Hybrid Deployment
Sensitive workloads on your infrastructure, routine workloads on our cloud — with one unified UX and a single permission model across both. For organizations that don't fit neatly into "all cloud" or "all on-prem".
When hybrid makes sense
- Mixed data classifications — some data is regulated (patient records, classified documents), some is not (marketing, public content)
- Progressive migration — you’re moving from managed to on-prem but need to run both during transition
- Cost optimization — high-volume routine workloads on your owned GPUs, occasional workloads on pay-per-token cloud
- Regional split — EU cloud for HQ, on-prem in a specific country where sovereignty is mandatory
How it works
Two (or more) StellarBase deployments run in parallel — one on our managed cloud, one in your data centre. A federation layer ties them together:
- Unified identity — single sign-on works across both deployments
- Unified UI — users see one StellarBase, not two. Navigation seamlessly crosses deployments based on what the user has access to.
- Cross-deployment search — a query in one side returns results from both (subject to permissions)
- Data placement control — each Base is explicitly assigned to a deployment. Data doesn’t move between deployments unless you move it.
What lives where
Typical hybrid split:
| On our EU cloud | On your infrastructure |
|---|---|
| Public marketing content | Privileged legal matters |
| Sales research | Patient records |
| Training materials | Classified project documents |
| Vendor documentation | Trade-secret engineering data |
| HR onboarding content | M&A deal rooms |
The split is your decision — we enforce what you configure.
Identity & permissions
A single identity provider (your SSO) handles authentication for both deployments. Your existing group structure maps to roles in each deployment. A user’s experience:
- Log in once via SSO
- See a unified list of Bases — visually identical, regardless of which deployment backs them
- Switch between Bases seamlessly
- Cross-Base search returns hits from both deployments (filtered by permissions)
Data flow boundaries
By default, no data crosses the deployment boundary. A document in your on-prem deployment stays there. A search that spans both returns metadata and preview snippets only — the full document is rendered locally.
You can explicitly configure cross-deployment flows where needed:
- An agent in the cloud deployment can query the on-prem knowledge base (retrieval only, no full-document export)
- A workflow can move specific data between deployments with explicit approval
- Shared dictionaries and rule sets can be synchronized
LLM routing
Agents can be configured to use different LLMs in different contexts:
- On-prem Base → local LLMs only (no internet call)
- Cloud Base → StellarCloud models (our EU infrastructure)
- Either → external commercial LLM via StellarGate (with PII anonymized)
Routing is per-agent, per-Base. A single workflow that touches both deployments can use a local LLM for the on-prem steps and a cloud LLM for the public-data steps.
Networking
The federation layer requires controlled connectivity between the two deployments — typically a VPN tunnel or private peering. Traffic between deployments is:
- mTLS-authenticated
- Metadata-only by default (no bulk data movement)
- Rate-limited per your policy
- Fully audit-logged
For air-gapped segments that have no connectivity at all, use two separate deployments without federation — users simply log in to each separately. The platform supports this — it’s just not “hybrid” in the unified sense.
Audit & compliance
Each deployment maintains its own audit log. The federation layer logs cross-deployment events (cross-deployment search, cross-deployment workflow triggers) on both sides. For compliance, you get a unified view by exporting and merging — or by streaming both into your SIEM.
Billing
Two components:
- Managed cloud: per-token / per-unit as usual
- On-prem: annual licence sized to the deployment
Unified invoicing available — one invoice, itemized by deployment.
Migration & lifecycle
Hybrid is often a stepping stone:
- Pilot → Hybrid → Full on-prem for organizations planning a full self-host migration
- On-prem → Hybrid → Managed for organizations moving workloads to cloud
- Hybrid indefinitely for organizations whose workloads naturally split
Related
- Managed EU Cloud
- On-Premise
- Auth & RBAC — cross-deployment identity