Skip to content
Squad AI

Dedicated Deployment

Squad runs inside your environment as a managed enclave. We deploy, operate, and maintain the platform on your infrastructure. Your data never leaves your network. Your team never touches the platform internals.

Dedicated Deployment Architecture
Dedicated Deployment YOUR INFRASTRUCTURE. OUR MANAGEMENT. DATA NEVER LEAVES. YOUR CLOUD / ON-PREMISE ENVIRONMENT AWS · Azure · GCP · Private Cloud · On-Premise SQUAD MANAGED ENCLAVE CAPABILITIES Search Generate Automate Visualise Analyse SECURITY GATEWAY Role-Based Access API Gateway AuthN / AuthZ COGNITIVE ENGINE USEP Ingest · encode · bind SOMA Knowledge · memory AIM Reasoning · execution DATA & INFRASTRUCTURE Neo4j PostgreSQL Object Store LLM Inference Managed by Squad · Operated remotely YOUR SERVICES INTERNAL NETWORK USERS Workstations Browser access via internal network IDENTITY PROVIDER Your SSO / IdP AD · Okta · ADFS · Keycloak DATA SOURCES Files PDF, DOCX, CSV Databases SQL, warehouses REST APIs · Webhooks · S3 buckets HTTPS SAML/OIDC REST API Internal network Internal network Internal network Data stays inside SQUAD OPERATIONS TEAM Updates Monitoring Incident Response Backups Security Patching Model Management Secure management channel UK Sovereign · SC Cleared Team · G-Cloud 15 · Your infrastructure, our responsibility

How It Works

Squad is deployed as a self-contained platform within your cloud account or on-premise infrastructure. We manage it remotely through a secure management channel. From your organisation’s perspective, Squad is a service that simply appears on your internal network.

Your Infrastructure

Squad runs on compute, storage, and networking that you own. AWS, Azure, GCP, private cloud, or on-premise bare metal.

Our Management

We deploy, configure, monitor, patch, backup, and update the platform. Your IT team is not responsible for Squad operations.

Data Sovereignty

All data remains within your network boundary. Nothing is transmitted externally. Meets the strictest residency and sovereignty requirements.

Same Platform

Identical capabilities to Squad Cloud. Same cognitive engine, same UI, same API surface. No feature compromises.

What You Provide

Dedicated deployment requires your organisation to provision a baseline environment. Our team specifies the requirements during scoping; your IT team provisions the resources.

RequirementDetail
ComputeVirtual machines or container hosts meeting our specification (CPU, RAM, disk)
NetworkInternal DNS, load balancer or ingress, firewall rules for internal traffic
Identity providerYour existing SSO (Azure AD, Okta, ADFS, etc.) with SAML/OIDC metadata
Management accessSecure channel for our operations team (VPN, bastion, or agreed remote access method)
GPU (optional)If running local LLM inference rather than external API keys

What We Manage

Once your environment is provisioned, we own the entire platform lifecycle.

ResponsibilityDetail
DeploymentInitial installation, configuration, and validation
Platform operationsApplication deployment, scaling, configuration management
Database operationsNeo4j, PostgreSQL, Redis, object storage — provisioning, tuning, maintenance
AI/MLLLM inference setup (local Ollama or external API), embedding models, NLP pipelines
SecurityTLS configuration, encryption at rest, secret rotation, vulnerability patching
MonitoringHealth checks, alerting, proactive incident response
UpdatesCoordinated with your change management process; tested and validated before rollout
BackupsAutomated backups within your environment with agreed retention and recovery targets
Model managementModel updates, performance tuning, inference optimisation

Integration Surface

The same three interfaces as Squad Cloud — but all traffic stays on your internal network.

1. HTTPS — User Access

Your team accesses Squad via an internal URL (e.g., https://squad.internal.yourorg.com). Traffic routes through your internal load balancer or ingress. No external network dependency.

2. SAML / OIDC — Identity Federation

Squad federates to your internal identity provider. Authentication traffic stays within your network.

3. REST API — Data Ingestion

Documents and files enter Squad via the same REST API, UI, and CLI — all over your internal network.

Network Architecture

Squad runs as an isolated workload within your network. Typical topologies:

ModelDescription
VPC / SubnetSquad in a dedicated subnet within your cloud VPC, peered to your application and identity subnets
Private DNSInternal DNS resolution for the Squad endpoint; no public DNS entry required
On-premise VLANSquad on a dedicated VLAN with firewall rules to your identity and data services
Air-gappedFully disconnected; updates delivered via secure media; no outbound connectivity

Setup Sequence

  1. Scoping

    We assess your environment, compliance requirements, and infrastructure constraints. We provide a detailed specification for the compute, network, and access your team needs to provision.

  2. Provisioning

    Your IT team provisions the baseline environment to our specification. We provide validation scripts to confirm readiness.

  3. Deployment

    Our team deploys the Squad platform into your environment, configures SSO federation, sets up model inference, and validates end-to-end functionality.

  4. Integration testing

    We work with your team to validate network connectivity, identity federation, data ingestion, and user access. Any firewall or DNS adjustments are resolved here.

  5. Data onboarding

    Your team uploads initial data. We assist with ontology configuration and ingestion validation.

  6. Handover

    Training sessions for your team covering the platform UI, query workflows, the Tune page, and administration. Ongoing operations continue via our secure management channel.

Comparison

Squad CloudDedicated
Where it runsSquad-managed infrastructureYour cloud or on-premise
Data locationSquad infrastructure (your chosen region)Your infrastructure
NetworkInternet-accessible with SSOInternal network only
Managed bySquadSquad
Setup timeDaysWeeks
UpdatesAutomaticCoordinated with your change management
Air-gap capableNoYes
Best forFast evaluation, teams without strict residencyRegulated environments, sovereignty, air-gapped networks

Get Started

Ready to run Squad on your infrastructure? Contact our team to begin scoping your dedicated deployment.