Listing Thumbnail

    Security Onion 2

     Info
    Free Trial
    The official Security Onion 2 AMI. Security Onion 2 provides organizations with a suite of tools for threat hunting, enterprise security monitoring, and log management.

    Overview

    Play video

    Security Onion is a free and open platform built by defenders for defenders. It includes network visibility, host visibility, intrusion detection honeypots, log management, and case management. For network visibility, we offer signature based detection via Suricata, rich protocol metadata and file extraction using your choice of either Zeek or Suricata, full packet capture via Stenographer, and file analysis via Strelka. For host visibility, we offer the Elastic Agent which provides data collection, live queries via osquery, and centralized management using Elastic Fleet. Intrusion detection honeypots based on OpenCanary can be added to your deployment for even more enterprise visibility. All of these logs flow into the Elastic stack and we've built our own user interfaces for alerting, hunting, dashboards, case management, and grid management. Security Onion has been downloaded over 2 million times and is being used by security teams around the world to monitor and defend their enterprises. Our easy-to-use Setup wizard allows you to build a distributed grid for your enterprise in minutes!

    Highlights

    • Security Onion can be installed as a standalone, single VM, or in a distributed grid. Additionally, a single-VM evaluation install mode is available for learning Security Onion, as well as an import install mode for analyzing past events.
    • Security Onion Console provides a consistent interface for viewing events, escalating alerts, and drilling down into associated PCAP traffic.
    • Aggregate your platform logs into Security Onion for a comprehensive, security-focused view into activity within your infrastructure.

    Details

    Delivery method

    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)

    Latest version

    Operating system
    OtherLinux 9

    Typical total price

    This estimate is based on use of the seller's recommended configuration (t3a.2xlarge) in the US East (N. Virginia) Region. View pricing details

    $0.451/hour

    Pricing

    Free trial

    Try this product at no cost for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

    Security Onion 2

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (238)

     Info
    • ...
    Instance type
    Product cost/hour
    EC2 cost/hour
    Total/hour
    t2.large
    $0.15
    $0.093
    $0.243
    t2.xlarge
    $0.15
    $0.186
    $0.336
    t2.2xlarge
    $0.15
    $0.371
    $0.521
    t3.large
    $0.15
    $0.083
    $0.233
    t3.xlarge
    $0.15
    $0.166
    $0.316
    t3.2xlarge
    $0.15
    $0.333
    $0.483
    t3a.large
    $0.15
    $0.075
    $0.225
    t3a.xlarge
    $0.15
    $0.15
    $0.30
    t3a.2xlarge
    Recommended
    $0.15
    $0.301
    $0.451
    m3.large
    $0.15
    $0.133
    $0.283

    Additional AWS infrastructure costs

    Type
    Cost
    EBS General Purpose SSD (gp3) volumes
    $0.08/per GB/month of provisioned storage

    Vendor refund policy

    Refunds are not available.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Version release notes

    Full release notes for the latest Security Onion release are located at https://docs.securityonion.net/en/2.4/release-notes.html .

    Existing Security Onion 2.4.4 or newer AMI installations should use the "soup" command to upgrade to newer versions of Security Onion. Attempting to switch to a newer AMI from the AWS Marketplace could cause loss of data and require full grid re-installation. Note that grids running Security Onion 2.3 cannot use soup to upgrade to 2.4, as the underlying operating system has changed from CentOS to Oracle Enterprise Linux.

    Additional details

    Usage instructions

    IMPORTANT: Security Onion requires installation once the virtual machine first starts. Additionally, an understanding of DNS and networking concepts is required. Most users will need to map the VM's hostname to the VM IP address, either via their local /etc/hosts file, or via a domain resolution service in order to access the web interface.

    Please review the following documentation links, as thoroughly understanding the architecture, such as which nodes should exist in AWS vs On-Premise, is an important prerequisite for deploying Security Onion in AWS.

    Guidelines on instance sizing as well as AMI-specific instructions. This is a must read for all users new to running Security Onion on AWS.

    Where data is stored within the VM's filesystem:

    How Security Onion data is secured:

    Information relating to updating passwords:

    To verify a healthy installation, follow the recommendations provided in the following links:

    Finally, if you run into trouble or need clarification, there is an active Security Onion community that helps answer questions relating to Security Onion. To take advantage of this free community support, visit our discussion forum:

    Resources

    Support

    Vendor support

    Free community support is provided by the general public. Search our forums for answers that may have already been provided by other users. Security Onion Solutions also offers premium support at an additional cost. Visit our support website for more information. Premium Support:

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    1
    1 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    100%
    1 AWS reviews
    cybersec

    poorly developed , no support for software, no architecture or deployment details,

    Reviewed on Nov 06, 2023
    Purchase verified by AWS

    poorly developed, no support for software, no architecture or deployment details,
    what is the purpose of having this software at this platform , absolutely nothing

    View all reviews