1
00:00:01,270 --> 00:00:08,890
In this lecture I will explain how to stall the security union tools using the set up lizard.

2
00:00:10,090 --> 00:00:24,820
But before doing that I will go and enable the skilled mood view for the better view here and then I

3
00:00:24,820 --> 00:00:33,530
will launch the set up with our and I have to enter my password.

4
00:00:33,760 --> 00:00:39,530
We see that we are being asked if we want to continue or not.

5
00:00:39,700 --> 00:00:41,440
And I would click on yes to new.

6
00:00:41,440 --> 00:00:54,460
Then it asks us about if we want to configure the network interfaces in order for optimizing or installing

7
00:00:54,970 --> 00:00:58,330
these tools to work correctly.

8
00:00:58,330 --> 00:01:06,260
So I will click yes configure in it the network interfaces.

9
00:01:06,420 --> 00:01:14,370
Now it is asking us about if we want to configuring a management interface and which interface should

10
00:01:14,430 --> 00:01:16,080
we we use.

11
00:01:16,080 --> 00:01:19,830
And I will select it on a zero and then okay.

12
00:01:20,280 --> 00:01:25,710
And it asks us now what way we want to configure the other thing.

13
00:01:25,710 --> 00:01:33,390
The idea that thing for the interface if it should be static or the HCV and I will select the DHB option

14
00:01:34,050 --> 00:01:37,810
just for make things easier.

15
00:01:37,870 --> 00:01:47,670
Okay now it is asking about configuring the monitoring or sniffing interface and I will click on yes

16
00:01:47,700 --> 00:01:56,250
because this is the most important thing for the security union is to sniff traffic or capture packets.

17
00:01:56,250 --> 00:02:04,080
So I would click on yes and the interface that is Lyft for this rule is the right one.

18
00:02:04,090 --> 00:02:11,000
So OK now it asks us about to confirm these and make changes.

19
00:02:11,070 --> 00:02:14,060
So yes.

20
00:02:14,490 --> 00:02:22,850
So now we need to reboot the system in order for this to take effect.

21
00:02:22,860 --> 00:02:27,240
So I will click on yes it would.

22
00:02:27,240 --> 00:02:44,250
So now we see that the security union VM is restarting and after the restart the window for logging

23
00:02:44,610 --> 00:02:45,850
should appear.

24
00:02:46,320 --> 00:02:56,100
And after we log in into the system we will continue our sit up process by installing the tools after

25
00:02:56,100 --> 00:03:00,820
the configuration that is done for the network interfaces.

26
00:03:00,840 --> 00:03:18,560
So now we see that the M or the secret union is starting so now I will type my name and password.

27
00:03:18,810 --> 00:03:31,740
So now we have logged into skilled union and now I will run the set up again and enter my password.

28
00:03:33,150 --> 00:03:36,450
So continue.

29
00:03:36,450 --> 00:03:46,830
Now it it is saying that network interfaces are have been set up already so I will click on yes network

30
00:03:46,860 --> 00:03:48,560
configuration.

31
00:03:48,720 --> 00:03:56,580
Now we have two types of setup these tables stop on the experimental setup so this will stop.

32
00:03:56,580 --> 00:04:08,880
We run the current stable version of the set up and it will configure Elsa for the look management and

33
00:04:09,450 --> 00:04:10,970
the experimental set up.

34
00:04:11,040 --> 00:04:20,070
It will install or configure the elastic stack which combines elastic search log stash and Cabana and

35
00:04:20,250 --> 00:04:28,980
as you know that I have downloaded and installed the security union virgin that is that supported Elsa

36
00:04:29,460 --> 00:04:39,940
but not the new things which are the elastic stack because this virgin now that we are seeing is using

37
00:04:40,030 --> 00:04:43,120
the elastic stuck as experimental but in the new version

38
00:04:46,810 --> 00:04:53,680
became stable so the elastic stack will be the default thing so I will select a stable set up since

39
00:04:53,680 --> 00:04:54,600
we want to use Elsa.

40
00:04:54,610 --> 00:04:55,920
So like I will click on.

41
00:04:55,930 --> 00:05:03,190
Okay now we have two moods devaluation mood and the production mood and the evolution mood is recommended

42
00:05:03,190 --> 00:05:07,330
for the first time users or standalone VMs.

43
00:05:07,570 --> 00:05:11,550
While the production with is recommended for production deployment deployments.

44
00:05:12,100 --> 00:05:22,180
And because we are running just laps I will install the evaluation mode and in this mode stand alone

45
00:05:22,300 --> 00:05:28,950
BMC means that we will run the server and the client on the same machine.

46
00:05:29,560 --> 00:05:37,660
So the server that have the management software such as Elsa integral will be run on this energy machine

47
00:05:38,170 --> 00:05:48,910
and also the client tools such such as these sensors like the pro snorts or ricotta will also run on

48
00:05:48,940 --> 00:05:53,050
this machine while in the production would you.

49
00:05:53,110 --> 00:05:58,580
You will run the server on a separate machine then the client.

50
00:05:58,630 --> 00:06:07,960
So now I will take okay for the EVP evaluation mode and it asks us about what interface to be monitored

51
00:06:08,260 --> 00:06:21,030
which should be Ethernet one and then we have to configure user name for signal and password

52
00:06:25,110 --> 00:06:27,910
and then we have to confirm your password.

53
00:06:29,810 --> 00:06:37,820
Now it asks us if we want to confirm and proceed with the chase.

54
00:06:37,910 --> 00:06:43,310
So I will click on yes

55
00:06:46,650 --> 00:06:59,190
and we see now that the union set up is running and it is now uh stopping the NSM services and then

56
00:06:59,250 --> 00:07:09,000
ism is your acronym for network security management.

57
00:07:09,030 --> 00:07:19,860
So now we see that the security union setup is now complete so I have to click on.

58
00:07:20,100 --> 00:07:20,650
Okay.

59
00:07:23,250 --> 00:07:34,170
And we see here the comments that can we use to check the status of the running services like so do

60
00:07:34,200 --> 00:07:38,740
you start to do so start quick and to do so start redacted.

61
00:07:40,320 --> 00:07:41,940
So I will get here.

62
00:07:41,990 --> 00:07:43,400
Okay.

63
00:07:43,590 --> 00:08:10,980
And also tells us that we can download rules at or the that the rules downloaded are in this path.

64
00:08:11,020 --> 00:08:21,710
Now we see that the tools have been installed like Ilsa signal and squirt.

65
00:08:21,910 --> 00:08:30,910
So that means that we have run these up with art and installed the required tools for security unions

66
00:08:31,030 --> 00:08:41,470
successfully and in the next lecture I will explain more things about security union like getting the

67
00:08:41,590 --> 00:08:48,210
software and installing the gas emissions and taking a snapshot of the system.