New:System Graph 2.0See System Graph 2.0
On-prem

Run Zof inside your environment.

Deploy Zof’s control plane, orchestration, and execution runners in customer-managed infrastructure for strict security, residency, and governance requirements.

Request on-prem architecture reviewView secure enclave model

Customer-managed control plane

Designed for limited or no internet connectivity

Signed capsules and local execution

Enterprise implementation and support

Who it is for

Who needs on-prem deployment

Organizations where cloud connectivity, data residency, or internal governance rules require Zof to run entirely inside customer infrastructure.

  • -Air-gapped or highly restricted networks
  • -Strict data residency and sovereignty requirements
  • -Internal model governance and approved runtime policies
  • -Defense-adjacent and public-sector environments
Architecture

On-prem architecture

Intelligence and control planes run in your data center; execution stays on customer-managed runners behind your network boundaries.

Private Kubernetes execution

Execution-compatible agents in customer-managed clusters—not a full platform install.

Control plane (customer or Zof)Customer Kubernetes clusterControl planeSignNamespaceExecution agentWorkloadsSecretsArtifactsTelemetry boundary
  • -Optional connectivity for updates, policy-controlled
  • -Same signed capsule model as cloud and enclave
  • -Local evidence store by default
  • -No inbound access to protected segments
Infrastructure

Infrastructure requirements

Sized during architecture review based on applications, execution volume, and high-availability expectations.

  • -Kubernetes or customer-approved orchestration
  • -Hardware and storage sized to your retention policy
  • -Integration with corporate identity (SSO/SAML/OIDC)
  • -Network policies aligned to your segmentation model
Models

Model and runtime options

Planning and generation run where your policy permits, using approved models and runtimes in your environment.

  • -Customer-approved model endpoints where required
  • -No external model calls from protected execution segments
  • -Governed remediation with human approval
  • -Audit-ready configuration and change records
Runners

Runner deployment options

Distribute edge runners across data centers, campuses, or segments as needed for local validation.

  • -Signed runner binaries and allowlists
  • -Per-segment gateway and runner placement
  • -Desktop, browser, and API validation
  • -Local-only reporting modes
Operations

Update and support model

Enterprise-only engagement with defined update channels and dedicated support options.

  • -Controlled release and update windows
  • -Dedicated support tiers and SLAs available
  • -Implementation services for initial rollout
  • -Architecture review included in enterprise deployment
Pricing

Pricing model

On-prem is enterprise-only, priced separately from standard cloud tiers, and scoped after architecture review.

  • -Custom pricing, contact sales
  • -Factors: footprint, runners, retention, compliance scope
  • -Implementation and dedicated support optional
  • -Conservative pilot path available before full rollout
Timeline

Implementation timeline

Typical enterprise rollouts follow architecture review, security validation, pilot, and phased production expansion.

  • -Architecture and security review (weeks 1-2)
  • -Pilot with signed capsules and local runners
  • -Production hardening and governance sign-off
  • -Phased expansion across applications and environments
FAQ

On-prem deployment questions

Common questions from infrastructure and security teams.

No. Execution uses customer-deployed runners inside your network. Zof does not require inbound access to protected segments.
Next step

Discuss secure deployment with Zof

Review segmentation, capsule governance, and runner placement with teams who support regulated enterprises.

Book a secure deployment briefingContact sales
01La surface opérationnelle

Une surface pour la posture, les opérations et ce qui nécessite une attention particulière.

La maison Zof n'est pas un tableau de bord marketing. Il s'agit de l'ingénierie opérationnelle de surface, des équipes d'assurance qualité et de SRE qu'elles utilisent quotidiennement, de la posture de qualité, des exécutions en vol, de la couverture par module et des actions qu'un leader devrait ensuite envisager.

KPI OPÉRATIONNELS

  • Courses
  • Couverture
  • Risque

Vivez dans tous les environnements dans lesquels vous expédiez.

TRAVAIL DE LA Colonne Vertébrale

  • Spécifications
  • Tests
  • Horaires

De la spécification à la régression planifiée.

GARDE-CORPS

  • RBAC
  • SSO
  • audit

Chaque action attribuable à un humain nommé.

STAGING · LIVE/home
Centre de commande domestique Zof AI affichant 12 exécutions à 94 % de réussite, 3 problèmes critiques ouverts, une couverture de 84 %, quatre barres de traçabilité des modules, le pipeline de spécifications, les calendriers à venir et les prochaines actions recommandées avec une barre latérale d'exécutions actives.
Vue d'accueil · Service de paiement · Mise en scène · capturé en direct à partir du produit.
  • 01 · RUNS · 24H

    94% pass

    12 runs across staging

  • 02 · COVERAGE

    84%

    Across four modules

  • 03 · ACTIVE RUNS

    3 running

    Live on this branch

  • 04 · NEXT ACTIONS

    Recommended

    Triage gaps, new spec

Zof AI On-Prem Deployment, Autonomous Reliability Inside Your Environment