📄️ Supported Environments
Secfense acknowledges the existence of various virtualization environments, but we only officially support VMWare as a hypervisor.
📄️ Supported Browsers
Secfense Broker interfaces with users via Web Browsers. At the moment we consider following web browsers (in their latest available versions) as supported:
📄️ Installing the Broker
note - all default passwords are listed in this article
📄️ Default passwords
Out of the box following users with their assigned default passwords can administer the Broker:
📄️ Clustering the device
Please note – it is strongly advised to use separate hypervisors for each Secfense Broker instance that will be part of the cluster.
📄️ Enabling VRRP
Secfense Broker can utilize Virtual Router Redundancy Protocol to create a single IP which will be used as a Virtual IP in fron of clustered devices allowing them to work in an active/standby setup.
📄️ Software Upgrade
Important: Before upgrading the device, we recommend performing a backup of your device. The procedure is described here.
📄️ Installing Hotfix
A Hotfix is a temporary solution to an issue that is limited to single customer and is usually related with how a certain application is protected.
📄️ Deployment
(type, instruction, success factors)
📄️ Network configuration for typical deployments
These instructions are aimed at a single protected application. To add more applications, follow these steps for each deployment.
📄️ Account hardening
(adding MFA to administrator panel)
📄️ Licensing the device
To obtain information about your current license (expiration date and user limit), go to Settings and scroll down to the bottom of the page to the "Licensing" section.
📄️ GUI Overview
This section will briefly explain the available screens and their typical use within the Secfense Broker GUI. Please note that this relates to the full view, which is designed for Super Admin users. Support users will see a less detailed GUI, limited only to the parts necessary for them to fulfill their role.
📄️ Entering "Debug Mode"
"Debug Mode" is useful when an administrator needs to verify the way an application representation had learned the authentication patterns or when a hotfix was issued for this particular installation and needs to be applied.
📄️ CLI Overview
Secfense Broker Command Line Interface is available on port 22 via SSH protocol. Although a wide range of configuration and diagnostic options is available, only a subset is required to properly administer the device and troubleshoot any potential issues.
📄️ Password Policy
All passwords created within Secfense Broker (for Administrators, Support, etc.) must adhere to the following password policy requirements:
📄️ Quick Start
This part will present basic scenario of an "inline with load balancer" application hardening. The application that would be hardened is irrelevant, however it is important to notice that out of the box the application is only configured to accept username and password. We will use Secfense Broker to harden it with FIDO2 compliant multi factor authentication.