Security is the whole point of self-hosting
NeuronCluster is built for organizations where data simply cannot leave the building. Every layer - from deployment to execution - is designed to keep it that way.
Built for your most sensitive workloads
When data cannot leave the building, NeuronCluster keeps inference inside your perimeter without compromising on capability.
Fully self-hosted
Deploy in your datacenter, private cloud or VPC. Run completely air-gapped when required.
No data egress
Prompts, inputs and outputs never leave your network. No external processors, ever.
Sandboxed execution
Every model runs behind seccomp, namespaces, Landlock and strict resource limits.
Role-based access
Granular RBAC over models, nodes and projects, scoped to teams and environments.
Full audit trail
Every request, model change and admin action is logged for compliance review.
Signed results
Compute nodes cryptographically sign outputs so you can verify provenance end to end.
Defense in depth around every model run
Each inference executes inside layered OS-level isolation, so untrusted model code and inputs can never reach the rest of your system.
| Layer | Technology | Protection |
|---|---|---|
| Syscall filtering | seccomp | Blocks dangerous system calls at the kernel boundary |
| Process isolation | PID namespace | Hides other processes from the model runtime |
| Network isolation | Network namespace | No outbound network access during execution |
| Filesystem isolation | Landlock | Read-only access scoped to allowed paths only |
| Resource limits | rlimit | Hard CPU, memory and time bounds per task |
Deploy it your way - including fully offline
Match your security posture, from a standard on-prem rollout to a strict air-gapped environment.
On-premise
Run entirely in your own datacenter. The hub, gateways and nodes operate without any external service dependency.
Private cloud / VPC
Deploy into your isolated cloud environment with your own networking, KMS and identity provider.
Air-gapped
Operate with no internet connectivity at all. Models and updates are loaded through controlled, offline channels.
Talk through your compliance requirements
Walk our solutions team through your data-residency, audit and deployment constraints - we'll map them to a NeuronCluster architecture.