Skip to content

Deployment Overview Enterprise

This section covers Enterprise deployment. For Community Edition (Docker, Python, systemd), see Quick Start.

Deployment options

Hypervisors

PlatformImage formatGuide
Proxmoxqcow2Deploy on Proxmox
VMware ESXi / vSphereOVADeploy on VMware
Hyper-VVHDXDeploy on Hyper-V
KVM / libvirtqcow2Deploy on KVM
Xenqcow2Deploy on KVM - same process, qcow2 is compatible

Containers and orchestration

PlatformGuide
DockerDeploy with Docker
Kubernetes (Helm)Deploy on Kubernetes

Cloud

PlatformGuide
Microsoft AzureDeploy on Azure
AWSDeploy on AWS - coming soon
Google CloudDeploy on GCP - coming soon

Physical appliance

For environments without a hypervisor - OT networks, isolated segments, air-gapped sites. See Physical Appliance.

Download from the dashboard

All Enterprise deployment images and configuration packages are obtained from the Trapster dashboard:

  1. Open Trapsters in the sidebar

  2. Click the + card to open Deploy a new Trapster+ Card

  3. Choose your platform Platforms

PlatformWhat you get from the wizard
VMware ESXiOVA file
Proxmox VEqcow2 disk image
Microsoft Hyper-VVHDX image
Microsoft AzureAzure deployment details
DockerExample docker-compose.yml with your organization code and domain
KubernetesExample manifest with your organization code and domain

The dialog also shows the local trapster username and password for console access when you need to configure networking on the VM (Network Configuration).

Requires Administrator or Member role with permission to manage devices.

General process

  1. Download or copy your deployment package from the dashboard
  2. Deploy on your hypervisor, container runtime, or cloud using the platform guide below
  3. Start the Trapster and it will connect outbound to your dashboard over HTTPS
  4. Accept registration when the Trapster appears as a pending device (may take up to 3 minutes)
  5. Configure services from the Trapster detail page

See Trapsters for the full dashboard workflow.

Placement recommendations

Place the honeypot where lateral movement is likely:

  • User VLANs - catch compromised endpoints exploring the network
  • Near NAS / file servers - attract credential reuse
  • DMZ - catch inbound attackers
  • Server VLAN - mimic a production server
  • OT / ICS segments - use the physical appliance for air-gapped networks

See Networking Requirements for IP and firewall details.