Educause Security Discussion mailing list archives

Re: Security Onion - Hardware Recommendations

From: "Foss, Henry L." <fossh () SACREDHEART EDU>
Date: Thu, 11 Feb 2021 14:25:04 +0000

I want to piggyback on this. On the same line of intrusion detection, can others share what they are using?

We have looked at DarkTrace, and have determined that just PA FWs at the edge and DC are not enough to give us much 
visibility. We’re using Cisco DNA and ISE to provide further detail, but it is a manual process researching incidents.


Thank you

Hank Foss
Manager of Security Infrastructure CISSP, MSCS, GPEN
Sacred Heart University
Main Campus HC112
Office: (203) 396-8279
Mobile: (203) 295-1356
[cid:image001.jpg@01D70057.C76E2C40]



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Jason Rinne
Sent: Thursday, February 11, 2021 8:50 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Security Onion - Hardware Recommendations

Does anyone have Security Onion running in their environment that would be willing to share your hardware specs?
I had an older version of SO running before but only in a stand alone setup. I want to jump back in with the new 
version and need advice on hardware and deployment strategy.




Jason Rinne
Systems Administrator

500 E College Street | Marshall, MO 65340

P| 660.831.4088

rinnej () moval edu<mailto:rinnej () moval edu> | 
www.moval.edu<http://www.google.com/url?q=http%3A%2F%2Fwww.moval.edu%2F&sa=D&sntz=1&usg=AFQjCNGKt2IG1bGuzs-09SwzY5L1h8waMQ>

[https://lh6.googleusercontent.com/XuZa3j7pHH3iFjepH4P14cXRavn1djc__UIiuR2od_dQECRQltJCLnKmFTEWzkhijQf9osBLbwkTDBL0Z68lNAEFnJ6fN-dFsSaRQpbuBwIPZEw9HjO9W3lm_oJRtXEp2mDG_7wC]<http://www.moval.edu/>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community
The sender of this email is external to Sacred Heart University. Do not click any links unless you know and trust the 
sender.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

Security Onion - Hardware Recommendations Jason Rinne (Feb 11)
- Re: [External] [SECURITY] Security Onion - Hardware Recommendations Kevin Wilcox (Feb 11)
  - Re: [External] [SECURITY] Security Onion - Hardware Recommendations Jason Rinne (Feb 11)
- Re: Security Onion - Hardware Recommendations Foss, Henry L. (Feb 11)