How Knocknoc Works

Knocknoc is an identity-aware gateway that protects your network applications to reduce their attack surface. It’s simple to implement and cost-effective at scale.

First you deploy your Knocknoc server. This provides the web interface that users and admins log into, and interacts with your identity provider. The server can run on-premise in your network, in our managed cloud or within your own hosted infrastructure.
Next you install one or many Knocknoc agents. The agents phone home to the server and receive instructions to allow or deny IP addresses. They apply these grants against backends within their reach.
An example backend can be a:
  • Reverse proxy (e.g. HAProxy)
  • Firewall (e.g. ipset)
  • Cloud ACL (e.g. AWS Security Group)
We also offer a “script” backend which allows you the flexibility to create your own backends.

Features of Knocknoc