# Networking

All VxSuite components are blocked from connecting to any network. Thus, there is no networking in a VxSuite implementation. Our network design is secure by virtue of it being completely absent.

Networking is disabled through several layers of defense:

* Network drivers and known network connections are purged in the software setup process. See [these lines in the setup-machine.sh](https://github.com/votingworks/vxsuite-complete-system/blob/v4.0.2/setup-machine.sh#L443-L445) script.
* Secure boot ensures that the hard drive is not modified, thus preventing software that isn’t part of the approved VotingWorks bundle from running.
* The network stack is disabled in the BIOS.
* Wi-fi or bluetooth hardware is not present on the machines.
* Ethernet ports are blocked.
* As a final layer of defense, a [firewall configuration](https://github.com/votingworks/vxsuite-build-system/blob/v4.0.2/playbooks/trusted_build/firewalld.yaml) is defined to block any incoming or outgoing traffic in the event a connection was somehow created.

Because there is no networking, all electronic data transfer is air-gapped via USB drives.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.voting.works/vxsuite-tdp-v4/system-security-auditing-and-logging/software-security/networking.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.