At Security Onion Conference 2022, we showed a sneak peek of Security Onion 2.4 which is in development now! It builds on the success of 2.3 but is easier to install, configure, and maintain. In addition, it's more powerful yet more streamlined!
Here's a quick overview of the main changes in Security Onion 2.4. Our ISO image will be based on Rocky Linux 9, but we also plan to support Ubuntu 22.04. Distributed deployments will use Elastic clustering and we will support the Elastic Agent for endpoint telemetry and live response. Additionally, we've made lots of improvements to Security Onion Console (SOC)!
We've improved SOC Grid by adding a new Container Status panel which shows the status of each container. Also, the Node Status panel now includes a hyperlink in the lower left corner that takes you to the relevant Grafana dashboard for that node!
Next, we've improved SOC Users. You can now add, delete, lock, or modify user accounts without ever leaving SOC!
There is a new SOC Grid Members page which allows you to add new machines to your grid or remove existing ones.
We've spent a lot of time building a new SOC Configuration page which allows you to configure most aspects of your Security Onion deployment!
Finally, we've improved the built-in documentation, especially for folks on airgap networks. Our ISO image now includes a full multiple-page version of the documentation and is fully searchable!
Transition from 2.3 to 2.4
When we release Security Onion 2.4, we will announce an End Of Life (EOL) date for Security Onion 2.3. Security Onion 2.3 will continue to receive security patches and priority bug fixes until it reaches EOL.
When can we try Security Onion 2.4?
We hope to release a Beta version soon! Please try it out and give us feedback!
Questions
If you have questions about Security Onion 2.4, please feel free to start a new discussion at https://securityonion.net/discuss.
Video
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.