Overview

beSECURE has two components:

  • Information server (IS)
    • “Management server” used to access GUI, create scans, admin abilities and see scan results.
  • Local scanning server (LSS)
    • Scanning engine


There are three types of virtual machines that can be provided:

  • Information server - Provided when the customer needs an on-premises solution. If no need for on-premises solution, the Beyond Security Cloud IS will be used.
  • Local scanning server- Used to scan internal networks. Connects to the cloud or on-premises IS.
  • beSECUREII- Combines the information server and local scanning server into one computer for use on-premises.


The information server and local scanning server pull updates in two separate processes. 


Downloading information server updates

There are three methods to update the information server:

  • Direct update
  • Proxy
  • Air-gap (file-based) - A computer in an air-gap environment is an isolated machine that not connected to the network by way of a physical network cable or a Wi-Fi connection.


Updating the information server using air-gap (file-based) updates

To update an air-gapped beSECURE information server, do the following:

  1. Log in to beSECURE.
  2. Select More >Server > Maintenance.
  3. Select the Logs tab.
  4. In the Automatic Updates Log box, find the “Requesting update from “http://pink.beyondsecurity” URL (it will appear as red text if updates have failed and green text if updates were successful). For example, "Requesting update from:http://pink.beyondsecurity.com:80/download.cgi?version=xxxxxxx&avdsversion=xx.xx.xx&serverid=xxxxxx
    &agentscanning=XXXX-XX-XX XX:XX:XX."
  5. Copy the "Requesting" URL, and then paste it into a web browser outside of the air-gap environment to download the update.asc file.
  6. Back on the Maintenance page in beSECURE, select the Updates tab.
  7. In the Update file box, select Choose File.
  8. Select the uploads.asc file you downloaded in step 5.
  9. Select Manual Update.


Local scanning server updates

There are two methods to update the local scanning server:

  • Direct update
  • Air-gap (Python script)


Updating the local scanning server using air-gap (Python script) updates

  1. Set up two computers running with different parameters:
    1. On one computer, run it with the “serve” parameter- this indicates to the script that you want it to serve updates to the local scanning server.
    2. On another computer, run it with the “fetch” parameter- this will tell the script to try and fetch updates that are ready for the local scanning server.
  2. Connect a supported read-only USB device (an external device that allows access to USB storage devices in read-mode only such as Guidance Software TABLEAU hardware (not provided by Fortra), move the updates from the “fetch” computer to the "serve" computer.
  3. For each of your local scanning servers, point it to use an Internal Updates server (under the Network settings (of the local scanning server): http://ip-of-servemachine/.


Note: The local scanning server will not connect to an SSL server without a valid certificate. You cannot use HTTPS, but the updates are encrypted. If possible, run the python ‘fetch’ script for updates.


Setting up the air-gap script for an online update environment

# Air Gap Proxy

Fetch and serve Beyond Security updates


# Install & Execution

We assume that you have Python version 3.7.x installed on your system.


## extract the zip file

unzip air_gap_proxy.zip

cd air_gap_proxy

(... but if you can read this text you are already completed this step)


## run the setup script


### windows

.\setup.bat


### Linux

./setup.sh


## Run the application


### Windows

.\venv\Scripts\python3.exe app.py --help


### Linux

./venv/bin/python3 app.py --help

Here on out when we write `<python>` we mean to write `.\venv\Scripts\python.exe` on

Windows or `./venv/bin/python` on Linux


# Usage

To use it:

<python> app.py COMMAND <options>


## Available commands:


### fetcher

*Run this command outside of the firewall*

Periodically check for new versions and fetch them as soon as they become available. The first file that will be checked is of

`version` and `build` number.


### server

*Run this command inside the firewall*

Serve the files from the `store` directory on TCP `port`


## help

Use `<python> /app.py <command> --help` for individual command help.


## pipenv

If you used `pipenv` in the install step you should replace

python3 ./app.py ...

with

pipenv run ./app.py ...