
>
> --
>
> Anthony Rodgers
>
> Security Analyst
>
> Michigan Security Operations Center (MiSOC)
>
> DTMB, Michigan Cyber Security
>
>
>
> *From:* sandeep dubey [mailto:sandeep.sanash () gmail com]
> *Sent:* Thursday, December 17, 2015 04:53
> *To:* snort-users () lists sourceforge net
> *Subject:* [Snort-users] Snort production setup design
>
>
>
> Hi,
>
>
>
> Is it possible to install snort in IDS mode on multiple servers (AWS EC2
> instances ) and have a central server where analysis can be done through
> gui and also alerts/notification can be managed like OSSEC ?
>
>
>
> If yes, what is the tools to use and how to move ahead?
>
>
>
> --
>
> Regards,
>
> Sandeep



-- 
Regards,
Sandeep

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!