A service of Daily Data, Inc.
Contact Form

Unix Server Tech Knowledge Base

User Tools

Site Tools

Trace: Sneakernet: Production Air Gap Implementation
unix:freebsd:system_builds:airgap:start

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
unix:freebsd:system_builds:airgap:start [2026/01/20 01:25] – created rodolicounix:freebsd:system_builds:airgap:start [2026/01/20 01:37] (current) rodolico
Line 1: Line 1:
 ====== Air Gap Server ====== ====== Air Gap Server ======
 +
 +An **air gap server** is a computer system physically isolated from unsecured networks, including the Internet, to protect critical data from remote cyberattacks. This isolation—combined with full disk encryption and strict physical access controls—provides defense-in-depth against ransomware, unauthorized access, and compromised source systems. The system typically remains powered off except during scheduled backup operations, with data transferred via encrypted removable media ("sneakernet"). This approach is particularly valuable for long-term backup storage where the reduced attack surface and offline state dramatically limit exposure to both network-based and physical threats, making it an essential component of a comprehensive disaster recovery and business continuity strategy.
 +
 +===== Documentation =====
 +
 +  * [[unix:freebsd:system_builds:airgap:concepts|Air Gap Server Concepts]] — Security principles, encryption strategies, and implementation best practices
 +  * [[unix:freebsd:system_builds:airgap:sneakernet_implementation|Sneakernet Implementation]] — Production deployment guide for automated ZFS replication via encrypted transport media
 +
 +===== Quick Links =====
 +
 +  * [[unix:freebsd:system_builds:airgap:concepts#encryption_strategy|Encryption Strategy]] — GELI, split-keys, and transport encryption
 +  * [[unix:freebsd:system_builds:airgap:concepts#example_workflow|Example Workflow]] — Typical backup cycle walkthrough
 +  * [[unix:freebsd:system_builds:airgap:sneakernet_implementation#installation|Installation Guide]] — Getting started with sneakernet
 +  * [[unix:freebsd:system_builds:airgap:sneakernet_implementation#key_management|Key Management]] — Generating and rotating encryption keys
 +
 +===== External Resources =====
 +
 +  * [[https://docs.freebsd.org/en/books/handbook/disks/#disks-encrypting-geli|FreeBSD GELI Encryption]]
 +  * [[https://docs.freebsd.org/en/books/handbook/zfs/|FreeBSD ZFS Handbook]]
 +  * [[https://www.nist.gov/publications/guide-storage-encryption-technologies-end-user-devices|NIST Storage Encryption Guide]]
 +  * [[http://svn.dailydata.net/svn/zfs_utils/trunk|Sneakernet Source Repository (SVN)]]
 +
unix/freebsd/system_builds/airgap/start.1768893934.txt.gz · Last modified: 2026/01/20 01:25 by rodolico