Linux News Today: Debian-Based SELKS 3.0 Network Security Management Linux Distribution Released

Peter Manev reports on the release and general availability of the SELKS 3.0 GNU/Linux distribution based on the latest Debian technologies and designed for network security management.

Being the first time we write here about SELKS, we feel obliged to inform our readers about what this distro. Therefore, SELKS is a specially designed ISO image that’s always synchronized with the Debian GNU/Linux repos and includes various popular software applications for maintaining and hardening the security of your network.

The new release, SELKS 3.0, comes with a lot of updated components, among which we can mention the Suricata 3.1.1 high-performance network IDS, IPS and network security monitoring engine, Elasticsearch 2.3.5 open-source, distributed, RESTful search engine, along with the Kibana 4.5.4 analytics and search dashboard for Elasticsearch.

“But the main change in SELKS 3.0 is the switch to the latest generation of the Elastic stack. On user side this means Kibana 3 has been replaced by Kibana 4. And this really means a lot,” says Peter Manev. “So, our team had to redo from scratch all dashboards and visualizations. The result is a new set of 11 ready-to-use dashboards.”

Latest Scirius Community Edition is present as well

Also new in the SELKS 3.0 release is the addition of Scirius Community Edition 1.1.10, a web application designed for managing Suricata rulesets, as well as the implementation of the Evebox alert management, report, and viewer interface for Suricata. Logstash 2.3.4 open-source data collection engine is present as well.

Under the hood, SELKS 3.0 is powered by a kernel from the long-term supported Linux 4.4 branch, version 4.4.16 is being used in the ISO image at the moment of the release. Eleven Kibana dashboards and more than 190 visualizations are available as well in SELKS 3.0, which you can download right now via our website.

If you’re using SELKS 2.0, please note that you won’t be able to upgrade to the SELKS 3.0 release at this time because of the incompatibilies between Elasticsearch 1.x and 2.x, as well as Kibana 3.x to 4.x. Only those who have the Release Candidate development build of SLEKS 3.0 can now upgrade to the final version.

Suricata page in Scirius

Suricata page in Scirius

Kibana Alert dashboard

Kibana Alert dashboard

Via Softpedia