Intro to Airgapped Plane

Video Placeholder Duration: 5-7 minutes Topics covered: What is airgapped, use cases, deployment considerations, limitations

What is Airgapped Plane?

Airgapped Plane runs in environments with no internet connectivity. It's designed for highly secure or regulated environments where external network access is prohibited.

What Does Airgapped Mean?

An airgapped environment:

Has no internet connection
Is isolated from external networks
Requires physical media for data transfer
Operates completely offline

Use Cases

Defense and Government

Classified environments
Military networks
Government agencies
National security

Critical Infrastructure

Power grids
Water systems
Transportation
Healthcare systems

Financial Services

High-security trading
Sensitive banking
Regulatory compliance

Research

Confidential research
Intellectual property protection
Competitive sensitivity

Challenges of Airgapped Deployment

No External Services

Can't use:

Cloud integrations
OAuth providers (external)
External AI services
CDN delivery
Automatic updates

Manual Processes

Must handle manually:

Software updates
Data transfers
License activation
Troubleshooting

Limited Features

Some features may not work:

Integrations requiring internet
External notifications
Cloud-based AI features

Deployment Approach

Preparation Phase

1. Gather All Components On a connected system:

Download Plane images
Download dependencies
Package everything

2. Transfer to Airgapped Environment Via approved methods:

Encrypted USB drives
Approved physical media
Secure file transfer (if partially connected)

3. Import and Deploy On the airgapped network:

Load container images
Configure for local network
Deploy services

Architecture Considerations

All Services Internal

Local Alternatives Needed

Normal Service	Airgapped Alternative
Cloud storage (S3)	Local MinIO or filesystem
External email	Internal mail server
OAuth providers	Internal LDAP/SAML
AI services	Local or disabled

Configuration Changes

Environment Variables

# Disable external services
ENABLE_ANALYTICS=false
ENABLE_EXTERNAL_INTEGRATIONS=false

# Use internal services
EMAIL_HOST=internal-smtp.local
STORAGE_BACKEND=local

# Internal URLs only
ALLOWED_HOSTS=plane.internal.local

Network Configuration

Internal DNS resolution
Local certificate authority
Firewall rules (if partially connected)

Update Process

Planned Update Cycle

Download updates on connected system
Review and security scan
Transfer to airgapped environment
Test in staging
Deploy to production
Verify functionality

Version Management

Track what version is deployed
Document all changes
Maintain rollback capability

Security Practices

Defense in Depth

Even airgapped, maintain:

Strong authentication
Role-based access
Audit logging
Encryption

Physical Security

Control physical access
Secure media handling
Clean desk policies

Change Management

Document all changes
Approval workflows
Audit trails

Limitations

What Won't Work

GitHub/GitLab integrations (unless internal)
Slack integration (unless internal)
Cloud AI features
Automatic updates
External webhooks

What Works Differently

Email notifications (internal server)
SSO (internal provider)
Storage (local solutions)

Feature Availability

Contact Plane for specific feature availability in airgapped deployments.

Support Considerations

Self-Support Heavy

Airgapped = limited external help:

Can't share logs externally
Can't enable remote access
Must have internal expertise

Documentation Critical

Maintain internal docs for:

Deployment procedures
Troubleshooting guides
Configuration reference
Update processes

Enterprise Support

For critical deployments, consider Enterprise plans with:

Offline support options
On-site assistance
Dedicated contacts

Is Airgapped Right for You?

Choose Airgapped If

Regulatory requirement
Classified data
No external connectivity possible
Have technical expertise

Consider Alternatives If

Partial connectivity possible
Compliance allows cloud with encryption
Limited internal resources
Need frequent updates

Key Takeaways

Airgapped Plane runs completely offline
Required for high-security environments
All services must be internal
Manual process for updates and transfers
Some features unavailable or modified
Requires significant internal expertise
Plan thoroughly before deployment

Course Complete!

Congratulations! You've completed Plane 301 — The Setup. You now understand:

Plane Community and open source
Plane Cloud for managed hosting
Self-hosted Plane deployment
Airgapped deployment for secure environments

What's Next?

Explore the Plane ecosystem:

Next Course: Plane 302 — The Ecosystem

Intro to Airgapped Plane ​

What is Airgapped Plane? ​

What Does Airgapped Mean? ​

Use Cases ​

Defense and Government ​

Critical Infrastructure ​

Financial Services ​

Research ​

Challenges of Airgapped Deployment ​

No External Services ​

Manual Processes ​

Limited Features ​

Deployment Approach ​

Preparation Phase ​

Architecture Considerations ​

All Services Internal ​

Local Alternatives Needed ​

Configuration Changes ​

Environment Variables ​

Network Configuration ​

Update Process ​

Planned Update Cycle ​

Version Management ​

Security Practices ​

Defense in Depth ​

Physical Security ​

Change Management ​

Limitations ​

What Won't Work ​

What Works Differently ​

Feature Availability ​

Support Considerations ​

Self-Support Heavy ​

Documentation Critical ​

Enterprise Support ​

Is Airgapped Right for You? ​

Choose Airgapped If ​

Consider Alternatives If ​

Key Takeaways ​

Course Complete! ​

What's Next? ​