Skip to main content

Getting Started

Cloud SaaS or self-hosted server?

You can run your Knocknoc server either as a managed cloud instance (we host it) or self-host it.

Should you deploy a cloud or self-hosted instance of Knocknoc? The answer will depend on a few factors.

For example, if you want to integrate an LDAP authentication source that is not on the internet, then of course you need self-hosted. A self-hosted Knocknoc server may also suit you better for various security segmentation scenarios, or even Knocknoc on internal networks, which is great for SCADA or ICS systems.

Our cloud SaaS servers are deployable in under a minute, with DNS records and inbound rules all configured for you ready to go.

Spin up a cloud instance fast via the licensing portal

For self-hosted servers, here is the self-hosted install guide

Orchestration Agents

The orchestration agents perform the backend (out of band) work of updating access for the logged-in user, so you need at least one - unless you are using Passive firewall orchestration. These can run on the same server as Knocknoc if you so desire, or deep within an internal network with outbound network access only. Users do not need to install the Agent. 

Follow the guide here to install an orchestration agent: install an agent.

Knocs & integrations

Knocs define and manage the action(s) performed by the underlying Agents, or by the Server itself in the case of Passive lists. This is also where custom scripts are managed, webhooks and more! See currently supported backends

Authentication & SSO

Users can be created locally (with MFA) or dynamically through SSO on-the-fly using SAML (recommended), or via LDAP/ADFS. Groups are created in the admin portal which maps users to access, providing fine-grained control over the resources they have access to. 

Read more in the authentication guides and the group setup guide.

Licensing

Licenses can be obtained via the licensing portal. Licensing is based on the number of users.

If you are self-hosting, you can start with 1 free single license or use that for home/lab environments. There is no limit on the amount of groups, backends, agents or systems integrated. SAML support is also included out of the box, no saml tax!

Cloud SaaS instances manage licensing for you - this is the quickest way to get going.

Test it out!

The first time you log in, take a look at how Knocknoc works and feels like magic. We can't wait for you to enjoy using Knocknoc every day.

Monitor and Manage

Knocknoc can stream metrics using GELF, and can supply regular exports of user activity. It also has an audit trail function, so you can see exactly what resources which users had access to when. Security teams looking to track fine-grained access to network resources can export to CSV as required.

Back to top