DnsCyte Quick Deployment Guide
This document is a summary of the quick deployment for
The objective of the rapid deployment is to demonstrate discovery and
analysis features of DNSCyte. DNSCyte is a DNS based security solution
available as a Cloud-Based Service with an optional on-premise component
(Agent) which analyses DNS traffic and block unwanted, malicious activity in
For quick installation, DNSCyte
solution comes with a cloud-based part and an optional agent software which is
installed on client devices.
Pre-Requisite: For installations and configurations you should have account on https://portal.dnscyte.com/. Before proceeding to configurations and installation please create account on DnsCyte cloud portal.
Cloud-based service does not require any installation of software in
your environment. It only involves forwarder DNS server configuration change in
your local DNS server. Local DNS server forwards client requests to DNSCyte public
DNS servers for analysis
Step 1: Defining Public IP
To start cloud-based DNS filtering define the source
IP of the DNS queries which will be analysed. Generally, This IP address is NAT
IP address of your DNS server while accessing the Internet.
To define your public IP(s) log in to https://portal.dnscyte.com/
and navigate to Deployment--> Public IP and click
button on the upper right side of the screen and Public IP definition screen appears as below
Figure 1. Public IP Definition
In the Public IP definition; Name, IP
address and profile settings must be defined. The other fields are
optional. There are four built-in security profiles available to
users. You can use one of them, or you can set your policy. Please refer
to https://docs.dnscyte.com/security-profiles web page for a detailed description.
Step 2: Forward DNS request to DNSCyte Cloud Service:
The second step for Cloud-Based Service deployment
is to send the DNS queries to Cloud Service Public DNS Servers. DNSCyte Public
DNS server IP Addresses are 220.127.116.11 and 18.104.22.168. You should
define these IP Address as Forwarders in your DNS Servers.
Figure 2. DNS Forwarder Settings For Windows DNS Server
After finishing your settings, you can start to use Cloud-Based Service.
Please note that DNS filtering does not work if you do not define any Public IP
or defining wrong IP information on the Cloud Portal.
Agent-based filtering enables securing DNS
traffic for roaming or mobile clients. Agent intercepts all DNS traffic at the
network layer and forwards it to DNSCyte cloud for
filtering. Client traffic can be filtered regardless of the location of
Agent Installers available at the https://portal.dnscyte.com/ . After log in to portal navigate to Deployments -->Roaming Clients and download the agent from the link
in the upper-right part of the page.
Figure 3. Getting Agent Installer
Once you download the installer,
extract files and execute the installation file to install an agent. Agent
installation is straightforward; just click next to finish the installation.
After successful installation, the agent automatically registers itself to the
Cloud Portal, and you can view your agent installations by navigating to deployment
--> Roaming Clients.
Figure 4. Registered Agents
Assigning Security Profile:
Agent installation requires to apply a security policy to each
registered agent. To Apply Security Policy to an Agent click/button on the right side of
each agent instances and Policy Settings page available for editing.
Figure 5. Agent Settings
once you finished your settings click "Apply" button bottom of page to take effect your changes. Now, the agent is ready to go.
Note: If you want to exclude domains for DNS checking or domains which are not applicable to DNS based filtering like your active directory domains or local domains click
button under Roaming Client and add your domains here. These domains will not be handled by Agent.
Local DNS Serve installation enables monitoring of local IP
address information of your client devices while enforcing Security
Download and Deploy Virtual Appliance.
Local DNS servers are available as a virtual appliance for both ESX and
Download Virtual Machines:
After downloading your virtual appliance please refer to virtualisation platform
guides to deploy your virtual machines.
Configure Virtual Appliance:
After deploying your virtual appliance on your virtualisation platform
you can access via console. Please use :
For log on to the system. First thing you may need to
configure is IP information of your virtual appliance. Use command “sudo
to edit IP information. After editing network information run “sudo
systemctrl restart networking” command to take effect your settings.
After setting up an IP address you can enable dns service by
registering box to your https://portal.dnscyte.com account. Please note that before
configuration you should have an account on DnsCyte Cloud portal.
To register and start DNS services run
“sudo /dnscyte/dnssenseregister.bash” command
and follow instructions. Registration script asks for your DnsCyte Cloud user
name and Password for registration and enables required services once
successfully registered the box.
Figure 6 DnsCyte
Local DNS Registration
After successful execution of the script, you can check the
services by executing “netstat -tulpn” command. Also, you can log
in to https://portal.dnscyte.com to
view registered local DNS deployment.
Figure 7 Local DNS
Figure 8 Portal
Assign Security Profile:
By default, Monitor_Profile is automatically applied to
every registered Local DNS Servers. To
change the assigned security profile click edit icon and select designated
Profile from the list.
Figure 9 Assign Security Profile