FAQ

Frequently Asked Questions

Sandfly Security is proud to be part of the

Vodafone Xone Accelerator Program

Keeping it Simple

We designed Sandfly to be simple to setup and use because we understand that your time is valuable. Here are some common questions about Sandfly. Feel free to contact us with specific questions if they aren’t answered here.

Common Questions

Sandfly Agentless Security Questions Answered

What Version of Linux Will Sandfly Work Against?

Sandfly only requires that your Linux host be running Python 2 or Python 3 and SSH. Sandfly has been tested against the following Linux distributions:

  • CentOS 6/7
  • RedHat
  • Ubuntu
  • Fedora
  • Debian
  • Suse
  • Arch
  • CoreOS
  • Amazon Linux Images
  • Digital Ocean Linux Images

Sandfly will work against most Linux variants including embedded versions of Linux.

Does Sandfly Talk to Cloud Services To Do Analysis of Data?

No. Sandfly is completely self-contained. It sends no data back to us, and does not ship potentially confidential data from your systems off-site for analysis. Sandfly is designed to work on networks that are on the Internet, or those that are air-gapped.  Nothing leaves the system to a third-party during operation.

Although we may offer off-site analysis features in the future, we also recognize that many organizations have spent tremendous amounts of money to secure their data and do not want it sent out to third-party services they do not control. Sandfly was designed to work in isolation without any need to communicate externally.

How Do I Install Sandfly?

Sandfly is fully Dockerized. You need two systems capable of running Docker with these minimum requirements:

  1. A Server with 8GB or more of RAM running Linux depending on your install size. This computer runs the REST API and Elasticsearch database. 
  2. A Node with 1-2GB of RAM running Linux. A Node system actually runs multiple node containers for performance and redundancy. You can spin up a large number of node containers to handle very large installations without any trouble.

With Docker, setup is quick. There are install scripts for the Server and Node to initialize cryptographic keys to secure the architecture. Once installed, you add the hosts you want protected and that’s it. You don’t have to touch any of the remote hosts.

Is Sandfly Cloud Compatible?

Yes. Sandfly was developed largely on cloud infrastructure and works immediately at places like Digital Ocean, Linode, Amazon AWS, etc. But in reality, Sandfly doesn’t care where your Linux hosts are located. As long as they allow SSH access and have Python loaded then Sandfly can protect them immediately. Whether it’s in the cloud, your own network, or any other configuration, Sandfly will work.

We're Ready To Help

Are you ready to try our agentless security solution for Linux? Contact us with any questions or request a demo.