DnsCyte Quick Deployment Guide
This document is a summary of the quick deployment for DNSCyte.
The objective of the rapid deployment is to demonstrate discovery and analysis features of DNSCyte. DNSCyte is a DNS based security solution available as a Cloud-Based Service with an optional on-premise component (Agent) which analyses DNS traffic and block unwanted, malicious activity in your network.
For quick installation, DNSCyte solution comes with a cloud-based part and an optional agent software which is installed on client devices.
: For installations and configurations you should have account on
. Before proceeding to configurations and installation please create account on DnsCyte cloud portal.
Cloud-based service does not require any installation of software in your environment. It only involves forwarder DNS server configuration change in your local DNS server. Local DNS server forwards client requests to
public DNS servers for analysis
Step 1: Defining Public IP
To start cloud-based DNS filtering define the source IP of the DNS queries which will be analysed. Generally, This IP address is NAT IP address of your DNS server while accessing the Internet.
To define your public IP(s) log in to
and navigate to Deployment--> Public IP and click
button on the upper right side of the screen and Public IP definition screen appears as below
Figure 1. Public IP Definition
In the Public IP definition; Name, IP address and profile settings must be defined. The other fields are optional. There are four built-in security profiles available to users. You can use one of them, or you can set your policy. Please refer to
web page for a detailed description.
Step 2: Forward DNS request to DNSCyte Cloud Service:
The second step for Cloud-Based Service deployment is to send the DNS queries to Cloud Service Public DNS Servers. DNSCyte Public DNS server IP Addresses are 126.96.36.199 and 188.8.131.52. You should define these IP Address as Forwarders in your DNS Servers.
Figure 2. DNS Forwarder Settings For Windows DNS Server
After finishing your settings, you can start to use Cloud-Based Service. Please note that DNS filtering does not work if you do not define any Public IP or defining wrong IP information on the Cloud Portal.
Agent-based filtering enables securing DNS traffic for roaming or mobile clients. Agent intercepts all DNS traffic at the network layer and forwards it to
cloud for filtering. Client traffic can be filtered regardless of the location of the client.
Agent Installers available at the https://portal.dnscyte.com/ . After log in to portal navigate to Deployments -->Roaming Clients and download the agent from the link in the upper-right part of the page.
Figure 3. Getting Agent Installer
Once you download the installer, extract files and execute the installation file to install an agent. Agent installation is straightforward; just click next to finish the installation. After successful installation, the agent automatically registers itself to the Cloud Portal, and you can view your agent installations by navigating to deployment --> Roaming Clients.
Figure 4. Registered Agents
Assigning Security Profile:
Agent installation requires to apply a security policy to each registered agent. To Apply Security Policy to an Agent click/button on the right side of each agent instances and Policy Settings page available for editing.
Figure 5. Agent Settings
once you finished your settings click "Apply" button bottom of page to take effect your changes. Now, the agent is ready to go.
Note: If you want to exclude domains for DNS checking or domains which are not applicable to DNS based filtering like your active directory domains or local domains click
button under Roaming Client and add your domains here. These domains will not be handled by Agent.
Local DNS Serve installation enables monitoring of local IP address information of your client devices while enforcing Security Profiles.
Download and Deploy Virtual Appliance.
Local DNS servers are available as a virtual appliance for both ESX and HyperV environm
Download Virtual Machines:
After downloading your virtual appliance please refer to virtualisation platform guides to deploy your virtual machines.
Configure Virtual Appliance:
After deploying your virtual appliance on your virtualisation platform you can access via console. Please use :
For log on to the system. First thing you may need to configure is IP information of your virtual appliance. Use command “sudo nano /etc/network/interfaces” to edit IP information. After editing network information run “sudo systemctrl restart networking” command to take effect your settings.
After setting up an IP address you can enable dns service by registering box to your https://portal.dnscyte.com account. Please note that before configuration you should have an account on DnsCyte Cloud portal.
To register and start DNS services run
“sudo /dnscyte/dnssenseregister.bash” command and follow instructions. Registration script asks for your DnsCyte Cloud user name and Password for registration and enables required services once successfully registered the box.
Figure 6 DnsCyte Local DNS Registration
After successful execution of the script, you can check the services by executing “netstat -tulpn” command. Also, you can log in to https://portal.dnscyte.com to view registered local DNS deployment.
Figure 7 Local DNS Services
Figure 8 Portal Registered Devices
Assign Security Profile:
By default, Monitor_Profile is automatically applied to every registered Local DNS Servers. To change the assigned security profile click edit icon and select designated Profile from the list.
Figure 9 Assign Security Profile