SELKS 1.0 发布,面向网络安全管理基于Debian的自启动运行发行

jopen 10年前

selks.png
SELKS是Stamus Networks的产品,它是基于Debian的自启动运行发行,面向网络安全管理。它基于自己的图形规则管理器提供一套完整的、易于使用的 Suricata入侵检测/入侵防范生态系统。该系统还包含Kibana ID/NSM控制面板以图形化日志及其他带有时戳的数据,以及Suricata的规则管理界面Scirius。SELKS遵循GNU通用公共许可证第3版 而发布。
selks-small.png

Stamus Networks is proud to announce the availability of SELKS 1.0 stable release. SELKS is both Live and installable Network Security Management ISO based on Debian implementing and focusing on a complete and ready to use Suricata IDS/IPS ecosystem with its own graphic rule manager. Stamus Networks is a proud member of the Open Source community and SELKS is released under GPLv3 license.

Screenshot from 2014-10-15 21:39:11
You can download SELKS from SELKS main page.

SELKS is comprised of the following major components:

It offers proven, powerful, innovative and scalable open source multi-threading technologies in a bundle.

SELKS 1.0 comes with 10 pre-installed Kibana IDS/NSM dashboards. They cover analysis of the Suricata alerts and events with per-protocol dashboards (Alerts, HTTP, Flow, SSH, TLS,DNS …). Some dashboards are also dedicated to more specific tasks – like the PRIVACY dashboard:
Screenshot from 2014-10-15 21:28:27
It shows privacy related information such as which page are leading to well know personal data providers such as 非死book, 推ter or Google.

SELKS provides Scirius – a rules management interface for Suricata. Scirius has been developed by Stamus Networks to provide interaction with Kibana and Elasticsearch. It displays for example statistics on rules and links to existing Kibana dashboards:
Screenshot from 2014-10-15 21:17:37

Scirius provides up-to-date signatures via EmergingThreats Open (or PRO ) ruleset and SSL abuse.ch signatures
Screenshot from 2014-10-15 21:18:29

Scirius can be upgraded via standard Debian method (apt-get upgrade). Stamus Networks is also determined to provide the latest stable Debian kernel release for SELKS. Upgrade to the latest stable kernel is easy via the package system. For example, it is possible for the user running the installed version to upgrade the kernel to the latest 3.14 version:

kernel-upgrade-3.14.21
Scirius 1.0rc1 can upgrade to the 1.0 version by running apt-get dist-upgrade

The list of provided Kibana dashboards will be augmented in the future and this will be done seamlessly via the Debian packaging system and Kibana autodiscovery:

Kibana-dashboards

We really hope you will enjoy SELKS  an enterprise-grade IDS and Network Security Monitoring system in 30 seconds.

来自:https://www.stamus-networks.com/2014/10/16/lets-talk-about-selks-1-0/