The Air-Gap Challenge
Air-gapped networks exist for one reason: to make certain systems physically impossible to reach from the internet. No inbound connections. No outbound connections. No bridging. These are the environments where the most sensitive operations in the world take place — defense intelligence, nuclear weapons programs, classified research, and critical national infrastructure.
The organizations that operate these networks — the Department of Defense, the Intelligence Community, CISA-regulated critical infrastructure operators, healthcare systems processing PHI, and financial institutions handling regulated data — all face the same problem. AI is transforming cybersecurity, but the most advanced AI tools require cloud connectivity they cannot allow.
The numbers make the urgency clear. A 2026 DoD directive now requires AI vendors to deploy their latest models within 30 days of general release — including in disconnected environments. Gartner's 2025 survey found that 43% of Fortune 500 firms are actively testing local-only AI deployments for security-sensitive workloads. And MITRE's analysis of insider threat data consistently shows that insiders remain the most capable attack vector in classified environments — the exact threat profile that demands continuous, intelligent monitoring.
These organizations need AI-powered security operations. They cannot use cloud-based AI. Until now, that meant choosing between modern capability and network isolation.
The False Choice
The traditional paradigm has forced security teams into an impossible trade-off: AI capabilities or network isolation. You can have one, but not both.
Cloud-based AI security platforms — whether built on AWS Bedrock, Azure OpenAI, or Google Vertex AI — require persistent internet connectivity by design. Every alert analysis, every threat intelligence enrichment, every LLM inference call traverses the public internet to reach a cloud endpoint. For organizations operating behind an air gap, these platforms are architecturally incompatible.
The alternatives have been equally unsatisfying. Legacy security tools were never designed for modern AI workloads. Rule-based SIEM correlation, static signature matching, and manual triage workflows can operate offline, but they lack the analytical depth that large language models bring to alert analysis, threat contextualization, and attack narrative construction.
The Widening Gap
While commercial SOCs accelerate with AI-powered analysis, classified environments fall further behind — running the same rule-based playbooks and manual triage processes from a decade ago. The threat actors targeting these environments are not constrained by the same limitations. Nation-state adversaries and sophisticated insiders are already using AI to plan and execute operations. The defenders cannot afford to fight AI-augmented threats with pre-AI tools.
The result is a growing capability gap. Organizations with the highest security requirements have the least access to the most advanced defensive technology. Intruex eliminates that gap.
How Intruex Solves It
Intruex was architected from day one to run in both cloud-connected and fully disconnected environments. The air-gapped deployment is not a stripped-down version of the product. It is the same platform, the same specialist agents, the same features — deployed entirely within your network perimeter with no external dependencies.
The key architectural difference is the inference layer. In cloud deployments, Intruex uses managed cloud inference for its LLM operations. In air-gapped deployments, Intruex replaces that with a high-performance local inference engine — running security-optimized language models on hardware you control.
Local Inference Engine
Intruex's local inference layer is built on a production-grade, throughput-optimized serving engine designed specifically for high-volume LLM workloads. Key capabilities include:
- Efficient memory management: Advanced memory techniques reduce GPU memory waste significantly, allowing larger models to run on smaller hardware footprints.
- Continuous batching: Dynamically groups inference requests to maximize GPU utilization, delivering throughput that approaches the theoretical hardware maximum.
- Multi-GPU support: Distributes model layers across multiple GPUs for models that exceed single-GPU memory capacity.
Hardware Sizing
Intruex provides a hardware sizing calculator during the scoping process that recommends GPU configurations based on your alert volume, desired model size, and throughput requirements. Deployments range from a single enterprise GPU for standard workloads to multi-GPU configurations for environments requiring maximum analytical depth.
Modern quantization techniques deliver significant size reductions with minimal quality loss on security analysis tasks. Benchmarks consistently show negligible degradation on cybersecurity-specific evaluation sets when using optimized quantization for local inference.
Eliminating Cloud Latency
Local inference eliminates the per-call network overhead that cloud-based inference introduces. For a platform like Intruex, where a single alert analysis may involve multiple LLM calls across specialist agents, orchestration logic, and threat intelligence enrichment, this latency reduction compounds significantly. Air-gapped deployments often deliver faster end-to-end analysis times than their cloud-connected counterparts.
What Stays the Same
Every capability that makes Intruex effective in cloud-connected environments is fully preserved in air-gapped deployments:
- All specialist agents: Every AI analyst agent — including specialists for brute force detection, phishing analysis, lateral movement tracking, and more — runs locally with the same domain-specific heuristic scoring.
- Attack narrative correlation: Automated correlation of related alerts into unified attack campaigns, mapped to MITRE ATT&CK kill chain phases, with analyst-ready narrative summaries.
- Knowledge base with RAG: Upload your security policies, runbooks, network diagrams, and organizational context. The platform applies retrieval-augmented generation to every analysis, grounding AI reasoning in your specific environment.
- Entity memory: Persistent memory of entities (IPs, users, hosts, domains) across alerts, building a cumulative risk profile that improves detection accuracy over time.
- Native SOAR engine: Built-in automated response actions — IP blocking, account disabling, host isolation — triggered by AI-determined severity without requiring external orchestration platforms.
- Compliance mapping: Automated mapping of detections to NIST 800-53, ISO 27001, PCI DSS, HIPAA, and other frameworks — all processed locally.
- Dashboard and analytics: Full analytics suite with real-time alert status, trend analysis, agent performance metrics, and executive reporting.
- Audit trails: Complete, tamper-evident logging of every AI decision, analyst interaction, and automated action for compliance and forensic review.
What's Different
The air-gapped deployment introduces targeted changes to the inference and intelligence layers — designed to preserve full capability without any external network dependency.
Local Inference Replaces Cloud APIs
The inference backend switches from cloud API calls to a locally hosted inference engine serving security-optimized models. The swap is transparent to Intruex's agent orchestration layer — no changes to agent logic or analysis workflows.
Security-Optimized LLMs
Air-gapped deployments use security-optimized language models fine-tuned specifically for cybersecurity tasks, delivering strong performance on alert triage, threat classification, and incident summarization. Multiple model sizes are available — from efficient models optimized for high-throughput environments to larger models for organizations requiring maximum analytical depth.
Offline Threat Intelligence
Cloud-connected Intruex enriches alerts in real time from multiple threat intelligence services. In air-gapped environments, threat intelligence is delivered via industry-standard offline feeds from ISACs, government sharing programs, and commercial TI vendors. Feeds are imported on a scheduled basis through your organization's approved secure transfer process.
Manual Model Updates
Model updates follow the same secure transfer protocols your organization already uses for software updates in classified environments. Models are distributed in a single-file format optimized for local deployment. One file, one checksum verification, one transfer — no complex multi-file dependency chains.
The Regulatory Landscape
Air-gapped AI deployment is not just a technical preference — for many organizations, it is a regulatory requirement. The compliance landscape is converging on local processing as the standard for sensitive workloads.
DoD Impact Levels
- IL4 (Controlled Unclassified Information): Requires processing in government-authorized cloud environments or on-premises infrastructure. Many CUI workloads can technically use GovCloud, but organizations increasingly prefer local deployment to eliminate third-party data handling.
- IL5 (Higher-Sensitivity CUI and Mission-Critical): Requires dedicated infrastructure with no multi-tenancy. Air-gapped deployment satisfies IL5 requirements by definition — data never leaves the physical boundary.
- IL6 (Classified / SECRET): Requires processing in accredited classified environments. Cloud processing is not an option. Air-gapped local deployment is the only compliant architecture.
CMMC Compliance
CMMC Level 2 (required for CUI handling) mandates 110 security controls from NIST SP 800-171. CMMC Level 3 adds enhanced controls for high-value assets. Enforcement of CMMC requirements begins November 10, 2026, meaning every defense contractor handling CUI must demonstrate compliance — including for any AI tools processing that data.
Air-gapped Intruex deployments simplify CMMC compliance by eliminating entire categories of control requirements related to data-in-transit protection, cloud provider assessment, and third-party risk management. When the data never leaves your infrastructure, the compliance surface area shrinks dramatically.
ITAR and Export Controls
International Traffic in Arms Regulations (ITAR) require that controlled technical data be processed only by U.S. persons on U.S.-controlled infrastructure. Organizations handling ITAR data currently require GCC High for any cloud workloads — but air-gapped deployment eliminates the GCC High dependency entirely, reducing both cost and compliance complexity.
NIST AI Risk Management Framework
The NIST AI RMF provides guidelines for trustworthy AI deployment, including requirements for transparency, explainability, and human oversight. Intruex's architecture — with full audit trails, analyst-in-the-loop workflows, and explainable AI reasoning — aligns with NIST AI RMF principles regardless of deployment model.
Use Cases
Defense and Intelligence Community
The defense and IC sectors are already moving toward air-gapped AI. Los Alamos National Laboratory has deployed local LLMs for classified research analysis. The U.S. Army's "Ask Sage" platform provides AI-assisted analysis in secure environments. NATO and DoD studies have found that air-gapped AI deployments reduce breach risks by up to 78% compared to cloud-connected alternatives (MITRE), primarily by eliminating the network-based attack surface entirely.
For SOC operations specifically, air-gapped Intruex gives defense organizations the same AI-powered alert triage, threat correlation, and automated response that commercial enterprises access through cloud deployments — running entirely within their accredited security boundary.
Critical Infrastructure
CISA-regulated critical infrastructure operators — energy, water, transportation, communications — face a unique challenge. Their operational technology (OT) and SCADA networks are often air-gapped by design, but still generate security telemetry that requires analysis. Intruex deployed within the OT network boundary provides AI-powered monitoring of industrial control system alerts without introducing any connectivity between the OT and IT networks.
Healthcare
Healthcare organizations processing protected health information (PHI) under HIPAA face strict data handling requirements. While HIPAA does not mandate air-gapped deployment, many healthcare security teams prefer local AI processing to eliminate the risk of PHI exposure through cloud API calls. Air-gapped Intruex processes every alert — including those containing patient identifiers, medical record numbers, and clinical system data — entirely within the organization's controlled environment.
Financial Services
Financial institutions operating fraud detection and transaction monitoring systems handle some of the most sensitive data in the private sector. Air-gapped Intruex deployments allow these organizations to apply AI-powered security analysis to their most sensitive environments — trading systems, core banking platforms, and payment processing infrastructure — without routing any data through external AI services.
Industry Momentum
The trend toward air-gapped AI is accelerating across sectors. SentinelOne announced autonomous AI capabilities for air-gapped environments in March 2026. Microsoft has expanded Azure Government offerings for disconnected operations. The market is recognizing what defense organizations have known for years: the most sensitive environments need the most advanced AI — and they need it locally.
Getting Started
Deployment Considerations
Deploying Intruex in an air-gapped environment requires planning across three dimensions:
- Hardware sizing: Determine GPU requirements based on your alert volume and desired analytical depth. Intruex provides a hardware sizing calculator during the scoping process that recommends configurations for your specific workload.
- Model selection: Choose between smaller, faster models for high-throughput environments (thousands of alerts per hour) and larger models for maximum analytical depth. Intruex's team recommends the optimal model for your use case.
- Threat intelligence feed setup: Identify your offline threat intelligence feed sources — whether from ISACs, government sharing programs, or commercial vendors — and establish the secure transfer cadence (daily, weekly, or on-demand) that aligns with your operational requirements.
Intruex's deployment team handles the full installation, model optimization, and integration with your existing SIEM and security tooling. From scoping to operational deployment, the process is measured in weeks, not months.