network_design_-_where_to_setup_lucy
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
network_design_-_where_to_setup_lucy [2019/05/22 09:31] – lucy | network_design_-_where_to_setup_lucy [2019/05/22 09:58] – [On premise installation technical procedure] lucy | ||
---|---|---|---|
Line 22: | Line 22: | ||
- | ===== Challenges in an on-premise installation ===== | + | ===== On premise installation |
- | + | ||
- | * Mail integration: | + | |
- | + | * **Mail integration**: | |
- | If you use the build-in mail server, LUCY would need to be able to resolve the MX record for your own organisation and then deliver the mails to that server. Depending where LUCY is installed, you probably need to open SMTP communication ports. An easier method is using the internal mail server as a relay. In such a case LUCY would communicate with the internal mail server | + | |
{{ setup_lan.png? | {{ setup_lan.png? | ||
+ | * **DNS integration**. You can quickly setup new domains in LUCY. Details are described [[domain_configuration|here]]. Those domains could be used for the landing pages (Phishing or E-learning) or the mail sender (awareness and attack simulation). The internal clients will need to resolve those domains. Therefore, you need to create the according DNS entries also on your internal DNS server and point the records to LUCY. If the landing pages need to be accessed from users in the internet directly (without VPN), you need to make sure that the DNS records are also created on an externally accessible DNS server. | ||
- | * DNS integration: | + | * **Creating |
- | * HTTP/HTTPS access: The landing pages and the E-learning needs to be accessible via http or https (see [[ssl_configuration|this chapter]] for SSL configuration). If users from the internet have to access those pages, you need to make sure that you have set up an according port forwarding rule on your firewall together with a NAT entry, that points to LUCY. | ||
- | * Security products and whitelisting: You need to ensure that the LUCY IP is whitelisted on all your security products | + | * **HTTP/ |
- | * Securing the access: | + | * **HTTP/ |
+ | * **Security products and whitelisting**: | ||
+ | * **Securing the access**: Once you finished the setup, you might want to prevent users from accessing the web based administration. In [[security_considerations|this chapter]] we discuss a few tips on how to secure LUCY. | ||
- | ===== On premise installation technical | + | ===== On premise installation technical |
+ | |||
+ | **Hardware** | ||
+ | Please make sure you have the hardware ready with sufficient disk space (>200 GB) and memory (>4 GB). More details here: https:// | ||
- | **Download:** | + | **Download** |
If you have decided to do an on premise installation you will first need to download LUCY from our webpage. Please choose one of our installers or images: | If you have decided to do an on premise installation you will first need to download LUCY from our webpage. Please choose one of our installers or images: | ||
Line 57: | Line 58: | ||
If you require a different format (e.g. ovf), search for the according converter (e.g. search for " | If you require a different format (e.g. ovf), search for the according converter (e.g. search for " | ||
+ | |||
+ | **Installation** | ||
+ | Once downloaded, please install LUCY according to the download type: | ||
+ | * [[Installing LUCY on LINUX]] | ||
+ | * [[Installing LUCY in Virtualbox]] | ||
+ | * [[Installing LUCY in Vmware]] | ||
+ | * [[Installing LUCY in Amazon]] | ||
+ | * [[installing_lucy_on_windows|Installing LUCY on Windows]] | ||
+ | * [[converting_vmware_to_hyperv|Converting LUCY from VMware ESX to Hyper-V]] | ||
+ | |||
+ | **Login** | ||
+ | [[lucy_weblogin|Login]] to LUCY with the Webbrowser using the IP address of your server. Continue the setup in the browser using the credentials provided in the setup script. If you want to use a domain for your administration UI, Connect to your LUCY instance with the root or phishing account. If you connect as root, please execute the command | ||
**License: | **License: | ||
- | For testing purposes please | + | Please |
+ | |||
+ | **Mail setup** | ||
+ | Define your **[[mail_delivery_methods_in_lucy|default mail delivery method]]** in LUCY. In case you use the build in mail server: set the [[set_hostname_for_smtp_communication|hostname]] for the mail server. | ||
+ | |||
+ | **Domain Setup** | ||
+ | Setup a [[domain_configuration|domain]] in LUCY. This domain can be used for phishing simulations (landing pages) or the elearning portal. | ||
+ | |||
+ | **SSL Setup** | ||
+ | Create a [[ssl_configuration|trusted certificate]] for the administration of LUCY. | ||
+ | **User management** | ||
+ | Create all the required administrators [[user_management|users]] in LUCY. | ||
+ | **Updating** | ||
+ | [[download_templates|Download]] all of the latest templates. [[update_lucy|Update]] LUCY to the latest version | ||
+ | **Hardening** | ||
+ | Consider implementing additional [[security_considerations|security layers]] | ||
- | + | **White Label** | |
+ | Give LUCY a [[white_label_lucy_-_custom_branding|custom branding]] | ||
+ | **Test campaign** | ||
+ | Once you are all set you can try to [[create_your_first_phishing_campaign|setup your first campaign]] | ||
network_design_-_where_to_setup_lucy.txt · Last modified: 2019/10/14 15:45 by lucy