Regulated Environment Deployments
A financial institution purchases desktop software from a vendor. Regulatory requirements mandate that software updates must be deployed from internal infrastructure, not directly from vendor systems. The network may be air-gapped or have strict outbound-only policies. The institution needs to maintain trust in vendor-signed updates while operating entirely within their own network.
Traditional update systems fail in this environment because they require direct connections to vendor infrastructure. Vendors can’t push updates directly, and manual coordination becomes unsustainable. The institution is left with outdated software that poses security risks.
Big Picture’s mirror architecture enables vendor-controlled updates within regulated networks. Vendors publish signed snapshot bundles that regulated customers can mirror into their networks. Clients verify vendor signatures while operating entirely from local infrastructure. Trust is maintained through cryptography, not network connectivity.
The Problem
Section titled “The Problem”Regulated environments have strict requirements:
- Software updates must be deployed from internal infrastructure
- Networks may be air-gapped or have outbound-only policies
- Updates must be verifiable and auditable
- Vendor control over releases must be maintained
- Compliance requires documentation of update sources and signatures
Traditional update systems fail because:
- They require direct connections to vendor infrastructure
- They can’t operate in air-gapped environments
- Manual coordination becomes unsustainable at scale
- There’s no way to verify update authenticity without network connectivity
- Vendors lose control over release governance
When This Use Case Applies
Section titled “When This Use Case Applies”This use case applies when:
- You operate in regulated industries (finance, healthcare, government)
- Network policies require air-gapped or outbound-only operation
- Software updates must be deployed from internal infrastructure
- You need to maintain trust in vendor-signed updates
- Compliance requires auditable update processes
- You want vendor-controlled releases without direct network connectivity
How Big Picture Addresses This
Section titled “How Big Picture Addresses This”Big Picture’s mirror architecture separates update metadata from network connectivity. Vendors publish signed snapshot bundles containing release metadata and artifact references. Regulated customers run mirror relays inside their networks that pull these bundles outbound-only, verify signatures, and host artifacts locally.
The mirror architecture works as follows:
- Vendors publish signed snapshot bundles containing release metadata
- Mirror relays pull bundles outbound-only on a schedule
- Mirrors verify vendor signatures before accepting bundles
- Mirrors host artifacts locally within the regulated network
- Clients query mirrors locally and verify vendor signatures
- Trust is maintained through cryptography, not network connectivity
This enables vendor-controlled updates within regulated networks. Vendors maintain control over release decisions and policies. Regulated customers operate entirely from local infrastructure while trusting vendor-signed metadata. Both parties operate within a shared, auditable system.
The architecture also supports license servers. Regulated customers can run local license servers that validate leases against imported license data. Telemetry can be buffered locally and reported outbound on approved schedules, preserving functionality while respecting network policies.
High-Level Flow
Section titled “High-Level Flow”- Vendor publishes releases and creates signed snapshot bundles
- Regulated customer configures mirror relay with outbound-only access
- Mirror pulls snapshot bundles on a schedule and verifies signatures
- Mirror hosts artifacts locally within the regulated network
- Clients query local mirror for updates and verify vendor signatures
- Updates are deployed from local infrastructure according to policy
- License servers operate locally with imported license data
- Telemetry is buffered locally and reported outbound when permitted
Next Steps
Section titled “Next Steps”To implement this use case:
- See Distributing Artifacts for how vendors publish releases for mirroring
- Review Artifact Repositories Integration for how mirrors integrate with artifact storage
- See Security and Trust Model for how cryptographic signatures maintain trust
- Review Operational Best Practices for guidance on managing regulated deployments