Trust Pack

Security & Data Handling

CoreDetection runs inside your infrastructure, receives flow metadata from your routers, and peers with BGP only when you configure it. This page summarizes the controls enterprise buyers usually review before deployment.

What stays on-prem?

Flow telemetry, attack history, dashboards, reports, BGP state, API logs, configuration, and appliance data remain on the customer-controlled CoreDetection server unless your team exports or shares them.

What leaves the customer network?

CoreDetection does not send live traffic or flow telemetry to CoreTech by default. Support data is shared only when your team intentionally provides logs, screenshots, exports, or diagnostic bundles.

Is there call-home?

Runtime licence validation is local and server-bound. Internet access may be used during installation or updates to download packages, container images, or release metadata when your deployment policy allows it.

How licensing works offline

Licences are issued for a specific server identity and verified locally. Air-gapped operation is supported after installation and activation steps are completed according to your deployment process.

Network Exposure

Ports and API Security

Keep management surfaces private. The REST API is designed for NOC and automation systems, not direct internet exposure.

PortScopePurpose
2055 / 4739 / 6343 UDPInbound from routersNetFlow, IPFIX, sFlow, and jFlow-compatible telemetry ingest
179 TCPBetween CoreDetection and routersBGP RTBH / FlowSpec peering when enabled
9009 TCPManagement network onlyREST API; do not expose directly to the internet
80 / 443 TCPOutbound during install or updatePackage, image, or update metadata download when allowed
Hardening

Deployment Checklist

  • Restrict API port 9009 to management IPs, VPN, or a private network.
  • Use X-API-Key headers in production; do not place API keys in URLs.
  • Put remote API access behind a TLS reverse proxy.
  • Rotate API keys when operators or automation systems change.
  • Limit BGP peering to expected router IPs and route policies.
  • Enable NTP/chrony so licence and event timestamps remain correct.
  • Back up config.ini, licence files, and exported reports according to your retention policy.
  • Keep the host OS patched and restrict SSH access to authorized operators.

Data Retention

Retention depends on your storage, reporting, and compliance settings. Size disk for the flow volume and report history you plan to keep, and export or purge reports under your internal retention policy.

Backup and Restore

Back up configuration, licence material, and reports. For production, test restore procedures before enabling automated BGP response in a new environment.

Responsible Disclosure

Report suspected security issues to [email protected]. Include affected version, deployment context, reproduction steps, and logs if safe to share.

Procurement Pack

Documents available during sales review

Formal PDFs should be generated from approved legal and security templates. Until those files are published, request the current review pack from the CoreDetection team.

Security WhitepaperData Flow DiagramDeployment Hardening GuideSample Order Form / Licence Terms
Request demo Pricing