We recently released the third Beta version of Security Onion 2.4:
https://blog.securityonion.net/2023/06/security-onion-24-beta-3-release-now.html
Today, we are excited to release the fourth Beta (Beta 4) version of Security Onion 2.4!
One of the new features in this release is the ability to upload PCAP and EVTX files right in Security Onion Console (SOC)! When you go to the Grid page, you can select a node in your deployment. If the node is a network sensor or import node, then there will be an icon in the Node Status section for uploading your own PCAP or EVTX file.
Finally, we've implemented lots of fixes to improve feature parity with 2.3 and overall user experience.
Release Notes
Please review the Release Notes for changes in this release:
https://docs.securityonion.net/en/2.4/release-notes.html
Red Hat, Rocky Linux, and Security Onion
For background, please see https://blog.securityonion.net/2023/06/red-hat-rocky-linux-and-security-onion.html. For this release, our ISO image is still based on Rocky Linux. We are continuing to monitor this situation and will provide updates as necessary.
Known Issues
Here are some known issues that should be resolved in later releases:
- You cannot do an in-place upgrade from 2.3 to 2.4. We are still investigating data migration.
- Upgrades from this 2.4 Beta release to anything else will not be supported. Starting in RC2 we will support soup to upgrade 2.4 grids.
- ATT&CK Navigator doesn’t work correctly yet.
- The following installation modes are NOT fully tested at this time:
- Heavy Node
- Receiver Node
- Analyst Workstation
Transition from 2.3 to 2.4
When we release the final version of Security Onion 2.4, we will announce an End Of Life (EOL) date for Security Onion 2.3. Security Onion 2.3 will continue to receive security patches and priority bug fixes until it reaches EOL.
Documentation
You can find 2.4 documentation at:
https://docs.securityonion.net/en/2.4/
Documentation is always a work in progress. If you find documentation that needs to be updated, please let us know as described in the Feedback section below.
Warnings and Disclaimers
- Things may change between this beta version and the final release.
- Ask your doctor if beta software is right for you.
- If it breaks, you get to keep both pieces!
Enough warnings and disclaimers? Let’s go!
License Reminder
Please be reminded of the license change we posted last year:
https://blog.securityonion.net/2022/08/security-onion-enterprise-features-and.html
Installation
We highly recommend starting with an IMPORT installation as shown at:
https://docs.securityonion.net/en/2.4/first-time-users.html
Once you’re comfortable with your IMPORT installation, then you can move on to more advanced installations.
Questions, Problems, and Feedback
If you have any questions or problems relating to Security Onion 2.4, please use the new 2.4 category at our Discussions site:
https://github.com/Security-Onion-Solutions/securityonion/discussions/categories/2-4
We welcome your detailed feedback!
Screenshot Tour
If you want the quickest and easiest way to try out Security Onion 2.4, just follow the screenshots below to install an Import node. This can be done in a minimal VM with only 4GB RAM! For more information, please see:
https://docs.securityonion.net/en/2.4/first-time-users.html
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.