Introduction – SGBox Next Generation SIEM & SOAR https://www.sgbox.eu Next Generation SIEM & SOAR Fri, 18 Apr 2025 08:43:59 +0000 en-US hourly 1 https://wordpress.org/?v=6.8 https://www.sgbox.eu/wp-content/uploads/2025/02/cropped-SGBox-symbol-png-32x32.webp Introduction – SGBox Next Generation SIEM & SOAR https://www.sgbox.eu 32 32 Network Requirements https://www.sgbox.eu/en/knowledge-base/network-requirements/ Tue, 30 May 2023 15:16:23 +0000 http://10.253.1.91/?post_type=epkb_post_type_1&p=8649

SGBox and Collector network requirements

Following table explains the different network configuration you in order to: 

  • Manage SGBox and the Collector using WebUI and CLI.
  • Keep SGBox and the Collector updated.
  • Make a correct communication between SGBox and the Collector.
  • Allow data sources to send data to SGBox and Collector.
From To Port Description
Client (User) SGBox 443/tcp HTTPS WebUI
Client (User) SGBox  22/tcp SSH (CLI)
Client (User) Collector 22/tcp SSH (CLI)
Client (User) Collector (v5) 4000/tcp OpenVAS console HTTPS
Client (User) / SGBox SGBox 4000/tcp HTTPS (API)
SGBox/Collector apps.sgbox.it 80/tcp
443/tcp		 HTTP/S (Updates)
SGBox/Collector *.ubuntu.com 80/tcp
443/tcp		 HTTP/S (Updates)
SGBox / Collector (v6) registry.sgcloud.it 7442/tcp HTTPS (Updates)
Collector (v5) feed.community.greenbone.net 873/tcp RSYNC (Updates)
SGBox / Collector (v6) No Syslog datasources eg. 1433/tcp, 1521/tcp, 443/tcp DB, other (receive data)
SGBox / Collector (v6) Active Directory (LDAP) 389/tcp, 636/tcp LDAP/LDAPS
Collector  SGBox 443/tcp HTTPS (send data)
SGAgent Collector / SGbox 443/tcp HTTPS (send data)
Data source Collector / SGbox 514/udp Syslog (send data)
Data source Collector / SGBox 514/udp Syslog (send data)
Data source Collector / SGBox 6514/tcp Syslog + TLS (send data)

Network Requirements

]]> First Steps https://www.sgbox.eu/en/knowledge-base/first-steps/ Thu, 20 Apr 2023 13:53:46 +0000 http://10.253.1.91/?post_type=epkb_post_type_1&p=8618

👣 Steps

This table will explain the very first main steps. It must be followed in order.

You can use also the “done” temporary column to check the passage done.

# Context Passage Link Done
1️⃣ All Registration to Ticket Portal to access Download Appliance and Documentation 🔗 Registration and Download
2️⃣ All Start wizard and generate SCM_ID

🔗 Check Network Requirements

🔗 Configure Static IP

🔗 Show SCMID
3️⃣ All Communicate SCM_ID via Ticket, then upload license on Appliance 🌐 Ticket Portal
4️⃣ MultiTenant Only Passages to configure multitenant environment 🔗 KB Create new Tenant
🔗 KB Create new Tenant Admin
🔗 KB Create end User Access
🔗 KB Register a Collector
5️⃣ All Configure main options and alerts 🔗 KB Alerts
🔗 KB Mail
6️⃣ All Configure sources to send log 📋 Input types
7️⃣ All Create Assets to Group Sources 🔗 KB Create Asset
8️⃣ All Install packages to extract events 🔗 KB Link

View events: LM > Analysis > Class/Pattern
Dashboards: SCM > Dashboard

🛠️ Hardware Requirements

SGBox Main Appliance

  • HDD: >= 150 GB
  • RAM: 16 GB
  • CPU: 8 Cores

Collector

  • HDD: >= 50 GB
  • RAM: 4GB
  • CPU: 4 Cores

Network Requirements

Follow specific page for the network requirements of the various component:   🔗 KB Network Requirements

]]>