3.1 Segmentation 1

Server Configuration

   IP: 172.16.200.10/28
   Gateway:  172.16.200.2
   DNS: 172.16.200.2	
   Hostname: wazuh-jude

RIP on FW1 and FW-MGMT

Server Installation

   curl -sO https://packages.wazuh.com/4.3/wazuh-install.sh && sudo bash ./wazuh-install.sh -a

• Login to wazuh server via mgmt01 https://172.16.200.10

Wazuh/OSSEC Agent on web01

• Find the groups screen in Wazuh, create a new group called linux
• Find the agents screen in Wazuh, Deploy a new agent with the following configuration.

  • Redhat/CentoS

  • CentOS 6 or higher

  • x86_64

  • 172.16.200.10

  • linux

  • Run this command on your web01 server

     sudo WAZUH_MANAGER='localhost' WAZUH_AGENT_GROUP='linux' yum install https://packages.wazuh.com/4.x/yum5/x86_64/wazuh-agent-4.3.10-1.el5.x86_64.rpm
    

  • Start the Wazuh agent on web01

    sudo systemctl daemon-reload
    sudo systemctl enable wazuh-agent
    sudo systemctl start wazuh-agent
    

Agent Directory Structure

agent