Console Pre-Installation

Before you start with the setup

Secure and Efficient Setup for AIR Console and Database Servers

  1. Assign Static IP Addresses

    • Ensure each server running the AIR Console and Database is assigned a static IP address to maintain a stable network connection.

  2. Configure Ports for Initial and Ongoing Access

    • Port 80 (HTTP): Only enabled for initial configuration access through the user interface (UI). This allows for system setup upon installation.

    • Port 443 (HTTPS): After initial setup, use this port permanently for all administrative access. It provides a secure, encrypted connection for managing the AIR Console UI.

  3. Additional Port Configuration for Responders

    • Port 443 (HTTPS): Keep open for secure communication and ongoing operations.

    • Port 4222 ( Enable to allow inbound traffic for asset responders using, facilitating effective communication across distributed systems.

  4. 2-Tier Deployment Specific Configuration

    • Allow inbound access from the AIR Console server to the MongoDB Server on:

      • 27017 (MongoDB)

      • 5432 (PostgreSQL)

  5. Internet Access for Essential Domains (2-Tier Deployment on AIR Console Server Only)

  6. Additional Optional Steps

    • If you're using EDR/XDR or EPP software along with Binalyze, please take a look at our exclusion/exception rules page.

    • (Optional) Create an SSL certificate for the provided Static IP Address or FQDN.

    • (Optional) Allow inbound access for alternative secure access to the web UI on the AIR Console server on:

      • 8443 (HTTPS) inbound

    • (Optional) Create a password-protected network share on the server.

    • (Optional) Create an Active Directory user for Binalyze AIR to enumerate LDAP computers on your network. This account should have limited rights, sufficient only to enumerate computers, and not hold privileged status like a Domain Admin.

This structured approach ensures that every step and detail is laid out clearly, making it easier to follow and implement for a secure and efficient server setup.

Last updated