Custodiet
Information Technology & Services - , ,
Custodiet Employees
Custodiet Details
An open source MSSP Framework. Wrap your skull around that, and watch it sweat. :) Custodiet is a set of tools, VM's, and some optional hardware that, when deployed, creates an entire MSSP. Done. Download this open source project. Spin up the VM's. Deploy the customer side. You're now an MSSP. Oh, don't forget to charge the clients. :) Custodiet is comprised of 2 systems. Client prem is known as the Custodiet CSO (Custodiet Security Observer). It is based on Security Onion (Thanks Doug Burks!!!), although we'll eventually move away from SO, towards a slightly more slimed domwn distro. CSO also has DNS, DHCP, provisions for guest wireless, a pfSense firewall, and many other functions. Server side(cloud, VPS, whatever) is C4. The "Custodiet Central Control Cluster". Catchy, eh? C4 uses a pfSense VM (although it can be physical) as a VPN endpoint, to segment networks as needed, etc. C4 is effectively used as the multi-tenant control center for the one or many CSO's scattered around. Currently, CSO and C4 are embodied slightly differently. CSO is embodied in a physical Netgate pfSense box, a physical Netgear switch with port mirroring built in, and a 2u, ½ depth server (about the size of a desktop), which is pretty easy to either leave standalone, or rack as needed. C4 is embodied in (our test system) as a 2u server, in a data center (Provided by Inerail, cause they're awesome!!!) The server has 3 nodes, with 12 cores and 48 gigs of ram per node. We're running a node as a pfSense box, 1 node as a Xencenter Dev environment, and one node as a Xencenter Production environment.
