Let's talk about SELKS 2.0

by Peter Manev | May 06, 2015 | SELKS, Open Source, Suricata, Stamus Labs

Stamus Networks is proud to announce the availability of SELKS 2.0 release.

SELKS is both Live and installable Network Security Management ISO based on Debian implementing and focusing on a complete and ready to use Suricata IDS/IPS ecosystem with its own graphic rule manager. Stamus Networks is a proud member of the Open Source community and SELKS is released under GPLv3 license.

This is a major SELKS upgrade.

New Features

Debian Jessie based - With Debian Jessie being released last week - 25 April SELKS makes the switch as well (from Debian Wheezy and 3.2 kernel). The new Debian release Jessie will enable SELKS for much better HW compatibility, new kernel 3.16 and all the performance improvements, features and benefits with it right out of the box.
Elasticsearch 1.5 - upgrade from 1.4
Scirius 1.0 - upgrade from 1.0rc3

Some screenshot examples

Scirius

IDS/IPS dashboards

SELKS2.0-1

12 ready to use IDS/IPS dashboards

VLAN3

By VLAN break down File Transactions/SSH

VLAN2

By VLAN break down DNS/TLS

SMTP-Attachments

By file attachment breakdown SMTP

VLAN1

By VLAN break down Alerts/HTTP

UPGRADE from SELKS1.2

For those that use SELKS 1.2 and would like to do an in place upgrade to SELKS 2.0 you can follow THIS GUIDE.

NOTE: Please make sure that you test the upgrade in your test/QA environment first before doing it on your production systems.

Please note that default login/password for HTTPS access (Dashboards or Scirius icons) is selks-user/selks-user.

More about SELKS 2.0

Download SELKS 2.0
Documentation: Howto and README
More information and news: Twitter, Google+ and Github
Get help on Freenode IRC on the #SELKS channel and/or Google Mailing list.

Peter Manev

Peter Manev is the co-founder and chief strategy officer (CSO) at Stamus Networks. He is a member of the executive team at Open Network Security Foundation (OISF). Peter has over 15 years of experience in the IT industry, including enterprise-level IT security practice. He is a passionate user, developer, and explorer of innovative open-source security software, and he is responsible for training as well as quality assurance and testing on the development team of Suricata – the open-source threat detection engine. Peter is a regular speaker and educator on open-source security, threat hunting, and network security at conferences and live-fire cyber exercises, such as Crossed Swords, DeepSec, Troopers, DefCon, RSA, Suricon, SharkFest, and others. Peter resides in Gothenburg, Sweden.

ABOUT STAMUS NETWORKS ™

Stamus Networks believes in a world where defenders are heroes, and a future where those they protect remain safe. As organizations face threats from well-funded adversaries, we relentlessly pursue solutions that make the defender’s job easier and more impactful. The global leader in Suricata-based network security solutions, Stamus Networks helps enterprise security teams know more, respond sooner and mitigate their risk with insights gathered from cloud and on-premise network activity. Our Stamus Security Platform combines the best of intrusion detection (IDS), network security monitoring (NSM), and network detection and response (NDR) systems into a single solution that exposes serious and imminent threats to critical assets and empowers rapid response.