Console Pre-Installation
Before you start with the setup
Last updated
Was this helpful?
Before you start with the setup
Last updated
Was this helpful?
Assign Static IP Addresses
Ensure each server running the AIR Console and Database is assigned a static IP address to maintain a stable network connection.
Configure Ports for Initial and Ongoing Access
Port 80 (HTTP): Only enabled for initial configuration access through the user interface (UI). This allows for system setup upon installation.
Port 443 (HTTPS): After initial setup, use this port permanently for all administrative access. It provides a secure, encrypted connection for managing the AIR Console UI.
Additional Port Configuration for Responders
Port 443 (HTTPS): Keep open for secure communication and ongoing operations.
Port 4222 (NATS.io): Enable to allow inbound traffic for asset responders using NATS.io, facilitating effective communication across distributed systems.
2-Tier Deployment Specific Configuration
Allow inbound access from the AIR Console server to the MongoDB Server on:
5432 (PostgreSQL)
Internet Access for Essential Domains (2-Tier Deployment on AIR Console Server and DB Server)
Allow access to the following domains from the Console Server:
Allow access to the following domains from the DB Server:
Additional Optional Steps
If you're using EDR/XDR or EPP software along with Binalyze, please take a look at our exclusion/exception .
(Optional) Create an SSL certificate for the provided Static IP Address or FQDN.
(Optional) Allow inbound access for alternative secure access to the web UI on the AIR Console server on:
8443 (HTTPS) inbound
(Optional) Create a password-protected network share on the server.
(Optional) Create an Active Directory user for Binalyze AIR to enumerate LDAP computers on your network. This account should have limited rights, sufficient only to enumerate computers, and not hold privileged status like a Domain Admin.
This structured approach ensures that every step and detail is laid out clearly, making it easier to follow and implement for a secure and efficient server setup.