Fortress (Business Edge)

Fortress - Your Digital Stronghold

4GB RAM · $200 · Business-grade protection

Fortress is designed for permanent installation protecting home offices, small businesses, and enterprise edge networks with advanced network segmentation.

What Fortress Enables

Capability	Description
VLAN Segmentation	Isolate IoT, cameras, guests, trusted
OpenFlow SDN	Programmable network control
Full IDS/IPS	NAPSE engine
Local ML	On-device inference
Everything in Guardian	L2-L7, dnsXai, mesh

Best For

Home offices
Small businesses
NIS2 compliance needs
Multi-VLAN networks
Security-conscious deployments

Hardware Requirements

Resource	Minimum	Recommended
CPU	4 cores	Intel N100/N200 (8 threads)
RAM	4GB	8GB
Storage	64GB SSD	256GB NVMe
Network	1Gbps	Intel I226-V 2.5Gbps

Recommended Hardware

Intel N100 Mini PC ($150-200)
- 4 cores, 8 threads
- Built-in 2.5GbE (Intel I226-V)
- Low power consumption
Intel N200 Mini PC ($200-250)
- Higher performance
- Multiple NICs available

Approximate cost: ~$200-300

Installation

sudo ./install.sh --tier fortress --enable-aiochi

Installation Options

# Full installation
sudo ./install.sh --tier fortress --enable-aiochi

# With LTE failover
sudo ./install.sh --tier fortress --enable-aiochi --enable-lte

# With GPU support (if available)
sudo ./install.sh --tier fortress --enable-gpu

VLAN Segmentation

Fortress creates isolated network segments:

VLAN	ID	Purpose	Policy
IoT	10	Smart devices	Internet only, no LAN
Cameras	20	Security cameras	NVR access only
Guest	30	Visitors	Internet only, isolated
Trusted	40	Work devices	Full access
Quarantine	99	Compromised	Blocked, logging

Traffic Flow

Guest Device                Trusted Device
    │                            │
    ▼                            ▼
┌───────────────────────────────────────────────────────┐
│                   OpenVSwitch                          │
│  ┌─────────┐    ┌─────────┐    ┌─────────┐           │
│  │ VLAN 30 │    │ VLAN 40 │    │ VLAN 10 │           │
│  │  Guest  │    │ Trusted │    │   IoT   │           │
│  └────┬────┘    └────┬────┘    └────┬────┘           │
│       │              │              │                 │
│       ▼              ▼              ▼                 │
│  ┌─────────────────────────────────────────────────┐ │
│  │              OpenFlow ACL Rules                  │ │
│  │  • Guest → Internet: ALLOW                      │ │
│  │  • Guest → Trusted: DROP                        │ │
│  │  • IoT → Internet: ALLOW                        │ │
│  │  • IoT → LAN: DROP                              │ │
│  │  • Trusted → All: ALLOW                         │ │
│  └─────────────────────────────────────────────────┘ │
└───────────────────────────────────────────────────────┘

Security Stack

Everything from Guardian plus:

Component	Purpose
NAPSE	AI-native IDS/NSM/IPS — unified packet analysis, protocol inspection, and signature matching
OpenVSwitch	VLAN segmentation, OpenFlow ACLs
XDP/eBPF	Kernel-level DDoS mitigation
Local ML	On-device threat classification

Security Layer Depth

Layer 1: XDP/eBPF
         ├── DDoS mitigation
         └── Rate limiting
              │
              ▼
Layer 2: NAPSE
         ├── AI-native IDS/NSM/IPS
         ├── Signature + ML detection
         └── Protocol analysis
              │
              ▼
Layer 3: OpenVSwitch
         ├── VLAN isolation
         └── ACL enforcement
              │
              ▼
Layer 4: dnsXai + ML
         ├── DNS protection
         └── Threat classification
              │
              ▼
Layer 5: AEGIS
         ├── 8-agent AI orchestration
         └── Autonomous response

OpenVSwitch Configuration

Bridge Setup

# View OVS configuration
ovs-vsctl show

# List ports
ovs-vsctl list-ports br0

# View flow rules
ovs-ofctl dump-flows br0

Example Flow Rules

# Allow established connections
cookie=0x1, priority=100, ip, ct_state=+est, actions=NORMAL

# Block IoT to trusted
cookie=0x2, priority=50, ip, in_port=1, dl_vlan=10, actions=DROP

# Allow trusted outbound
cookie=0x3, priority=50, ip, in_port=1, dl_vlan=40, actions=NORMAL

# Default: log and drop
cookie=0xff, priority=1, actions=controller

Dashboard

Fortress includes everything from Guardian plus:

Network Tab

VLAN status and traffic
Port statistics
Flow rule visualization
Bandwidth per segment

SDN Tab

OpenFlow rule management
Traffic engineering
ACL configuration
Flow statistics

Compliance Tab

NIS2 readiness
Audit log export
Policy enforcement
Incident timeline

Local ML Inference

Fortress runs ML models on-device:

# Threat classification
{
    "model": "hookprobe-threat-classifier-v3",
    "inference_time_ms": 2.3,
    "classification": "command_and_control",
    "confidence": 0.94,
    "features_used": ["dns_entropy", "flow_pattern", "timing"]
}

Integration Options

LTE Failover

# Enable LTE backup
sudo ./install.sh --tier fortress --enable-lte

# Configure failover
nano /etc/hookprobe/lte-failover.conf

n8n Workflow Automation

# Enable workflow automation
sudo ./install.sh --tier fortress --enable-n8n

Use cases:

Automated incident response
Alert routing
Ticket creation
Slack/Teams notifications

Compliance Features

NIS2 Readiness

Requirement	Fortress Support
Network segmentation	VLAN isolation
Access control	OpenFlow ACLs
Incident detection	IDS/IPS stack
Logging	Full audit trail
Reporting	Export capability

Audit Logging

All actions are logged:

VLAN changes
ACL modifications
Threat detections
User authentications
Configuration changes

Management

# Status
hookprobe-ctl status

# VLAN management
hookprobe-ctl vlan list
hookprobe-ctl vlan add --id 50 --name "development"

# Flow rules
hookprobe-ctl flows list
hookprobe-ctl flows add --rule "block IoT to trusted"

Resource Usage

Resource	Typical Usage
RAM	2.5-3.5GB
CPU	20-40%
Disk I/O	Moderate
Network	Line rate

Fortress vs Nexus

Feature	Fortress	Nexus
RAM Required	4GB	16GB+
Cost	$200	$2000+
VLAN Segmentation	Yes	No
ML Inference	Yes	Yes
ML Training	No	Yes
Fleet Management	No	Yes
ClickHouse	No	Yes

Upgrade Path

Ready for ML training and fleet management?

sudo ./install.sh --tier nexus --migrate

Next Steps

Nexus - Upgrade for ML training
Networking - OVS/XDP details
Configuration - Customize Fortress

AI Intelligence (HIP)

Fortress runs the full HookProbe Intelligence Platform:

Hardware Detection: Supports all 13 NPU types via core/brain/hw_detect.py
Inference Bridge: Full ML classification + optional local LLM (TinyLlama-1.1B, 670MB)
HYDRA Full: All 11 microservices (anomaly detection, SENTINEL ensemble, temporal memory)
AEGIS Agents: 10 AI agents coordinating via PostgreSQL blackboard
Container Integration: core/brain/ included in HYDRA container image

# podman-compose.yml HIP configuration
hip_enabled: true
hip_local_llm: false          # Enable for local LLM
hip_npu_backend: auto         # auto | cpu | npu

See Brain & NPU Detection and AEGIS AI Defense for details.