Getting Started

Licensing

Knocknoc licensing is based on the number of ~~users, click~~ ~~here~~users ~~for more information.~~. You will need to have a license to ~~use~~install ~~Knocknoc,~~the server, and a trial or monthly license can be ~~purchased~~obtained from the Knocknoc Licensing Portal. ~~The licenses covers the amount of users you have setup in the system, there~~There is no limit on the amount of groups, backends, agents or ~~ACLs.~~ACLs configured. SAML support is also included out of the box!

Server Setup

~~Cloud~~You can run your Knocknoc server either as a managed cloud instance or self-~~hosted,~~hosted. ~~you~~Once ~~need a Knocknoc server, and once you have it~~it's up and ~~running~~running, you will be able to login to the admin panel and start configuration. ~~For~~Access to cloud ~~users~~instances ~~you~~is ~~should~~guided ~~receive~~through ~~your~~the ~~URL~~licensing portal and ~~login details via the licensing portal. For~~for self-hosted servers here is the self-hosted install guide. The self hosted server assumes some ~~system~~systems administration knowledge, and generally the ability to have an inbound public IP for your users to access Knocknoc.

Agent Installation

The agents perform the backend work of updating ACLs, so you need at least one, even if it's on the same machine as Knocknoc server. ~~Here~~You ~~is the~~should ~~agent install guide. You can~~ install the agent onin ~~any~~a ~~machine~~location that can reach both the ~~Knocknoc~~server ~~server,~~(outbound https to the server) and the target ofbackend. ~~the backend, it only needs an HTTPS connection to the Knocknoc server.~~

Backends and ACLs

Backends and ACLs work ~~hand in~~ hand-in-hand to provide a pathway for your fine-tuned group access. Here are the guides for currently supported backends. ~~And~~When ~~here~~a user authenticates to Knocknoc, grants are ~~the~~applied ~~guides~~through ~~for~~ ~~basic ACL configuration. Backends have types, like Haproxy, ipset or scripts. A backend modifies the ACL~~ACLs to ~~perform~~permit ~~the~~their ~~allow listing function of Knocknoc.~~access.

Groups and Authentication

~~Groups~~While ~~need~~users tocan be created either locally or through single sign on like SAML (recommended) or LDAP, groups are created locally in the admin ~~portal,~~portal. ~~however~~A group maps users ~~can~~to beACLs, ~~assigned~~providing ~~either~~fine-grained ~~locally~~control ~~or via~~over the ~~SAML~~resources orthey ~~LDAP~~have ~~authentication~~access ~~steps.~~to.

Read ~~recommend~~more ~~SAML where possible, as it is the most secure option for many people. Here are~~in the authentication guides and ~~the~~ the group setup guide. ~~A group maps Users to ACLs, so you can have fined grained control over what resources your users have access to, even down to an HTTP protocol level.~~

Test it out!

~~That~~The first time you ~~login~~log in and see how Knocknoc works feels like magic. We can't wait for you to enjoy using Knocknoc every day.

Roll it out to your users

Once everything is ready, ~~you~~you'll need to ~~then need to demonstrate or document~~communicate the steps for your ~~users,~~users. ~~and~~To ~~away~~assist ~~you~~with ~~go.~~

this

Wewe are preparing some helpful onboarding resources ~~for~~designed ~~your~~to ~~users,~~streamline ~~and while the~~this process isas ~~different~~much ~~and~~as ~~change is hard, the ease of use of Knocknoc is a great for users.~~possible.

Monitor and Manage

Knocknoc can stream metrics using GELF, and can supply regular exports of user activity. It also has an audit trail function, so you can see exactly what resources which users had access to when. Security teams looking to track fine grained access to network ~~resources,~~resources can ~~even~~ export to CSV as required.