What is enterprise AI on-premise?
Enterprise AI on-premise is a deployment model where the AI workload — model, runtime, application code, and audit log — runs inside the customer's own infrastructure. The customer controls the network perimeter, the data residency, the audit surface, and the supply-chain dependencies. The vendor ships software (and sometimes hardware) into that environment, but doesn't operate the live system from a remote cloud.
In 2026, the on-premise question is no longer "can it be done?" — it can. The question is "is your AI vendor designed for it, or are you stretching a cloud-first product to live somewhere it doesn't belong?" Most of the AI-vendor market is the second case. Wavenetic is the first.
Four deployment models — and when each is right
Real enterprise environments don't pick one deployment model and run everything there. They have a mix: some workloads can run on a public-cloud SaaS, some have to run inside a private VPC, some have to run on hardware in the building, some are classified and have to live in a sealed enclosure. A serious AI vendor handles all four.
1. Microsoft Foundry / public-cloud SaaS
The lightest deployment surface. Used when the customer already runs on Microsoft and the workload doesn't touch high-sensitivity data. Procurement is fast (existing ELA agreements), governance is by Microsoft's own EU compliance frame, and the customer doesn't have to operate any infrastructure. Wavenetic deploys the Wave product stack on Microsoft Foundry as a Microsoft partner.
2. Private cloud / customer-controlled VPC
For customers with existing AWS, Azure, or GCP commitments who need tighter governance than public cloud allows. The Wave stack runs inside the customer's cloud account, in an EU region, with controlled inbound and outbound traffic, customer-managed identity, and customer-controlled audit pipeline.
3. On-premise — customer hardware
The customer owns the servers; Wavenetic ships software. Standard for regulated enterprise (banks, insurers, healthcare) and TSO-class operators. The customer's IT team operates the cluster; Wavenetic supports the runtime and the application layer. WaveNode appliances are an option here — recommended for performance-bounded workloads and air-gap-capable deployments.
4. Air-gapped — sealed appliance, zero outbound network
The strictest deployment. WaveNode hardware ships with signed firmware, attested boot, and offline-only update channels. No phone-home, no telemetry, no CDN model pulls, no license-server check. Standard for defence, classified environments, and parts of critical infrastructure that cannot be assumed to have outbound connectivity. The customer audits the box before deployment and at any point afterwards.
Reference architecture
Every Wavenetic deployment, regardless of which of the four models above it lands in, has the same logical layers. The deployment target changes; the architecture doesn't.
Layer 1 — Hardware
Either customer-provided servers (with documented requirements: GPU type, RAM, network, storage), or Wavenetic-shipped WaveNode appliances (S, M, L, or clustered). For air-gap deployments, WaveNode is the default — it's the only path that meets the trust requirements out of the box.
Layer 2 — Wave Runtime
The orchestration layer that runs models, agents, and tools. Inspectable end-to-end. No black boxes. Open-source orchestrator (WaveCode) available on GitHub for the agent layer; the runtime is governed by an enterprise license.
Layer 3 — Wave product applications
WaveOps (notebook workspace — chat, cited briefings, FAQs, audio overviews; one switch flips the workspace between cloud LLMs and on-prem Ollama), WaveFlow (finance / accounting AI), WaveStorm (marketing AI), and any custom-built application on the same runtime. The same product code that runs on the public web runs inside the customer's perimeter.
Layer 4 — Identity + billing
WaveID for single sign-on across products, WaveCredits for unified credit-based billing. Both launching on May 15, 2026. In on-premise deployments, both are deployable inside the customer's perimeter.
Layer 5 — Audit + compliance
Audit logs are not a feature — they are the storage substrate every other feature is built on. Every event (query, response, agent decision, tool call, error) lands in the audit store, which is then accessible to the customer's compliance tooling. Architecture documentation, conformity-assessment files, and human-oversight gates ship with the deployment.
Compliance frame — what regulated enterprise actually has to satisfy
Four regulatory frames matter for on-premise enterprise AI in the EU in 2026:
- EU AI Act — In force. AI used in critical infrastructure, defence, and law enforcement is high-risk; conformity assessments, technical documentation, audit logs, and human oversight are mandatory. Wavenetic ships the documentation with each deployment.
- NIS2 — Transposed across the EU 2024–25. Operators of essential services must control their supply chain. Outbound API calls to non-EU AI vendors create unmanageable supplier dependencies. Wavenetic is EU-built and EU-deployed by default.
- CER (Critical Entities Resilience Directive) — Operators must demonstrate end-to-end control of systems supporting essential services. WaveNode + Wave Runtime + Wave applications give the customer that control.
- DORA — Financial services. AI is now ICT third-party risk; banks and insurers must have testable exit strategies and rollback paths. With on-premise Wave, the exit strategy is "keep running" — the cluster is the customer's.
Procurement model
Two procurement paths, both designed for enterprise contracts:
Subscription (SaaS-like, but on your hardware)
Annual licence for the Wave product stack, plus on-call engineering support. Hardware optional. Best for customers who want continuous platform improvement and managed delivery, without operating the cluster themselves.
One-time purchase (you own everything)
Wave product licence and WaveNode hardware delivered as a finished appliance. Annual support contract optional. Best for fully air-gapped environments and customers who require asset ownership end-to-end.
Both paths come with full architecture documentation, conformity-assessment-ready files, and named-engineer support contacts. Talk to procurement for a quote.