Skip to content

Getting Started

EnforceGate vX is designed for rapid, seamless deployment and is typically operational within minutes.

Before proceeding, ensure that your system meets the minimum hardware requirements and that your license is currently active.

Distributions

  • Virtual appliance

    Deploy our pre-built virtual appliance. The appliance bundles the EnforceGate standalone container, automatic boot at host startup, and a guided installer.

    Install

  • Docker

    Deploy the EnforceGate standalone bundle (three services + four named volumes, plus an optional toolbox sidecar for operator scripting) using Docker Compose.

    Install

What you get

Either path produces the same runtime: a single Alpine container (the enforcegate service) running the engine, the Squid connector, and Squid itself supervised inside the container, plus two always-on sidecars — a TLS terminator publishing :80+:443, and the Python captive portal on internal :8000 — and one optional fourth sidecar, the toolbox, off by default and enabled at install time or via eghost toolbox enable. The host exposes:

  • :3128 — Squid HTTP/HTTPS proxy.
  • :80 + :443 — TLS terminator serving the captive portal and the (bump-mode) self-service CA install page.

See architecture for the full runtime topology.

Next steps

Once installed, drive the deployment with the eghost operator CLI:

  1. Verify status — run eghost status and eghost version.
  2. Configure components — review the default engine.conf and squid-connector.conf (defaults are usually fine).
  3. Define policies — use eghost policy new, eghost policy edit, eghost policy list.
  4. (Optional) Enable SSL inspection — choose peek or bump mode and acknowledge the binding conditions for bump.

eghost (no argument) shows a one-screen dashboard summarising the deployment.