Architecture Overview โ
AI Security Gateway - Understanding Your Security Platform
This guide provides a user-friendly overview of the AI Security Gateway, explaining what you get when you download the software and how the components work together to protect your AI infrastructure. This is designed to help you understand the platform without getting into technical details.
What You Get: The Complete Package โ
When you download the AI Security Gateway, you receive a complete, ready-to-run security platform. No compilation, no complex setup - just configure and run.
๐ฆ Release Package Contents โ
Each release archive contains everything you need:
ai-security-gateway-<version>-<platform>/
โโโ ๐ unified-admin (or .exe) # The main application
โโโ ๐ Helper Scripts # Easy installation and management
โ โโโ install.sh # Automated setup (Linux/macOS)
โ โโโ verify.sh # Installation verification
โ โโโ start.sh # Start all services (Linux/macOS)
โ โโโ start.ps1 # Start all services (Windows)
โโโ ๐ง Service Files # Production deployment support
โ โโโ ai-security-gateway.service # Systemd service (Linux)
โ โโโ com.aisecuritygateway.unified-admin.plist # Launchd (macOS)
โโโ ๐จ Frontend Package # Web interface
โ โโโ dist/ # Pre-built Vue.js application
โ โโโ Dockerfile.frontend # Container definition
โ โโโ .env # Frontend configuration (editable!)
โ โโโ docker-compose.frontend.yml # Docker orchestration
โโโ โ๏ธ Configuration # System settings
โ โโโ configs/config.example.yaml # Configuration template
โ โโโ .env.example # Environment variables template
โโโ ๐ก๏ธ Security Policies # Pre-built security rules
โ โโโ policies/ # 7 JSON policy files (250+ rules)
โ โโโ llm-critical-security.json
โ โโโ llm-standard-security.json
โ โโโ mcp-advanced-security.json
โ โโโ llm-compliance-gdpr.json
โ โโโ llm-data-redaction.json
โ โโโ ... (and more)
โโโ ๐ Documentation # Complete guides
โโโ README.md # Project overview
โโโ INSTALL.md # Detailed installation
โโโ QUICKSTART.md # Quick start guide
โโโ LICENSE # License informationSystem Architecture: How It All Works Together โ
How It Works - Simple View โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ YOUR WEB BROWSER โ
โ http://localhost:80. โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โ Access Web Interface
โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ WEB INTERFACE โ
โ Your Control Dashboard โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐ Dashboard โ ๐ Proxy Manager โ ๐จ Alerts โ โ
โ โ ๐ Users & Teams โ ๐ก๏ธ Policies โ โ๏ธ Settings โ โ
โ โ ๐ค A2A Registry โ ๐ Analytics โ ๐ฎ Playground โ โ
โ โ ๐ก๏ธ Guardrails โ ๐งช Guardrail Evalsโ โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ
โ Easy Setup Options: โ
โ โ Quick Start: ./start.sh (everything runs automatically) โ
โ โ Advanced: Docker containers for production โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โ Communicates with
โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ MAIN APPLICATION โ
โ (unified-admin binary) โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐ User Authentication โ โ
โ โ โโ Login with OAuth (GitHub, Google, etc.) โ โ
โ โ โโ API Keys for programmatic access โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Core Management Features โ โ
โ โ โโ Create and manage proxy instances โ โ
โ โ โโ Monitor security alerts โ โ
โ โ โโ Track token usage and costs โ โ
โ โ โโ Control MCP tools โ โ
โ โ โโ Manage users, teams, and budgets โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Real-Time Updates (WebSocket) โ โ
โ โ โโ Proxy Status Changes โโ Security Alerts โ โ
โ โ โโ Token Usage Updates โโ System Notifications โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Security Policy Engine โ โ
โ โ โโ 250+ Detection Rules โโ Real-Time Blocking โ โ
โ โ โโ Custom Policies โโ Risk Scoring โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Guardrail Provider Engine โ โ
โ โ โโ 3rd-Party AI Safety APIs โโ Per-Proxy Assignment โ โ
โ โ โโ Per-Team Scoping โโ Concurrent Evaluation โ โ
โ โ โโ Health Monitoring โโ Guardrail Eval Testing โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Database (SQLite with GORM) โ โ
โ โ โโ Proxy Configurations โโ Security Alerts โ โ
โ โ โโ Request Logs โโ Token Usage Data โ โ
โ โ โโ Users & Teams โโ API Keys โ โ
โ โ โโ Audit Logs (35+ event types) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ
โ Runs as: โ
โ โ Native Binary (./unified-admin) - Optimal performance โ
โ โ Systemd Service (Linux) - Production deployment โ
โ โ Launchd Service (macOS) - Background service โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โ Proxies Traffic & Monitors
โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ SECURITY PROXIES โ
โ (The Magic Happens Here) โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ MCP Proxies (Port 3000+) โ โ
โ โ โโ Sit between your apps and MCP servers โ โ
โ โ โโ Block dangerous tool calls automatically โ โ
โ โ โโ Monitor what tools are being used โ โ
โ โ โโ Apply 3rd-party guardrails (per-proxy or per-team) โ โ
โ โ โโ Handle user authentication โ โ
โ โ โโ Log everything for security monitoring โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ LLM Proxies (Port 4000+) โ โ
โ โ โโ Work with OpenAI, Anthropic, Azure, and more โ โ
โ โ โโ Track how much you're spending on AI โ โ
โ โ โโ Stop spending when you hit your budget โ โ
โ โ โโ Add security rules to every AI request โ โ
โ โ โโ Apply 3rd-party guardrails (per-proxy or per-team) โ โ
โ โ โโ Hide sensitive data from AI models โ โ
โ โ โโ Block malicious prompts automatically โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ A2A Agent Proxies (Port 5000+) โ โ
โ โ โโ Manage AI agent communications โ โ
โ โ โโ Control which agents can talk to each other โ โ
โ โ โโ Monitor agent tasks and workflows โ โ
โ โ โโ Apply 3rd-party guardrails (per-proxy or per-team) โ โ
โ โ โโ Apply security policies to agent interactions โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โ Forwards Requests To
โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ YOUR AI SERVICES โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐ค MCP Servers โ โ
โ โ โโ Claude Desktop, Cursor IDE, Your Custom Tools โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐ง AI Model APIs โ โ
โ โ โโ OpenAI GPT, Claude, Azure OpenAI, Local Models โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐ค AI Agents โ โ
โ โ โโ Custom AI agents and automated workflows โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โ Integrates With
โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ EXTERNAL INTEGRATIONS (Optional) โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐ Observability โ โ
โ โ โโ Langfuse (LLM traces & analytics) โ โ
โ โ โโ Prometheus (metrics) โ โ
โ โ โโ Grafana (dashboards) โ โ
โ โ โโ OpenTelemetry (distributed tracing) โ โ
โ โ โโ Jaeger (trace visualization) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐จ Security & Notifications โ โ
โ โ โโ SIEM Integration (alert forwarding) โ โ
โ โ โโ SOAR Integration (incident automation) โ โ
โ โ โโ Slack Notifications (webhooks) โ โ
โ โ โโ Email Alerts (SMTP) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐ OAuth Providers (Authentication) โ โ
โ โ โโ GitHub โโ Google โโ Okta โ โ
โ โ โโ Azure AD โโ Auth0 โโ GitLab โ โ
โ โ โโ Keycloak โโ Custom OAuth 2.0/2.1 Providers โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ๐ก๏ธ Guardrail Providers (AI Safety) โ โ
โ โ โโ Groq Safeguard โโ EnkryptAI โโ DynamoAI โ โ
โ โ โโ GuardrailsAI โโ Fiddler AI Guardrails โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโUnderstanding the Components โ
1. Web Interface: Your Control Center โ
The web interface is your main dashboard for managing everything. You access it through your web browser.
What You'll Find:
- Dashboard: See what's happening right now - active proxies, recent alerts, spending
- Proxy Manager: Create new security proxies, start/stop them, check their status
- Alert Monitor: View security alerts and decide what to do about them
- User & Team Management: Add team members and control who can do what
- Policy Editor: Choose which security rules apply to each proxy
- Guardrail Providers: Configure and assign third-party AI safety guardrails to proxies
- Guardrail Evaluations: Test your guardrails against 71+ built-in security test cases
- Analytics: See how much you're spending on AI and who's using what
- Playground: Test your AI connections safely
- Settings: Configure the system and connect to other tools
Getting Started:
- Quick Start: Just run
./start.shand visit http://localhost:80 - Production: Use Docker containers for team deployments
- Advanced: Integrate with existing web servers (nginx, apache)
2. Main Application: The Security Engine โ
The unified-admin program is the brain of the system. It runs quietly in the background and handles all the security work.
What It Does (Behind the Scenes):
- Creates Security Proxies: When you click "Create Proxy" in the web interface
- Applies Security Rules: Automatically blocks dangerous requests using 250+ built-in rules
- Runs Guardrail Providers: Screens content through third-party AI safety APIs in real time
- Manages Users: Handles logins, teams, and permissions
- Tracks Spending: Monitors AI costs and enforces budgets
- Sends Alerts: Notifies you when something suspicious happens
- Stores Data: Keeps logs, settings, and history in a local database
Starting the Application:
bash
# Easiest way - everything starts automatically
./start.sh # Linux/macOS
.\start.ps1 # Windows
# Or run directly
./unified-admin # Linux/macOS
.\unified-admin.exe # WindowsWhy It's Fast:
- Single executable file - no complex installation
- Uses very little memory (typically under 100MB)
- Handles thousands of requests without slowing down
- Works on any modern computer
3. Security Proxies: Your AI Bodyguards โ
Think of proxies as smart security guards that stand between your apps and AI services. When you create one, it automatically starts protecting your AI connections.
MCP Proxies (for Claude Desktop, Cursor, etc.):
- What they do: Monitor your MCP tools and block dangerous ones
- Security: Tools are disabled by default - you choose which ones to allow
- Guardrails: Apply third-party AI safety guardrails per-proxy or per-team
- Monitoring: See exactly which tools are being used and by whom
- Authentication: Handle user logins automatically
- Logging: Keep records of everything for security audits
LLM Proxies (for ChatGPT, Claude API, etc.):
- What they do: Monitor your AI API calls and track spending
- Cost Control: Automatically stop requests when you hit your budget
- Guardrails: Screen requests and responses through third-party safety APIs
- Data Protection: Hide sensitive information from AI models
- Compliance: Add required security instructions to every request
- Monitoring: Track usage patterns and detect suspicious activity
A2A Agent Proxies (for AI agents):
- What they do: Manage communication between AI agents
- Access Control: Decide which agents can talk to each other
- Guardrails: Apply third-party AI safety guardrails to agent traffic
- Task Tracking: Monitor agent workflows from start to finish
- Security: Apply your security rules to all agent interactions
Using Proxies is Easy:
- Go to the web interface and click "Create Proxy"
- Tell it where your AI service is (URL and settings)
- Pick which security rules to apply
- Click "Start" and you're protected!
- Update your apps to use the proxy address instead of the original
4. Security Policies: Your Protection Rules โ
Security policies are like rule books that tell the system what's safe and what's dangerous. We include several ready-to-use rule sets.
Ready-Made Security Rule Sets:
- Critical Security - Maximum protection for high-risk environments
- Standard Security - Good balance of security and usability for daily use
- GDPR Compliance - Special rules for European data protection laws
- Data Protection - Automatically hide sensitive information (emails, phone numbers, etc.)
- Advanced MCP Security - 159+ rules specifically for MCP tool monitoring
- Custom Template - Starting point for creating your own rules
How Security Works:
- Pattern Matching: Rules look for dangerous patterns in requests
- Risk Scoring: Each dangerous pattern gets a risk score
- Automatic Blocking: High-risk requests are blocked immediately
- Alert Generation: You get notified about every security event
- Different Levels: Critical, High, Medium, Low severity levels
Customizing Your Security:
- Easy Setup: Use the web interface to assign policies to proxies
- Custom Rules: Create your own security rules for your specific needs
- Testing: Test new rules before applying them to production
- Mix and Match: Apply different policies to different proxies
5. Guardrail Providers: Third-Party AI Safety โ
Guardrail providers let you integrate third-party AI safety APIs into your proxy pipeline. They screen requests and responses through external services that specialize in detecting harmful content, PII, prompt injection, and more.
Supported Providers:
- Groq Safeguard - Fast safety classification across 7 categories (illegal acts, violence, hate speech, PII, prompt injection, etc.)
- EnkryptAI - Comprehensive security with NSFW, toxicity, PII, injection, and policy violation detection
- DynamoAI DynamoGuard - Multi-policy moderation with per-policy scoring
- GuardrailsAI - Self-hosted, open-source guardrails with 67+ validators
- Fiddler AI Guardrails - Sub-second safety classification across 11 dimensions plus PII detection
How They Work:
- Assign to Proxies: Attach one or more guardrail providers to any proxy
- Per-Team Scoping: Apply different guardrails to different teams on the same proxy (e.g., stricter screening for Finance)
- Direction Control: Screen requests only, responses only, or both
- Concurrent Evaluation: All assigned providers run in parallel - total latency equals the slowest provider, not the sum
- Fail-Safe Options: Choose "fail open" (allow on error) or "fail closed" (block on error)
- Monitor or Block: Start in monitor-only mode to observe, then switch to blocking when ready
Guardrail Evaluations:
- Test your guardrail configurations against 71+ built-in security test cases across 12 attack categories
- Categories include: prompt injection, data exfiltration, bypass techniques, harmful content, MCP tool poisoning, and more
- Get OWASP LLM Top 10 and NIST AI RMF compliance scores
- Test providers in isolation or through your full proxy stack
Getting Started with Guardrails:
- Go to Security > Guardrail Providers in the web interface
- Click Add Provider and select a provider type
- Enter your API credentials and configure settings
- Run a Health Check to verify connectivity
- Use the Playground to test with sample content
- Assign the provider to one or more proxies
- Optionally scope to specific teams for targeted screening
6. OAuth Authentication: Two-Layer Security โ
The platform supports two distinct OAuth flows for comprehensive security:
Gateway OAuth (2LO) - User Authentication:
User โ Browser โ Gateway Web Interface โ OAuth Provider- Users authenticate to the Gateway using OAuth providers
- Supported: GitHub, Google, Okta, Azure AD, Auth0, GitLab, Keycloak, custom
- JWT tokens issued for API access
- User groups and teams for access control
- API keys for programmatic access
MCP OAuth Delegation (3LO) - Server Authentication:
Client โ Gateway Proxy โ MCP Server โ OAuth Provider- Gateway delegates OAuth authentication to MCP servers
- Supports OAuth-enabled MCP servers (e.g., requiring user consent)
- Complete token lifecycle management
- User attribution for all MCP tool invocations
- Full audit trails for compliance
Why Two Flows?
- 2LO: Controls who can use the Gateway (user access control)
- 3LO: Controls who can access MCP resources (delegated authorization)
- Both work together for end-to-end security
7. Database: Your Data Store โ
SQLite database (with GORM ORM) stores everything:
What's Stored:
- Proxy configurations (name, type, target, port, policies)
- Security alerts (severity, status, evidence, timestamps)
- Request logs (method, path, status, duration, risk level)
- Token usage (input/output tokens, cost, model, user)
- Users & teams (OAuth profiles, groups, permissions)
- API keys (keys, usage, rate limits, team associations)
- Audit logs (35+ event types for compliance)
- MCP tools (definitions, enabled status, usage stats)
- Guardrail providers (configurations, assignments, health status)
- Guardrail check logs (verdict, categories, latency, confidence)
- Guardrail evaluations (test runs, results, compliance scores)
Database Location:
- Default:
./data/security_gateway.db - Configurable via
config.yaml - Automatic backups via web interface
8. Helper Scripts: Simplified Management โ
The release includes scripts to make your life easier:
install.sh (Linux/macOS):
- Interactive installation wizard
- Generates secure JWT_SECRET and ENCRYPTION_KEY automatically
- Creates
.envfile with recommended settings - Validates binary and configuration
- One-command setup:
./install.sh
verify.sh (Linux/macOS):
- Checks binary is executable and correct architecture
- Validates environment configuration
- Tests database connectivity
- Verifies policy files exist
- Run before deployment:
./verify.sh
start.sh / start.ps1:
- Starts API server in background
- Optionally starts frontend Docker container
- Shows admin password on first run
- Provides access URLs
- One-command startup:
./start.sh
Common Tasks โ
Getting Started: Your First Security Proxy โ
Step 1: Install and Start
- Download the release package for your operating system
- Run
./install.sh(Linux/macOS) or follow Windows instructions - Start with
./start.sh- everything launches automatically - Open your browser to http://localhost:80
Step 2: Log In
- Use the admin account created during installation
- Password is shown when you first run the application
- You can change this password in Settings later
Step 3: Create Your First Proxy
- Go to "Proxy Management" in the web interface
- Click "Create New Proxy"
- Choose "MCP" if protecting Claude Desktop/Cursor
- Choose "LLM" if protecting OpenAI/Anthropic APIs
- Enter your target service URL (where your AI service runs)
- Select "Standard Security" for your first proxy
- Click "Create" then "Start"
Step 4: Connect Your Applications
- Update your applications to use the proxy address
- For example: Instead of connecting to
localhost:3001, connect tolocalhost:3000 - Your applications now go through the security proxy
Step 5: Monitor and Enjoy
- Watch the dashboard for real-time activity
- Check alerts for any security events
- Review logs to understand usage patterns
Workflow 2: Managing User Access โ
1. Enable OAuth Authentication
โโโ Settings โ OAuth Providers
โโโ Add Provider: GitHub, Google, or custom
โโโ Configure: Client ID, Secret, Scopes
2. Create User Groups
โโโ Access Control โ User Groups โ Create
โโโ Name: "Engineering Team"
โโโ Assign Rules: Domain (@company.com), Provider (GitHub)
3. Assign Proxy Access
โโโ User Groups โ "Engineering Team" โ Proxy Access
โโโ Select proxies this group can access
โโโ Set rate limits (optional)
4. Generate API Keys
โโโ Access Control โ API Keys โ Generate
โโโ Assign to User Group
โโโ Set Budget Limits (e.g., $100/month)
5. Users Login
โโโ Login via OAuth โ Auto-assigned to groups
โโโ Requests attributed to user identity
โโโ Usage tracked per user/teamWorkflow 3: Monitoring & Responding to Alerts โ
1. Real-Time Monitoring
โโโ Dashboard: View active alerts
โโโ WebSocket: Instant notifications
2. Alert Investigation
โโโ Security โ Alerts
โโโ Filter: Severity, Status, Date Range
โโโ Click alert: View full evidence
3. Alert Triage
โโโ Status: New โ Under Review
โโโ Assign: Team member for investigation
4. Response Actions
โโโ Block Pattern: Add to custom policy
โโโ Whitelist: Exclude false positives
โโโ Notify: Send to SIEM/SOAR/Slack
5. Resolution
โโโ Status: Resolved or False Positive
โโโ Export: Download alert data
โโโ Audit: Review compliance logsWorkflow 4: Setting Up Guardrail Providers โ
1. Configure a Guardrail Provider
โโโ Security โ Guardrail Providers โ Add Provider
โโโ Select Type: Groq, EnkryptAI, DynamoAI, GuardrailsAI, or Fiddler
โโโ Enter API credentials and settings
โโโ Set Direction: Request, Response, or Both
โโโ Set Action: Monitor (observe) or Block (enforce)
2. Verify Provider Health
โโโ Click "Health Check" to test connectivity
โโโ Use "Playground" to test with sample content
โโโ Review results before assigning to proxies
3. Assign to Proxies
โโโ Guardrail Providers โ Assignments โ Create
โโโ Select Provider and Target Proxy
โโโ Proxy-wide: Leave team blank (applies to all users)
โโโ Team-specific: Select a team (applies only to that team)
โโโ Set Priority (higher = evaluated first)
4. Run Guardrail Evaluations
โโโ Security โ Guardrail Evaluations โ Create
โโโ Select provider or endpoint to test
โโโ Run against 71+ built-in security test cases
โโโ Review OWASP LLM Top 10 compliance scores
5. Monitor & Tune
โโโ Dashboard: View guardrail check stats
โโโ Check Logs: Review verdicts and violation categories
โโโ Adjust: Switch from Monitor to Block when ready
โโโ Review: Mark false positives and refine settingsWorkflow 5: Budget Management & Cost Control โ
1. Set Team Budgets
โโโ Access Control โ User Groups โ Edit
โโโ Monthly Budget: $500
โโโ Warning Threshold: 80% ($400)
โโโ Block at Limit: Yes/No
2. Monitor Spending
โโโ Dashboard โ AI Usage Metrics
โโโ View: Current spend, utilization, remaining
โโโ Filter: By team, by proxy, by date range
3. Handle Budget Warnings
โโโ Automatic notification at 80% threshold
โโโ Review: Token usage, cost trends
โโโ Action: Increase budget or optimize usage
4. Budget Exceeded
โโโ Automatic blocking (if enabled): HTTP 402
โโโ Alert: Notify team and admins
โโโ Options: Reset budget or wait for monthly reset
5. Monthly Reset
โโโ Automatic: 1st of each month (00:00 UTC)
โโโ Manual: Settings โ Reset Budget
โโโ Tracking: Historical data preservedDeployment Models โ
Model 1: All-in-One (Quickstart) โ
Best for: Testing, development, single-user setups
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Single Machine/Server โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Frontend (Docker:80) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ API Server (Binary:8080) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Proxies (3000+, 4000+) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ SQLite Database โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโCommands:
bash
./start.sh # Starts everythingModel 2: Distributed (Production) โ
Best for: Teams, high-traffic, production deployments
โโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโ
โ Web Server โ โ Application Server โ
โ Frontend (nginx) โโโโโโถโ API Server (8080) โ
โ Port 80/443 โ โ + Proxies โ
โโโโโโโโโโโโโโโโโโโโโโโ โ + Database โ
โโโโโโโโโโโโโโโโโโโโโโโ
โ
โโโโโโโโโโผโโโโโโโโโโโโโ
โ Monitoring Stack โ
โ Prometheus/Grafana โ
โ Langfuse/Jaeger โ
โโโโโโโโโโโโโโโโโโโโโโโSetup:
- Deploy frontend to nginx/apache (load balanced)
- Run API server on application servers (systemd/launchd)
- Configure reverse proxy: Web โ API
- Connect to external monitoring/logging
Model 3: Hybrid (Flexible) โ
Best for: Mixed environments, gradual migration
โโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโ
โ Developer Laptop โ โ Cloud VM โ
โ Frontend (Docker) โโโโโโถโ API Server โ
โ Local Development โ โ Shared Resources โ
โโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโ
โ โ
โโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโ
โ
โโโโโโโโโโผโโโโโโโโโ
โ AI Services โ
โ (MCP/LLM/A2A) โ
โโโโโโโโโโโโโโโโโโโUse Cases:
- Developers test locally, share API server
- Centralized policy management
- Distributed proxy instances
Key Features Explained โ
๐ Security Layers โ
Layer 1: Authentication (Who are you?)
- OAuth 2.1 for users (GitHub, Google, etc.)
- JWT tokens for API access
- API keys for programmatic access
- Role-based access control (RBAC)
Layer 2: Authorization (What can you do?)
- User groups and teams
- Per-proxy access control
- Rate limiting per user/group
- Budget limits per team
Layer 3: Policy Enforcement (What's allowed?)
- 250+ detection rules
- Real-time threat blocking
- Risk scoring
- Custom policies
Layer 4: Guardrail Providers (Is the content safe?)
- Third-party AI safety API screening
- Per-proxy and per-team guardrail assignments
- Concurrent multi-provider evaluation
- Configurable block or monitor modes
- 5 supported providers (Groq, EnkryptAI, DynamoAI, GuardrailsAI, Fiddler)
Layer 5: Monitoring (What happened?)
- Request logs with user attribution
- Security alerts
- Audit logs (35+ event types)
- Token usage tracking
๐ฐ Cost Control โ
Budget Limits:
- Set monthly spending caps per team/API key
- Configure warning thresholds (e.g., 80%, 90%)
- Choose to block or warn when exceeded
- Automatic monthly reset
Token Tracking:
- Input/output token counts
- Cost calculation per model
- Usage analytics per user/team
- Budget utilization dashboards
Enforcement:
- Real-time cost calculation
- Automatic request blocking (HTTP 402)
- Budget alerts to admins
- Historical spending reports
๐ก๏ธ Architecture Data Protection โ
Redaction:
- Automatic PII detection (emails, phone numbers, SSNs, etc.)
- Sensitive data masking before LLM processing
- Configurable redaction patterns
- Compliance with GDPR, HIPAA, etc.
Unmasking:
- Automatic restoration of original values in responses
- Seamless user experience (users don't see masked data)
- Preserves context and meaning
- Redaction count tracking
๐ Observability โ
Built-in Metrics:
- Prometheus endpoint:
/api/v1/metrics/prometheus - Request percentiles (p50, p95, p99)
- Database performance
- System resource usage
External Integrations:
- Langfuse: LLM traces and analytics (configured in Settings)
- OpenTelemetry: Distributed tracing
- Jaeger: Trace visualization
- Grafana: Pre-built dashboards
Alerts & Notifications:
- SIEM integration (alert forwarding)
- SOAR integration (incident automation)
- Slack webhooks
- Email notifications (SMTP)
Architecture Configuration Files โ
.env (Environment Variables) โ
Critical Settings:
bash
JWT_SECRET=<generated-by-install.sh> # JWT token signing
ENCRYPTION_KEY=<generated-by-install.sh> # OAuth token encryption
PORT=8080 # API server port
DATABASE_PATH=./data/security_gateway.db # Database locationOptional Settings:
bash
ENABLE_OAUTH=true # Enable OAuth 2.1
ENABLE_LANGFUSE=false # Langfuse integration
PROMETHEUS_ENABLED=true # Prometheus metrics
OTEL_EXPORTER_OTLP_ENDPOINT=... # OpenTelemetry endpointconfigs/config.yaml (System Configuration) โ
Proxy Defaults:
yaml
proxy:
default_port: 3000
max_instances: 100
auto_start: falseSecurity Settings:
yaml
security:
default_policy: mcp-standard-security
block_threshold: 30
audit_logging: trueIntegration Settings:
yaml
integrations:
slack_webhook: https://hooks.slack.com/...
siem_endpoint: https://siem.company.com/...policies/*.json (Security Policies) โ
Policy Structure:
json
{
"name": "Custom Policy",
"version": "1.0",
"rules": [
{
"id": "sql-injection",
"pattern": "(?i)(union|select|insert|drop|delete).*from",
"severity": "critical",
"score": 50,
"action": "block"
}
]
}Getting Help โ
Documentation โ
- INSTALL.md: Step-by-step installation guide
- README.md: Project overview and features
- CHANGELOG.md: What's new in each version
- User Guides: Complete documentation in the
docs/folder
Support Options โ
- GitHub Issues: Report bugs or problems
- GitHub Discussions: Ask questions and get community help
- Documentation: Comprehensive guides for all features
Troubleshooting โ
- Check the logs: Look in
./data/logs/for error messages - Verify setup: Run
./verify.shto check your installation - Test connection: Visit http://localhost:8080/api/v1/health to confirm it's running
- Review alerts: Check the Security โ Alerts section in the web interface
Next Steps โ
Ready to get started? Here's your path:
- Install the Software: Follow the Installation Guide
- Quick Start: Use the Admin Quick Start Guide
- Create Your First Proxy: Start protecting your AI services
- Set Up Team Access: Add users and configure permissions
- Customize Security: Adjust policies for your specific needs
- Add Guardrails: Configure third-party AI safety providers with the Guardrail Evaluations Guide
Welcome to safer AI! ๐