An air-gapped system has no network route — not even a filtered one — to the public internet or any unsecured external network. Every byte of data generated and all model weights stay inside your physical perimeter.
How It Works
Air-gapping is not a software feature — it is a physical infrastructure decision. The server running your LLM inference is connected only to a controlled internal network (or no network at all). Firmware update channels, NTP servers, and DNS resolvers are all sourced internally. Any data pipeline (documents in, answers out) is gated by air-gap transfer mechanisms: USB drives with checksum validation, one-way data diodes, or strictly audited internal APIs.
Types of Isolation
Full Air-Gap
No network interface active on the inference node. Data transfer via physical media only. Required for Classified / Top Secret environments.
Network-Isolated (VLAN/Firewall)
Server is on an internal-only VLAN with strict egress rules blocking all outbound traffic. Easier to operate; used in most regulated industries (healthcare, defence).
One-Way Data Diode
A hardware device that physically allows data to flow only in one direction. Allows feeding documents in from a connected network while ensuring nothing can leak out.
Why It Matters for On-Premise
Cloud LLM APIs phone home for every token you generate. Even with privacy agreements, prompt data traverses vendor infrastructure. An air-gapped or network-isolated on-premise deployment guarantees that trade secrets, patient data, legal documents, and source code never leave your building — making compliance with GDPR, HIPAA, ISO 27001, and defence clearance requirements structurally enforced rather than policy-dependent.