Products47Sentry
🛡
BetaEdge Security Suite

47Sentry

Edge security suite: stateful firewall, DNS resilience with split-horizon, NetMapper network topology, and Traffic Sentinel deep packet analysis — for your perimeter.

Get Early Access → Security Promise
sentry.the47network.com
🛡Firewall statusActive · 3 rules
🔍Traffic SentinelMonitoring
🌐DNS queries blocked1,247 today
Threat alerts (24h)3 medium
🗺NetMapper: 24 hosts2 new
📊Bandwidth analysed14.2 GB
Policy violations0
Features

Built different.

🔥

Stateful edge firewall

Layer 3/4 stateful packet inspection with eBPF/XDP for line-rate filtering. Rule groups, port knocking, and geo-blocking.

🌐

DNS resilience

Split-horizon DNS, DoH/DoT upstream, DNSSEC validation, and ad/malware/phishing domain blocking via community feed.

🗺

NetMapper topology

Automatic network discovery and topology mapping. Visual graph of all hosts, services, and connections — always up to date.

🔍

Traffic Sentinel DPI

Deep packet inspection for protocol anomaly detection, exfiltration monitoring, and bandwidth utilization by application.

Threat intelligence

Live threat intel feeds (IP reputation, domain blocklists, TOR exit nodes) auto-applied to firewall rules.

📊

Analytics & alerting

Real-time dashboards, configurable alert thresholds, webhook/email notifications, and exportable packet captures.

Quick Info
StatusBeta
Domainsentry.the47network.com
Auth47ID SSO
Self-hostableYes
Open protocolYes
Open 47Sentry →
Related Products
🛡 Trust & Security🤖 Sven Agent 47mail ← All Products
Trust & Security

Zero-knowledge by default. Client-side encryption. No master keys. GDPR-compliant.

Security Promise →
How It Works

No magic. Just math.

01
🔌

Deploy at your edge

Single binary or Docker image. Runs on commodity x86/ARM hardware — your existing router, a mini-PC, or a VM.

02
🗺

NetMapper discovers your network

Passive + active network scanning builds a live topology map within minutes. No agents needed on endpoints.

03
📋

Configure firewall rules

Web UI or API-driven rule management. Rule groups, scheduling, and automatic threat intel integration.

04
🔍

Traffic Sentinel monitors continuously

DPI runs at line rate on your edge. Alerts surface anomalies — not just signature matches. Adaptive baselining.

Technical Specs

Under the hood.

FirewalleBPF/XDP stateful L3/4
Throughput10Gbps+ (line-rate)
DNSDoH/DoT/DNSSEC + split-horizon
TopologyPassive + active discovery
Threat feedsIP/domain/TOR blocklists
DPI enginenDPI-based protocol analysis
AlertingWebhook, email, Slack
Self-hostableYes — bare metal or K8s
Auth47ID SSO
Platformsx86-64 · ARM64 · Docker
Pricing

Simple, transparent pricing.

No hidden fees. No automatic upsell. Cancel any time.

Community
Free
open source

Full 47Sentry stack self-hosted. No usage limits, no telemetry.

  • NetMapper topology
  • Traffic Sentinel (basic)
  • Edge firewall
  • DNS resilience
  • Prometheus metrics
Get started
Managed
79
/month per site

Hosted dashboard with threat intelligence feeds and alert management.

  • Everything in Community
  • Managed Grafana dashboard
  • Threat intel feeds
  • Alert routing (PagerDuty / Slack)
  • 1-year metric retention
Get started
Studio Deploy
From €800
one-time

Studio engineers deploy and configure 47Sentry on your infrastructure.

  • On-site or remote deploy
  • Custom firewall rules
  • Team training
  • SIEM integration
  • 30-day support window
Get started
FAQ

Questions answered.

No kernel modules. 47Sentry uses eBPF — programs are loaded into the running kernel without modification and verified by the kernel's built-in verifier. No kernel recompilation, no out-of-tree modules.
XDP packet processing happens in the NIC driver, before the kernel network stack. Overhead is typically <1% CPU at line rate on commodity hardware. NetMapper and Traffic Sentinel add ~2–5% for analysis workloads.
47Sentry handles L3/L4 filtering, rate limiting, and basic L7 rules. For complex application-layer inspection, it complements rather than replaces a dedicated appliance.
Yes. 47Sentry deploys as a DaemonSet with privileged access for eBPF program loading. The Studio Zero-Trust deployment includes 47Sentry by default.
Traffic Sentinel builds a rolling baseline of normal traffic patterns and flags deviations. It's deterministic rules on statistical deviations — not ML — which means it's auditable and produces no false positives from model drift.

Ready to take control?

Get early access to 47Sentry — or explore the full 47Network ecosystem.

Get Access → All Products
Deployment scenarios

Where 47Sentry gets deployed.

Kernel-level perimeter security that runs on commodity hardware — no appliances, no vendor lock-in.

SCENARIO 01

On-premise server rooms

Law firms, healthcare providers, and financial services with dedicated server infrastructure. 47Sentry runs on bare metal at the network edge, filtering traffic at the kernel level before it reaches application servers — no additional appliances needed.

SCENARIO 02

Kubernetes cluster perimeter

Self-hosted K8s clusters that need network-level enforcement below the application layer. 47Sentry's XDP programs attach to node NICs, providing per-node traffic filtering and topology mapping without touching cluster networking configuration.

SCENARIO 03

Multi-site DNS resilience

Organisations with multiple offices or hybrid infrastructure that need consistent DNS filtering and local resolution fallback. 47Sentry's DNS resilience layer runs locally at each site, ensuring resolution continues if upstream DNS is unavailable or compromised.

From the blog

Further reading.

Technical deep-dives on the architecture and decisions behind 47Sentry.

Feb 3, 2026 · 13 min read

eBPF and XDP for perimeter security: how 47Sentry works

Kernel-level network filtering with no appliance required — how Traffic Sentinel, NetMapper, and DNS resilience work under the hood.

Read →
Feb 24, 2026 · 11 min read

Prometheus alerting that doesn't cry wolf

47Sentry ships a Prometheus exporter. This guide covers for-loop patterns, multi-window burn rates, and alert routing that keep fatigue from undermining your security posture.

Read →
Feb 24, 2026 · 10 min read

WireGuard site-to-site VPN: from single node to mesh

47Sentry integrates with WireGuard for site-to-site connectivity. This guide covers kernel module setup, key management, and building a multi-site mesh from individual tunnels.

Read →
Feb 24, 2026 · 11 min read

Grafana dashboards that don't lie

PromQL RED/USE method, Loki log correlation, and alert rules from panels — the observability stack inside 47Sentry.

Read →