How Knocknoc Works
Knocknoc is an identity-aware gateway that protects your network applications to reduce their attack surface. It’s simple to implement and cost-effective at scale.
First you deploy your Knocknoc server. This provides the web interface that users and admins log into, and interacts with your identity provider. The server can run on-premise in your network, in our managed cloud or within your own hosted infrastructure.
Next you install one or many Knocknoc agents. The agents phone home to the server and receive instructions to allow or deny IP addresses. They apply these grants against backends within their reach.
An example backend can be a:
- Reverse proxy (e.g. HAProxy)
- Firewall (e.g. ipset)
- Cloud ACL (e.g. AWS Security Group)
We also offer a “script” backend which allows you the flexibility to create your own backends.
Features of Knocknoc
- Zero Trust Made Easy: Protect your systems by ensuring that no one gains access until authenticated by Knocknoc. A minimal barrier to entry into a zero trust model, simply “Knoc first”.
- Enhanced Security: Reduce attack surfaces and eliminate brute force attempts with our state-of-the-art authentication process.
- Authentication: Knocknoc integrates with existing platforms such as Jumpcloud, or can be used in standalone mode, including multi-factor authentication (MFA).
- Visibility and Audit Trail: Gain full visibility over authenticated users and their access durations with our comprehensive activity audit trail.
- Seamless Integration: Add SAML and MFA to applications that lack native support, such as video feeds, expanding your security capabilities effortlessly.
- Timed Access Control: Allow access to applications and infrastructure only when users are authenticated and within specified time windows.