​

Introduction

​

OneFirewall System Components

• onefirewall-server:
  • The core server that exposes the APIs of OneFirewall.
  • Manages the UI functionalities of OneFirewall.
  • Implements authentication using a database-based mechanism.
  • Integrates authentication with OIDC providers: Google, GitHub, and Atlassian.
  • Stores threat intelligence data in time series format within an Elasticsearch cluster.
• onefirewall-elasticsearch:
  • Manages threat intelligence data as time series.
  • Supports data storage on persistent block storage or NAS servers.
• onefirewall-db:
  • Manages application data and configurations.
  • Handles Identity and Access Management (IAM) for platform users.
• onefirewall-rabbitmq:
  • Acts as a message queue for data ingestion.
  • Manages synchronization of threat intelligence data with the OneFirewall cloud platform.
• onefirewall-queue-consumer:
  • A server responsible for dequeuing messages from onefirewall-rabbitmq.
  • Interacts with the ingestion APIs in onefirewall-server via onefirewall-proxy.
• onefirewall-proxy:
  • The API gateway for OneFirewall.
• onefirewall-wcf-agent:
  • Implements integrations with various existing router/firewall solutions.
  • Supports both open-source and commercial firewall solutions.
• onefirewall-log-analyzer:
  • Handles integration with various SIEM solutions.
  • Manages ingestion and processing of log data.
• onefirewall-cloud-sync:
  • Synchronizes threat intelligence data.
  • Sends data packets to the message queue (onefirewall-rabbitmq).