NetCyte DNS Security Quick Deployment Guide

NetCyte DNS Security Quick Deployment Guide


Captive Portal Quick Deployment





1.      Summary

This document is a summary of the quick deployment of the Captive Portal component of NetCyte NAC solution from pre-configured virtual appliances.

2.      Objective

The objective of the quick deployment guide is to demonstrate the Captive Portal’s integration with NetCyte NAC Solution and how DNS based filtering works. Please send a request to for a more detailed POC.

3.      Components

For quick installation, Captive Portal is available with pre-configured VMWare or Hyper-V images.

4.      System Requirements



System Requirement

Software Version


Captive Portal

4 Virtual Cores


150 GB HDD

All Required software is installed

Given for 100  users

Table 1 System Requirement

5.      Installation Steps

a)             Download Virtual Machine Images and Deploy Your Environment

Please use the below links to download predefined Virtual Machine according to your virtualisation environment

For VMWare ESX Environment

For Hyper-V Environment:

For deployment of the virtual machine, please refer to your virtualisation platform guide. Once you finish deployment, you can access the Captive Portal through the console.

To log in to Captive Portal use:

Username: root

Password: Password12345

b)             Initial Settings and Integration with NetCyte NAC System

Once you log in to the system, run the initialize_captive command on the console to set initial system configuration.

Figure 1 Captive Initialisation



e0 settings

Eth0, e0 is used for inline deployment, and you can set any IP address

e1 settings

Eth1, e1 is the interface used for communication with external systems. Captive Portal will communicate NetCyte NAC System, goes through the Internet and answer Client DNS request via this IP.

Database Used

Type of database used. For the NetCyte NAC Integration always select option 2.

MS-SQL Remote IP

Remote IP address of MSSQL Database server.

MS-SQL Database

NetCyte NAC Server main database name. Default is netcyte.

MS-SQL Username

MSSQL User name to access netcyte database. This user should have Read/Write/Delete privileges on netcyte database. If you are using NetCyte Preconfigured NAC Virtual Machine, use "sa" as a user.

 MS-SQL Password

The password of MSSQL user. If you are using NetCyte Preconfigured NAC Virtual Machine uses "Password12345!!"

Connection Interval

 Define how often Captive Portal will check configuration changes on NAC Database.


Enter your Active Directory IP address and FQDN of your domain

Table 2 Captive Portal Initial Settings

Once you finish your settings, you can access Captive Portal using SSH via e1 IP Address. Also, you can check your Captive Installation on NetCyte Management interface using menu Captive Portalà Captive Portal Settings under Captive monitoring.

Figure 2 Captive Portal Monitoring

c)              Configure DNS Filtering

For DNS filtering configuration, the first step is to configure dnsmasq service.

Open dnsmasq configuration file /etc/dnsmasq.conf and and set listen-address =, <eth1 IP address> and go to end of the file and change address= /#/<eth1 ipaddress>. You can use nano.   e.g. nano /etc/dnsmasq.conf

Before proceeding with DNSCyte integration, you need to create an account on the DNSCyte Cloud. Please flow instructions on to create an account. Your captive Portal will be registered under this account.

After Creating your account under DNSCyte Cloud, log in to your Captive Portal again and execute /etc/dnscyte/dnssenseregister.bash script to register and start DnsCyte Docker image on the Captive Portal. The script will ask your DNSCyte Cloud user information that you created previously.

If your script is successfully executed, you can see your device on DNSCyte Cloud. Go to and log in to your account. Goto Deployment à Devices and you will see your device under Local DNS Relay Servers section. You can assign a different profile to your device for filtering client requests.

Figure 3 DnsCyte Device Registration

d)             Enabling Filtering Modes and Activating DNS Based Filter

There are two modes of operation in Captive Portal, Guest Mode and Corporate Mode. The basic operations are:

 Guest Mode: Always requires authentication before allowing access. Once access is granted, i.e. the user is authenticated, allow to access the Internet and start to monitor user activity. If the user creates malicious traffic and exceeds threshold levels, then block user.

To enable the guest mode, execute: /netcyte/script/ command

Corporate Mode: Always allow access and monitor user traffic. If the user creates malicious traffic and exceeds threshold levels, then block user.

To enable the corporate mode, execute: /netcyte/script/ command

After enabling any of the modes to go to NetCyte Management console navigate to SettingsàEngine Settings and Goto Captive Portal Settings, your captive Portal will be seen here with DNSCyte Box ID.

You can search detailed client access logs using this box id on the DnsCyte Cloud.

Figure 4 DNSCyte Filtering Activated.

Note: For testing and monitoring purpose enable corporate mode and set DNS Server of your Client Device pointing to your Captive Portal eth1 or e1 interface IP address.

After successful configuration, registering and filtering mode setting you can enable DNS based filtering on NetCyte NAC Management console. Go to Inventory ManagementàInventory Rules and Click Add New Rule. On the Rule Types section Filter DNSCyte Thread Analysis and double click on the rule to configure your policy.

Figure 5 Rule Type Filtering

Figure 6 Rule Settings 

Rule Setting


Blocked Categories

Monitored Categories. Hit counts will be retrieved from DnsCyte Cloud for a given Interval

Blocking Hit Count

Number of total access in monitored categories for a client for blocking


Hit Count calculation interval. The system calculates total hit count for last interval minutes

Redirect to Captive Portal

Enable/Disable Blocking on Captive Portal

Notification Message

Notification Message that will be shown by Captive Portal

Track Blocking History

Enable excessive blocking on client devices. Default is y

Table 3 DnsCyte Rule Settings

After finishing your settings, click save button to return rule definition page. On the Rule definition page give a name to your rule, select Tag Query Mapping as All-Devices and enable the “Status” for activating rule. The rule is immediately activated in the background.

Figure 7 DnsSyte Rule Definition

e)             Monitoring Client Activities

Even Inventory Rule takes effect immediately after creation retrieving logs may take a little time because of your time interval settings.

To view detailed logs, go to Block and Audit ManagementàDNSCyte Threat Activity.

                       Figure 8 DnsCyte Detailed Logs

To view, the graphical representation of your log data go to Visualisation and Analysis àDNS Threat Analysis

Figure 9 DNSCyte Visual Analysis


    • Related Articles

    • NetCyte Quick Deployment Guide

       NetCyte  Quick Deployment Document 1.      Summary This document is a summary of quick deployment of netCyte NAC solution from preconfigured virtual appliances 2.      Objective The objective of the quick deployment is to demonstrate discovery and ...
    • DnsCyte Quick Deployment

      DnsCyte  Quick Deployment Guide 1.      Summary This document is a summary of the quick deployment for DNSCyte.  2.      Objective The objective of the rapid deployment is to demonstrate discovery and analysis features of DNSCyte. DNSCyte is a DNS ...
    • NetCyte Guides

      NetCyte is a next-generation network access control solution that provides dynamic and adaptive access control with unparalleled threat discovery.  The system creates a holistic view of the IT infrastructure by enabling 100% accurate discovery, ...
    • NetCyte Management Main Screen

      One of the most crowded screen of NetCyte management platform is Main Screen or "All Host" screen. This part of management platform is designed to show general information about client device, system and other useful functionalities. In this article, ...
    • Captive Portal Configuration

      1.      Introduction Captive Portal is a Guest management platform for NetCyte NAC System. It is used for registering and authentication of Guest users. It is also used for Authentication Portal for Corporate users. Because it is a web application ...