Filter
Top Products
44 Network Security Monitoring
Installing the Sguil System
To employ Sguil you must:
1. Install the sensor. See page 44.
2. Install the server. See page 44.
3. Install the client. See page 45.
Note: You can download the server and client Sguil components directly from the Sguil website at http://
sguil.sourceforge.net/index.html. The solution uses a number of components which must be installed. For
your convenience, a simplified install package is provided on the Force10 Networks support website;
please see the instructions in the remainder of this chapter.
Installing the Sguil Sensor
P-Series appliances running version 2.3.0.0 or newer are already capable of operating as a Sguil sensor.
Installing the Sguil Server
The Sguil server package installs the Mysql server and Sguild server packages.
Hardware and Software Requirements
Force10 recommends using a server that has at least 2 GB of RAM, a 3.0 GHz processor, and 150 GB hard
disk with a RAID5 array for speed and reliability.
Sguil runs on a variety of *BSD and Linux-based systems. Force10 has tested compatibility with and
recommends using:
• CentOs 5 64 bit Linux version 2.6.18-8.1.14.el5
• CentOs 5 32 bit Linux version 2.6.18-8.1.14.el5, or
• FreeBSD-6.2-<release>
Note: Red Hat Enterprise Linux (RHEL) might also be compatible but has not been tested.
To install the server:
Step Task Command
1Copy sguil-server-<version>.tar.gz to the server in which it will be installed.
2 From the directory where the server package is stored,
untar the Sguil server package.
tar -zxvf sguil-server-<version>.tar.gz
3 Change to Bash shell.
bash