Built for environments where data leaving the internal network is forbidden — banks, government, defense, healthcare. Offline-signed license, single-command bootstrap.sh installation, zero outbound calls at runtime.
Most SaaS monitoring tools send telemetry to their own cloud; for some sectors, sending data offshore is outright illegal. SentinelDB360 was designed offline-first from day one: connectivity is optional, isolation is the default.
Turkish BDDK Law 5411 supplementary regulations and SPK 6362 require cardholder/investor data to be processed in a controlled environment. Even the monitoring tool must not cross that boundary.
Using a SaaS monitoring tool hosted outside Turkey creates a data transfer requiring Board approval. Air-gap installation eliminates this requirement, simplifying "adequate protection" evidence.
Defense industry and TÜBİTAK projects run under "internet-disconnected classified network" rules. SentinelDB360 can be deployed via USB; even the license activates without an internet connection.
Hospital HIS/LIS systems' monitoring tools must not send metrics to a third-party cloud. In an air-gap install, AI insights are powered by local Ollama (LLM) instead of LiteLLM.
Your license is an Ed25519-signed JWT. SentinelDB360 only does local verification with the public key; not a single packet is sent to DMC servers at runtime. It works even when the internet is down.
The license file is verified using the public key bundled with the application. The diagnostic screen displays the public key fingerprint — your security team can audit the signature.
No online heartbeat required, no usage metrics flow to DMC. The CRM only retains customer registration data (name, contract); usage behavior is never transmitted.
DMC stores only the customer relationship (contract, sales channel, renewal date) on Azure Cosmos DB. The SentinelDB360 runtime never calls this Cosmos.
Many competitors enforce "all features online, limited offline." In SentinelDB360, even in an air-gap install, all 116 compliance tabs, AI insights (Ollama), and all engines run with full capability.
Admin → License → Diagnostic · Ed25519-signed offline JWT · zero runtime telemetry · public key fingerprint auditable by your security team
In a connected environment, pull the images and push them to ACR (or your local registry). On the air-gapped host, bootstrap.sh installs MongoDB + all 5 services with a single command.
From a connected host, pull the SentinelDB360 images from Azure Container Registry; produce a single tar with docker save; carry it to the air-gapped host via USB / file transfer.
docker load → load images, generate the .env file (script wizard), docker compose up. No hot reload, prod-grade defaults.
Crontab mongodump for the mongo-data folder, snapshot rotation, restore drills. With no cloud backup in air-gap, this runbook is a P0 requirement.
Three ready examples for corporate-standard reverse proxies: Nginx (Linux), Apache httpd (Linux), IIS ARR (Windows Server). HTTPS, websocket, gzip configurations included.
Two separate runbooks: connected install (INSTALL.md) and air-gapped install (AIRGAP_INSTALL.md). Step by step, every command runnable, expected output listed.
mongodump + oplog tail + LVM snapshot + restore drill. Targets: RTO 30 min / RPO 1 hr. Annual schedule for 4 drills.
Ready-to-use configs for Nginx, Apache httpd, and IIS ARR (Windows Server). WebSocket, gzip, security headers included. Works with your corporate PKI.
Thanks to LiteLLM abstraction, local Ollama (Llama 3, Mistral, etc.) can replace Azure OpenAI. AI recommendations, root-cause analysis, query interpretation — all stay on your server.
Run an Ollama service on the same network, set AI_DEFAULT_PROVIDER=ollama. For English responses keep AI_LANG=en. Query text / plan XML never leave the local environment.
If you don't want to use an LLM at all, the classic rule-based advisor takes over. Performance suggestions, missing index, blocking root-cause analysis — comprehensive even without an LLM.
Let's design an installation plan tailored to your isolated environment in a demo session.
