System Architecture

Topology

In SCIF Mode, all communications are limited to local area networks. one-way communication from the client banner to the server via a socket on TCP port 56789 by default. The client banner will emit some of the metadata reports back to the server depending on the admin settings. All communications are encrypted.

Data Flow

Cyber Intel Classification Banner
Where “Client” means C/B/CCM and “Agent/Server” means S.

System Components and Structures

  1. Banner (B)
  2. Client (C)
  3. Server (S)
  4. Portal (P)
    The Portal is a web-based control panel to allow IT, admins, to pre-configure or manages licenses.

Active Directory / Directory Service (AD/DS)

AD/DS is one of the most famous directory services. With AD/DS and 3rd party software (see CICB CCM), the IT admin can configure each user to have more than one banner setting (color/text) that depends on the currently signed-in user security group. (e.g., there are two different security environment projects assigned to user A at the same time. But he is only working on one project at a time. He can swap the user’s AD/DS user security group via a 3rd party group change software/script, then sign off and sign back into the user profile. CICB will apply the banner setting according to the IT admin and user security settings.)

Light Weight Access Portal (LDAP)

The server can connect to any directory service that follows the standard LDAP protocol.

Here are some examples:

  1. Active Directory Directory Service (AD/DS)
  2. Apache Directory
  3. Open LDAP
  4. Univention Corporation Server (UCS)
  5. Lepide Auditor for Active Directory
  6. JXplorer
  7. FreeIPA
  8. Samba
  9. GoSa
  10. eDirectory
  11. Zentyal
  12. 389 Directory Server
  13. Red Hat Directory Servers
  14. OpenSSO
  15. SME Server
  16. Resara Server
  17. Sun Java System Directory Server
  18. IBM Tivoli Directory Server
  19. Windows NT Directory Services
  20. Lotus Domino
  21. Etc.

Component Relationship

  1. One “Software Portal” can have many users.
  2. One user can have many licenses.
  3. One license can only assign to ONLY ONE server.
  4. One server per computer domain. (e.g. north-america\john-doe)
  5. One domain can ONLY HAVE ONE AD/DS server.
  6. One AD/DS server can have many security groups for clients.
  7. One client can install it on one operating system.
  8. One operating system can have up to 12 monitors or screens. (use cases such as mission control center, traffic control center, etc.)