MiNiFi C++ C2 Supports update policy enforcement through the configuration YAML file. 

These can be defined via a controller service that provides immutable policy control to an agent. 

Updates to MiNiFi C++ properties can be controlled through an UpdatePolicyControllerService named C2UpdatePolicy. The service supports several configuration options. They are defined in the following example:

Controller Services:
- id: 94491a38-015a-1000-0000-000000000001
  name: C2UpdatePolicy
  class: UpdatePolicyControllerService
  Properties:
    # true enables all properties to be updated. 
    Enable All Properties: true
    # allowed properties are those which can be updated
    Allowed Properties: 
             Property_1:true
             Property_2:true
    Disallowed Properties:
    		 Property_3:true
             Property_4:true


Updates to agent properties ( originally defined in minifi.properties) can be controlled via the UpdatePolicy. The ability to update policies allows C2 servers to change MiNiFi System properties in real time. This allows a flow to define how agents can be updated. Individual properties can be specified. "Allow all properties" can be used to allow all properties to be updated. Disallowed Properties will disallow specific properties if all are allowed. 


Update Policies will be critical when agent replication is in place ( feature is in development ). This feature will ask and allow agents to replicate state. This will ensure that nearby agents ( that may not have direct access to a C2 server, or have a lower latency to nearby agents ) – have the ability to replicate state ( binary versions, flow versions, etc )


  • No labels