How Knocknoc removes attack surface
Welcome to the Knocknoc Admin Guide.
Knocknoc is a component in reducing your attack surface, it allows you to have fine-grained control over what resources each of your users can access. Knocknoc consists of a server, where users authenticate, and agents which update the backend ACLs with the user's IP address.
Setting up Knocknoc for the first time can appear easy, but please have a read through the Getting Started guide as it will run through the install and setup process.
This guide and covers installation, administration, tuning and troubleshooting. For general access guides, here is the simplified User Guide.
For new admins we recommend checking out the Consider Your Use Case and Understanding Access Control pages to understand how Knocknoc fits into your security architecture.
Defence in Depth
In most cases, users are expected to authenticate to the target resources as well, with this in mind consider Knocknoc as part of a comprehensive defence strategy. In other cases, like video feeds, or SIP connections, extra authentication isn't workable, so you need to decide as part of your security strategy how to manage these risks.