SELKS Deployment Considerations

[lwsec]

Hello, not sure if this is the right place or not but we want to POC SELKS in our VMware environment and have a few questions:

What are the repos that SELKS reach back to for updates?

How often are updates/patches made available via repos?

Do SELKS updates include OS level patches? If not, how are the OS patches handled?

How current is the ESXi deployment tutorial shared here in respect to the latest SELKS version available?

Thank you.

[pevma]

Hi,

Thanks for considering and trying out SELKS. In order of appearance of the questions above:

SELKS ISO reaches to the debian repository.

SELKS docker is docker compose based (https://github.com/StamusNetworks/SELKS/wiki/Docker) and can run it on any Linux OS basically.

For the ISO. The updates basically depend on how often would you like to make them - they use just regular selks update script. For the docker based variant - as often as you need but some components are updated daily , like the Suricata container for example

OS patching is taken care of by regular OS or docker updates.

The SELKS VM import is similar and usual to any ESX/VM import.

Last point for info - we have our discord chat channel where we and/or members of the community can tackle questions live too. https://discord.com/channels/911231224448712714/911238451842666546