Old UI
  • Documentation Platform
    • Technical Guide
      • Whitelisting
        • Whitelisting the Pictures on Microsoft Outlook Apps
      • Minimum Requirements
      • On-Premise Requirements
        • Restricting the Access to Portal According IP
          • How to Import SSL Certificates in IIS
        • Why does the disk on the server fill up fast?
      • Getting Started
      • Phishing Simulator
      • Awareness Educator
      • Incident Responder
        • How does investigation mechanism work?
          • Benefits of Phishing Incident Responder
          • Reverse Engineering Support
          • Privacy and Security
          • Audit
          • Integrations
        • API Settings
          • Configuration steps for Office 365: Microsoft Graph App Configuration
          • Exchange Mail Configuration
          • GSuite API Configuration Guide
          • Gsuite Mail Configration
        • Analysing Suspicious Emails
          • Starting an Automatic Incident Investigation
          • Starting a Manual Incident Investigation
          • Playbook
        • FAQ (Incident Responder&Phishing Reporter)
      • Phishing Reporter Add-In
        • Installation
        • Microsoft Defender Email Reporter Add-In
      • Email Threat Simulator (ETS)
        • Creating a Trusted Account for E-mail Security Tests
          • Restriction of the Authority of the Test Account
          • Restrict Email Address
          • Enable Mailbox Audit Logging for Test Account
        • Dashboard
        • Quick Scan
        • Advanced Scan
        • Interpretation of ETS Report
        • FAQ ( ETS)
      • Threat Intelligence
        • FAQ (Threat Intelligence)
      • Report Manager
        • Phishing Campaign Report List
          • Phishing Campaign Summary
          • Statistics
          • Opened Email
          • Clicked Link in The Phishing Campaign Email
          • Submitted Form
          • Opened Attachment
          • Phishing Reporter
          • Campaign No response
          • Email Delivery Report
          • Phishing User Compare
          • Departments
        • Training Campaign Reports
          • Training Summary
          • Training Statistics
          • Opened Training Email
          • Clicked Training Link
          • View Duration
          • No Response
          • Sending Report
          • Training User Compare
          • Exam
        • Users KPI
          • User-based Grade
          • Department-based Grade
          • Target Group based grade
          • Company-based grade
        • Advanced Reporting
      • Company
        • User Role Management
      • Advanced Settings
        • Allow Email Domains
        • White Labelling
        • LDAP Settings
        • SCIM Integrations
        • Notification Templates
          • Short Codes
          • Using Notification Templates
        • Data Anonymisation
      • Available for Option
      • API Guide
        • REST API for Incident Responder (IR) Operation
        • REST API for SSO Authentication
      • Diagnostic Tool
        • FAQ
    • Maintenance Tool
    • FAQ (All Modules)
      • Video Tutorials
        • Quick Start
        • Google Workspace API Configuration Guide
        • On Premise Requirement Checker Video
        • Phishing Reporter Installation & Deployment
Powered by GitBook
On this page
  • Example Network Schemes
  • Load Balancer Support
  • SSL Certificate
  • Hardware Requirements
  • If IIS Server and Database Server is to be installed on different servers
  • If IIS Server and Database Server is to be installed on the same server
  • Software Requirements
  • Authentication & Access Requirements
  • Health Check and Monitoring
  • Backup and Recovery
  • Watch On-premise Requirement Checker Video Below
  1. Documentation Platform
  2. Technical Guide

On-Premise Requirements

PreviousMinimum RequirementsNextRestricting the Access to Portal According IP

Last updated 2 years ago

The following document specifies the system requirements for the server that our on-premise will be installed.

You can use this application to check on-premise requirements automatically.

Example Network Schemes

For the companies that have more than 2000 users, we strongly recommend you to set up a Load balancer to distribute the load to each IIS application servers.

Load Balancer Support

Please ignore this step if you have less than 2000 users.

Layer 7 Load balancer is required for URL / Path-based traffic routing.

Protocol

URL Path

Load Balancing Algorithm

Nodes

*HTTP(s)

/API/OutlookAddin

/API/OutlookAddinv1

Least Connection

Sticky Connections Enabled (60 Seconds)

IIS Servers

* SSL Offloading is recommended on Load Balancer.

SSL Certificate

Wildcard SSL certificate has to include all hostnames used by the platform's portal server.

Hardware Requirements

Keepnet needs some standard requirements:

If IIS Server and Database Server is to be installed on different servers

The below is the standard hardware requirements for the Keepnet Labs portal server.

  • 2 Cores and 8 Sockets CPU

  • 16 GB Memory

  • 150 GB Disk Space

The below is the standard hardware requirements for the Keepnet Labs database server.

  • 2 Cores and 4 Sockets CPU

  • 8 GB Memory

  • 50 GB Disk Space For Database and Log Files*

  • DB Owner Roles and Permissions

If IIS Server and Database Server is to be installed on the same server

The below is the standard hardware requirements for our portal and database server when installed on the same server.

  • 4 Cores and 12 Sockets CPU

  • 24 GB Memory

  • 200 GB Disk Space

  • MSSQL Collation: turkish_ci_as

  • db_admin permission

*SSD Disks Recommended

Please Note: We use on-the-fly calculation technologies for API and Add-In connections. For Virtual Platforms, we highly recommend configuring VM’s running with dedicated memory.

Software Requirements

Organizations have to follow the mandatory steps listed below:

Steps

Requirements

1

Windows Server 2016 R2 with Update x64 FULLY PATCHED INCLUDING ALL OPTIONAL WINDOWS PATCHES

2

Make sure English format is selected in Control Panel > Regional Settings > Formats tab.

3

Microsoft Office System Driver Data Connectivity Components.

4

5

6

7

MS Office 2016 (Licensed)

  • This option should be enabled Trusted Center > Macro Settings and enable "Trust access to the VBA project object model".

8

.Net 3.5 is necessary

9

Administrator rights for installation

10

Outlook Desktop 2010 or higher version (optional)

Authentication & Access Requirements

If you have more than one Keepnet server (IIS and Database etc.), then each server should be communicating without any port restriction.

Also, organizations have to follow the mandatory steps listed below:

Steps

Requirements

1

An OS user with Administrator privilege (Administrators group)

2

For Internet access (Direct access or an internet proxy URL, username and password)

  • Outbound *.keepnetlabs.com for templates feeds and updates (TCP 80/443)

    Outbound *.keepnetlabs.com for company-specific data synchronization (TCP 80/443)

3

For Intranet access

  • Firewall exclusion list for phishing activity against possible intranet/client targets (TCP 80/443)

4

For Active Directory connection

  • The machine doesn’t have to be attached to a domain. A user for validating users and querying their properties

5

For SMTP Server

  • Relay option for our IP Address or hostname

  • Whitelisting for our IP Address or hostname

6

For Phishing Incident Response API

  • https://www.virustotal.com/vtapi/v2/file/report (HTTP/HTTPS)

  • https://www.virustotal.com/vtapi/v2/url/scan

    (HTTP/HTTPS)

  • https://www.virustotal.com/vtapi/v2/url/report

    (HTTP/HTTPS)

  • api.cloudflare.com (HTTP/HTTPS)

  • https://dashboard.keepnetlabs.com (HTTP/HTTPS)

  • https://api.xforce.ibmcloud.com (HTTP/HTTPS)

7

Whitelist the following file paths for antivirus software for servers and users:

  • C:\Users\Public\KeepnetLabs

  • C:\Program Files (x86)\Keepnet Labs

8

Define the following file path and process exception on the server:

  • C:\inetpub\wwwroot

  • Process:PhishingLabs.MailService.exe

9

Service Account for Proxy and Active Directory

Health Check and Monitoring

Resource Name

Trigger

Alert to

Disk Space

%80

Customer and our support team

CPU

%80

Customer and our support team

Memory

%70

Customer and our support team

Internet and Update Servers

dashboard.keepnetlabs.com

Customer and our support team

Keepnet Labs Windows Service

KeepnetLabs Scheduler

Customer and our support team

RabbitMQ service name and URL

Localhost:15672

Windows Service: RabbitMQ

Customer and our support team

Redis DB

localhost:6379

Customer and our support team

Database

MS SQL Server (KEEPNETLABS)

Customer and our support team

Backup and Recovery

*Please note: Snapshot Backups supported.

Name

Resource

Backup Period

IIS Servers

C:\inetpub\wwwroot

C:\Program Files (x86)\Keepnet Labs\Cron

C:\Users\Public\KeepnetLabs

Daily Full Backup

Database Servers

KEEPNETLABS MS SQL Instance

Daily Full Backup

Watch On-premise Requirement Checker Video Below

in order for testing Active Directory integration

, configurational changes.

, Windows utility for manipulating archives files.

SysInternals Active Directory Explorer,
Notepad++ (6.7.7)
7zip
here
24MB
On-premise Checker Video.mp4
An Example Network Scheme
An Example Integration Topology