System Architecture


In SCIF/Offline Mode, all communications are limited to your local area networks (LAN) only. From the client to the server is one-way passive communication via a socket on TCP port 56789 by default. The client will emit some of the metadata reports back to the server depending on the admin settings. All communications are encrypted within your LAN. The client will never talk to the internet (WAN) directly except to the server, all information NEVER LEAVE your LAN. (For different network setups, please refer to the Network Topology)

Data Flow

Cyber Intel Classification Banner
Where “Client” means (C) / (B) / (CCM), and “Agent/Server” means Server (S).

System Components and Structures

  1. Banner (B)
  2. Client (C)
  3. Client Config Manager (CCM)
  4. Server (S)
  5. Portal (P)
    The Portal is a web-based control panel to allow IT admins, to pre-configure or manage licenses.

Active Directory / Directory Service (AD/DS) & Light Weight Access Portal (LDAP)

Please refer to AD/DS & LDAP.

Component Relationship

  1. One “Software Portal” can have many users.
  2. One user can have many licenses.
  3. One license can be assigned to ONLY ONE server.
  4. One server per FQDN. (e.g. north-america\john-doe)
  5. One FQDN can ONLY HAVE ONE AD/DS server.
  6. One AD/DS server can have many security groups for clients.
  7. One client can install it on one operating system (OS).
  8. One operating system can have up to 12 monitors or screens. (It depends on your license, and the use cases will be something like a mission control center, traffic control center, etc.)