From Doug Burks, Founder and CEO of Security Onion Solutions:
I've been privileged to watch Security Onion grow as a security monitoring platform over the years. From its roots as a small software project in 2008, Security Onion has matured into a premier free solution for enterprise security monitoring, threat hunting, and log management for a global user base of all sizes and across all industry verticals. As our user and customer bases have grown, so too have the requests for enterprise features and licensing. The team at Security Onion Solutions continues to work with the community to shift advantage to defenders while growing an enterprise platform.
Enterprise customers are asking for enterprise features and licensing and this requires significant time and effort to build the features and license key functionality. To prevent organizations from removing the license key functionality from the source code, we must change the license on the source code. We considered several options for changing the license, but introducing a new license would require more time and effort for our customers and community to understand the new license. We ultimately decided on Elastic License version 2 (ELv2) for the following reasons:
It explicitly protects license key functionality.
It is a known license and is already understood by our community.
It has already been accepted by our users for the Elastic Stack components since the release of Security Onion 2.3.40 in March 2021:
https://blog.securityonion.net/2021/03/security-onion-2340-now-available.html
Most of our users were not affected by the change to ELv2 in 2021. We expect most users will be similarly unaffected by moving Security Onion components to this license.
You can read the ELv2 license in its entirety at:
https://www.elastic.co/licensing/elastic-license
We expect the license to go into effect upon release of Security Onion 2.4, anticipated in 2023.
Q&A
What is changing?
Security Onion components are changing license from GPL to Elastic License v2 (ELv2). This includes our active repos at https://github.com/Security-Onion-Solutions.
When is this change happening?
We expect this change to go into effect upon release of Security Onion 2.4, anticipated in 2023.
What changes are coming in Security Onion 2.4? The development focus for 2.4 is community features for the platform and the transition to ELv2 license.
Will there be paid features for Security Onion 2.4?
For the initial release of Security Onion 2.4.0, there are no planned paid features. We anticipate that later releases will add some paid features designed for enterprise customers.
I am a free community user. Can I use Security Onion 2.4 for free?
As long as you are adhering to the license, any free features in Security Onion 2.3 that carry over to Security Onion 2.4 will remain free.
I am a Managed Security Service Provider (MSSP) running Security Onion for my customers. How does this license change impact me? MSSP users who offer their services without customers accessing substantial portions of Security Onion functionality are not affected by this change. If you are a current Security Onion Solutions customer, please contact your account manager with questions.
What is ELv2?
ELv2 is the Elastic License version 2. You can read more about that at:
https://www.elastic.co/licensing/elastic-license
Is Security Onion owned by Elastic?
No, Security Onion is not owned by Elastic. Security Onion is simply adopting the ELv2 license. This is analogous to projects that use the Apache license but aren’t owned by the Apache Software Foundation.
Why did Security Onion choose the ELv2 license for its software?
Enterprise customers are asking for enterprise features and licensing and this requires significant time and effort to build the features and license key functionality. To prevent organizations from removing the license key functionality from the source code, we must change the license on the source code. We considered several options for changing the license, but introducing a new license would require more time and effort for our customers as many enterprise organizations must have software licenses reviewed by their legal departments. We ultimately decided on Elastic License version 2 (ELv2) for the following reasons:
It explicitly protects license key functionality.
It is a known license and is already understood by our community.
It has already been accepted by our users for the Elastic Stack components since the release of Security Onion 2.3.40 in March 2021:
https://blog.securityonion.net/2021/03/security-onion-2340-now-available.html
Has ELv2 been approved by the Open Source Initiative (OSI)?
No, ELv2 has not been approved by OSI as an open source license.
Can I continue to use 2.3 and not upgrade to 2.4? When we release Security Onion 2.4, we will announce an End Of Life (EOL) date for Security Onion 2.3.x. Security Onion 2.3.x will continue to receive security patches and priority bug fixes until it reaches EOL.
I am a current (paid) Security Onion Solutions customer and I have questions about this change. To whom should I reach out?
Please feel free to reach out to your account manager.
I am a community user of Security Onion and I have questions about this change. How may I ask those questions?
Please open a new discussion at https://securityonion.net/discuss.