On-Premise Architecture

Your Data Stays Within Your Organization.
Security Analyses Run Locally.

NEXA offers a fully on-premise architecture. Telemetry data never leaves the organization, AI analyses are performed on local servers.

System Architecture

4 servers, layered security, zero external data leakage.

EXTERNAL SOURCES
NVD / CVE
CISA KEV
MITRE ATT&CK
Threat Feeds
EPSS
CWE DB
HTTPS / REST API
ENTERPRISE FIREWALL / DMZ
NEXA ON-PREMISE CORE
External connection authorized

Ollama Server

Threat Intelligence Engine
CVE / KEV sync
Threat feed pull
EPSS update
User interface

Web Server

Apache / PHP 8.x
Dashboard & modules
RBAC & session
Reporting engine
Data layer

Database

MySQL / MariaDB
PDO prepared stmt
Encrypted connection
Backup
NO external connection

Local AI

Llama 4 / GPU
Vulnerability analysis
Attack sim.
Risk scoring
Web ↔ DB: SQL/TLS Web ↔ AI: REST API Ollama → DB AI → External Network: NONE
API INTEGRATION
SECURITY PRODUCTS
SIEM
EDR/XDR
NGFW
SOAR
Vuln Scan
IAM/PAM
Email Sec
Cloud Sec

Data Flow Architecture

Where data comes from, where it is processed and where it does not go.

1

Threat Data Collection

Ollama Server pulls current threat data from external APIs (NVD, CISA KEV, MITRE, Threat Intel) and writes to the database.

External → Internal (one-way)
2

Security Product Integration

Web Server receives telemetry and event data via API from the organization's security products such as SIEM, EDR, Firewall.

Internal network (local API)
3

Local AI Analysis

Llama 4 AI Server analyzes all data within the organization. Performs vulnerability interpretation, attack simulation, risk scoring and report generation.

Data never leaves
4

Results & Reporting

Analyses are presented to users through the Web Server. Dashboards, simulation outputs and PDF reports are generated.

Presentation to user

Security & Compliance

Secure and manageable architecture designed for enterprise scale.

Turkish InterfaceAll modules in Turkish
Dual AuthLDAP + local database
RBACRole-based access control
Application SecurityCSP, CSRF, XSS, SQLi
Rate LimitingBrute-force protection
HTTPS & SessionEncrypted traffic mandatory
PDO LayerPrepared statements
ResponsiveBootstrap 5 infrastructure

See the architecture live

Review the on-premise installation process and technical details in the demo environment.

Start Demo Wizard