A corporate-grade backup, governance, compliance and reporting platform built for incremental protection, deduplication, ransomware detection, and role-based operational control — fully on your infrastructure.
Designed for regulated enterprise environments — from incremental backup to executive compliance reporting.
Efficient delta-based backups with directory hierarchy preservation. Only changed blocks are transferred, minimizing bandwidth and storage.
Chunk-level SHA-256 deduplication across all endpoints. Store once, reference many — dramatically reducing storage costs at scale.
Point-in-time file versions with configurable retention policies. Automatic purge based on admin-defined rules per department.
Litigation-ready legal hold prevents deletion of protected data. Manager and Admin controlled with full audit trail.
Post-backup entropy analysis flags suspicious file changes. Automated alerts to security teams before damage spreads.
License enforcement per endpoint and user. Admin portal for allocation, expiry tracking, and compliance reporting.
Restore operations require OTP approval from Manager or Admin. Time-limited tickets prevent unauthorized data recovery.
Every login, backup, restore, and policy change is immutably logged with actor, timestamp, IP, and payload for compliance.
Executive and compliance reports pushed directly to Power BI workspaces. CXO and Department Head dashboards included.
A unified on-premises platform mapping endpoint protection to automated governance and compliance reporting.
+-------------------------------------------------------------------------+ | ON-PREMISES ENTERPRISE NETWORK | | | | +----------+ +----------+ +----------+ +--------------------+ | | | Web | | API | | Reporting| | Reverse Proxy | | | | Portal | | Server | | Engine | | (IIS / Nginx :443) | | | | React 19 | | NestJS | | NestJS | +--------------------+ | | +----+-----+ +----+-----+ +----+-----+ | | +-------------+-------------+ | | +------------+ +--------------+ +-----------------------------+ | | | PostgreSQL | | Redis/BullMQ | | MinIO (S3-compatible) | | | | Metadata | | Job Queues | | backup / dedup / reports | | | +------------+ +--------------+ +-----------------------------+ | | +----------------------+ +----------------------+ | | | Windows Agent .NET 8 | | macOS Agent (Swift) | | | +----------------------+ +----------------------+ | +-------------------------------------------------------------------------+
Real-time insights tailored to your organizational level. Five dedicated portals for every stakeholder.
Full system control: Users & RBAC, Devices, Backup Jobs, Restore, Policies, Storage, Reports, Alerts, OTP Tickets, Audit Logs, Licensing, Legal Hold.
Self-service: view backup status, request restores, browse file versions, track OTP approval tickets.
Team oversight: backup health, restore OTP approvals, retention settings, team alerts.
Department compliance: coverage metrics, backup reports, policy adherence, alert management.
Executive view: governance metrics, risk & compliance summary, Power BI reports, org-wide trends.
Comprehensive RBAC controls explicitly defined across all five organizational roles.
| Functionality | Admin | Manager | Dept Head | CXO | User |
|---|---|---|---|---|---|
| User & Access Management | |||||
| Create / Edit Users & RBAC | ✓ | — | — | — | — |
| Assign Licenses | ✓ | — | — | — | — |
| View Team Members | ✓ | ✓ | ✓ | ✓ | — |
| Backup & Restore | |||||
| Trigger Backup Jobs | ✓ | ✓ | — | — | ✓ |
| View Backup Status | ✓ | ✓ | ✓ | ✓ | ✓ |
| Request Restore | ✓ | ✓ | — | — | ✓ |
| Approve Restore (OTP) | ✓ | ✓ | — | — | — |
| Governance & Compliance | |||||
| Set Retention Policies | ✓ | ✓ | — | — | — |
| Legal Hold Management | ✓ | ✓ | View | View | — |
| Compliance Reports | ✓ | ✓ | ✓ | ✓ | — |
| Power BI Dashboards | ✓ | — | View | ✓ | — |
| System Administration | |||||
| Agent Management | ✓ | View | View | View | — |
| Audit Log Access | ✓ | — | — | ✓ | — |
| System Configuration | ✓ | — | — | — | — |
| OTP Ticket Management | ✓ | ✓ | — | — | Own |
Modern, maintainable, and fully on-premises. No cloud dependency required.
Structured delivery from authentication through to full production testing.
JWT, OTP, RBAC guards, audit logging
Per-user license enforcement & allocation
Windows & macOS registration & heartbeat
Incremental upload, dedup, versioning
OTP-approved restore workflows
Tenant config, retention, legal hold
Compliance dashboards, Power BI
Unit, integration & E2E test suites
Deploy entirely within your corporate network. No cloud subscription or external dependency required.
One-command infrastructure: PostgreSQL, Redis, and MinIO. Recommended for rapid setup and consistent environments.
npm run docker:up
Install PostgreSQL, Redis, and MinIO directly on Windows Server or Linux without Docker. Full enterprise control.
Deploy behind IIS or Nginx with your internal CA certificate. All agent communication encrypted in production.
Windows Agent via GPO/MSI. macOS Agent via MDM (Jamf/Intune). Zero-touch endpoint enrollment.
Explore all portals and dashboards immediately without any infrastructure. Mock data and dev-mode login included.
npm run dev:web
Deployment guide available in Markdown, PDF, Word, and TXT formats. Regenerate anytime with one command.
npm run docs:export
Deploy Endpoint Guard on your infrastructure today. Full on-premises control, enterprise compliance, and zero cloud dependency.