Duforest AI

Air-Gapped AI: Architecting for Disconnected Environments

Dec 3, 2025 | Lab Notes

ABSTRACT – 

Deploying Large Language Models (LLMs) in environments with zero internet connectivity presents unique challenges in orchestration, updates, and inference. This paper outlines our methodology for deploying “Sovereign Intelligence” within high-security government and defense facilities using Google Distributed Cloud (GDC) air-gapped solutions. We explore the specific architecture required to run Vertex AI services on GDC Hosted hardware, ensuring that “disconnected” does not mean “dumb.”

The Disconnected Dilemma

For our clients in defense, intelligence, and critical infrastructure, the cloud is not an option. Their data cannot leave the facility, and the internet cannot touch their networks. Historically, this meant they were cut off from the AI revolution. They were stuck with brittle, on-premise legacy systems while the rest of the world raced ahead with Generative AI.
The challenge is threefold:
  1. Hardware Constraints: Running massive models without the infinite scale of a public cloud data center.
  2. Model Stagnation: How to update model weights and vector indices without a live connection.
  3. Orchestration: Managing complex agentic workflows without external API calls.

The Solution: Google Distributed Cloud (GDC) Air-Gapped

At Duforest, we have standardized on Google Distributed Cloud (GDC) air-gapped as the substrate for our sovereign deployments. Unlike traditional “hybrid” solutions that still “phone home” for billing or control plane management, GDC air-gapped is designed for total isolation .

1. The Anchor Zone Architecture

We deploy our agents within the Anchor Zone of the GDC Hosted environment. This zone acts as the local control plane, completely severed from the global Google Cloud control plane.
  • Infrastructure: We utilize the GDC air-gapped appliance for tactical edge deployments and full GDC Hosted racks for data center implementations.
  • Vertex AI on GDC: We run a local instance of Vertex AI Prediction directly on the GDC hardware. This allows us to serve open models (like Gemma or Llama) and, crucially, distilled versions of proprietary models with the same API surface area as the public cloud .

2. The “Sneakernet” Update Protocol

To solve model stagnation, we engineer a rigorous “air-lock” update protocol.
  • Distillation: In our secure Foundry (connected), we use massive models (Gemini Ultra) to teach smaller, efficient models (Gemini Flash or Gemma) specific tasks—e.g., “Analyze a suspicious SAR report.”
  • Transfer: These optimized model weights and updated vector indices are cryptographically signed and transferred to the air-gapped environment via secure optical media or one-way data diodes.
  • Verification: The GDC environment verifies the signature before loading the new “brain” into the local Vertex AI instance.

3. Local Vector Search

A key component of our RuleXis solution is the ability to search millions of documents instantly. In the cloud, we use Vertex AI Vector Search. On GDC, we deploy a containerized version of the same vector search engine.
  • Performance: By running locally on GDC’s TPU/GPU-accelerated hardware, we achieve sub-millisecond latency for retrieval, often outperforming cloud-based systems due to the lack of network overhead .

Case Study: National Intelligence Unit

A G7 nation’s financial intelligence unit needed to analyze millions of transaction reports for terror financing without exposing the data to the internet.
  • Deployment: We deployed RuleXis on a GDC air-gapped cluster.
  • Architecture: The system used a local Vertex AI instance to run a fine-tuned Gemma model.
  • Result: The unit processed 5 years of backlogged data in 2 weeks. The system identified 400% more high-risk networks than the previous manual process, all while maintaining 100% air-gapped isolation.

Conclusion

Air-gapped does not mean obsolete. By combining Duforest’s agentic engineering with the disconnected power of Google Distributed Cloud, we bring the full force of Sovereign Intelligence to the darkest, most secure corners of the regulated world.

References

[1] “Google Distributed Cloud air-gapped | Sovereign Cloud,” Google Cloud.
[2] “Google Distributed Cloud Air Gapped Services,” Google Cloud, 2025.
[3] “Gemini Flash: Google’s AI Edge Play Delivers for Security-Conscious Enterprises,” The CTO Advisor, 2025.