Air-gapped Systems
Important notes for air-gapped systems
- The installation process requires an Internet connection (moving the system into a DMZ is recommended)
- Air-gapped systems will only receive updated features (like YARA) when installed and upgraded with an active internet connection. We recommend moving the system into a DMZ during these windows.
- All third-party integrations (e.g. Reputation API, geolocation/WHOIS lookup) require an Internet connection.
- The "File download" feature is not available in air-gapped environments.
To run the sandbox in an offline environment without any errors, the following settings must be changed (after completing the installation process in an online environment).
Please open /home/filescanio/FileScanIO/fsTransform/conf/transform.properties.custom using a text editor and add the following lines:
downloadLatestPeStudioForDataEnrichment=falserunDomainResolver=falserunFileDownloaders=falserunIPStackLookupOnExectractedHosts=falserunIPStackOnDomainResolvedIPs=falserunHexillionOnExtractedDomains=falserunWhoisRecordLookups=falsentpServer=127.0.0.1ntpServerTimeout=1ntpServerRefreshRateInSeconds=31536000runSystemUpdateEvery=31536000runYaraUpdateOnStartup=falserunPatchesOnStartup=falserunOSINTLookups=falseAlso open /home/filescanio/FileScanIO/fsTransform/conf/reputation.properties.custom using a text editor and add the following line:
refreshReputationSources=falsePlease remember to save both configuration files and restart the fsio service:
sudo service fsio restartWas this page helpful?
