> ## Documentation Index
> Fetch the complete documentation index at: https://docs.luumen.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Luumen Enterprise

> Luumen Enterprise is a managed-deployment automation platform for hybrid infrastructure. It runs an agent inside your environment to collect system data, validate compliance, and surface security exposures.

Luumen Enterprise is the self-hosted or Apiphani-managed deployment of Luumen for infrastructure teams operating hybrid environments. A lightweight agent runs inside your environment, collects system data from your managed hosts, and reports it to the Luumen web application. From there, Luumen evaluates each host against the compliance checks you define, matches it against published vulnerability sources, and surfaces actionable findings in the web UI.

These docs are written for the engineers who install, operate, and troubleshoot that deployment — system administrators, IT operations engineers, and basis admins.

## What Luumen Enterprise does

* **Collects system data on a schedule.** The agent runs from a single host inside your environment (the **Patch server**) and queries every host you've added to its configuration over SSH or WinRM. Data is pushed to the Luumen API at a configurable interval.
* **Runs compliance checks against captured data.** You define checks in the web UI using a rule builder ("RAM > 12 GB", "OS version contains Linux"), assign them to groups of hosts, and review pass/fail/error status on each agent run.
* **Tracks OS and package CVEs from the NVD.** OS version, system packages, and Python dependencies on each host are compared against the National Vulnerability Database. Matching CVEs are surfaced with affected hosts called out.
* **Augments the platform with integrations.** Connect ServiceNow, Confluence, an observability provider (Dynatrace, Datadog, New Relic), and — for SAP environments — the SAP integration that adds component, transport, and SAP Security Note matching on top of the standard data set. See [Integrations](/enterprise/integrations/overview).

## Deployment models

<CardGroup cols={2}>
  <Card title="Apiphani-managed" icon="cloud">
    Apiphani provisions, configures, and maintains the Luumen API and web app for you. You install the agent in your environment and point it at our hosted API.
  </Card>

  <Card title="Self-hosted" icon="server">
    The full Luumen stack — agent, API, and web application — is deployed inside your own infrastructure. Apiphani engineers handle the installation. Use this when policy or sovereignty requirements rule out a hosted backend.
  </Card>
</CardGroup>

Both models follow the same installation flow from your team's perspective: an Apiphani engineer installs the agent on your Patch server, the agent connects to a list of hosts you provide, and the platform is validated end-to-end before handoff. See [White-glove setup](/enterprise/installation/white-glove-setup).

## How the rest of these docs are organized

<CardGroup cols={2}>
  <Card title="Architecture" icon="diagram-project" href="/enterprise/get-started/architecture">
    What runs where, and how data flows from your hosts to the Luumen UI.
  </Card>

  <Card title="Prerequisites" icon="list-check" href="/enterprise/get-started/prerequisites">
    Patch server requirements, network access, and the OS-level permissions the agent's service user needs.
  </Card>

  <Card title="Installation" icon="download" href="/enterprise/installation/agent-install">
    Install the agent binary, configure it locally and remotely, and schedule recurring runs.
  </Card>

  <Card title="Connecting hosts" icon="plug" href="/enterprise/connecting/defining-hosts">
    Define the hosts the agent connects to, set credentials, and verify capture.
  </Card>

  <Card title="Compliance scans" icon="shield-check" href="/enterprise/compliance/overview">
    Build checks in the rule builder, assign them to groups, and read results.
  </Card>

  <Card title="Integrations" icon="plug-circle-plus" href="/enterprise/integrations/overview">
    Connect ServiceNow, Confluence, observability platforms, and SAP-specific tooling.
  </Card>
</CardGroup>

## Glossary

The following terms appear throughout the docs:

* **Patch server** — the host inside your environment where the Luumen agent runs. It must be able to reach every host you want to monitor over SSH (Linux) or WinRM (Windows).
* **Agent** — the Luumen executable installed on the Patch server. It collects host data on a schedule and reports to the Luumen API.
* **Host** — a physical or virtual machine the agent connects to and queries.
* **Host group** — a saved set of hosts filtered by shared properties (e.g., all AWS hosts, all production database hosts). Compliance checks are assigned to groups.
* **Compliance check** — a rule (or set of rules) that a host must satisfy. Each check evaluates to Pass, Fail, or Error.
* **CVE** — a Common Vulnerabilities and Exposures identifier from the National Vulnerability Database. Luumen matches CVEs against installed packages on each host.
