[wired]

What does typical 5th Edition Matrix Topology / Architecture of a Host look like?

Does every floor of a corporate high-rise have its own host running that floor?  Would those hosts be nested in a 'Lobby Host' that had to typically be accessed first?  Are there matrix chokepoints?  Is everything just blobbed into a single massive host?

Is there any officially published content (Missions, Adventures, etc) that outlines some extensive Matrix topology / architecture to reference?

[grid_hopper]

My understanding without quoting the rulebook is;

There is no limit to how many hosts can be on a grid nor how many grids can potentially exist.   

Also you cannot go from one host to another without leaving that host therefore entering the grid it is on.

The grids are defined by their accessability and distance from the grid you are on.

So a given grid is associated with a real location so much distance away along with any host associated with it.
Is the topology for the most part....

So the building I guess one can imagine can have as many host as it likes and have as many grids associated with is as it likes....
But  the imagination author does define the wheres and how manys....

[Malevolence]

Hosts do not have a physical location. They have a matrix location of sorts, but no physical location. Also, their layout does not necessarily align with any physical building. So Ares for example might operate any number of hosts (one for corporate activities, one for a matrix retail store, one for clandestine activities, one for research, and so on) or might simply have one.

From what the book provides, hosts can be detailed to whatever degree the owner chooses (or is deemed appropriate by the GM). They can be a simple digital space with files and icons floating freely with no barriers to block visibility, or they can be stylized to resemble a lifelike building with hallways, lights, etc. This doesn't change the fact that everything is a host is still visible, so the walls don't provide any privacy (or cover, if it comes down to cybercombat). It's essentially fluff.

The Stuffer Shack example shows an example of a host that aligns it's matrix location with its physical location in the world, but that does not mean that the host is actually there. The brick and mortar store is, but the physical host processing hardware could be anywhere (though the example strongly indicates that it is, in fact, in the store itself). But higher rating hosts owned and operated by more powerful entities may have their hardware distributed all over the world, and so really do not have an exact physical location, should you wish to bypass the matrix combat and simply pull the plug.

[wired]

Thanks for the replies!

Let me ask for a bit more clarification -- Are hosts ever nested inside one another?  For instance, imagine a bank.

A bank has numerous functions that would be hosted.  There are customer service functions.  There are human resources functions.  There are perimeter security functions.  There are secure vault functions.  There are logistics and supply functions (can't run out of those deposit slips!).

There's a lot of stuff going on in a bank.

In Shadowrun 5th Edition, are all of these functions located together in a single host?  I.E, a Hacker moves from the grid into the host, and then subsequently may pursue anything related to these given functions?  Or would sub-hosts / nodes exist inside this Host, with various nodes representing various functions (and likely hosting various hardware counterparts).

I'm trying to wrap my mind around this, but it seems like 5th Edition Matrix Hierarchy is very, very flat and lacks a number of the key chokepoints that previous editions of the SR Matrix had.  It almost seems trivial to pwn highly critical components from other, unrelated pieces of the infrastructure.

I feel like I must be missing something -- Putting a Mark on the break-room coffee maker doesn't allow a Hacker into the same space as the list of safety deposit box holders, does it?

[The Wyrm Ouroboros]

Yes, hosts can be nested.  To use your analogy, you might have nested hosts - one for the immediate customer service / human resource / supply and logistics functions, and one for the more secure functions, like security, vault systems, safety deposit boxes, and the like.  The latter host may have an appearance in the former host similar to a vault inside the physical bank - or it may just be a door to one side, innocuous.  (Different design philosophy, is all.)

However he wants to handle it, though, is up to the GM, and though it doesn't make sense that you should be able to hack the vault by way of the coffeemaker, someone out there is liable to make that mistake. Once, anyhow.  Me, I'd nest hosts - or at least have the bank's standard host have a host-to-host access point into the bank's Vault Host, so that the employees don't have to take a virtual step outside the bank and run down the street just to get into their own vault.


Note, however, that purvue has something wrong: a host always has a physical location.

A host has a computer, or a network of computers, upon which it runs; the Matrix doesn't just mysteriously and magically run on nothing, there are buildings and buildings full of computer banks all over the world keeping this drek running.  The host's physical location might not correspond to its matrix location - all the Stuffer Shacks, for example, may be hosted on the Aztechnology grid (since they are, after all, a wholly-owned subsidiary of the fine folk down at AZT), and run off about a thousand computer systems deep inside Tenochtitlan; that would be their physical location.  Meanwhile, each Stuffer Shack host's matrix location - its front door - corresponds with the physical location of the actual Stuffer Shack it represents.

Plotting out the physical location of a host might require some serious in-depth codehacking that certain individuals may not wish you to do, of course; sounds perfect for a shadowrun. 

[Xenon]

No you don't nestle hosts in SR5 as far as I can tell.

You can for example have one "security" host up in the matrix sky where security devices like cameras of multiple physical facilities can be slaved to and you can have multiple "public" host that maybe even automatically invite you to take a mark and where the matrix location might match the matrix location of physical devices in the vicinity of the actual physical facility. The security rigger would in this example be connected to the security host controlling all security devices in all physical facilities at once.


A specific Ares facility would probably have most of the security devices in public areas like the reception just running on the Ares Global Grid,  not slaved to a host at all. And once you get behind the "restricted personnel only" you will encounter devices that are slaved to a host. On the 45th floor you might have a shielded area with no matrix connectivity at all and you need to physically go up there and attach a data tap to a wire between devices you want to hack.

[The Wyrm Ouroboros]

... wow.  You have a lot looser concept of Matrix 2.1 than I do.

I'm not saying you couldn't do it that way, but in your example, any barely-skilled hackerd00d schmuck who gains access to the Ares Grid would be able to screw with your 'reception camera' for the asking.  The sorts of setup you're talking about are on one hand overwhelming (that poor security rigger, trying to oversee thousands of buildings at once!!) and on the other indefensible (ALL UR KAMERAZ ARE BELONG TO US!!).

Enh.  Everyone has a different concept.

[Xenon]

You don't need access to ares grid to mess with devices and hosts found on that grid, but you get a negative dice pool modifier of 2 dice I'd you work across grids (but grid hop isn't that difficult for a trained Decker).

If devices in public areas are easy to physically access then you can bypass host ratings with a direct connection and you can use this to get access to the host and with it all more secure devices that are also slaved to the host. Slaving devices you can physically reach in public areas to the same host as devices in more secure areas probably make both the facility and the host less secure...

Suffer Shack on the other hand might not have a security rigger, at all. But slaving their security devices to the public host they invite anyone to take a mark on seem strange (since anyone in the host would also get a direct connection to all cameras and weapon turrets - in that case it might be better to not slave them at all; or slave then all to a common security host that all suffer shacks use around the world; or having both a separate public as well as a separate security host per shop).

[wired]

Thanks again for the replies. 

My interpretation of the Matrix seemed to best aligned with Wyrm's, though I was concerned that that could be a result of my understanding of legacy Matrix systems that had been re-architected in the Wireless Matrix (I haven't actively played SR since 3rd Edition).

So, going back to that Bank analogy -- How would the flat architecture that you're proposing look inside a Bank, Xenon (or anyone else that adopts that approach, for that matter)?

[Xenon]

the whole entering a node to reach other nodes is SR4
in SR5 you access things directly.

no need to first "hack" a proxy / gateway / firewall / router / server
you access all devices in the PAN directly (but they defend with ratings of the device they are slaved to)

you don't even hack a commlink before you access file located on it.
you access the files directly (but they defend with commlink ratings).

you don't enter a host before you access the security camera slaved to it
you interact with it directly out on the grid (but it will defend with host ratings).
(but you also get a direct connection to them from within the host)

hosts are no longer the multi-layered onion constructs they used to be.
once you enter a host you see and can interact with all icons in the host.
(the only exception they mention would be archived files; which will be explained more in detail in future source books)



the huge advantage of this is that hacking in SR5 is sooooo much faster.
you no longer need to send out all the other players for 20+minutes while the decker traverse a complex structure of nodes.



As for a bank;
There is an example of a decker that grab a pay data file from a bank on p. 224-225.

In this example security devices (such as maglock on the emergency exit in the ally behind the bank) is slaved to the banks private host. He use a physical direct connection to the maglock (which let him bypass host ratings). Once he get a mark on the maglock he also get a mark on the Host and can enter it. While inside the bank node he track down the file he is looking for (listing of all the patrons how have safe deposit boxes at the bank). He get spotted and take some matrix damage but manage to crack the file, copy it and jack out before his deck is bricked.

SR5 does not have devices within devices nor hosts within hosts.

[wired]

If SR 5 does not employ nested hosts, then it seems to me that a Matrix Architect should divide devices / data by function, and slave related devices / data to a host, and spawn up a new host for unrelated devices / data.

I.E, a Bank would have a 'Perimeter Security' host as well as a 'Customer Data' host.  Gaining a mark on one would not subvert the other.  Is this how it is done in practice, Xenon?

This would isolate and contain breaches so that having a mark on an exterior door does not provide access into unrelated systems.

This would create an architecture where instead of a single, massive host which contains divided subfunctions/subnodes/subhosts, there is a flat architecture of numerous small, specialized hosts.

[Malevolence]

Note, however, that purvue has something wrong: a host always has a physical location.

But higher rating hosts owned and operated by more powerful entities may have their hardware distributed all over the world, and so really do not have an exact physical location, should you wish to bypass the matrix combat and simply pull the plug.

Welcome to the cloud, Chummer.

[Xenon]

I feel like I must be missing something -- Putting a Mark on the break-room coffee maker doesn't allow a Hacker into the same space as the list of safety deposit box holders, does it?

It will if the coffee maker is slaved to the private host where the list of safety depsit box holders is located.
but why would you slave the coffee maker to the bank's private host in the first place...?


and you don't automatically get marks on files in the host just because you have a mark on the host...
so you still have to hack the list of saftey deposit box holders before you can read or copy it
(crack file is an attack action so you will alert the host... the file also use host ratings - which can be double digits(!))

...Is this how it is done in practice...

will material and planning be in a different host than human resources or procurement?
your guess is as good as mine.... but i dont think so. why would they...? after all, they all use the same ERP.... shrug

bigger question is how you slave devices (due to the physical direct connection exploit)

we know that:
- all wireless devices will be on a grid (never inside a host)
- some devices might also be slaved to the host.
- some devices might be wired (and not slaved to a host as hosts only exist within the matrix)

i like to imagine that most devices are not slaved to the host but devices in restricted areas that a security rigger would be interested in having a direct connection to (elevators, sensors, alarms, cameras, maglocks, drones etc.) would be slaved to the host. I like the concept that there might be some device in a semi-public location (like a service elevator you can reach from a basement parking garage or a maglock on an emergency exit) that is  slaved to the host to give players a weakness to exploit.

[KarmaInferno]

https://www.youtube.com/watch?v=nX2tduNr8DU
https://www.youtube.com/watch?v=8p0jmewhXeU

[wired]

will material and planning be in a different host than human resources or procurement?
your guess is as good as mine.... but i dont think so. why would they...? after all, they all use the same ERP.... shrug

Do you envision separate Hosts for Human Resources and Security Resources?