Release (#27)

* Changes Requirements and others

* Changes Requirements Release

* Add Threat Intelligence

* Add Changes release

* Changes

* Add changes

* Changes Upgrade Server

Author: alaynsn

Images/Integrations/galaxysearch.png

@@ -1,6 +1,6 @@
 ---
 layout: default
-title: Master Installation Guide for Azure
+title: Installation Guide for Azure
 parent: Installation
 nav_order: 6
 ---
@@ -56,7 +56,7 @@ Before you begin the installation, make sure you have the following prerequisite
 2. Open an SSH client, and connect to the virtual machine using the public IP address or DNS name.
 3. Provide your Azure credentials and SSH into the virtual machine.
 
-## Step 4: Install UTMStack Master
+## Step 4: Install UTMStack
 
 1. Inside the SSH session, follow the official UTMStack installation guide for Ubuntu to install UTMStack Master. You can find the installation guide at [UTMStack Installation Guide](./MasterServerInstallation).
 2. Make sure to carefully follow the instructions provided in the guide, including the configuration settings and any additional dependencies or packages required.

Images/galaxysearch.png

@@ -1,12 +1,12 @@
 ---
 layout: default
-title: Master Server Setup Guide
+title: Server Setup Guide
 parent: Installation
 nav_order: 3
 ---
-# UTMStack Master Server Setup Guide
+# UTMStack Server Setup Guide
 
-This guide will walk you through the process of setting up the UTMStack Master Server. The Master Server is the central component of UTMStack and is responsible for managing the security operations and data collection.
+This guide will walk you through the process of configuring the UTMStack Main Server. The Main Server is the central component of UTMStack and is responsible for managing security operations and data collection.
 
 # Linux Installation Guide
 
@@ -82,7 +82,7 @@ To learn more about the specific firewall rules you need to create for UTMStack,
 Go to **<a href="./SSLConfiguration">Configuring an SSL/TLS certificate</a>** section for detailed instructions.
 
 ## Step 7: Accessing the UTMStack Platform
-Once you have successfully installed the UTMStack master server, you can now access the platform and start using it for your cybersecurity needs. Follow these steps to log in to the UTMStack platform:
+Once you have successfully installed the server, you can now access the platform and start using it for your cybersecurity needs. Follow these steps to log in to the UTMStack platform:
 
 Open your preferred web browser.
 

Installation/InstallationGuideAzure.md

@@ -23,9 +23,13 @@ The UTMStack installation process consists of three main steps:
   If you have chosen the Federated architecture in Step 1, follow the instructions in the  **<a href="./FederationServiceInstallation">Federated Server Installation Guide</a>** after ensuring your system meets the recommended specifications mentioned in the **<a href="SystemRequirements">Federated Service Requirements</a>** page.
   <br>
 
-1. **Setting up the Master Servers**: The master server is the central component of the UTMStack architecture, responsible for managing and coordinating all other UTMStack components and services.
+1. **Setting up the Servers**: The server is the central component of the UTMStack architecture, responsible for managing and coordinating all other UTMStack components and services.
 
-   To set up the master server, you need to create a virtual machine (VM) or physical machine that will host the UTMStack software. The VM should have a requirements of **4 cores**, **8 GB of RAM** and **256 GB of disk storage** for each **50 devices**. (Assuming you will retain 30 days of live logs). Once the VM is created, it needs to be configured with the operating system **Ubuntu Server 22.04 LTS**.
+    To set up the server, you need to create a virtual machine (VM) or physical machine that will host the UTMStack software. The VM should have a requirements of **8 cores**, **16 GB of RAM** and **256 GB of disk storage** for each **50 devices**. (Assuming you will retain 30 days of live logs). Once the VM is created, it needs to be configured with the operating system **Ubuntu Server 22.04 LTS**.
+   
+   *** Integration Requirements *** : To ensure optimal system performance, certain additional requirements beyond the minimums must be considered. Each integration being introduced should reserve at least 1GB of space. This reservation is crucial to ensure proper data storage and efficient system operation as a whole.
+
+   *** Logging Volume Considerations ***: Furthermore, it's important to take into account the volume of logs generated and processed within 10-minute intervals. If this volume exceeds 1GB within any time interval, immediate communication with the support team is required. This communication is essential to ensure system stability and performance, as well as to address any potential issues related to log management.
 
     <br>For detailed instructions on setting up the master servers, please refer to the **<a href="./MasterServerInstallation">Master Server Setup Guide</a>** in the UTMStack documentation.
     <br>
@@ -45,9 +49,6 @@ The UTMStack installation process consists of three main steps:
 
     <img title="setting capture" alt="setting capture" src="./Images/Images/../../../Images/settingcapture2.png">
 
-    <br>For more detailed instructions on settings , please refer to the **<a href="../UTMStackComponents/Configuration/Readme">Configuration Section</a>** in the UTMStack documentation.
-    <br>
-
 
     5. **Save and Verify**: Save the configurations and ensure that all UTMStack services are running correctly. Verify that the desired functionality is achieved and that the system is operating optimally.
 

Installation/MasterServerInstallation.md

@@ -7,7 +7,7 @@ nav_order: 3
 
 # UTMStack System Resources
 
-To guarantee a seamless installation and peak performance of UTMStack, adhere to the given system specifications for both Master and Probe/Proxy servers.
+To ensure a seamless installation and maximum performance of UTMStack, adhere to the system specifications for both the UTMStack server and the Probe/Proxy server.
 
 Before diving in, be aware that UTMStack approaches data retention in two distinct methods:
 
@@ -17,20 +17,24 @@ Before diving in, be aware that UTMStack approaches data retention in two distin
 
 ## Assumptions:
 
-It's assumed that 60 data sources (devices) roughly produce 100 GB of data monthly.
+It's assumed that 50 data sources (devices) roughly produce 100 GB of data monthly.
 
-## Master Server Specifications:
+## UTMStack Server Specifications:
 
-The Master server undertakes the task of overseeing and orchestrating the UTMStack platform. Below is a tabulation of the recommended specifications for the **hot log storage**:
+The server undertakes the task of overseeing and orchestrating the UTMStack platform. Below is a tabulation of the recommended specifications for the **hot log storage**:
 
 | Data Sources (Approx. Monthly Data) | Cores | RAM   | Disk Space |
 | ----------------------------------- | ------| ------| -----------|
-| **50 (100 GB)**                     | 4     | 12 GB  | 150 GB    |
-| **120 (250 GB)**                    | 8     | 16 GB | 250 GB    |
-| **240 (500 GB)**                    | 16    | 32 GB | 450 GB    |
+| **50 (100 GB)**                     | 8     | 16 GB | 150 GB    |
+| **120 (250 GB)**                    | 16    | 32 GB | 250 GB    |
+| **240 (500 GB)**                    | 32    | 64 GB | 450 GB    |
 
 You have the flexibility to mix and match these tiers based on the number of devices you have and your preferred hot log storage duration.
 
+*** Integration Requirements *** : To ensure optimal system performance, certain additional requirements beyond the minimums must be considered. Each integration being introduced should reserve at least 1GB of space. This reservation is crucial to ensure proper data storage and efficient system operation as a whole.
+
+*** Logging Volume Considerations ***: Furthermore, it's important to take into account the volume of logs generated and processed within 10-minute intervals. If this volume exceeds 1GB within any time interval, immediate communication with the support team is required. This communication is essential to ensure system stability and performance, as well as to address any potential issues related to log management.
+
 ## Supported Operating Systems:
 
 The UTMStack installation guide provides instructions specifically for Ubuntu 22.04 LTS. It is recommended to use one of these supported operating systems for compatibility and optimal performance.

Installation/README.md

@@ -16,6 +16,11 @@ Enabling an integration allows UTMStack to correlate logs coming from the corres
 Each specific integration has its own guide.
 Our team is always working on a new integration, but here is the list of what we have developed so far:
 
+*** Integration Requirements *** : To ensure optimal system performance, certain additional requirements beyond the minimums must be considered. Each integration being introduced should reserve at least 1GB of space. This reservation is crucial to ensure proper data storage and efficient system operation as a whole.
+
+*** Logging Volume Considerations ***: Furthermore, it's important to take into account the volume of logs generated and processed within 10-minute intervals. If this volume exceeds 1GB within any time interval, immediate communication with the support team is required. This communication is essential to ensure system stability and performance, as well as to address any potential issues related to log management.
+
+
 | No. | Name                          |                                                                                                                                  |
 | :-: | :---------------------------- | :------------------------------------------------------------------------------------------------------------------------------: |
 |  1  | VMWare Syslog                 |                          <img title="VMWare" alt="VMWare" src="../Images/Integrations/logovmware.svg">                           |

Installation/SystemRequirements.md

@@ -33,11 +33,6 @@ auditing and reporting.
 - Spam, malware, botnets,service abuse IP related.
 - Denial ofservice and Brute force attack and scanner IPs.
 
-### Vulnerability Scanner
-- Application vulnerability assessments.
-- Network devices Vulnerability Assessment.
-- Azure and AWS Vulnerability scans.
-
 ### Log Management (SIEM)
 - Log collection and correlation in real-time.
 - Log management.
@@ -51,16 +46,15 @@ auditing and reporting.
 
 ### Incident response and Endpoint Protection 
 - Automated and On-demand Host lockdown, IP block, and remote-control console.
-- Antivirus, OSSEC and Wazuh Integration.
+- Antivirus Integration.
 
 ### Network and Host Intrusion detection
 - Rule-based Network Intrusion Detection.
 - Rule-based and heuristic analysis-based Host Intrusion detection System with ATP capabilities.
 - Network traffic, protocol, and DNS analysis.
 
-### Access Rights Auditor
-- Active Directory Explorer.
-- User Activity and permissions tracking.
+### User Auditor
+- User Activity monitoring.
 - Suspicious activity monitoring.
 
 ### File Classification
@@ -114,16 +108,16 @@ provides the flexibility to build the entire stack from the ground by any advanc
 
 ### Audit and compliance support 
 - Generate custom reportsfor audits or compliance checks and assessments.
-- Create compliance dashboardsfor continuous monitoring.
-- Leverage existing reportsforHIPAA, GLBA, GPDR, and SOC compliance.
+- Create compliance dashboards for continuous monitoring.
+- Leverage existing reports for HIPAA, GLBA, GPDR, and SOC compliance.
 
 ### Monitor and analyze security data
 - Build customized dashboards or use existing ones.
 - Explore systems data in nearreal-time and respond to incidents.
 
 ### Reduce downtime
 - Create up-time reports.
-- Review proactive alertsformisconfigurations or misconfigured systems.
+- Review proactive alerts for mis configurations or mis configured systems.
 - Monitor and analyze devices performance and resources utilization.
 
 ### Integrations

Integrations/ThreatDetectionandResponse.md

@@ -8,15 +8,19 @@ nav_order: 2
 
 Getting started with UTMStack is straightforward. Follow this 3-step process:
 
-1. **Installation**: Deploy UTMStack on your Master Server.
+1. **Installation**: Deploy UTMStack on your server.
 2. **Initial Configuration**: Set up essential settings, including SSL and email configurations.
 3. **DataSource Setup**: Configure a Windows Agent as a data source.
 
 ## 1. Install UTMStack
 
-Before you begin, ensure your system meets the minimum requirements: **4 cores**, **12 GB of RAM**, and **150 GB of disk storage** to monitor up to **50 devices**.
+Before you begin, ensure your system meets the minimum requirements: **8 cores**, **16 GB of RAM**, and **150 GB of disk storage** to monitor up to **50 devices**.
 
-Deploy the UTMStack Master Server, which oversees security operations and data collection.
+*** Integration Requirements *** : To ensure optimal system performance, certain additional requirements beyond the minimums must be considered. Each integration being introduced should reserve at least 1GB of space. This reservation is crucial to ensure proper data storage and efficient system operation as a whole.
+
+*** Logging Volume Considerations ***: Furthermore, it's important to take into account the volume of logs generated and processed within 10-minute intervals. If this volume exceeds 1GB within any time interval, immediate communication with the support team is required. This communication is essential to ensure system stability and performance, as well as to address any potential issues related to log management.
+
+Deploy the UTMStack Server, which oversees security operations and data collection.
 
 ### **Procedure**:
 
@@ -77,8 +81,8 @@ Post installation, the first time you get access to UTMStack, its going to be re
 - **Mail Server Username**: The username for your email server.
 
 - **Encryption type**: Choose the encryption protocol for your email server. Options include:
-  - TLS
-  - SSL
+  - STARTTLS
+  - SSL/TLS
   - NONE 
 
  Refer to the [Email Configuration Section](./UTMStackComponents/Configuration/ApplicationSetting) for a detailed walkthrough.

Intro.md

@@ -26,9 +26,9 @@ Configure the email settings to send emails notifications for the alerts and inc
 - **Mail Server Username**: The username for your email server.
 
 - **Encryption type**: Choose the encryption protocol for your email server. Options include:
-  - TLS
-  - SSL
-  - NONE
+  - STARTTLS
+  - SSL/TLS
+  - NONE 
 
 
 

QuickStart.md

@@ -1,7 +1,7 @@
 ---
 layout: default
 title: Dashboards
-nav_order: 5
+nav_order: 6
 has_children: true
 ---
 

UTMStackComponents/Configuration/ApplicationSetting.md

@@ -0,0 +1,22 @@
+---
+layout: default
+title: Alert Management
+parent: Threat Intelligence
+nav_order: 1
+---
+
+# Galaxy View
+
+Welcome to the Threat Intelligence Section.
+
+![Galaxy Search](./../Images/../../Images/galaxysearch.png)
+
+## Introduction
+
+Threat Intelligence is a proactive approach to cybersecurity that involves gathering, analyzing, and applying information about potential and current cyber threats. It provides organizations with valuable insights into the tactics, techniques, and procedures (TTPs) used by threat actors, as well as the vulnerabilities they exploit.
+
+The primary goal of Threat Intelligence is to enhance an organization's ability to detect, prevent, and respond to cyber threats effectively. By understanding the evolving threat landscape, organizations can make informed decisions about allocating resources, strengthening defenses, and mitigating risks.
+
+Threat Intelligence encompasses a wide range of data sources, including open-source intelligence (OSINT), commercial feeds, internal logs, and collaborative sharing with trusted partners and communities. This diverse set of information is then processed and analyzed to identify patterns, trends, and indicators of compromise (IOCs).
+
+Effective Threat Intelligence programs involve not only collecting data but also contextualizing it within the organization's specific environment and business objectives. This contextualization helps prioritize threats based on their relevance and potential impact, allowing security teams to focus their efforts where they are most needed.

UTMStackComponents/Dashboards/README.md

@@ -1,8 +1,8 @@
 ---
 layout: default
-title: Federation Service Installation
-parent: Installation
-nav_order: 7
+title: Upgrade Federation Service
+parent: Upgrade
+nav_order: 5
 ---
 
 # UTMStack Federation Service Installation Guide
@@ -11,7 +11,6 @@ Welcome to the installation page for the Federated Master Deployment of UTMStack
 
 This guide will walk you through the process of installing the UTMStack Federation Service (UTMStackFS) on an Ubuntu 20.04 LTS system. Please follow the steps below to ensure a successful installation.
 
-
 {:note}
 For more details contact Customer Service.