Air-gapped Systems

Important notes for air-gapped systems

The installation process requires an Internet connection (moving the system into a DMZ is recommended)
Air-gapped systems will only receive updated features (like YARA) when installed and upgraded with an active internet connection. We recommend moving the system into a DMZ during these windows.
All third-party integrations (e.g. Reputation API, geolocation/WHOIS lookup) require an Internet connection.
The "File download" feature is not available in air-gapped environments.

To run the sandbox in an offline environment without any errors, the following settings must be changed (after completing the installation process in an online environment).

Please open /home/filescanio/FileScanIO/fsTransform/conf/transform.properties.custom using a text editor and add the following lines:

transform.properties.custom
    
 
downloadLatestPeStudioForDataEnrichment=falserunDomainResolver=falserunFileDownloaders=falserunIPStackLookupOnExectractedHosts=falserunIPStackOnDomainResolvedIPs=falserunHexillionOnExtractedDomains=falserunWhoisRecordLookups=falsentpServer=127.0.0.1ntpServerTimeout=1ntpServerRefreshRateInSeconds=31536000runSystemUpdateEvery=31536000runYaraUpdateOnStartup=falserunPatchesOnStartup=falserunOSINTLookups=false
Copy

Also open /home/filescanio/FileScanIO/fsTransform/conf/reputation.properties.custom using a text editor and add the following line:

reputation.properties.custom
    
 
refreshReputationSources=false
Copy

Please remember to save both configuration files and restart the fsio service:

Bash
    
 
sudo service fsio restart
Copy

Last updated on

Was this page helpful?