Search Results

Azure Portal or specific Azure services can be further protected through the use of the Knocknoc Entra back end. This helps prevent or reduce ransomware and common Business Email Compromise (BEC) attacks and data theft/exfiltration through isolating user logi...

Ivanti Connect Secure devices that have an outer firewall or control layer can be protected from unauthorised threat actors by implementing Knocknoc and firewall orchestration This prevents direct Internet access to the Ivanti Connect Secure devices prior to ...

Protect your existing Fortigate or Palo investments from direct internet exposure by introducing Knocknoc. Remote management and administration interfaces, VPN services/ports or any service offered can be protected, requiring a centralised login prior to pres...

The following example assumes your Knocknoc instance is located at https://your-knocknoc.cloud/. Wherever you see that, please substitute it for your own instance URL. Knocknoc SAML config Login In the Knocknoc admin interface (eg: https://your-knocknoc....

Knocknoc 7.5  🚀 Knocknoc 7.5 marks a major milestone in our journey to redefine secure network access. This release is a comprehensive redesign of the user experience, delivering a streamlined, intuitive interface that empowers both administrators and end use...

CyberArk integrates with Knocknoc via the "Web Apps" component, passing through SAML assertions.   Knocknoc SAML config Log in to the Knocknoc Admin interface On the Settings page configure the PublicURL (eg: https://knocknoc.yourserver.com) Create and ...

Knocknoc enables you to remove the attack surface of systems, by enacting just-in-time network/application-based allow-listing. It can operate in a number of ways - from orchestrating network access controls (eg: adding to firewall rules - whilst presenting n...

Capturing additional client IP addresses A client may exhibit behaviour where multiple IP addresses are observed as part of the authentication request. Situations such as: Internal IP addresses (eg: 10.0.x.x / RFC1918), should the Server (or MYIP component...

Passive, Active or a combination Passive - Knocknoc's Allowlist features provides a passive integration with firewalls that support a External Dynamic Lists or EDLs.  This feature allows the firewall to pull from the Knocknoc server a list of IPs of authentic...

Logging is important - we love logging. Because of this, we have included an easy to find, follow and parse log output that provides an additional layer of visibility across your Knocknoc user activity, including logins, access grants, manual interactions, as...

Use Case: Removing VPN Ransomware Risk from Stolen Credentials A mid-size business relied on Internet-exposed VPN appliances to provide extranet access for staff, contractors, and business partners. Due to legacy constraints, some external users still used si...

Use Case: Dynamic Just-in-Time IP Restrictions for High-Security Subnet A critical infrastructure environment needed to restrict access to specific high-security internal networks to trusted IP addresses dynamically, allowing access only for short-lived perio...

Use Case: Trusted partners secure access to web application A financial services provider relied on periodic uploads through an Internet-exposed web application. Although the application was actively maintained, it posed substantial value and risk to the orga...

An IT managed services provider maintained multiple Fortinet firewalls on behalf of customers, often responding to urgent service desk requests requiring 24/7 access. These firewalls were deployed across various locations and managed by multiple members of the...

Announcing Knocknoc 7.0   We’re excited to introduce Knocknoc 7.0, a landmark release packed with features to enhance security, usability, and performance. Here's what's new: Enhanced Security •    'Require Click' for User Access Grants: Access controls can...

The Knocknoc software is managed by your operating system, as such updates can be managed within your patching cycle and complete control. These are applied by utilizing your relevant package management system, as below.   On Debian / Ubuntu and similar var...