DnsCyte Quick Deployment Guide
This document is a summary of the quick deployment for
DNSCyte.
The objective of the rapid deployment is to demonstrate discovery and
analysis features of DNSCyte. DNSCyte is a DNS based security solution
available as a Cloud-Based Service with an optional on-premise component
(Agent) which analyses DNS traffic and block unwanted, malicious activity in
your network.
For quick installation, DNSCyte
solution comes with a cloud-based part and an optional agent software which is
installed on client devices.
The second step for Cloud-Based Service deployment
is to send the DNS queries to Cloud Service Public DNS Servers. DNSCyte Public
DNS server IP Addresses are 199.244.90.190 and 199.244.90.191. You should
define these IP Address as Forwarders in your DNS Servers.
Once you download the installer,
extract files and execute the installation file to install an agent. Agent
installation is straightforward; just click next to finish the installation.
After successful installation, the agent automatically registers itself to the
Cloud Portal, and you can view your agent installations by navigating to deployment
--> Roaming Clients.
Agent installation requires to apply a security policy to each
registered agent. To Apply Security Policy to an Agent click/button on the right side of
each agent instances and Policy Settings page available for editing.
Local DNS Serve installation enables monitoring of local IP
address information of your client devices while enforcing Security
Profiles.
Download and Deploy Virtual Appliance.
Local DNS servers are available as a virtual appliance for both ESX and
HyperV environm
Download Virtual Machines:
For ESX:
http://download.dnscyte.com/dnscyte/DnsCyte-Local-DNS-ESX.zip
For HyperV:
http://download.dnscyte.com/dnscyte/DnsCyte-Local-DNS-HyperV.zip
After downloading your virtual appliance please refer to virtualisation platform
guides to deploy your virtual machines.
Configure Virtual Appliance:
After deploying your virtual appliance on your virtualisation platform
you can access via console. Please use :
Username: dnscyte
Password: Password12345
For log on to the system. First thing you may need to
configure is IP information of your virtual appliance. Use command “sudo
nano /etc/network/interfaces”
to edit IP information. After editing network information run “sudo
systemctrl restart networking” command to take effect your settings.
After setting up an IP address you can enable dns service by
registering box to your https://portal.dnscyte.com account. Please note that before
configuration you should have an account on DnsCyte Cloud portal.
To register and start DNS services run
“sudo /dnscyte/dnssenseregister.bash” command
and follow instructions. Registration script asks for your DnsCyte Cloud user
name and Password for registration and enables required services once
successfully registered the box.
Figure 6 DnsCyte
Local DNS Registration
After successful execution of the script, you can check the
services by executing “netstat -tulpn” command. Also, you can log
in to https://portal.dnscyte.com to
view registered local DNS deployment.
Figure 7 Local DNS
Services
Figure 8 Portal
Registered Devices
Assign Security Profile:
By default, Monitor_Profile is automatically applied to
every registered Local DNS Servers. To
change the assigned security profile click edit icon and select designated
Profile from the list.
Figure 9 Assign Security Profile