Wazhu Architecture related query
8 views
Skip to first unread message
AS
Jul 25, 2024, 3:40:04 AM (2 days ago) Jul 25
to Wazuh | Mailing List
Hi,
Below is the qery we have related to architecture,
For security reasons we do not want internal agent information exposed to internet.
- Can we configure a WAzuh Manager in DMZ
- another manager in internal network
- Agents will communicate to internal network
- Internal network manager will communicate to external manager in DMZ
- External manager in DMZ will get latest update and will sync with internal manager.
- External manager should not have data of agents installed.
Please let me us know if this is possible to achieve or is there an other way of doing it.
Diego Mendez Sakugawa
Jul 26, 2024, 6:37:33 AM (yesterday) Jul 26
to Wazuh | Mailing List
Hello AS,
Are all the agents part of the internal network? You should be able to set up an offline cluster and manually upgrade it with files, including the CVSS vulnerability databases, for instance.
Are any of the resources you plan to monitor exposed to the internet, or is the goal to monitor all internal agents without querying external APIs or receiving external syslog data?
Are any of the resources you plan to monitor exposed to the internet, or is the goal to monitor all internal agents without querying external APIs or receiving external syslog data?
Please let me know if you have any questions.
Looking forward to your feedback.
Regards,
Diego
Reply all
Reply to author
Forward
0 new messages