Deploying in Deepfence Cloud

Deepfence Cloud is a self-service portal from which you can create an organization and invite users to that organization. You can then deploy ThreatStryker console instances in any of the available clouds. Deepfence Cloud users in your organization have access to these consoles and can log in directly without any additional credentials.

Users are identified using a username/password combination or a social login (Google, GitHub, Microsoft). If your enterprise identity service integrates with one of the supported social logins, this brings the benefit of single signon for your users, and automatic off-boarding when a social login is deactivated.

Each console you deploy is a standalone instance in one of the Deepfence-supported cloud regions. The instances are deployed in one of several Kubernetes clusters, isolated by dedicated namespaces, and managed by Deepfence to assure their correct operation, scaling, upgrades and data isolation. Each ThreatStryker console has a dedicated, persistent DNS name, and manages its own API keys to authenticate traffic. You deploy ThreatStryker sensors as normal, using the DNS name to identify the management console and the API key to authenticate to the console.

Managing Users

On Deepfence Cloud, your users are all members of the same organization.

An organization is created when you register for a new account on Deepfence Cloud. You can then invite users to join the organization, and new users can also invite additional users.

Users who join Deepfence cloud from an invitation you have sent become members of your organization. If a user signs up to Deepfence Cloud directly (i.e. not by following an invite link), they will be added to a new organization. If a user creates a new organization in error, please reach out to our support team and we can reassign them!

Note

Deepfence Cloud is currently in ‘Invite Only’ mode. If you are a Deepfence customer or would like to be an early adopter, please get in touch and we will open an account for you and your teammates.

Task 1 - Sign up and create a new Organization

  1. Visit Deepfence Cloud: deepfence.cloud. Sign up for a new account using your corporate email address.

  2. Activate that account in the email that will follow.

  3. Log in to the Deepfence Cloud portal.

Task 2 - Invite users to join your Organization

  1. Log in to the Deepfence Cloud portal.

  2. From the Users tab, select the option to Add New User. Provide the user’s email address.

The user will receive an email from Deepfence Cloud with instructions to follow an invitation link. The invitation link will create and activate a new user account within your organization.

Task 3 - Manage inactive user accounts

The preferred way to manage users is to use their social logins. When social logins (Google, Microsoft, GitHub) are tied to an enterprise identity service, this provides synchronization so that if a user is offboarded from the enterprise, their Deepfence Cloud account becomes inaccessible.

  1. Log in to the Deepfence Cloud portal.

  2. From the Users tab, click the ‘delete’ icon next to the user you wish to remove from your organization.

You can also toggle the active/inactive state to temporarily prevent a user from accessing your Deepfence Cloud organization.

Deploying ThreatStryker Consoles

Any admin user in your Deepfence Cloud organization can deploy a ThreatStryker management console. Once deployed, any user in the organization can access that console without any additional login steps.

Warning

Deepfence Cloud currently uses the term workload to refer to a ThreatStryker console. This will be updated to the term console and the following documentation uses the new term.

Task 1 - Deploy a new ThreatStryker Console

  1. Log in to the Deepfence Cloud portal.

  2. From the home page, select the ‘New Console’ tile. This will prompt you for the following information:

    _images/cloud-newworkload.png

    Provide an identifier, select a console type, and select a region where that console should be deployed.

Note

The identifier you provide will be used to construct a DNS name. You’ll use that DNS name to refer to your console when you install ThreatStryker sensor agents.

The request to deploy the console is quickly registered. Deployment can take a few minutes and the console will be marked as Ready in Deepfence Cloud once deployment is complete. Any errors during deployment are displayed in Deepfence Cloud, and also sent by email.

Task 2 - Access a ThreatStryker Console

  1. Log in to the Deepfence Cloud portal.

  2. From the home page, click on one of the tiles representing existing ThreatStryker consoles. This action will load the console in your browser.

You can quickly switch between different console instances from your browser, or return Home to the list of console tiles.

Task 3 - Delete a ThreatStryker Console

  1. Log in to the Deepfence Cloud portal.

  2. From the home page, locate the tile representing the ThreatStryker console to be deleted. Click the ‘Delete’ icon, and enter the console’s identifer to confirm the permanent deletion of that console and its data.

To register a ThreatStryker Sensor Agent

To register a ThreatStryer agent, you need two items of information:

  • The management console DNS name, which is constructed from the identifier you provided, and can be observed in your browser

  • A valid API key for that management console, which can be obtained from the User Management page in the console UI

You can then follow the Deploying Sensor Agents instructions to proceed.

Deepfence Cloud Roadmap

Deepfence Cloud is an evolving service, with new features being added to meet your expectations and harden the system for enterprise use. We welcome any feedback, for example, via the Deepfence Cloud slack workspace.

Features under current or imminent development include:

  • “Organization” identities

  • Extended support for users, supporting admin and regular user types

  • The ability to assign users to functional teams (‘Development’, ‘Production’, etc.) and match teams with ThreatStryker consoles

  • Availability of additional cloud regions for ThreatStryker console deployments