Architecture overview

Prelude is divided in several components. Sensors are responsible for intrusion detection, and report alerts in a centralized fashion using a TLS connection to a 'prelude-manager' server. The prelude-manager server can then process these alerts and deliver them to an user-specified media (mysql database, postgresql database, XML file, any format provided there is a report plugin for it).

The Prelude console can then be used to view these alerts.
Here is a simple example of how the different Prelude components interact:

Architecture overview with commercial extension

You can do decentralized architecture with the commercial extension available from CS-SI like this :

or this

Please check the Corporate Modules page for more information.

simple-architecture.png View (20.9 KB) , 08/13/2008 12:52 PM

architecture.png View (46.7 KB) Thomas ANDREJAK, 09/08/2015 09:25 AM

reverse-relaying.png View (25.5 KB) Thomas ANDREJAK, 09/08/2015 09:25 AM