Meridian · Network Intelligence Platform

Start here

1. Install overview — prerequisites, what the installer does, ~10 min to a working portal.
2. Installer prompts — every prompt explained with "why it matters" context.
3. Getting started — first login, tour of the portal, finding your way.

User portal — tools & pages

Every regular (non-admin) page in the portal. For each: what it is, why it exists, and the tabs you'll see on it.

Dashboard

Summary. The landing page after login. Shows a welcome line, stat tiles, and quick links.

Purpose. Give operators an instant read on portal health without drilling anywhere — "are the services green, and is there anything that needs me?"

• Stat tiles — monitors in WARN/FAIL, open approvals, incoming messages, recent audit events.
• Quick links — jump to your most-used tools (customizable in a future release).

DNS Tools

Summary. Sandboxed DNS diagnostics with scope-guardrails: everything from a simple dig to zone-health and typosquat hunts.

Purpose. Replace a grab-bag of dig, delv, whois, and web-UI tools with one consistent, audited interface. Every query is logged with who ran it.

• Dig — single query against a chosen resolver; common flags exposed as chips.
• Propagation — same query against 16 public resolvers in parallel; highlights divergence.
• DNSSEC — walks the chain of trust (DNSKEY → DS at parent → root), flags missing/weak links.
• Reverse — PTR lookup for an IP, optionally against a specific resolver.
• Zone Health — SOA agreement across authoritatives, lame-NS detection, MX/apex sanity.
• AXFR — attempts a zone transfer against each authoritative NS. A refusal is the expected healthy outcome.
• CT / crt.sh — certificate-transparency history for a domain (passive subdomain discovery).
• WHOIS — registrar, registrant, creation/expiry, name servers, DNSSEC flag, status codes.
• Bulk WHOIS — up to 200 domains at once; concurrency-capped to respect upstream rate limits; CSV export.
• Typosquat — homoglyph / omission / transposition / insertion / TLD-swap permutations, resolved in parallel.
• rndc flush (admin-only) — flush the local BIND9 recursive cache, optionally scoped to a single zone.

Network Tools

Summary. Reachability, performance, and capture tools. All scope-guardrailed so you don't accidentally probe outside what your install is allowed to touch.

Purpose. Give the network team a single audited place to run the "every day" probes without ad-hoc shells, and make the results shareable with a link.

• Ping — IPv4/IPv6 ICMP echo with count, interval, packet size.
• Traceroute — UDP/ICMP/TCP with per-hop RTT and AS annotation.
• Port scan — targeted TCP/UDP port check; not a full discovery scanner.
• HTTP test — full-URL probe with headers, TLS info, redirect trail, timing breakdown.
• SNMP — v2c/v3 GET / walk against configured community/user; results rendered as a tree.
• pcap — time-boxed capture on a selected interface with BPF filter; downloads as .pcap.
• Bandwidth — iperf3 client against a chosen server; shows throughput + retransmits.

Monitors

Summary. Scheduled synthetic checks: HTTP/HTTPS response, TCP port reachability, ICMP ping — with history.

Purpose. Know when something slips from OK → WARN → FAIL without you watching — and keep enough history to spot slow-burn issues (e.g., rising latency over weeks).

• HTTP/HTTPS — expected status, body-contains match, TLS validity window.
• TCP port — open/closed/filtered judgment with connect timing.
• ICMP ping — loss + RTT over the sampling interval.
• History — per-monitor trend graph; WARN/FAIL events feed the dashboard + notification channels.

Wizards

Summary. Guided multi-step diagnostics. Each step explains what it checked, why it passed/warned/failed, and suggests evidence-backed next steps.

Purpose. Turn "something feels off" into a structured investigation that a less-senior operator can drive, and that produces a shareable report.

• DNS health — full zone check from delegation down to MX/apex.
• Reachability — ping → traceroute → port → HTTP, short-circuits on first conclusive fail.
• Cert chain — leaf/intermediate/root with expiry & key-algo audit.
• Email deliverability — MX / SPF / DKIM / DMARC / rDNS / open relays / blacklist check.

Certificates

Summary. Manage the portal's own TLS cert, watch a list of external certs for expiry, and generate CSRs.

Purpose. Three jobs that usually live in three different tools — consolidated so the cert story for your estate lives in one place.

• Portal cert — current leaf/chain, expiry countdown, upload self-signed or ACME replacement.
• External watchlist — add hostname:port pairs; nightly check + expiry notifications.
• CSR — generate PKCS#10 requests with SAN, key type, and OU / CN pre-fill from branding.

Runbooks

Summary. Chain individual tools into repeatable, permission-gated workflows.

Purpose. Codify "the way we investigate X" so it runs the same way every time and is safe to delegate to a junior operator.

• Edit / builder — drag-drop steps, each referencing a tool + inputs + continue_on policy.
• Run — executes each step; skips steps the runner lacks permission for and records why.
• History — past runs, output, success/fail, and a shareable permalink.

DHCP

Summary. Unified query interface across external DHCP systems. The portal does not run DHCP itself.

Purpose. Stop logging into Kea / ISC / Infoblox / Windows consoles to answer "which lease does this MAC have?" — ask Meridian instead.

• Search — by IP, MAC, hostname, or client-id across every configured backend.
• Recent activity — new leases & conflicts surfaced from backend event streams.

IPAM

Summary. Unified query across external IPAM systems (Infoblox, Netbox, …). The portal does not store IPAM records itself.

Purpose. One lookup surface for "what's at this IP / in this subnet / assigned to this VLAN" regardless of which backend owns the record.

• Search — by IP, CIDR, hostname, tag.
• Subnet view — utilization bar, conflicts, adjacent free blocks.

Directory

Summary. Active Directory / LDAP lookups — read-only by default. Write actions flow through the Approvals queue.

Purpose. Let the helpdesk answer "who is this user, what groups, when did their password change" without giving them write access to AD.

• User search — sAMAccountName / UPN / display name; shows attributes + group memberships.
• Group search — membership browse, nested-group resolution.
• Computer search — last-logon, OS, OU, dangling objects.

File Repo

Summary. Personal storage for scripts, pcaps, exports, and docs. Quota-enforced. Pinned files skip the retention cleanup.

Purpose. A consistent place to stash captures and one-off scripts without dropping them on a shared server — and without shipping them off-box.

• My files — upload, tag, rename, pin.
• Shared — files others have published to your groups.
• Quota — current usage, retention horizon, pinned-bytes.

Messages

Summary. Direct messages between users · admin broadcasts · group-addressed notices.

Purpose. Keep operational comms inside the audited portal rather than scattered across chat systems that don't tie back to who-did-what.

• Inbox — unread + recent threads.
• Compose — to user / group / role / broadcast (admin).
• Archive — full history with search.

Approvals

Summary. Two-person sign-off queue for destructive or sensitive operations.

Purpose. Enforce the "no operator can destroy data or make a vault change alone" policy. Every write-grade action produces an approval request routed to another admin.

• Pending — requests awaiting your action.
• Awaiting others — requests you opened, waiting on someone else.
• Completed — decision history with reasoning text.

User Settings

Summary. Your personal profile, sessions, security, and preferences.

Purpose. Self-service for the things operators need to manage about themselves without pulling an admin in.

• Profile — display name, email, timezone, avatar.
• Password — change password; shows when it last changed and the policy.
• Two-factor auth — TOTP enrollment (authenticator app); scratch codes.
• Account recovery — the 5 security questions used by forgot-password; pick 5 / answer 5.
• Sessions — every logged-in session across devices; revoke any of them.
• API tokens — personal access tokens for CLI / scripts, scoped to your role.
• Notifications — per-channel on/off for email, message, webhook.
• Preferences — theme, density, default landing tab, locale.

Admin portal — pages

Only visible to users with admin or super-admin role.

Admin overview

Summary. The admin landing page — at-a-glance numbers plus tab navigation to every admin surface.

Purpose. A single dashboard telling you "is the install healthy, is there admin attention needed anywhere" before drilling into specifics.

• Stat grid — enabled users, active sessions, enabled monitors, 24h audit events, pending approvals.
• Quick sections — recent audit · current install metadata · health summary.

Users

Summary. Create, enable, lock, reset. Every change goes to the HMAC-chained audit log.

Purpose. Own the full lifecycle of a portal account — without SSH or direct-DB access — while staying fully auditable for compliance.

• List — search / filter by role / status.
• Detail drawer — profile, role, group membership, MFA status, recovery-question status, last login.
• Actions — enable / disable, lock, force password reset, revoke sessions, re-invite.

Scope Manager

Summary. Override which networks count as internal vs. external, plus a hard deny list. Applies to every probe (ping, traceroute, port scan, SNMP, pcap, HTTP test).

Purpose. Your single kill-switch for "Meridian must never probe X" and the single knob that governs which side of the Internet any tool is allowed to touch.

• Mode — internal / external / both.
• Allow overrides — extra CIDRs to treat as internal.
• Deny list — hard blocks that no tool and no role can bypass.
• Test — paste an IP / hostname, see "allowed / denied + why".

Integrations

Summary. Configure DHCP / IPAM / Directory backend endpoints and credentials. Secrets are AES-256-GCM encrypted at rest in the vault.

Purpose. The one place credentials for all your external systems live — not scattered across scripts and .env files.

• DHCP — Kea · ISC · Infoblox · Windows DHCP.
• IPAM — Infoblox · Netbox · phpIPAM.
• Directory — Active Directory · generic LDAP.
• Test connection — per-integration "probe now" button; vault secret is never echoed back.

Network Devices

Summary. SSH-based config backup with change detection. A new snapshot is only written when the SHA-256 differs from the last — cosmetic refreshes don't pollute history.

Purpose. Keep a safe, versioned copy of the running-config of every switch/router/firewall you care about, and fire a notification when something actually changes.

• Devices — add / edit / disable; per-device poll schedule.
• Snapshots — chronological list; diff viewer between any two.
• Notifications — wire change events to webhooks / messages / email.

Vulnerabilities

Summary. OSV.dev + NVD scan of installed apt + pip components. Multi-select to bulk-suppress or open external advisories.

Purpose. Know your own CVE posture without standing up a separate vuln-mgmt tool — and keep the CVE list small enough that people actually read it.

• Findings — per-CVE severity, fixed-in version, advisory link.
• Suppress — temporary or permanent, with reason text.
• History — when a finding first appeared / was fixed / was suppressed.

System Health

Summary. Live self-check of services, DB, keys, cert, disk, memory, integrity chain. Destructive repair actions require a second admin.

Purpose. The first place to look when "is something broken on this box" — and a common truth-source so admins don't disagree about service state.

• Services — nginx · app · celery · beat · postgres · valkey · bind9 · fail2ban.
• Storage — disk usage per mount; WAL & backup disk headroom.
• Keys — master key presence, rotation age, vault integrity.
• Integrity chain — HMAC-chain audit verification for the configured retention window.
• Repair — rebuild caches, re-pull zones, restart components (audited).

Updates

Summary. Pending apt updates, pinned version manifest, drift detection, snapshot + update history. Actual upgrade is CLI-only (meridian-nip upgrade).

Purpose. Let admins prepare upgrades (review what changes, snapshot, schedule) from the portal, without the portal silently upgrading itself under load.

• Pending — apt-updatable packages with security-flag filter.
• Pinned manifest — the tested-version list for this Meridian release.
• Drift — installed vs. manifest deltas.
• Snapshot — take an LVM snapshot + DB dump before upgrading.
• History — every upgrade attempt, duration, success/fail.

Webhooks

Summary. HMAC-signed inbound receivers + outbound fan-out. Signing secrets are shown exactly once — store them then, they're vault-only after.

Purpose. The integration edge: bring events in from outside systems (receivers) and push events out to chat / ticketing / SIEM (fan-out).

• Inbound receivers — URL, allowed methods, signing secret, expected content-type.
• Outbound destinations — URL, event filter, retry policy, last delivery result.
• Test — send a sample payload; confirm signature on the receiver.

Branding & identity

Summary. Customer-level personalization — logo, colors, login banner, display name, contact links. Applies site-wide on save.

Purpose. Let MSPs & enterprises reskin the portal so it reads as "their tool" without code changes.

• Identity — display name, logo, favicon, login background.
• Colors — accent, warn, danger; previewed live before save.
• Banners — pre-login warning, post-login notice, maintenance ribbon.
• Contact / links — logo click-url, support URL, AUP link.
• White-label — toggle "Powered by Meridian" footer attribution on/off. Always allowed (Apache 2.0); see License + trademark for the trademark carve-out on forks.

Database security

Summary. The 4-layer data protection model — LUKS, AES-256-GCM field-level, HMAC hash-chain audit, localhost-only SQL. Master key handling + tamper detection.

Purpose. Reference doc for auditors and for admins preparing backup/restore plans that must preserve the security posture.

Scheduled jobs

Summary. The pre-made job catalog, cron editing, retention policy, CAB freeze windows.

Purpose. Tune what runs when, and how long the results are kept — without editing crontabs on the box.

Backup & restore

Summary. Full backup bundles · WAL shipping · the include-keys decision · step-by-step restore.

Purpose. The playbook for "we have to move this install to new hardware" or "we have to recover from a bad upgrade."

Reference

Legal & compliance