Secure Lobby User Guide

How to use Secure Lobby

Secure Lobby™ is the Secure Remote Access capability included in the Byos Edge Microsegmentation solution. This guide will show you how to use all of the features included within.

Running a Secure Lobby Discovery Scan

Each Byos µGateway can run a Discovery of all endpoint devices connected to it. In the Management Console, navigate to Quick Access, select a µGateway device, and then click Secure Lobby.

When the Administrator clicks Run Discovery, the µGateway will do a network discovery scan of all endpoints inside the microsegment.

Notion image

Once the discovery scan is complete, you will see a table with a list of endpoints included inside of the microsegment:

Notion image

What information is displayed by a Discovery Scan?

  • Endpoint - the name of the Endpoint
  • IP Address - the local IP address of the Endpoint inside of the Secure Lobby
  • MAC Address - the MAC address of the endpoint
  • Port In - the Port which traffic enters the Endpoint. This Port can be customized by clicking Save or Edit
  • Port Out the Port which traffic exits the Endpoint.
  • Service the communication protocol running through that Port
  • Vendor the OEM that manufactured the endpoint
  • Description a brief description of what the Endpoint + Port combo is used for. This port can be customized by clicking Save or Edit
  • Last Seen - the date and time which the Endpoint was last active in the Lobby
    • Now indicates an active Endpoint’s Port visible in the lobby
  • Status - there are two status icons
    • The green shield icon means the Endpoint is visible in Secure Lobby
    • The blue list icon means the µGateway has discovered the Endpoint

Adding Devices into the Lobby

Once the Discovery Scan is complete, the endpoints discovered that you wish to connect to will need to be added into the Secure Lobby before they become visible. To do that, click Add.

You will need to give the endpoint a Description and confirm which Port In you wish to communicate over.
Notion image

This will make them visible by any administrator connecting to the Lobby, indicated by the green shield icon.

Notion image

Turning Secure Lobby On/Off

To turn Secure Lobby On or Off, click the toggle switch on in the left Navigation Bar.

Notion image

Once the Secure Lobby connection has been established, the private IP address of that µGateway’s microsegment is displayed at the top of the window and shows “Now” in the “Last Seen” Column

Notion image

Now you will use that IP address of the microsegment to access any of the endpoints that are visible in the Lobby.

Examples - Using RDP, SSH, and Web connections inside the Secure Lobby

In the example architecture below, the Byos µGateway is connected to a switch, which has 3 devices behind it:

  • RDP-enabled Windows Laptop (Port 3389)
  • SSH-enabled Linux on a Raspberry Pi (Port 22)
  • Web-enabled IP Camera (Port 80)
    • Notion image

After running a Discovery scan, adding these devices to the Secure Lobby, and clicking the toggle to turn on Secure Lobby, we can see from the dashboard:

Notion image

Now to access each one of these endpoints in the microsgment, connect to the Secure Lobby with your computer using OpenVPN. Your computer will now be in the same Private IP range as indicated in the Screenshot above (172.20.0.X)

Notion image

RDP-enabled Windows Laptop (Port 3389)

Now open up your Remote Desktop app, and select the proper 172.20.122 microsegment and click connect

Notion image

Enter the login credentials for the remote PC, and you’re in.

Notion image

SSH-enabled Linux on a Raspberry Pi (Port 22)

Open up a terminal, and log into the device via SSH

Notion image

Now that you are inside of the endpoint in the Lobby, you are free to run commands. A simple Ping command shows the device can access the internet.

Notion image

Web-enabled IP Camera (Port 80)

To access the Web-enabled IP camera, I open up the camera’s app and type in the Secure Lobby microsegment IP address (

Notion image

Once logged in, I can see the camera’s live feed remotely.

Notion image
Did this answer your question?

Last updated on April 13, 2022