Note

Pwnie Express sensors do NOT support the use of a proxy server, application/web filtering or SSL Filtering solutions when communicating with Pulse or when retrieving updates.

This is attributed to the sensors leveraging a customized implementation of SSL/TLS, which includes the bi-directional exchange of client and server certificates to ensure the security of communication and the encryption of data is maintained at all times in transit between sensors and Pulse.

If a proxy server, application/web filtering, or SSL Filtering solution is used within the network the sensor is located, the following exclusions *are* required.

Note

The value of "subdomain" represents the subdomain associated with your assigned Pulse environment. For example, if the Pulse environment is accessible as "https://widgets.pwnieexpress.net", then "widgets" is the subdomain.

Allow TCP port 443 for SSL to subdomain.pwnieexpress.net
Allow TCP port 443 for SSL to sensors.subdomain.pwnieexpress.net
Allow TCP port 443 for SSL to updates.pwnieexpress.com
Allow TCP port 443 for SSL to kalirepo.pxinfra.net
Allow TCP port 873 for RSYNC to feed.openvas.org

To verify connectivity from the sensor to the above is working without issue, please perform the following steps:

  1. Establish an SSH connection with the sensor and login with the "pwnie" user account.
  2. Next, type sudo su and press Enter, then re-type the password and press Enter to become superuser.
  3. Type px-connection-dr -d subdomain and press Enter.


The results will appear similar to the following:

Attempting connection to sensors.widgets.pwnieexpress.net:443... [SUCCESS]
Waiting on server status confirmation... [SUCCESS]
Checking SSL server certificate... [VALID]

Attempting to connect to updates.pwnieexpress.com:443... [SUCCESS]
Checking SSL server certificate validity for updates.pwnieexpress.com:443... [VALID]

Attempting to connect to kalirepo.pxinfra.net:443... [SUCCESS]
Checking SSL server certificate validity for kalirepo.pxinfra.net:443... [VALID]

Attempting to connect to feed.openvas.org:873 via rsync... [SUCCESS]

px-connection-dr status: SUCCESS


In the output displayed *all* results should indicate either SUCCESS or VALID highlighted in green as shown above. If there is an occurrence of FAIL or INVALID highlighted in red, this indicates that portion of the test failed.
This failure must be resolved before the sensor can be updated or registered (joined) to Pulse.

*** For sensors that are not registered to Pulse, only the following exclusions are required to allow the sensor to obtain updates.

Allow TCP port 443 for SSL to updates.pwnieexpress.com
Allow TCP port 443 for SSL to kalirepo.pxinfra.net




Copyright

© 2022 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.