diff --git a/pillar/healthcheck/standalone.sls b/pillar/healthcheck/standalone.sls
new file mode 100644
index 000000000..dd1a027e9
--- /dev/null
+++ b/pillar/healthcheck/standalone.sls
@@ -0,0 +1,5 @@
+healthcheck:
+  enabled: False
+  schedule: 300
+  checks:
+    - zeek
diff --git a/pillar/top.sls b/pillar/top.sls
index cc6863e22..6569209ef 100644
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -2,7 +2,7 @@ base:
   '*':
     - patch.needs_restarting
 
-  '*_eval or *_helix or *_heavynode or *_sensor':
+  '*_eval or *_helix or *_heavynode or *_sensor or *_standalone':
     - match: compound
     - zeek
 
@@ -40,6 +40,18 @@ base:
     - healthcheck.eval
     - minions.{{ grains.id }}
 
+  '*_standalone':
+    - logstash
+    - logstash.master
+    - logstash.search
+    - firewall.*
+    - data.*
+    - brologs
+    - secrets
+    - healthcheck.standalone
+    - static
+    - minions.{{ grains.id }}
+
   '*_node':
     - static
     - firewall.*
diff --git a/salt/common/maps/so-status.map.jinja b/salt/common/maps/so-status.map.jinja
index 39672410c..0a5d951b0 100644
--- a/salt/common/maps/so-status.map.jinja
+++ b/salt/common/maps/so-status.map.jinja
@@ -18,7 +18,7 @@
   } 
 },grain='id', merge=salt['pillar.get']('docker')) %}
 
-{% if role == 'eval' %}
+{% if role in ['eval', 'mastersearch', 'master', 'standalone'] %}
   {{ append_containers('master', 'grafana', 0) }}
   {{ append_containers('static', 'fleet_master', 0) }}
   {{ append_containers('master', 'wazuh', 0) }}
@@ -28,30 +28,10 @@
   {{ append_containers('master', 'domainstats', 0) }}
 {% endif %}
 
-{% if role == 'heavynode' %}
+{% if role in ['heavynode', 'standalone'] %}
   {{ append_containers('static', 'broversion', 'SURICATA') }}
 {% endif %}
 
-{% if role == 'mastersearch' %}
-  {{ append_containers('master', 'grafana', 0) }}
-  {{ append_containers('static', 'fleet_master', 0) }}
-  {{ append_containers('master', 'wazuh', 0) }}
-  {{ append_containers('master', 'thehive', 0) }}
-  {{ append_containers('master', 'playbook', 0) }}
-  {{ append_containers('master', 'freq', 0) }}
-  {{ append_containers('master', 'domainstats', 0) }}
-{% endif %}
-
-{% if role == 'master' %}
-  {{ append_containers('master', 'grafana', 0) }}
-  {{ append_containers('static', 'fleet_master', 0) }}
-  {{ append_containers('master', 'wazuh', 0) }}
-  {{ append_containers('master', 'thehive', 0) }}
-  {{ append_containers('master', 'playbook', 0) }}
-  {{ append_containers('master', 'freq', 0) }}
-  {{ append_containers('master', 'domainstats', 0) }}
-{% endif %}
-
 {% if role == 'searchnode' %}
   {{ append_containers('master', 'wazuh', 0) }}
 {% endif %}
diff --git a/salt/common/maps/standalone.map.jinja b/salt/common/maps/standalone.map.jinja
new file mode 100644
index 000000000..3585d0df6
--- /dev/null
+++ b/salt/common/maps/standalone.map.jinja
@@ -0,0 +1,21 @@
+{% set docker = {
+  'containers': [
+    'so-nginx',
+    'so-telegraf',
+    'so-soc',
+    'so-kratos',
+    'so-aptcacherng',
+    'so-idstools',
+    'so-redis',
+    'so-logstash',
+    'so-elasticsearch',
+    'so-curator',
+    'so-kibana',
+    'so-elastalert',
+    'so-filebeat',
+    'so-suricata',
+    'so-steno',
+    'so-dockerregistry',
+    'so-soctopus'
+  ]
+} %}
\ No newline at end of file
diff --git a/salt/curator/files/action/close.yml b/salt/curator/files/action/close.yml
index ab4d07050..dfe5519e8 100644
--- a/salt/curator/files/action/close.yml
+++ b/salt/curator/files/action/close.yml
@@ -1,12 +1,8 @@
-{% if grains['role'] == 'so-node' %}
-
-{%- set cur_close_days = salt['pillar.get']('node:cur_close_days', '') -%}
-
-{% elif grains['role'] == 'so-eval' %}
-
-{%- set cur_close_days = salt['pillar.get']('master:cur_close_days', '') -%}
-
-{%- endif %}
+{%- if grains['role'] in ['so-node', 'so-searchnode', 'so-heavynode'] %}
+  {%- set cur_close_days = salt['pillar.get']('node:cur_close_days', '') -%}
+{%- elif grains['role'] in ['so-eval', 'so-mastersearch', 'so-standalone'] %}
+  {%- set cur_close_days = salt['pillar.get']('master:cur_close_days', '') -%}
+{%- endif -%}
 
 ---
 # Remember, leave a key empty if there is no value.  None will be a string,
diff --git a/salt/curator/files/action/delete.yml b/salt/curator/files/action/delete.yml
index 1b3440f8b..e6f2f3833 100644
--- a/salt/curator/files/action/delete.yml
+++ b/salt/curator/files/action/delete.yml
@@ -1,11 +1,7 @@
-{% if grains['role'] == 'so-node' %}
-
-{%- set log_size_limit = salt['pillar.get']('node:log_size_limit', '') -%}
-
-{% elif grains['role'] == 'so-eval' %}
-
-{%- set log_size_limit = salt['pillar.get']('master:log_size_limit', '') -%}
-
+{%- if grains['role'] in ['so-node', 'so-searchnode', 'so-heavynode'] %}
+  {%- set log_size_limit = salt['pillar.get']('node:log_size_limit', '') -%}
+{%- elif grains['role'] in ['so-eval', 'so-mastersearch', 'so-standalone'] %}
+  {%- set log_size_limit = salt['pillar.get']('master:log_size_limit', '') -%}
 {%- endif %}
 ---
 # Remember, leave a key empty if there is no value.  None will be a string,
diff --git a/salt/curator/files/bin/so-curator-closed-delete-delete b/salt/curator/files/bin/so-curator-closed-delete-delete
index 8841c843f..b0ec62424 100755
--- a/salt/curator/files/bin/so-curator-closed-delete-delete
+++ b/salt/curator/files/bin/so-curator-closed-delete-delete
@@ -1,17 +1,13 @@
 
-{% if grains['role'] == 'so-node' %}
-
-{%- set ELASTICSEARCH_HOST = salt['pillar.get']('node:mainip', '') -%}
-{%- set ELASTICSEARCH_PORT = salt['pillar.get']('node:es_port', '') -%}
-{%- set LOG_SIZE_LIMIT = salt['pillar.get']('node:log_size_limit', '') -%}
-
-{% elif grains['role'] == 'so-eval' %}
-
-{%- set ELASTICSEARCH_HOST = salt['pillar.get']('master:mainip', '') -%}
-{%- set ELASTICSEARCH_PORT = salt['pillar.get']('master:es_port', '') -%}
-{%- set LOG_SIZE_LIMIT = salt['pillar.get']('master:log_size_limit', '') -%}
-
-{%- endif %}
+{%- if grains['role'] in ['so-node', 'so-searchnode', 'so-heavynode'] %}
+  {%- set ELASTICSEARCH_HOST = salt['pillar.get']('node:mainip', '') -%}  
+  {%- set ELASTICSEARCH_PORT = salt['pillar.get']('node:es_port', '') -%}
+  {%- set LOG_SIZE_LIMIT = salt['pillar.get']('node:log_size_limit', '') -%}
+{%- elif grains['role'] in ['so-eval', 'so-mastersearch', 'so-standalone'] %}
+  {%- set ELASTICSEARCH_HOST = salt['pillar.get']('master:mainip', '') -%}
+  {%- set ELASTICSEARCH_PORT = salt['pillar.get']('master:es_port', '') -%}
+  {%- set LOG_SIZE_LIMIT = salt['pillar.get']('master:log_size_limit', '') -%}
+{%- endif -%}
 
 #!/bin/bash
 #
diff --git a/salt/curator/files/curator.yml b/salt/curator/files/curator.yml
index aa55836b1..5d51a3d41 100644
--- a/salt/curator/files/curator.yml
+++ b/salt/curator/files/curator.yml
@@ -1,11 +1,7 @@
-{% if grains['role'] == 'so-node' %}
-
-{%- set elasticsearch = salt['pillar.get']('node:mainip', '') -%}
-
-{% elif grains['role'] == 'so-eval' %}
-
-{%- set elasticsearch = salt['pillar.get']('master:mainip', '') -%}
-
+{% if grains['role'] in ['so-node', 'so-searchnode', 'so-heavynode'] %}
+  {%- set elasticsearch = salt['pillar.get']('node:mainip', '') -%}
+{% elif grains['role'] in ['so-eval', 'so-mastersearch', 'so-standalone'] %}
+  {%- set elasticsearch = salt['pillar.get']('master:mainip', '') -%}
 {%- endif %}
 
 ---
diff --git a/salt/curator/init.sls b/salt/curator/init.sls
index b97f7090d..d064b9f20 100644
--- a/salt/curator/init.sls
+++ b/salt/curator/init.sls
@@ -1,6 +1,6 @@
 {% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
-{% if grains['role'] == 'so-node' or grains['role'] == 'so-eval' %}
+{% if grains['role'] in ['so-searchnode', 'so-eval', 'so-node', 'so-mastersearch', 'so-heavynode', 'so-standalone'] %}
 # Curator
 # Create the group
 curatorgroup:
diff --git a/salt/elastalert/init.sls b/salt/elastalert/init.sls
index 08cb0836d..3b0b3fafe 100644
--- a/salt/elastalert/init.sls
+++ b/salt/elastalert/init.sls
@@ -14,24 +14,13 @@
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 {% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
-{% if grains['role'] == 'so-master' %}
-
-{% set esalert = salt['pillar.get']('master:elastalert', '1') %}
-{% set esip = salt['pillar.get']('master:mainip', '') %}
-{% set esport = salt['pillar.get']('master:es_port', '') %}
-
-
-{% elif grains['role'] in ['so-eval','so-mastersearch'] %}
-
-{% set esalert = salt['pillar.get']('master:elastalert', '1') %}
-{% set esip = salt['pillar.get']('master:mainip', '') %}
-{% set esport = salt['pillar.get']('master:es_port', '') %}
-
 
+{% if grains['role'] in ['so-eval','so-mastersearch', 'so-master', 'so-standalone'] %}
+  {% set esalert = salt['pillar.get']('master:elastalert', '1') %}
+  {% set esip = salt['pillar.get']('master:mainip', '') %}
+  {% set esport = salt['pillar.get']('master:es_port', '') %}
 {% elif grains['role'] == 'so-node' %}
-
-{% set esalert = salt['pillar.get']('node:elastalert', '0') %}
-
+  {% set esalert = salt['pillar.get']('node:elastalert', '0') %}
 {% endif %}
 
 # Elastalert
diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls
index 2cdff92c1..4e57f1342 100644
--- a/salt/elasticsearch/init.sls
+++ b/salt/elasticsearch/init.sls
@@ -15,27 +15,19 @@
 {% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set FEATURES = salt['pillar.get']('elastic:features', False) %}
+
 {% if FEATURES %}
   {% set FEATURES = "-features" %}
 {% else %}
   {% set FEATURES = '' %}
 {% endif %}
 
-{% if grains['role'] == 'so-master' %}
-
-{% set esclustername = salt['pillar.get']('master:esclustername', '') %}
-{% set esheap = salt['pillar.get']('master:esheap', '') %}
-
-{% elif grains['role'] in ['so-eval','so-mastersearch'] %}
-
-{% set esclustername = salt['pillar.get']('master:esclustername', '') %}
-{% set esheap = salt['pillar.get']('master:esheap', '') %}
-
-{% elif grains['role'] == 'so-node' or grains['role'] == 'so-heavynode' %}
-
-{% set esclustername = salt['pillar.get']('node:esclustername', '') %}
-{% set esheap = salt['pillar.get']('node:esheap', '') %}
-
+{% if grains['role'] in ['so-eval','so-mastersearch', 'so-master', 'so-standalone'] %}
+  {% set esclustername = salt['pillar.get']('master:esclustername', '') %}
+  {% set esheap = salt['pillar.get']('master:esheap', '') %}
+{% elif grains['role'] in ['so-node','so-heavynode'] %}
+  {% set esclustername = salt['pillar.get']('node:esclustername', '') %}
+  {% set esheap = salt['pillar.get']('node:esheap', '') %}
 {% endif %}
 
 vm.max_map_count:
@@ -149,7 +141,7 @@ so-elasticsearch-pipelines:
       - file: esyml
       - file: so-elasticsearch-pipelines-file
 
-{% if grains['role'] == 'so-master' or grains['role'] == "so-eval" or grains['role'] == "so-mastersearch" %}
+{% if grains['role'] in ['so-master', 'so-eval', 'so-mastersearch', 'so-standalone'] %}
 so-elasticsearch-templates:
   cmd.run:
     - name: /usr/sbin/so-elasticsearch-templates
diff --git a/salt/firewall/init.sls b/salt/firewall/init.sls
index a76c690ed..6440ef4e2 100644
--- a/salt/firewall/init.sls
+++ b/salt/firewall/init.sls
@@ -1,15 +1,16 @@
 # Firewall Magic for the grid
-{%- if grains['role'] in ['so-eval','so-master','so-helix','so-mastersearch'] %}
-{%- set ip = salt['pillar.get']('static:masterip', '') %}
-{%- elif grains['role'] == 'so-node' or grains['role'] == 'so-heavynode' %}
-{%- set ip = salt['pillar.get']('node:mainip', '') %}
-{%- elif grains['role'] == 'so-sensor' %}
-{%- set ip = salt['pillar.get']('sensor:mainip', '') %}
-{%- elif grains['role'] == 'so-fleet' %}
-{%- set ip = salt['pillar.get']('node:mainip', '') %}
-{%- endif %}
-{%- set FLEET_NODE = salt['pillar.get']('static:fleet_node') %}
-{%- set FLEET_NODE_IP = salt['pillar.get']('static:fleet_ip') %}
+{% if grains['role'] in ['so-eval','so-master','so-helix','so-mastersearch', 'so-standalone'] %}
+  {% set ip = salt['pillar.get']('static:masterip', '') %}
+{% elif grains['role'] == 'so-node' or grains['role'] == 'so-heavynode' %}
+  {% set ip = salt['pillar.get']('node:mainip', '') %}
+{% elif grains['role'] == 'so-sensor' %}
+  {% set ip = salt['pillar.get']('sensor:mainip', '') %}
+{% elif grains['role'] == 'so-fleet' %}
+  {% set ip = salt['pillar.get']('node:mainip', '') %}
+{% endif %}
+
+{% set FLEET_NODE = salt['pillar.get']('static:fleet_node') %}
+{% set FLEET_NODE_IP = salt['pillar.get']('static:fleet_ip') %}
 
 # Quick Fix for Docker being difficult
 iptables_fix_docker:
@@ -136,7 +137,7 @@ enable_wazuh_manager_1514_udp_{{ip}}:
     - save: True
 
 # Rules if you are a Master
-{% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' %}
+{% if grains['role'] in ['so-master', 'so-eval', 'so-helix', 'so-mastersearch', 'so-standalone'] %}
 #This should be more granular
 iptables_allow_master_docker:
   iptables.insert:
diff --git a/salt/grafana/init.sls b/salt/grafana/init.sls
index 5e045df35..165282933 100644
--- a/salt/grafana/init.sls
+++ b/salt/grafana/init.sls
@@ -2,7 +2,7 @@
 {% set MASTER = salt['grains.get']('master') %}
 {% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 
-{% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval'] and GRAFANA == 1 %}
+{% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval', 'so-standalone'] and GRAFANA == 1 %}
 
 # Grafana all the things
 grafanadir:
diff --git a/salt/influxdb/init.sls b/salt/influxdb/init.sls
index 49470cfc9..774db2187 100644
--- a/salt/influxdb/init.sls
+++ b/salt/influxdb/init.sls
@@ -3,7 +3,7 @@
 {% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 
 
-{% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval'] and GRAFANA == 1 %}
+{% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval', 'so-standalone'] and GRAFANA == 1 %}
 
 # Influx DB
 influxconfdir:
diff --git a/salt/logstash/init.sls b/salt/logstash/init.sls
index 7b7ffe60b..ba0e015f4 100644
--- a/salt/logstash/init.sls
+++ b/salt/logstash/init.sls
@@ -15,6 +15,7 @@
 {% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set FEATURES = salt['pillar.get']('elastic:features', False) %}
+
 {% if FEATURES %}
   {% set FEATURES = "-features" %}
 {% else %}
@@ -23,35 +24,21 @@
 
 # Logstash Section - Decide which pillar to use
 {% if grains['role'] == 'so-sensor' %}
-
-{% set lsheap = salt['pillar.get']('sensor:lsheap', '') %}
-{% set lsaccessip = salt['pillar.get']('sensor:lsaccessip', '') %}
-
+  {% set lsheap = salt['pillar.get']('sensor:lsheap', '') %}
+  {% set lsaccessip = salt['pillar.get']('sensor:lsaccessip', '') %}
 {% elif grains['role'] == 'so-node' or grains['role'] == 'so-heavynode' %}
-{% set lsheap = salt['pillar.get']('node:lsheap', '') %}
-{% set nodetype = salt['pillar.get']('node:node_type', 'storage') %}
-
-{% elif grains['role'] == 'so-master' %}
-
-{% set lsheap = salt['pillar.get']('master:lsheap', '') %}
-{% set freq = salt['pillar.get']('master:freq', '0') %}
-{% set dstats = salt['pillar.get']('master:domainstats', '0') %}
-{% set nodetype = salt['grains.get']('role', '')  %}
-
+  {% set lsheap = salt['pillar.get']('node:lsheap', '') %}
+  {% set nodetype = salt['pillar.get']('node:node_type', 'storage') %}
+{% elif grains['role'] in ['so-eval','so-mastersearch', 'so-master', 'so-standalone'] %}
+  {% set lsheap = salt['pillar.get']('master:lsheap', '') %}
+  {% set freq = salt['pillar.get']('master:freq', '0') %}
+  {% set dstats = salt['pillar.get']('master:domainstats', '0') %}
+  {% set nodetype = salt['grains.get']('role', '')  %}
 {% elif grains['role'] == 'so-helix' %}
-
-{% set lsheap = salt['pillar.get']('master:lsheap', '') %}
-{% set freq = salt['pillar.get']('master:freq', '0') %}
-{% set dstats = salt['pillar.get']('master:domainstats', '0') %}
-{% set nodetype = salt['grains.get']('role', '')  %}
-
-{% elif grains['role'] in ['so-eval','so-mastersearch'] %}
-
-{% set lsheap = salt['pillar.get']('master:lsheap', '') %}
-{% set freq = salt['pillar.get']('master:freq', '0') %}
-{% set dstats = salt['pillar.get']('master:domainstats', '0') %}
-{% set nodetype = salt['grains.get']('role', '')  %}
-
+  {% set lsheap = salt['pillar.get']('master:lsheap', '') %}
+  {% set freq = salt['pillar.get']('master:freq', '0') %}
+  {% set dstats = salt['pillar.get']('master:domainstats', '0') %}
+  {% set nodetype = salt['grains.get']('role', '')  %}
 {% endif %}
 
 {% set PIPELINES = salt['pillar.get']('logstash:pipelines', {}) %}
diff --git a/salt/nginx/etc/nginx.conf.so-standalone b/salt/nginx/etc/nginx.conf.so-standalone
new file mode 100644
index 000000000..33edb9c3e
--- /dev/null
+++ b/salt/nginx/etc/nginx.conf.so-standalone
@@ -0,0 +1,325 @@
+{%- set masterip = salt['pillar.get']('master:mainip', '') %}
+{%- set FLEET_MASTER = salt['pillar.get']('static:fleet_master') %}
+{%- set FLEET_NODE = salt['pillar.get']('static:fleet_node') %}
+{%- set FLEET_IP = salt['pillar.get']('static:fleet_ip', None) %}
+# For more information on configuration, see:
+#   * Official English Documentation: http://nginx.org/en/docs/
+#   * Official Russian Documentation: http://nginx.org/ru/docs/
+
+worker_processes auto;
+error_log /var/log/nginx/error.log;
+pid /run/nginx.pid;
+
+# Load dynamic modules. See /usr/share/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile            on;
+    tcp_nopush          on;
+    tcp_nodelay         on;
+    keepalive_timeout   65;
+    types_hash_max_size 2048;
+    client_max_body_size 1024M;
+
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
+    include /etc/nginx/conf.d/*.conf;
+
+    #server {
+    #    listen       80 default_server;
+    #    listen       [::]:80 default_server;
+    #    server_name  _;
+    #    root         /opt/socore/html;
+    #    index        index.html;
+
+        # Load configuration files for the default server block.
+        #include /etc/nginx/default.d/*.conf;
+
+    #    location / {
+    #    }
+
+    #    error_page 404 /404.html;
+    #        location = /40x.html {
+    #    }
+
+    #    error_page 500 502 503 504 /50x.html;
+    #        location = /50x.html {
+    #    }
+    #}
+    server {
+        listen 80 default_server;
+        server_name _;
+        return 301 https://$host$request_uri;
+    }
+
+{% if FLEET_MASTER %}
+    server {
+        listen       8090 ssl http2 default_server;
+        server_name  _;
+        root         /opt/socore/html;
+        index        blank.html;
+
+        ssl_certificate "/etc/pki/nginx/server.crt";
+        ssl_certificate_key "/etc/pki/nginx/server.key";
+        ssl_session_cache shared:SSL:1m;
+        ssl_session_timeout  10m;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+        ssl_prefer_server_ciphers on;
+
+        location ~ ^/kolide.agent.Api/(RequestEnrollment|RequestConfig|RequestQueries|PublishLogs|PublishResults|CheckHealth)$ {
+            grpc_pass  grpcs://{{ masterip }}:8080;
+            grpc_set_header Host $host;
+            grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_buffering off;
+        }
+
+    }
+{% endif %}
+
+# Settings for a TLS enabled server.
+
+    server {
+        listen       443 ssl http2 default_server;
+        #listen       [::]:443 ssl http2 default_server;
+        server_name  _;
+        root         /opt/socore/html;
+        index        index.html;
+
+        ssl_certificate "/etc/pki/nginx/server.crt";
+        ssl_certificate_key "/etc/pki/nginx/server.key";
+        ssl_session_cache shared:SSL:1m;
+        ssl_session_timeout  10m;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+        ssl_prefer_server_ciphers on;
+
+        # Load configuration files for the default server block.
+        #include /etc/nginx/default.d/*.conf;
+
+        location ~* (^/login/|^/js/.*|^/css/.*|^/images/.*) {
+          proxy_pass            http://{{ masterip }}:9822;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+          proxy_set_header      Upgrade $http_upgrade;
+          proxy_set_header      Connection "Upgrade";
+        }
+
+        location / {
+          auth_request          /auth/sessions/whoami;
+          proxy_pass            http://{{ masterip }}:9822/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+          proxy_set_header      Upgrade $http_upgrade;
+          proxy_set_header      Connection "Upgrade";
+        }
+
+        location ~ ^/auth/.*?(whoami|login|logout) {
+          rewrite               /auth/(.*) /$1 break;
+          proxy_pass            http://{{ masterip }}:4433;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
+
+        location /cyberchef/ {
+          auth_request          /auth/sessions/whoami;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+        }
+
+        location /cyberchef {
+          rewrite               ^ /cyberchef/ permanent;
+        }
+
+        location /packages/ {
+          try_files $uri =206;
+          auth_request          /auth/sessions/whoami;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+        } 
+        
+        location /grafana/ {
+          rewrite               /grafana/(.*) /$1 break;
+          proxy_pass            http://{{ masterip }}:3000/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
+
+        location /kibana/ {
+          auth_request          /auth/sessions/whoami;
+          rewrite               /kibana/(.*) /$1 break;
+          proxy_pass            http://{{ masterip }}:5601/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
+
+        location /nodered/ {
+          proxy_pass http://{{ masterip }}:1880/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header Upgrade $http_upgrade;
+          proxy_set_header Connection "Upgrade";
+          proxy_set_header      Proxy "";
+
+        }
+        
+        location /playbook/ {
+          proxy_pass            http://{{ masterip }}:3200/playbook/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
+
+
+        location /navigator/ {
+          auth_request          /auth/sessions/whoami;
+          proxy_pass            http://{{ masterip }}:4200/navigator/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
+
+      {%- if FLEET_NODE %}
+        location /fleet/ {
+          return 301 https://{{ FLEET_IP }}/fleet;
+        }
+      {%- else %}
+        location /fleet/ {
+          proxy_pass https://{{ masterip }}:8080;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+        }
+      {%- endif %}
+
+        location /thehive/ {
+          proxy_pass            http://{{ masterip }}:9000/thehive/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_http_version    1.1; # this is essential for chunked responses to work
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
+
+        location /cortex/ {
+          proxy_pass            http://{{ masterip }}:9001/cortex/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_http_version    1.1; # this is essential for chunked responses to work
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
+        
+        location /soctopus/ {
+          proxy_pass            http://{{ masterip }}:7000/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
+
+        location /kibana/app/soc/ {
+          rewrite ^/kibana/app/soc/(.*) /soc/$1 permanent;
+        }
+
+        location /kibana/app/fleet/ {
+          rewrite ^/kibana/app/fleet/(.*) /fleet/$1 permanent;
+        }
+
+        location /kibana/app/soctopus/ {
+          rewrite ^/kibana/app/soctopus/(.*) /soctopus/$1 permanent;
+        }
+
+        location /sensoroniagents/ {
+          proxy_pass            http://{{ masterip }}:9822/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+        }
+
+        error_page 401 = @error401;
+
+        location @error401 {
+          add_header    Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400";
+          return        302 /auth/self-service/browser/flows/login;
+        }
+
+        #error_page 404 /404.html;
+        #    location = /40x.html {
+        #}
+
+        error_page 500 502 503 504 /50x.html;
+            location = /usr/share/nginx/html/50x.html {
+        }
+    }
+
+}
diff --git a/salt/ssl/init.sls b/salt/ssl/init.sls
index 162fbac0c..e3142fa22 100644
--- a/salt/ssl/init.sls
+++ b/salt/ssl/init.sls
@@ -5,7 +5,7 @@
 {% set global_ca_text = [] %}
 {% set global_ca_server = [] %}
 
-{% if 'master' in grains.id.split('_')|last or 'eval' in grains.id.split('_')|last %}
+{% if grains.id.split('_')|last in ['master', 'eval', 'standalone'] %}
     {% set trusttheca_text =  salt['mine.get'](grains.id, 'x509.get_pem_entries')[grains.id]['/etc/pki/ca.crt']|replace('\n', '') %}
     {% set ca_server = grains.id %}
 {% else %}
@@ -50,7 +50,7 @@ m2cryptopkgs:
         bits: 4096
         backup: True
 
-{% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' %}
+{% if grains['role'] in ['so-master', 'so-eval', 'so-helix', 'so-mastersearch', 'so-standalone'] %}
 
 # Request a cert and drop it where it needs to go to be distributed
 /etc/pki/filebeat.crt:
@@ -142,7 +142,7 @@ fbcrtlink:
         backup: True
 
 {% endif %}
-{% if grains['role'] == 'so-sensor' or grains['role'] == 'so-master' or grains['role'] == 'so-node' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' or grains['role'] == 'so-heavynode' or grains['role'] == 'so-fleet' %}
+{% if grains['role'] in ['so-sensor', 'so-master', 'so-node', 'so-eval', 'so-helix', 'so-mastersearch', 'so-heavynode', 'so-fleet', 'so-standalone'] %}
 
 fbcertdir:
   file.directory:
diff --git a/salt/top.sls b/salt/top.sls
index 68e05959c..207fd509a 100644
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -156,6 +156,63 @@ base:
     - domainstats
     {%- endif %}
 
+  '*_standalone':
+    - ca
+    - ssl
+    - registry
+    - master
+    - common
+    - nginx
+    - telegraf
+    - influxdb
+    - grafana
+    - soc
+    - firewall
+    - idstools
+    - healthcheck
+    - redis
+    {%- if FLEETMASTER or FLEETNODE or PLAYBOOK != 0 %}
+    - mysql
+    {%- endif %}
+    {%- if WAZUH != 0 %}
+    - wazuh
+    {%- endif %}
+    - elasticsearch
+    - logstash
+    - kibana
+    - pcap
+    - suricata
+    - zeek
+    {%- if STRELKA %}
+    - strelka
+    {%- endif %}
+    - filebeat
+    - curator
+    - elastalert
+    {%- if FLEETMASTER or FLEETNODE %}
+    - fleet
+    - redis
+    - fleet.install_package
+    {%- endif %}
+    - utility
+    - schedule
+    - soctopus
+    {%- if THEHIVE != 0 %}
+    - hive
+    {%- endif %}
+    {%- if PLAYBOOK != 0 %}
+    - playbook
+    {%- endif %}
+    {%- if NAVIGATOR != 0 %}
+    - navigator
+    {%- endif %}
+    {%- if FREQSERVER != 0 %}
+    - freqserver
+    {%- endif %}
+    {%- if DOMAINSTATS != 0 %}
+    - domainstats
+    {%- endif %}
+
   # Search node logic
 
   '*_node and I@node:node_type:parser':
diff --git a/salt/wazuh/files/agent/ossec.conf b/salt/wazuh/files/agent/ossec.conf
index c5a61e8ad..95d17bc8d 100644
--- a/salt/wazuh/files/agent/ossec.conf
+++ b/salt/wazuh/files/agent/ossec.conf
@@ -1,9 +1,9 @@
-{%- if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-mastersearch' %}
-{%- set ip = salt['pillar.get']('static:masterip', '') %}
+{%- if grains['role'] in ['so-master', 'so-eval', 'so-mastersearch', 'so-standalone'] %}
+  {%- set ip = salt['pillar.get']('static:masterip', '') %}
 {%- elif grains['role'] == 'so-node' or grains['role'] == 'so-heavynode' %}
-{%- set ip = salt['pillar.get']('node:mainip', '') %}
+  {%- set ip = salt['pillar.get']('node:mainip', '') %}
 {%- elif grains['role'] == 'so-sensor' %}
-{%- set ip = salt['pillar.get']('sensor:mainip', '') %}
+  {%- set ip = salt['pillar.get']('sensor:mainip', '') %}
 {%- endif %}
 <!--
   Wazuh - Agent - Default configuration for ubuntu 16.04
diff --git a/salt/wazuh/files/agent/wazuh-register-agent b/salt/wazuh/files/agent/wazuh-register-agent
index ae6ddee60..c636cd899 100755
--- a/salt/wazuh/files/agent/wazuh-register-agent
+++ b/salt/wazuh/files/agent/wazuh-register-agent
@@ -1,9 +1,9 @@
-{%- if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-mastersearch' %}
-{%- set ip = salt['pillar.get']('static:masterip', '') %}
+{%- if grains['role'] in ['so-master', 'so-eval', 'so-mastersearch', 'so-standalone'] %}
+  {%- set ip = salt['pillar.get']('static:masterip', '') %}
 {%- elif grains['role'] == 'so-node' or grains['role'] == 'so-heavynode' %}
-{%- set ip = salt['pillar.get']('node:mainip', '') %}
+  {%- set ip = salt['pillar.get']('node:mainip', '') %}
 {%- elif grains['role'] == 'so-sensor' %}
-{%- set ip = salt['pillar.get']('sensor:mainip', '') %}
+  {%- set ip = salt['pillar.get']('sensor:mainip', '') %}
 {%- endif %}
 #!/bin/bash
 
diff --git a/setup/so-functions b/setup/so-functions
index 6f59c44ad..0549d25c5 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -321,7 +321,7 @@ configure_minion() {
 		'helix')
 			echo "master: $HOSTNAME" >> "$minion_config"
 			;;
-		'master' | 'eval' | 'mastersearch')
+		'master' | 'eval' | 'mastersearch' | 'standalone')
 			printf '%s\n'\
 				"master: $HOSTNAME"\
 				"mysql.host: '$MAINIP'"\
@@ -408,7 +408,7 @@ copy_master_config() {
 
 copy_minion_tmp_files() {
 	case "$install_type" in
-		'MASTER' | 'EVAL' | 'HELIXSENSOR' | 'MASTERSEARCH')
+		'MASTER' | 'EVAL' | 'HELIXSENSOR' | 'MASTERSEARCH' | 'STANDALONE')
 			echo "Copying pillar and salt files in $temp_install_dir to /opt/so/saltstack"
 			cp -Rv "$temp_install_dir"/pillar/ /opt/so/saltstack/ >> "$setup_log" 2>&1
 			if [ -d "$temp_install_dir"/salt ] ; then
@@ -766,7 +766,7 @@ got_root() {
 get_minion_type() {
 	local minion_type
 	case "$install_type" in
-		'EVAL' | 'MASTERSEARCH' | 'MASTER' | 'SENSOR' | 'HEAVYNODE' | 'FLEET')
+		'EVAL' | 'MASTERSEARCH' | 'MASTER' | 'SENSOR' | 'HEAVYNODE' | 'FLEET' | 'STANDALONE')
 			minion_type=$(echo "$install_type" | tr '[:upper:]' '[:lower:]')
 			;;
 		'HELIXSENSOR')
@@ -802,7 +802,7 @@ master_pillar() {
 		"  freq: 0"\
 		"  domainstats: 0" >> "$pillar_file"
 
-	if [ "$install_type" = 'EVAL' ] || [ "$install_type" = 'HELIXSENSOR' ] || [ "$install_type" = 'MASTERSEARCH' ]; then
+	if [ "$install_type" = 'EVAL' ] || [ "$install_type" = 'HELIXSENSOR' ] || [ "$install_type" = 'MASTERSEARCH' ] || [ "$install_type" = 'STANDALONE' ]; then
 		printf '%s\n'\
 			"  ls_pipeline_batch_size: 125"\
 			"  ls_input_threads: 1"\
@@ -1021,7 +1021,7 @@ saltify() {
 		set_progress_str 6 'Installing various dependencies'
 		yum -y install wget nmap-ncat >> "$setup_log" 2>&1
 		case "$install_type" in
-			'MASTER' | 'EVAL' | 'MASTERSEARCH' | 'FLEET' | 'HELIXSENSOR')
+			'MASTER' | 'EVAL' | 'MASTERSEARCH' | 'FLEET' | 'HELIXSENSOR' | 'STANDALONE')
 				reserve_group_ids >> "$setup_log" 2>&1
 				yum -y install epel-release >> "$setup_log" 2>&1
 				yum -y install sqlite argon2 curl mariadb-devel >> "$setup_log" 2>&1
@@ -1092,7 +1092,7 @@ saltify() {
 			'FLEET')
 				if [ "$OSVER" != 'xenial' ]; then apt-get -y install python3-mysqldb >> "$setup_log" 2>&1; else apt-get -y install python-mysqldb >> "$setup_log" 2>&1; fi
 				;;
-			'MASTER' | 'EVAL' | 'MASTERSEARCH') # TODO: should this also be HELIXSENSOR?
+			'MASTER' | 'EVAL' | 'MASTERSEARCH' | 'STANDALONE') # TODO: should this also be HELIXSENSOR?
 				if [ "$OSVER" != "xenial" ]; then local py_ver_url_path="/py3"; else local py_ver_url_path="/apt"; fi
 
 				# Add saltstack repo(s)
@@ -1150,7 +1150,7 @@ saltify() {
 salt_checkin() {
 
 	case "$install_type" in
-		'MASTER' | 'EVAL' | 'HELIXSENSOR' | 'MASTERSEARCH') # Fix Mine usage
+		'MASTER' | 'EVAL' | 'HELIXSENSOR' | 'MASTERSEARCH' | 'STANDALONE') # Fix Mine usage
 			{
 				echo "Building Certificate Authority";
 				salt-call state.apply ca;
@@ -1281,7 +1281,7 @@ set_hostname() {
 
 	set_hostname_iso
 
-	if [[ ! $install_type =~ ^(MASTER|EVAL|HELIXSENSOR|MASTERSEARCH)$ ]]; then
+	if [[ ! $install_type =~ ^(MASTER|EVAL|HELIXSENSOR|MASTERSEARCH|STANDALONE)$ ]]; then
 		if ! getent hosts "$MSRV"; then
 			echo "$MSRVIP   $MSRV" >> /etc/hosts
 		fi
@@ -1383,7 +1383,7 @@ set_management_interface() {
 set_node_type() {
 
 	case "$install_type" in
-		'SEARCHNODE' | 'EVAL' | 'MASTERSEARCH' | 'HEAVYNODE')
+		'SEARCHNODE' | 'EVAL' | 'MASTERSEARCH' | 'HEAVYNODE' | 'STANDALONE')
 			NODETYPE='search'
 			;;
 		'PARSINGNODE')
@@ -1449,7 +1449,7 @@ ls_heapsize() {
 	fi
 
 	case "$install_type" in
-		'MASTERSEARCH' | 'HEAVYNODE' | 'HELIXSENSOR')
+		'MASTERSEARCH' | 'HEAVYNODE' | 'HELIXSENSOR' | 'STANDALONE')
 			LS_HEAP_SIZE='1000m'
 			;;
 		'EVAL')
@@ -1461,7 +1461,7 @@ ls_heapsize() {
 	esac
 	export LS_HEAP_SIZE
 
-	if [[ "$install_type" =~ ^(EVAL|MASTERSEARCH)$ ]]; then
+	if [[ "$install_type" =~ ^(EVAL|MASTERSEARCH|STANDALONE)$ ]]; then
 		NODE_LS_HEAP_SIZE=LS_HEAP_SIZE
 		export NODE_LS_HEAP_SIZE
 	fi
@@ -1483,7 +1483,7 @@ es_heapsize() {
 	fi
 	export ES_HEAP_SIZE
 
-	if [[ "$install_type" =~ ^(EVAL|MASTERSEARCH)$ ]]; then
+	if [[ "$install_type" =~ ^(EVAL|MASTERSEARCH|STANDALONE)$ ]]; then
 		NODE_ES_HEAP_SIZE=ES_HEAP_SIZE
 		export NODE_ES_HEAP_SIZE
 	fi