Access

Access grants for users follow a process, these are link through a Knoc

Grant and revoke process

The granting and revoking of access by Knocknoc occurs on a number of events, including: User ...

Click to grant/revoke

For additional security and temporal access control, Knoc's support a "click to grant" and "click...

Grant duration (access period override)

Users are assigned a default "grant period" (in minutes), either within Knocknoc for local users,...

Additional client IP addresses

Capturing additional client IP addresses A client may exhibit behaviour where multiple IP addres...

LOOTOTL - Last One Out Turn Off The Lights

Knocknoc keeps a track of the IPs and tries to be kind to users that share IPs. This means that i...

Use cases (overview)

SSH

FortiOS, FortiProxy, Palo Alto, or SSL VPN

VPN and ransomware

High security subnets and JIT network access

Financial services data partner, secure web upload

Web applications (layer-7 filtering)

Remote desktop, simple small business example

Firewall Manager access (IT MSP)

Ivanti Connect Secure

Video

VOIP

AWS infrastructure

Azure Portal

Licensing Knocknoc

SaaS deployment

Server installation (on premise)

Agent installation

Knocker - a cli utility for agents

Create users

Create groups

Admins

Settings

Updates and upgrades

IPSet (Linux Netfilter/IPTables)

Fortigate Address Groups (Fortinet)

Palo Alto

Juniper SRX

Allowlist (EDLs)

Cisco (SFMC/Firepower)

HAProxy

Microsoft Entra

Microsoft Azure NSG

IPsets with UFW

IPsets with Shorewall

Custom Script

AWS (EC2) Security Groups

AWS WAF Ipset

Mikrotik RouterOS

Nginx

Apache Webserver

Local Authentication (MFA included)

SAML

SAML principles and terms

SAML with EntraID (Azure AD)

SAML with OKTA

SAML with Gsuite as IDP

SAML with Jumpcloud

SAML for the Admin Interface

SAML with Keycloak

SAML with CyberArk

SAML with Authentik

Knocknoc with ADFS

LDAP

Grant and revoke process

Click to grant/revoke

Grant duration (access period override)

Additional client IP addresses

LOOTOTL - Last One Out Turn Off The Lights

User authentication

Manage user sessions

Allowlist/EDL access

Agent registration

Time for NTP

LDAP troubleshooting tips

Knocknoc server behind HAProxy

HAProxy tips and tricks

Debugging & log levels

Access

Grant and revoke process

Click to grant/revoke

Grant duration (access period override)

Additional client IP addresses

LOOTOTL - Last One Out Turn Off The Lights

Search Results