Lab description: Student will be setting up the Security Onion VM to provide Network and Host Intrusion Detection for their LAN. This will require modifications to the pfSense firewall by adding a monitor interface. Students will also need to add agents into SO, create firewall rules to and from DMZ, and a final test of the IDS to verify functionality. Students will be using SGuil to check the event logs and anomolies.
Standards: CompTIA Security+ 2.1 Install and configure network components, both hardware-
and software-based, to support organizational security.
CompTIA Security+ 2.4 Given a scenario, analyze and interpret output from security technologies.