Engineering · 31 March 2026 · 5 min read

On-prem LLMs: capable models with no outbound network

You should not have to choose between modern AI and data sovereignty. Here's how we run capable language models entirely inside your perimeter.

The most common objection to AI in sensitive work is not capability — it is exfiltration. If getting a summary means shipping the underlying text to someone else's servers, then for a great deal of intelligence work the answer is simply no.

CLERINT abstracts the model behind a single configuration flag. In the cloud, that can be a hosted frontier model for demonstrations. In production, it is an on-premise model — families such as Llama 3.1 or Qwen 2.5 — running inside your boundary, with no outbound network at all.

Designing for this from the start changes engineering choices. Prompts and pipelines are built to work with open-weight models of modest size, not to depend on a single vendor's largest system. Retrieval and structure do the heavy lifting, so the model's job is narrow, checkable and swappable.

The result is that capability and sovereignty stop being a trade-off. Classification, summarisation and threat assessment run against your data, on your hardware, and the output never leaves the enclave. The model is a component you control, not a service you depend on.

As open models improve, the abstraction pays off again: upgrading is a swap, not a migration. You adopt the next capable model without re-architecting the platform around it — and without renegotiating where your data is allowed to go.

← All posts