Enterprise Deployment Onboarding Process

A Step-by-step guide for Setting up your Byos Network

Here is the Onboarding Process to follow for an Enterprise Deployment.

1. Access the Byos Management Console

  • Log in to the Management Console and set up your 2FA

For more information, read here: Managing Users

2. Add Additional Administrators

  • Add other Admins needed to manage your Byos Fleet.
    • New Admins will be regular administrators. If you want to let them manage Zones, Guests, and other Admins, you will need to promote them.
    • New Admins will receive an automated email with their credentials. We recommend Admins change their password upon first log in.

For more information, read here: Managing Users

3. Creating Groups and Setting Policies

Filtering Policies

Set up different Filtering controls per group

  • Country - Note:when you create a group, all Countries will be blocked by default and will need to be deleted to allow traffic.
  • Domain Names
  • IP addresses
  • Ports

For more information, read here: Managing Policy Groups

Edge Routing Rules

Next is to set up the Byos Secure Edge Routing Rules. Specific routing rules include:

  • Enable Disable Internet Access to the Edge
  • Start the Secure Lobby Overlay connection on Boot
  • Allow Outbound Traffic from the Edge to Secure Lobby
  • Route all traffic originating from the Edge through Secure Lobby
  • Set the which Zone the Group belongs to
  • Set if a local login is required for the Edge access the internet(Endpoint Edge specific)

For more information, read here: External Network Routing Rules

4. Establishing Byos Secure Lobby Overlay Zones

The next step is to create networking Zones within the Byos Secure Lobby Overlay. This is so you can have granular networking policies between different boundaries within your private overlay.

  • Establish Zone Access Control by allowing inbound access from:
    • Other Zones
    • Administrator Secure Lobby Users
    • Guests
  • Set the Zone Segmentation Config
    • Network ID
    • CIDR

For more information, read here: Managing Zones

5. Creating Edge Activators

  • Activators are pre-loaded into the Byos network by Email.
  • Activators can either be:
    • Single Activators - able to activate a single Edges, suitable for End Users
    • Multi-Activator - able to to activate multiple Edges, suitable for Technicians
  • Admins can create Activation Group for different types of activators.

For more information, read here: Managing Activators

6. Activating Edges

Next step is to activate your edges. When an edge is activated, it will be enrolled into the Default group.

  1. Endpoint Edge Activation
  1. Gateway Edge Activation

8. Creating Secure Lobby Guests

  • Create a Guest in your Byos network.
    • Guests will be emailed an OVPN config file with credentials to connect to the Secure Lobby Overlay.

For more information, read here: Managing SL Guests

9. Discovering and Managing Assets within Secure Lobby

  1. Discover Assets within the Byos microsegment
  1. Enable Routes within the Byos microsegment
  1. Ensure Secure Lobby connection is enabled
  1. Using a Layer 7 protocol (SSH, RDP, VNC, etc.), access the endpoint on a specific

For more information, read here: Managing Assets

 
 
 
 
 
 
Did this answer your question?
😞
😐
🤩

Last updated on October 25, 2023