In our Quickstart Guide we cover the process for performing a simplified deployment, secured with Self-signed SSL certificates and Basic authentication. This type of deployment is most suited to short-term uses such as training environments, temporary on-site incident response situations, and small deployments with no internet exposure. As suggested by the term “Quickstart”, the goal there is to get a working deployment up and running as quickly as possible, while assuming that the operating environment will provide sufficient security for the expected duration of the deployment.
For longer-term deployments it is essential to plan your installation taking into consideration all the security mechanisms that Velociraptor offers, such as using publicly verifiable SSL certificates (Velociraptor supports automatic enrollment and renewal of free certificates from Let’s Encrypt). Using proper SSL certificates allows the Velociraptor server to be further secured using SSO authentication, and also eliminates the “bad certificate” browser warning seen when using the self-signed certificates.
Before we dive in to server deployment specifics it will be helpful to familiarize yourself with a few important concepts, which are central to all Velociraptor deployments.
Guidance on selecting the right options for your deployment.
In this example we will walk through the process of deploying the server using Let’s Encrypt certificates, and optionally an SSO authentication provider.
Guidance on scaling your deployment and using Velociraptor’s (experimental) Multi-Frontend deployment model.
How to upgrade your server.