Denshi Goshin Jutsu dojo logoDenshi Goshin JutsuNetTools Defense Academy

Data protection

IronClad Vault

Megakey Vault OperationsSensitive files should stay encrypted until an authorized user truly needs them.

A zero-trust secure storage system for sensitive IP, legal, healthcare, and enterprise documents with classification levels and emergency Megakey recovery.

Desktop GUI, Sentinel server, remote clientLocal-first encrypted file storageIronClad Vault manuals: v3.8.0 ODT, Enterprise User Manual, and v5.0.0 PDF

Plain English

IronClad Vault stores files locally with AES-256-GCM, Argon2id, a 1MB Megakey recovery file, role-based clearance, and Sentinel mode for remote client access.

What it teaches

  1. local-first storage
  2. classification discipline
  3. Megakey recovery
  4. role-based access control

Use when

  1. You need encrypted local storage
  2. Users need clearance-based file access
  3. A server or NAS needs headless Sentinel operation
  4. Admins need emergency recovery with a physical Megakey

What it observes

  1. Vault file metadata
  2. User roles and clearance levels
  3. Sentinel unlock state
  4. Remote client sessions

Requirements

  1. Megakey file must be saved outside the vault machine
  2. TCP 9000 for Sentinel remote client access
  3. Port 8443 HTTPS for API mode where used
  4. Windows firewall rules for Sentinel access

Manual-backed details

  1. Encryption uses AES-256-GCM with Argon2id and a 1MB recovery_megakey.bin file.
  2. Clearance levels are Public 1, Internal 5, Secret 7, and Top Secret 10.
  3. Sentinel mode holds the master key in RAM only and locks again when closed or rebooted.

Next step

Create the admin account, store recovery_megakey.bin offline, classify imported files, and test recovery before relying on the vault.

Product links

Open IronClad Vault product site

Related training

Secure Storage And Megakey RecoveryProtect Sensitive FilesWhat The NetTools Ecosystem Actually Is