Installation

Note

If you want to deploy in Amazon AWS using our AMI, you can skip to the AWS Cloud AMI section.

Having downloaded your desired ISO according to the Download section, it’s now time to install! There are separate sections below to walk you through installing using our Security Onion ISO image (based on CentOS 7) or installing standard CentOS 7 or Ubuntu 18.04 and then installing our components on top.

Tip

For most use cases, we recommend using our Security Onion ISO image as it’s the quickest and easiest method.

Installation using Security Onion ISO Image

If you want to install Security Onion using our ISO image:

  1. Review the Hardware Requirements and Release Notes sections.

  2. Download and verify our Security Onion ISO image.

  3. Boot the ISO in a machine that meets the minimum hardware specs.

  4. Follow the prompts to complete the installation and reboot.

  5. You may need to eject the ISO image or change the boot order of the machine to boot from the newly installed OS.

  6. Login using the username and password you set in the installer.

  7. Security Onion Setup will automatically start. If for some reason you have to exit Setup and need to restart it, you can log out of your account and then log back in and it should automatically start. If that doesn’t work, you can manually run it as follows:

    sudo SecurityOnion/setup/so-setup iso
    
  8. Proceed to the Configuration section.

Installation on Ubuntu or CentOS

If you want to install Security Onion on CentOS 7 or Ubuntu 18.04 (not using our Security Onion ISO image), follow these steps:

  1. Review the Hardware Requirements and Release Notes sections.

  2. Download the ISO image for your preferred flavor of Ubuntu 18.04 64-bit or CentOS 7 64-bit, verify the ISO image, and boot from it.

  3. Follow the prompts in the installer. If you’re building a production deployment, you’ll probably want to use LVM and dedicate most of your disk space to /nsm as discussed in the Partitioning section.

  4. Reboot into your new installation.

  5. Login using the username and password you specified during installation.

  6. If you’re using CentOS 7 Minimal, you may need to install git:

    sudo yum -y install git
    
  7. Once you have git, then clone our repo and start the Setup process:

    git clone https://github.com/Security-Onion-Solutions/securityonion
    cd securityonion
    sudo bash so-setup-network
    
  8. Proceed to the Configuration section.