MiNiFi C++ C2 Supports update policy enforcement through the configuration YAML file.
These can be defined via a controller service that provides immutable policy control to an agent.
Updates to MiNiFi C++ properties can be controlled through an UpdatePolicyControllerService named C2UpdatePolicy. The service supports several configuration options. They are defined in the following example:
Controller Services:
- id: 94491a38-015a-1000-0000-000000000001
name: C2UpdatePolicy
class: UpdatePolicyControllerService
Properties:
# true enables all properties to be updated.
Enable All Properties: true
# allowed properties are those which can be updated
Allowed Properties:
Property_1:true
Property_2:true
Disallowed Properties:
Property_3:true
Property_4:true
Updates to agent properties ( originally defined in minifi.properties) can be controlled via the UpdatePolicy. The ability to update policies allows C2 servers to change MiNiFi System properties in real time. This allows a flow to define how agents can be updated. Individual properties can be specified. "Allow all properties" can be used to allow all properties to be updated. Disallowed Properties will disallow specific properties if all are allowed.
Update Policies will be critical when agent replication is in place ( feature is in development ). This feature will ask and allow agents to replicate state. This will ensure that nearby agents ( that may not have direct access to a C2 server, or have a lower latency to nearby agents ) – have the ability to replicate state ( binary versions, flow versions, etc )