DnsCyte Quick Deployment Guide
This document is a summary of the quick deployment for DNSCyte.
The objective of the rapid deployment is to demonstrate discovery and analysis features of DNSCyte. DNSCyte is a DNS based security solution available as a Cloud-Based Service with an optional on-premise component (Agent) which analyses DNS traffic and block unwanted, malicious activity in your network.
For quick installation, DNSCyte solution comes with a cloud-based part and an optional agent software which is installed on client devices.
The second step for Cloud-Based Service deployment is to send the DNS queries to Cloud Service Public DNS Servers. DNSCyte Public DNS server IP Addresses are 199.244.90.190 and 199.244.90.191. You should define these IP Address as Forwarders in your DNS Servers.
Once you download the installer, extract files and execute the installation file to install an agent. Agent installation is straightforward; just click next to finish the installation. After successful installation, the agent automatically registers itself to the Cloud Portal, and you can view your agent installations by navigating to deployment --> Roaming Clients.
Agent installation requires to apply a security policy to each registered agent. To Apply Security Policy to an Agent click/button on the right side of each agent instances and Policy Settings page available for editing.
Local DNS Serve installation enables monitoring of local IP address information of your client devices while enforcing Security Profiles.
Download and Deploy Virtual Appliance.
Local DNS servers are available as a virtual appliance for both ESX and HyperV environm
Download Virtual Machines:
For ESX:
http://download.dnscyte.com/dnscyte/DnsCyte-Local-DNS-ESX.zip
For HyperV:
http://download.dnscyte.com/dnscyte/DnsCyte-Local-DNS-HyperV.zip
After downloading your virtual appliance please refer to virtualisation platform guides to deploy your virtual machines.
Configure Virtual Appliance:
After deploying your virtual appliance on your virtualisation platform you can access via console. Please use :
Username: dnscyte
Password: Password12345
For log on to the system. First thing you may need to configure is IP information of your virtual appliance. Use command “sudo nano /etc/network/interfaces” to edit IP information. After editing network information run “sudo systemctrl restart networking” command to take effect your settings.
After setting up an IP address you can enable dns service by registering box to your https://portal.dnscyte.com account. Please note that before configuration you should have an account on DnsCyte Cloud portal.
To register and start DNS services run
“sudo /dnscyte/dnssenseregister.bash” command and follow instructions. Registration script asks for your DnsCyte Cloud user name and Password for registration and enables required services once successfully registered the box.
Figure 6 DnsCyte Local DNS Registration
After successful execution of the script, you can check the services by executing “netstat -tulpn” command. Also, you can log in to https://portal.dnscyte.com to view registered local DNS deployment.
Figure 7 Local DNS Services
Figure 8 Portal Registered Devices
Assign Security Profile:
By default, Monitor_Profile is automatically applied to every registered Local DNS Servers. To change the assigned security profile click edit icon and select designated Profile from the list.
Figure 9 Assign Security Profile