SensorFu Beacon How To: 3 steps to always know if your isolated Linux leaks
When you need to build isolated and strictly restricted Linux environments for special purposes you want to know it truly is and stays isolated. Typically isolation is done with strict firewall rules, VLAN segregation or even with air gaps. But the common question remains. Do you know that those restrictions works as expected?
This article will walk you through how to to deploy SensorFu Beacon Linux Application.
Step 1: Configure and download
To get things rolling, you need to have access to Beacon Home.
Log in to Beacon Home and create new Beacon Linux Application and download it.
Step 2: Deploy
Transfer the binary to your target machine for example with “scp” via your management network or USB flash drive using sneakernet.
“scp beacon-linux-3.13.0 datavault: ”
Run the binary with “ — install” to install beacon as systemd service. You also need to define network interface to be used with “ — interface“. Customize beacon’s name with “ — name” argument if you like. See “ — help”.
You can automate the deployment with your favourite orchestration tool like Ansible, Puppet, Salt, and so forth.
Note: You can also run beacon directly from the command line if you like, you can find instructions from Beacon Manual or with “ — help”.
Step 3: Always know if your network leaks
Then you just sit back and relax and you will know if your network leaks.
In our demo case, SSH was open to both direction and we received the alert from our DataVault. Beacon will now work tirelessly on your behalf and alert you if new leaks appear in the future.
Do you know what is the situation in your environment — today and in future?
Done
Deploying Beacon Linux application is really straight forward and you can easily automate it with orchestration tools. You can even build Beacon in to your virtual machine templates for isolated environments like VPC’s. What about containers? Good news, Application can run inside them too.
