Content area
In a context of evolving cyber threats, the San Cristobal de Huamanga National University (UNSCH) faces the need to improve its network security infrastructure. This study implements Security Onion as a network auditing tool at this institution with the objective of evaluating its effectiveness in three key areas: security monitoring, log management, and intrusion detection. The study employs an applied, descriptive, and experimental approach to demonstrate that Security Onion is a robust solution for incident detection. It enables comprehensive analysis of network logs and early identification of suspicious activities, providing a holistic view of the network. Based on the results, the study suggests best practices for protecting institutional information and the network, and contributes to understanding Security Onion's capabilities in similar network infrastructures. Furthermore, it provides a replicable model for other institutions.