Product Architecture – Infini-Connect¶
{: .doc-audience-customer}
This diagram shows Infini-Connect as a centralised control plane managing multiple PCI “Black Box” racks across tenants.
```mermaid graph LR title Infini-Connect Product Architecture (Control Plane + Black Boxes)
subgraph Tenants["Tenant Orgs (Banks, FinTechs, Merchants)"] AdminUser["Tenant Admins / Engineers"] Auditors["Internal Auditors / Compliance"] QSA["External QSA / Assessor"] end
subgraph ICCloud["Infini-Connect Control Plane (SaaS or Self-Hosted)"] IC_UI["Web UI / API Gateway"] IC_CP["Core Control Plane Services"] IC_CFG["Config & Inventory Service"] IC_ACL["Access & Identity Orchestrator"] IC_SCAN["Scan & Pentest Orchestrator"] IC_CM["Change & Ticketing Service"] IC_DOC["Docs & Evidence Generator"] IC_BUS["Event Bus / Message Broker"] IC_DB["Control Plane DB (PostgreSQL)"] IC_OBJ["Object Storage (evidence, configs, reports)"] end
subgraph ExternalSystems["Shared External Integrations"] IdP["IdP / AD / OpenLDAP / OIDC"] SIEM["SIEM / SOC Platform"] Mail["Mail / Notification Gateway"] SMS["SMS / Push Provider"] Repo["Git / Artifact Repos"] end
subgraph Sites["Client Sites / Colos"] subgraph Box1["PCI 'Black Box' Rack #1"] BB1_Agent["IC Node Agent"] BB1_JB["Jumpbox Cluster (SIT/UAT/PROD)"] BB1_FW["Edge Firewalls (HA)"] BB1_Virt["Virtualization Cluster (ESXi/Proxmox)"] BB1_NET["Switches / OOB Mgmt"] BB1_SCAN["On-site Scan Runner (containers)"] BB1_LOG["Local Log Forwarders"] end
subgraph Box2["PCI 'Black Box' Rack #N"]
BB2_Agent["IC Node Agent"]
BB2_JB["Jumpbox Cluster"]
BB2_FW["Edge Firewalls (HA)"]
BB2_Virt["Virtualization Cluster"]
BB2_NET["Switches / OOB Mgmt"]
BB2_SCAN["On-site Scan Runner"]
BB2_LOG["Local Log Forwarders"]
end
end
AdminUser -->|Browser / API| IC_UI Auditors -->|Read-only Dashboards / Reports| IC_UI QSA -->|Evidence Packs / Export| IC_UI
IC_UI --> IC_CP IC_CP --> IC_CFG IC_CP --> IC_ACL IC_CP --> IC_SCAN IC_CP --> IC_CM IC_CP --> IC_DOC
IC_CP --> IC_BUS IC_CFG --> IC_DB IC_ACL --> IC_DB IC_SCAN --> IC_DB IC_CM --> IC_DB IC_DOC --> IC_OBJ
IC_CP --> IdP IC_CP --> SIEM IC_CP --> Mail IC_CP --> SMS IC_CP --> Repo
IC_BUS --> BB1_Agent IC_BUS --> BB2_Agent
BB1_Agent -->|Inventory / Config Pulls| IC_CFG BB2_Agent -->|Inventory / Config Pulls| IC_CFG
BB1_Agent -->|Access Windows / ACL Updates| BB1_JB BB2_Agent -->|Access Windows / ACL Updates| BB2_JB
BB1_Agent -->|Firewall Policies / Segmentation Tests| BB1_FW BB2_Agent -->|Firewall Policies / Segmentation Tests| BB2_FW
IC_SCAN -->|Launch Scan Jobs| BB1_SCAN IC_SCAN -->|Launch Scan Jobs| BB2_SCAN
BB1_SCAN -->|Scan Results| IC_SCAN BB2_SCAN -->|Scan Results| IC_SCAN
BB1_LOG -->|Logs / Metrics| SIEM BB2_LOG -->|Logs / Metrics| SIEM