Chapter 2 ยท Track 2 ยท Operations

Multi-Agent Escalation & DMZ Quarantine Playbook

Verified: app/actions/clearanceActions.ts, app/components/HeaderTwo.tsx, agent registry in app/config/constitutionalDirectives.ts

1. Triage severity matrix

SeverityPrimary agentUI surface
P0 โ€” Perimeter breachIrongate (Agent 14)๐Ÿšจ DMZ QUARANTINE
P0 โ€” Config hash driftIronwatch + IrontechGOVERNANCE DRIFT DETECTED โ†’ FREEZE COMMAND POST
P1 โ€” Threat pipeline SLAIronlock (Agent 6)Active Risks / clearance queue
P1 โ€” ESG physical gateIronbloom (Agent 18)400 PHYSICAL_UNIT_REQUIRED
P2 โ€” Export integrityIrontrust (Agent 3)Export Tabular Ledger Data (CSV)

2. DMZ quarantine workflow

  1. Operator opens ๐Ÿšจ DMZ QUARANTINE (/admin/clearance, data-testid header-dmz-quarantine-chip).
  2. Review threat ingress metadata and Irongate sanitization stamp.
  3. Decision paths (from clearanceActions): [DMZ QUARANTINE: REJECTED] false positive archive, or [DMZ QUARANTINE: ESCALATED] direct SecOps handoff.
  4. Append chain-of-custody via Audit Trail (AUDIT TRAIL nav tab โ†’ /reports/audit-trail).

3. Error catalog (support KB excerpts)

Code / messageCauseResolution
PHYSICAL_UNIT_REQUIREDIronbloom monetary-only payloadSupply kWh, L, or km per lib/sustainability/constants.ts
CRITICAL_INGESTION_FAILUREMissing physical units on assetReject at Irongate; re-ingest with physical metrics
Tenant scope pendingNo Command Center tenant selectedSelect Medshield/Vaultbank/Gridcore in tenant switcher
Testing protocol artifact missingdocx not in docs/Restore Ironframe-UI-UX-Feature-Test-Protocol.docx

4. Java โ€” QuarantineDecisionGate

package com.ironframe.grc.ops;

public enum QuarantineOutcome { REJECTED_FALSE_POSITIVE, ESCALATED_SECOPS, PENDING_REVIEW }

public final class QuarantineDecisionGate {
  public static QuarantineOutcome evaluate(boolean irongatePassed, boolean mappedControlsPresent) {
    if (!irongatePassed) return QuarantineOutcome.PENDING_REVIEW;
    if (!mappedControlsPresent) return QuarantineOutcome.ESCALATED_SECOPS;
    return QuarantineOutcome.REJECTED_FALSE_POSITIVE;
  }
}

5. Multi-tenant isolation (RLS)

All server actions resolve tenant via getActiveTenantUuidFromCookies(). Cross-tenant reads are blocked at Prisma query scope (tenantCompanyId: { in: tenantCompanyIds }). Integration test gate: TENANT-001 through TENANT-004 in docs/Ironframe-UI-UX-Feature-Test-Matrix.csv.