Introduction to Security Onion

Security Onion is a Network Security Manager (NSM) platform that provides multiple Intrusion Detection Systems (IDS) including Host IDS (HIDS) and Network IDS (NIDS). Many types of data can be acquired using Security Onion for analysis. This includes data related to: Host, Network, Session, Asset, Alert and Protocols. Security Onion can be implemented as a standalone deployment with server and sensor included or with a master server and multiple sensors allowing for the system to be scaled as required. Many interfaces and tools are available for management of the system and analysis of data such as Sguil, Snorby, Squert and Enterprise Log Search and Archive (ELSA). These interfaces can be used for analysis of alerts and captured events and then can be further exported for analysis in Network Forensic Analysis Tools (NFAT) such as NetworkMiner, CapME or Xplico. The Security Onion platform also provides various methods of management such as Secure SHell (SSH) for management of server and sensors and Web client remote access. All of this with the ability to replay and analyse example malicious traffic makes the Security Onion a suitable low cost alternative for Network Security Management. In this paper, we have a feature and functionality review for the Security Onion in terms of: types of data, configuration, interface, tools and system management.

A network approach to overcoming barriers to market engagement for SMEs in energy efficiency initiatives such as the Green Deal

The Green Deal (GD) was launched in 2013 by the UK Government as a market-led scheme to encourage uptake of energy efficiency measures in the UK and create green sector jobs. The scheme closed in July 2015 after 30 months due to government concerns over low uptake and industry standards but additional factors potentially contributed to its failure such as poor scheme design and lack of understanding of the customer and supply chain journey. We explore the role of key delivery agents of GD services, specifically SMEs, and we use the LoCal-Net project as a case study to examine the use of networks to identify and reduce barriers to SME market engagement. We find that SMEs experienced multiple barriers to interaction with the GD such as lack of access to information, training, and confusion over delivery of the scheme but benefited from interaction with the network to access information, improve understanding of the scheme, increasing networking opportunities and forming new business models and partnerships to reduce risk. The importance of SMEs as delivery agents and their role in the design of market-led schemes such as the GD are discussed with recommendations for improving SME engagement in green sector initiatives.