sendnrw/netbird-docs
2
0
Fork 0
mirror of https://github.com/netbirdio/docs.git synced 2026-04-16 15:36:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Crowdstrike ZTA description (#181)

Browse Source
This commit is contained in:
Zoltan Papp
2024-04-19 19:57:30 +02:00
committed by GitHub
parent fe6878c2ca
commit 52d4355d62
5 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
public/docs-static/img/how-to-guides/crowdstrike-groups-zta.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 88 KiB

BIN
public/docs-static/img/how-to-guides/crowdstrike-groups.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 49 KiB

2
src/components/NavigationDocs.jsx
View File

@@ -105,7 +105,7 @@ export const docsNavigation = [
{title: 'Activity event streaming', href: '/how-to/activity-event-streaming-to-siem-systems' }, {title: 'Activity event streaming', href: '/how-to/activity-event-streaming-to-siem-systems' },
{title: 'Identity provider sync', href: '/how-to/idp-sync' }, {title: 'Identity provider sync', href: '/how-to/idp-sync' },
{title: 'Enable post quantum cryptography', href: '/how-to/enable-post-quantum-cryptography' }, {title: 'Enable post quantum cryptography', href: '/how-to/enable-post-quantum-cryptography' },
{title: 'Endpoint Detection and Response (EDR)', href: '/how-to/endpoint-detection-and-response' }, {title: 'Endpoint detection and response (EDR)', href: '/how-to/endpoint-detection-and-response' },
] ]
}, },

5
src/pages/how-to/approve-peers.mdx
View File

@@ -29,6 +29,11 @@ To approve a peer, navigate to the [peers tab](https://app.netbird.io/peers) and
<img src="/docs-static/img/how-to-guides/peer-needs-approval.png" alt="peer-needs-approval" className="imagewrapper"/> <img src="/docs-static/img/how-to-guides/peer-needs-approval.png" alt="peer-needs-approval" className="imagewrapper"/>
</p> </p>
## Automate peer approval with EDR integrations
NetBird integrates with popular EDR solutions like [CrowdStrike](https://www.crowdstrike.com/) to automate peer approval
and allow only trusted devices to join the network.
Check the [EDR integrations](/how-to/endpoint-detection-and-response) guide for more information on how to enable this feature.
## Get started ## Get started
<p float="center" > <p float="center" >
<Button name="button" className="button-5" onClick={() => window.open("https://netbird.io/pricing")}>Use NetBird</Button> <Button name="button" className="button-5" onClick={() => window.open("https://netbird.io/pricing")}>Use NetBird</Button>

13
src/pages/how-to/endpoint-detection-and-response.mdx
View File

@@ -1,4 +1,4 @@
# Endpoint Detection and Response (EDR) # Endpoint detection and response (EDR)
Endpoint Detection and Response (EDR) is a cybersecurity technology designed to help organizations detect, investigate, Endpoint Detection and Response (EDR) is a cybersecurity technology designed to help organizations detect, investigate,
and respond to threats on endpoint devices. An endpoint is any device that is connected to a network, such as laptops, and respond to threats on endpoint devices. An endpoint is any device that is connected to a network, such as laptops,
@@ -12,6 +12,9 @@ NetBird integrates with major EDR platforms to restrict network access only to d
With the integration enabled, NetBird synchronizes the list of devices managed by the EDR platform via the API and With the integration enabled, NetBird synchronizes the list of devices managed by the EDR platform via the API and
checks the presence of the EDR agent on the device, blocking access to the network if the agent is not installed. checks the presence of the EDR agent on the device, blocking access to the network if the agent is not installed.
In addition to the aforementioned features, the system also has the capability to check the Zero Trust Assessment (ZTA) score of the hosts.
The system can limit network access based on this ZTA score. For instance, if a device has a ZTA score below the set threshold, it may be deemed too risky and thus, denied access to the network.
NetBird doesn't apply the EDR checks to all devices in the network. Instead, you can select specific groups of devices for NetBird doesn't apply the EDR checks to all devices in the network. Instead, you can select specific groups of devices for
the checks to apply. the checks to apply.
@@ -31,6 +34,7 @@ Before you start creating and configuring a CrowdStrike integration, ensure that
- Navigate to the [API clients and keys](https://falcon.eu-1.crowdstrike.com/api-clients-and-keys/) page - Navigate to the [API clients and keys](https://falcon.eu-1.crowdstrike.com/api-clients-and-keys/) page
- Click `Create API client` at the top, right corner - Click `Create API client` at the top, right corner
- Set Hosts - Read permission - Set Hosts - Read permission
- Set Zero Trust Assessment - Read permission
- Click `Create` - Click `Create`
- Copy the credentials. You will need these credentials when configuring an integration in NetBird. - Copy the credentials. You will need these credentials when configuring an integration in NetBird.
@@ -50,13 +54,14 @@ Before you start creating and configuring a CrowdStrike integration, ensure that
<p> <p>
<img src="/docs-static/img/how-to-guides/crowdstrike-credentials.png" alt="crowdstrike-credentials" className="imagewrapper"/> <img src="/docs-static/img/how-to-guides/crowdstrike-credentials.png" alt="crowdstrike-credentials" className="imagewrapper"/>
</p> </p>
- Select groups you want to apply the integration to and click `Connect`. - Select groups you want to apply the integration to
- If you would like to apply a ZTA threshold, then enable the [Zero Trust Assessment Score](https://www.crowdstrike.com/blog/tech-center/securing-private-applications-with-crowdstrike-zero-trust-assessment-and-aws-verified-access/) and set the desired limit, and click `Connect`.
<p> <p>
<img src="/docs-static/img/how-to-guides/crowdstrike-groups.png" alt="crowdstrike-groups" className="imagewrapper"/> <img src="/docs-static/img/how-to-guides/crowdstrike-groups-zta.png" alt="crowdstrike-groups-zta" className="imagewrapper"/>
</p> </p>
<Note> <Note>
The EDR check will apply only to machines in the selected groups and will require the presence of the CrowdStrike agent. The EDR check will apply only to machines in the selected groups and will require a running CrowdStrike agent.
</Note> </Note>
<Note> <Note>
You can also use groups [synchronized from your Identity Provider (IdP)](/how-to/idp-sync). You can also use groups [synchronized from your Identity Provider (IdP)](/how-to/idp-sync).