In this section, we will see how to install Security Onion using the ISO image. After the installation, we will configure it for further use:

1. To start the installation, we boot our system using the ISO image. We will be presented with the following screen, where we select the first option to boot Security Onion:

2. After the booting completes, the desktop appears. On the desktop, we can see the icon for Install Security Onion 16.04:

3. We click on the icon and the installation starts. The first screen will ask us to select the installation type. Choose any option as per the requirements, or else proceed with the default selection:

8. Once we click on Install Now, the installation process starts. This will take some time to complete.
9. Once the initial installation finishes, it will prompt us to restart the system. Choose Restart Now to finish the installation.
10. When the system reboots, we are presented with the boot menu. Select the default option and press Enter to boot Security Onion.
11. After rebooting, we are presented with the login screen. Enter the username and password that was configured during the installation process.
12. After getting logged in we can see a Setup icon on the screen. We will use this to complete the setup of security tools provided in Security Onion:

13. We will be prompted to enter the password of the administrative account.
14. After entering the password, in the next screen we are shown the list of services that will be configured. Press Yes, Continue! to proceed further:

15. The setup will ask whether we wish to configure the interface now or later. Press Yes to configure the interfaces now:

16. Setup will detect the interface present in the system and configure it. If there is more than one interface we can choose the interface to configure:

17. Select Static or DHCP option as per requirement:

18. Once done, click Yes, Make Changes to proceed further.

19. Setup will ask us to restart the system. Restart to proceed with the setup.
20. After the system restarts, click the Setup icon again to proceed with the setup. We will be asked if we want to reconfigure the interface or skip. Click  Yes, skip network configuration  to proceed:

21. In the next step, setup will ask whether we are setting up the system for Evaluation Mode or Production Mode. At present we will choose Evaluation Mode and click OK:

22. Now we will create a user account to be used by the services that the setup will configure. Enter the username in the window shown here:

23. Next, configure the password for the new user created:

24. In the next screen, click Yes proceed with the changes.

25. When the setup completes, we see the following window:

26. The setup also displays information, as shown here, for further use of the services:

27. Setup also displays information about the location of rules being used by the services:

28. To start using the services configured by Security Onion during the setup, open the browser and visit https://localhost. Accept the security warning regarding the SSL certificate and proceed further. We are presented with a webpage, as shown here:

Using this page, we can start accessing the services included in the Security Onion tool suite.