.. _getting-started:

Getting Started
===============

If you're ready to get started with Security Onion, you may have questions like:

**What are the recommended best practices?**

See the :ref:`best-practices` section.

**How many machines do I need?**

Depending on what you're trying to do, you may need anywhere from one machine to thousands of machines. The :ref:`use-cases` and :ref:`architecture` sections will help you decide.

**What kind of hardware does each of those machines need?**

This could be anything from a small virtual machine to a large rack mount server with lots of CPU cores, lots of RAM, and lots of storage. The :ref:`hardware` section provides further details.

**If I just want to try Security Onion in a virtual machine, how do I create a virtual machine?**

See the :ref:`vmware`, :ref:`virtualbox`, and :ref:`proxmox` sections.

**How do I deploy Security Onion in the cloud?**

See the :ref:`cloud-amazon`, :ref:`cloud-azure`, and :ref:`cloud-google` sections.

**What if I have trouble booting the ISO image?**

Check out the :ref:`trouble-booting` section.

**What if I'm on an airgap network?**

Review the :ref:`airgap` section.

**Once I've booted the ISO image, how do I install it?**

See the :ref:`installation` section.

**After installation, how do I configure Security Onion?**

The :ref:`configuration` section covers many different use cases.

**Is there anything I need to do after configuration?**

See the :ref:`post-installation` section.

.. toctree::
   :maxdepth: 2

   best-practices
   use-cases
   architecture
   hardware
   download
   vmware
   virtualbox
   proxmox
   trouble-booting
   airgap
   installation
   cloud-amazon
   cloud-azure
   cloud-google
   configuration
   post-installation