Debian
Netify for Debian
Requirements
You will need to install Debian on a system with at least 2 network cards:
- Network Interface #1: used to access the operating system and Netify
- Network Interface #2: used to ingest port mirror traffic from LAN segment 1
- Network Interface #N: used to ingest port mirror traffic from LAN segment N (optional)
Netify should have a route to the Internet in order to send metadata to our Netify cloud engine.
Installation
Up-to-date Netify packages are maintained in our Debian repository.
lsb_release -a
Debian 9
apt-get update
apt-get install curl gnupg2
curl http://download.netify.ai/netify/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb http://download.netify.ai/netify/debian/9.0/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd
Debian 10
apt-get update
apt-get install curl gnupg2
curl http://download.netify.ai/netify/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb http://download.netify.ai/netify/debian/10/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd
Debian 11
apt-get update
apt-get install curl gnupg2
curl http://download.netify.ai/netify/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb http://download.netify.ai/netify/debian/11/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd
Configuration
Network Configuration
apt-get update
apt-get install curl gnupg2
curl http://download.netify.ai/netify/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb http://download.netify.ai/netify/debian/9.0/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd
apt-get update
apt-get install curl gnupg2
curl http://download.netify.ai/netify/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb http://download.netify.ai/netify/debian/10/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd
Debian 11
apt-get update
apt-get install curl gnupg2
curl http://download.netify.ai/netify/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb http://download.netify.ai/netify/debian/11/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd
Configuration
Network Configuration
apt-get update
apt-get install curl gnupg2
curl http://download.netify.ai/netify/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb http://download.netify.ai/netify/debian/11/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd
You will need at least two network cards configured. Edit /etc/network/interfaces. A sample configuration is provided below for a server having 2 physical network cards. enp0s3 is being used as the control/reporting port while enp0s8 is configured to ingest mirrored flows from the switch.
allow-hotplug enp0s3
iface enp0s3 inet dhcp
auto enp0s8
iface enp0s8 inet manual
up ifconfig enp0s8 up
Reboot the server to test your configuration/network settings.
Next, edit /etc/default/netifyd to disable auto-detect of the interface roles and manually configure the interfaces to run DPI through. Again, an example is provided below.
# Netify Agent command-line options
# Copyright (C) 2016-2019 eGloo, Incorporated
#
# This is free software, licensed under the GNU General Public License v3.
#
# See the netifyd(8) manual for common options.
# Auto-detect (when possible) network interface roles (yes/no)?
NETIFYD_AUTODETECT="no"
# Set desired custom options here:
# NETIFYD_EXTRA_OPTS=""
# Define internal network interfaces and if needed, corresponding network
# addresses. Normally network addresses are discovered via Netlink but for
# cases where Netlink is unavailable or when capturing from a mirrored port,
# they should be specified as a comma-delimited list as shown below:
# NETIFYD_INTNET="eth1 eth2 eth3,192.168.0.0/24,10.0.0.0/16"
NETIFYD_INTNET="enp0s8"
# Define external network interfaces. For PPPoE interfaces, you can optionally
# specify the associated physical ethernet interface to set the MAC address.
# NETIFYD_EXTNET="eth4 ppp0,eth5"
The final step is to enable the Netify daemon to report metadata back to the Netify Informatics cloud sink, restart the daemon and configure it to start on boot.
/usr/sbin/netifyd --enable-sink
systemctl unmask netifyd
systemctl enable netifyd
systemctl restart netifyd
Provisioning
With the Netify service installed, configured and running, it is time to provision your unique install. You will first need to fetch the provision code from your Netify Agent install using the following command:
# netifyd -p
Agent UUID: AA-BB-CC-DD
Once you have the provisioning code, you will need to create a Netify account (if you don't have one already) and run through the simple provisioning wizard. Once complete, metadata and analysis will start to be available in under a minute.