Philterd

Talk to an Expert

Tell us about your stack and the privacy problems you're trying to solve. We typically respond within one business day.

Prefer to skip the form? Pick a time on our calendar →
or send a message

← All posts

Deploying Philter in Air-Gapped Environments

By Philter · AWS

In data security, connected is often synonymous with vulnerable. For high-security sectors — defense, intelligence, national healthcare — the gold standard isn't just a firewall; it's an air gap. When your data is so sensitive that it cannot exist on a network with outbound internet access, your software stack has to be just as self-sufficient.

Most modern AI and PII redaction tools are cloud-first, meaning they constantly call home for updates, telemetry, or license verification. In an air-gapped environment, those tools don't just fail — they won't even start.

Because Philter is built on an open source foundation, it is uniquely suited for these environments. No proprietary phone-home hurdles, no hidden telemetry. Here is how to deploy high-level privacy intelligence in completely offline VPCs.

The architecture of sovereignty

Deploying in an air-gapped environment is about moving from a service mindset to a sovereignty mindset. You aren't renting a capability from a vendor; you are hosting the entire intelligence engine yourself. To do that, Philter is designed to be completely self-contained.

1. Self-contained container images

Most enterprise software relies on pulling layers from public registries like Docker Hub during deployment. In a secure facility, that's a non-starter.

Philter is delivered as fully baked, self-contained container images. Every library, dependency, and security patch is bundled into the image. You pull it once into your secure side-loading environment, scan it for vulnerabilities, and move it across the air gap. Once it's in, it never needs to talk to a registry again. Because the source is open, your security team can audit the build process to confirm the image contains exactly what it should — and nothing else.

2. Local model repositories

The "brain" of Philter — the specialized NLP models served by PhEye — needs to be resident on your local hardware. While other AI products require an API key to reach a model hosted in the cloud, Philter loads its models from a local directory:

  • Zero external dependencies. The models don't check in with a central server to function.
  • Encrypted storage. Models sit on your secure volumes, encrypted at rest.
  • Predictable performance. Because the models are local, you don't deal with the latency or jitter of an internet connection.

3. Air-gapped in the cloud (AWS, Azure, GCP)

While "air-gapped" often conjures physical servers in a vault, modern cloud providers now offer disconnected or isolated regions designed for government and highly regulated workloads. Philter is built to thrive in these environments, including AWS GovCloud (Isolated), Azure Government, and Google Distributed Cloud Hosted.

  • VPC isolation. Deploy Philter within a Virtual Private Cloud that has no Internet Gateway (IGW). All traffic stays within your private subnet.
  • Internal routing. Philter communicates with your other local services (databases, S3-compatible storage) using internal endpoints, so not even a metadata request leaves your perimeter.
  • High availability without sync. Run Philter across multiple availability zones in an isolated region. Because Philter doesn't rely on external sync services, your privacy pipeline stays resilient and fast.

4. Fully auditable and permissionless

Because Philter is open source, there is no black-box logic. In an air-gapped scenario, that's critical for two reasons:

  • No hidden heartbeats. You can verify for yourself that the software makes zero attempts to communicate outside your network.
  • Seamless scalability. Spin up as many instances as your infrastructure allows — no external verification, no seat-based licensing hurdles. Your ability to protect data is limited only by your own hardware.

If you want to keep your offline performance honest, Philter Scope can run alongside the deployment to score precision and recall against a local gold-standard set — no external evaluation service required.

Why air-gapping matters in 2026

As we move deeper into the age of AI, the risk of data seepage — sensitive information accidentally leaked into public training sets — is at an all-time high. For defense contractors and government agencies, a cloud-based PII scanner is a contradiction in terms. You shouldn't have to break your security posture to fix your privacy posture.

Philter provides a robust, battle-tested solution for environments where data security is the top priority and external network access is prohibited. You get the same high-speed hybrid PII discovery that our cloud customers enjoy, but with the absolute certainty that your data never — ever — leaves your sight.

Moving to a zero-trust, offline environment? Check out the source on GitHub, or contact our consulting team to discuss your deployment strategy.