Search Results

User creation varies depending on the authentication source in use. "SAML users" are created on-the-fly from your IdP into Knocknoc once SAML is established, "local" users will need to be created within the admin interface and LDAP users will need to be config...

SAML for the admin interface is the same as SAML for the user base with a few very small alterations. Follow the existing guides for EntraID, OKTA or JumpCloud etc, while keeping the below in mind. If the same IdP is in use for users and admins, a second Ap...

Nginx support via script was added in knocknoc-agent version 1.0.30. This allows for flexible ACL management from Knocknoc server for nginx. Setup for the Nginx server To get started, make sure you have knocknoc-agent version 1.0.30 or above installed. The fol...

Apache 2.4 and above have slightly different ACL syntax, so this page covers how you can use Knocknoc to manage ACLs. The script for managing Apache ACLs as per this document was added to knocknoc-agent in version 1.0.31 Setup for your Apache webserver SSH to ...

G Suite can be set up as an Identity Provider if you have G Suite Business Starter or above plan. The basis of this guide is the official docs here: https://support.google.com/a/answer/6087519?hl=en which should be referred to in case anything changes from the...

Overview This integration is designed to manage named locations in Microsoft Azure Conditional Access policies via the Microsoft Graph API. It allows users to add, delete, or flush named locations related to specific IP addresses. This system can also be used ...

Azure Portal or specific Azure services can be further protected through the use of the Knocknoc Entra back end. This helps prevent or reduce ransomware and common Business Email Compromise (BEC) attacks and data theft/exfiltration through isolating user login...

Ivanti Connect Secure devices that have an outer firewall or control layer can be protected from unauthorised threat actors by implementing Knocknoc and firewall orchestration. This prevents direct Internet access to the Ivanti Connect Secure devices prior to ...

Protect your existing Fortigate or Palo Alto assets from direct internet or internal exposure by introducing Knocknoc. Remote management and administration interfaces, VPN services/ports or any service offered can be protected, requiring a centralised login pr...

The Allowlist backend makes a list of active IP address grants available via the Knocknoc server API. This allows integration with appliances or clients that can be configured to poll a URL without the need for a Knocknoc agent to be deployed. This is sometime...

The following example assumes your Knocknoc instance is located at https://your-knocknoc.cloud/. Wherever you see that, please substitute it for your own instance URL. Knocknoc SAML config Log in to the Knocknoc admin interface (e.g., https://your-knocknoc.c...

Keycloak supports multiple authentication realms, so you must first select the appropriate realm for your organisation. Do not make any of the below changes in the Keycloak/master realm. In this example our realm is called "Acme" and Keycloak is hosted at http...

Knocknoc 7.5  🚀 Knocknoc 7.5 marks a major milestone in our journey to redefine secure network access. This release is a comprehensive redesign of the user experience, delivering a streamlined, intuitive interface that empowers both administrators and end use...

CyberArk integrates with Knocknoc via the "Web Apps" component, passing through SAML assertions. Knocknoc SAML config Log in to the Knocknoc Admin interface On the Settings page configure the PublicURL (e.g., https://knocknoc.yourserver.com) Create and uploa...

Knocknoc enables you to remove the attack surface of systems, by enacting just-in-time network/application-based allow-listing. It can operate in a number of ways - from orchestrating network access controls (e.g., adding to firewall rules - whilst presenting ...

Passive, Active or a combination Passive - Knocknoc's Allowlist feature provides a passive integration with firewalls that support External Dynamic Lists (EDLs).  This feature allows the firewall to pull from the Knocknoc server a list of IPs of authenticated ...

The Knocker utility is a command-line tool for managing various backends or server features with ease. It provides commands for enabling, disabling, installing, uninstalling, and performing health checks for supported backends. Usage (on Agent) /opt/knocknoc...

Capturing additional client IP addresses A client may exhibit behaviour where multiple IP addresses are observed as part of the authentication request. Situations such as: Internal IP addresses (e.g., 10.0.x.x / RFC1918), should the Server (or MYIP component)...