Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.onefirewall.com/llms.txt

Use this file to discover all available pages before exploring further.

Introduction

OneFirewall WCF Platform brings together threat intelligence from multiple sources (Alliance), including government agencies, security vendors, and other organizations, and provides a centralized repository for this information

OneFirewall System Components

All services are managed using a containerized solution and deployed on a Kubernetes cluster. The cluster can be a service-managed solution from a cloud provider or an on-premises installation using open-source solutions based on Rancher.
  • onefirewall-server:
    • The core server that exposes the APIs of OneFirewall.
    • Manages the UI functionalities of OneFirewall.
    • Implements authentication using a database-based mechanism.
    • Integrates authentication with OIDC providers: Google, GitHub, and Atlassian.
    • Stores threat intelligence data in time series format within an Elasticsearch cluster.
  • onefirewall-elasticsearch:
    • Manages threat intelligence data as time series.
    • Supports data storage on persistent block storage or NAS servers.
  • onefirewall-db:
    • Manages application data and configurations.
    • Handles Identity and Access Management (IAM) for platform users.
  • onefirewall-rabbitmq:
    • Acts as a message queue for data ingestion.
    • Manages synchronization of threat intelligence data with the OneFirewall cloud platform.
  • onefirewall-queue-consumer:
    • A server responsible for dequeuing messages from onefirewall-rabbitmq.
    • Interacts with the ingestion APIs in onefirewall-server via onefirewall-proxy.
  • onefirewall-proxy:
    • The API gateway for OneFirewall.
  • onefirewall-wcf-agent:
    • Implements integrations with various existing router/firewall solutions.
    • Supports both open-source and commercial firewall solutions.
  • onefirewall-log-analyzer:
    • Handles integration with various SIEM solutions.
    • Manages ingestion and processing of log data.
  • onefirewall-cloud-sync:
    • Synchronizes threat intelligence data.
    • Sends data packets to the message queue (onefirewall-rabbitmq).