QuickISOImage

Please note! This wiki is no longer maintained. Our documentation has moved to https://securityonion.net/docs/. Please update your bookmarks. You can find the latest version of this page at: https://securityonion.net/docs/QuickISOImage.

If you just want to quickly evaluate Security Onion using our ISO image:

1. First, review the Hardware Requirements page.
2. Review the Release Notes page.
3. Download and verify our Security Onion ISO image.
4. Boot the ISO image.
5. At the ISO boot menu, choose the default option.
6. Once the live desktop appears, double-click the "Install SecurityOnion" icon.
7. Follow the prompts in the installer. If prompted with an encrypt home folder or encrypt partition option, DO NOT enable this feature. If asked about automatic updates, DO NOT enable automatic updates. Reboot into your new installation. Login using the username/password you specified during installation.
8. Verify that you have Internet connectivity. If necessary, configure your proxy settings.
9. Install updates and reboot. If you get any errors relating to MySQL, please see MySQL-Upgrade-Errors.
10. Double-click the Setup icon. The Setup wizard will walk you through configuring /etc/network/interfaces and will then reboot.
11. After rebooting, log back in and start the Setup wizard again. It will detect that you have already configured /etc/network/interfaces and will walk you through the rest of the configuration. When prompted for Evaluation Mode or Production Mode, choose Evaluation Mode.
12. Once you've completed the Setup wizard, use the Desktop icons to login to Sguil, Squert, or Kibana.
13. Finally, review the Post Installation page.