Entirely in your perimeter
No prompt, document or key ever leaves your network.
- Docker Compose or Kubernetes on your own hardware
- No SaaS mode, by design
- The control plane lives next to the models
HA.Prizma deploys entirely inside your perimeter, from the gateway to the audit store. In your perimeter · under your control · with provable audit.
No prompt, document or key ever leaves your network.
Deploys in an isolated segment with no internet access.
An expired or missing license never drops protection.
The delivery arrives in your perimeter from a private registry, one line of config routes traffic to the gateway, orchestration carries the same stack to a cluster. A starter stand comes up in ~2 min, and each tool connects in ~30 s.
Images and the chart arrive under license from a private registry straight into your perimeter. Nothing is pulled from public sources.
Any OpenAI- or Anthropic-compatible client goes through the gateway with no code changes: only the API address changes.
The same stack deploys to a cluster with standard orchestration. Environment values override the registry, tags, secrets and ingress host.
A developer connects a CLI or IDE tool themselves, self-serve, no ticket. DLP, budgets and audit apply at once.
A production topology with automatic failover, point-in-time recovery and observability out of the box.
proven by planned failure drills
Grafana dashboards and alerts
A primary failure never drops the control plane: etcd holds consensus by quorum, HAProxy routes to the current leader. Planned failure drills confirmed automatic failover with no data loss.
Cache and pub/sub survive a node loss. A Sentinel quorum runs automatic failover; kill-switch and rate-limit keep propagating.
Roll back to a point in time after an incident. A continuous WAL archive to off-host S3-compatible MinIO storage, recovery to any moment.
Throughput follows the load. On a live stand it scaled 1 → 5 → 1 workers by pipeline metrics, with no manual intervention.
One gateway for 12 CLI and IDE tools: one line of config or a self-serve connector. DLP, budgets and audit apply at once.
curl https://gw.prizma/install/claude | sh ~30 s per tool · no SDK
DLP linter and clipboard-guard in the editor
agent tool-calls through the same DLP and audit
LLM calls in no-code pipelines
DLP · kill-switch · budgets → Slack / Teams / Telegram
CEF and syslog export · e2e with Splunk
curl-install the CLI, no ticket
Three layers of network enforcement leave no bypass to the cloud around DLP and audit, even for a tool security does not know about yet.
Unauthenticated traffic is not blocked blindly: first it is visible.
Anonymous clients are identified by fingerprint (IP + UA). Policy: block, monitor or allow. A client can be turned into a real user in one action (provisioning). That is how shadow AI is found before the first incident.
Proxy auto-config routes all traffic to api.openai.com / api.anthropic.com and other providers to the gateway.
The internal resolver points provider domains at HA.Prizma, so bypass via a direct domain is closed.
Egress to model APIs is allowed only from the gateway; direct exit from workstations is blocked at the perimeter.
A self-hosted LLM Firewall inside your perimeter. One base_url line, and no prompt leaves directly.