Deployment Models
Understand SBOM Observer's deployment options - SaaS, on-premise, and air-gapped.
SBOM Observer is available in three deployment models to match your infrastructure and security requirements.
Deployment Models
SaaS
Bitfront-hosted, fully managed, zero infrastructure overhead
On-Premise
Your infrastructure, self-hosted, complete data control
Air-Gapped
Isolated networks, maximum security, no internet access
SaaS (Fully Managed)
Bitfront hosts and manages SBOM Observer entirely. You access it as a cloud service with no infrastructure to maintain.
Benefits:
- ✅ Zero infrastructure overhead
- ✅ Automatic updates and patches
- ✅ Managed backups and disaster recovery
- ✅ Immediate access, no setup required
- ✅ Scales automatically with your needs
Ideal for:
- Teams wanting minimal operational burden
- Organizations without strict data residency requirements
- Quick evaluation and proof-of-concept
Get started: SBOM Observer Platform | Try the live demo No signup required
On-Premise - On-Prem (Self-Hosted)
You deploy SBOM Observer in your own infrastructure using Docker. Full control while maintaining internet connectivity for updates and data sources.
Benefits:
- ✅ Complete data control and residency
- ✅ Customization and integration flexibility
- ✅ Compliance with internal policies
- ✅ Private Docker registry access via license portal
- ✅ Self-service updates when you're ready
Ideal for:
- Organizations with strict data residency requirements
- Teams needing customization or integration
- Enterprises with existing on-premise infrastructure
- Regulated industries (healthcare, finance, government)
Requires:
- Docker runtime environment
- Internet access for container downloads and data sources
- Self-managed backups and maintenance
Get started: Contact us for on-premise deployment
Air-Gapped (Isolated Network)
Deploy SBOM Observer in completely isolated environments with no internet access. Perfect for high-security networks or classified environments.
Benefits:
- ✅ Maximum security and isolation
- ✅ No external data dependencies
- ✅ Meets strict air-gapped compliance requirements
- ✅ Suitable for classified or sensitive environments
- ✅ Complete control over all data flows
Ideal for:
- Defense and classified environments
- High-security critical infrastructure
- Organizations with strict network isolation policies
- Regulated industries with extreme security requirements
Requires:
- Offline data source updates (periodic downloads on external network and transferred to air-gapped environment)
- Self-managed backups and maintenance
Get started: Contact us for air-gapped deployment
Choosing Your Model
Unsure which deployment model fits your needs? Compare your requirements against each option:
Best for SaaS
- Prefer managed infrastructure
- Always up to date with automatic updates
- Want immediate access without setup overhead
- No data residency constraints
Best for On-Premise
- Data must stay within your infrastructure
- Need customization or tight integration
- Have compliance requirements for self-hosting
- Already run Docker in your environment
Best for Air-Gapped
- Your infrastructure has no internet access
- Security policies prohibit external connectivity
- Operate in classified or sensitive environments
- Require maximum isolation and control
Next Steps
- Questions regarding SaaS, On-Premise or Air-Gapped: Contact us
- On-Premise Installation - Detailed setup guide
- Air-Gapped Configuration - Network isolation guide