Can Security Onion replace your commercial IDS?

A free and open source alternative to expensive enterprise security solutions

Back in the early oughts, a common complaint about Linux was that while it was free/libre, it came with no support and you had to pay expensive senior sysadmins to run Linux systems. Fast forward to today, and Linux has conquered basically every field except for the desktop market.

The same dynamic may be developing in the enterprise intrusion detection, network security monitoring and log management space, where VC-backed security offerings with eye-watering price tags go head to head with the free/libre Security Onion Linux distribution. Does Security Onion do exactly what you want it to do? Probably not. Will you have to tweak it to fit your enterprise? Probably yes. Will you need skilled security people to run it? Definitely yes.

Security Onion is looking more and more polished with every year that passes, and it may be worth considering if you've got a deep enough security bench to customize, deploy and maintain Security Onion for your enterprise.

What is Security Onion?

Security Onion is a free and open source intrusion detection system (IDS), security monitoring, and log management solution. With its witty slogan, "Peel back the layers of security in your enterprise," it offers full packet capture, both network-based and host-based intrusion detection systems (NIDS and HIDS, respectively), but also includes powerful indexing, search, visualization and analysis tools to make sense of those mountains of data.

To continue reading this article register now

The 10 most powerful cybersecurity companies