How to Install an AlienVault OSSIM Server

FacebookTwitterLinkedInEmail
Description
This lesson covers how to install an OSSIM server. Participants receive step by step instructions in this process using the VirtualBox application. First participants name their server and then memory is determined by how much space is available on the machine. It is recommended to have at least four GB of Ram but it’s good to install nine. Next, create a virtual hard disk. Be sure to select the fixed size option (as opposed to the default dynamically allocated option). The fixed helps with performance whereas selection the dynamically allocated option assigns a maximum value for the space a VM can utilize. This can be limiting. When a VM is first created, it will be as small as possible but as it is utilized, it will increase in size. A fixed size allows for the completion of more intense tasks. Next, choose the install location using the assigned value and choose the hard disk size with a minimum of 15-20 gigs. After the storage is allocated, another processor needs to be given to the OSSIM server. This can be accomplished via settings and choosing virtual machines. This allows more ports to be assigned to the virtual machine. Next, complete the OSSIM installation, which is a Linux distribution. After the OSSIM is installed, first assign an IP address to the server which will also create a subnet mask, gateway and main server. After completing installation and rebooting the OSSIM server, participants can log in and very that everything is accurate. After the verification process, the OSSIM server is configured and ready for use. Now, go into networks and place the VM on a host only network. If using an all-in-one set up, be sure to add another network adaptor as well as set promiscuous mode to allow all traffic to be monitored which concludes the installation process.
Recommended Study Material

AlienVault® Open Source Security Information and Event Management (AlienVault OSSIM™) provides event collection, normalization, and correlation. For more advanced functionality, the AlienVault Unified Security Management® (USM) platform builds on AlienVault OSSIM with these additional capabilities:

– Monitoring of cloud and on-premises environments from one fully integrated solution
– Log management, including 12 months of log storage for compliance requirements
– Extensive library of pre-built correlation rules, updated continuously by the AlienVault Labs Security Research Team
– Out-of-the-box report templates with flexible customization to simplify compliance and security operations reporting

Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel