On-Premises · Air-Gapped Optional · Maximum Sovereignty
Delivered to your building. Owned by you.
The full Faheem platform, installed on hardware inside your walls. Zero cloud AI calls. Air-gapped if you want it. You hold every key, and every action is provable on demand.
Everything Faheem does becomes a record, locked to the one before it.
last check: intact · you can run this check yourself, any time
Deployment model
Your hardware. Your keys. Your jurisdiction.
One organisation, one installation, inside your own walls. Netveva installs the complete on-prem LLM stack, then hands everything over.
- Runs entirely on servers you buy and own, inside your building.
- Optional full air gap: the network switch goes off, and every external tool refuses to run.
- No telemetry, no remote access, no phone-home. Ever.
- Full handover: every key, credential and admin account ends up with your team.
- One flat yearly subscription instead of per-call API bills. Usage never moves the number.

Reference hardware. Sized to your models and workload during scoping.
Where your data goes
A closed loop, inside your walls.
Documents, models, voice, audit: everything lives and works inside your boundary. The egress meter reads zero because there is nothing to meter.
Your team
chat · voice · task board
Faheem
agentic core · bilingual
Models
served on your hardware
Knowledge base
your documents, indexed locally
Black box
hash-chained record of every action
Optional: Telegram messages transit Telegram servers, clearly logged. Documents, AI processing and voice never do.
What you get
The deepest end of sovereign AI.
Everything Faheem can do, with the strongest boundary around it.
Agentic, not a chatbot
Works a Kanban board on its own: triage, work, self-review, done. Failures retry once, then escalate to you on Telegram with full context.
Tamper-evident black box
A SHA-256 hash-chained log of every query, file operation and outbound byte, anchored with a signed checkpoint. Change one character and the chain breaks at that exact record.
GCC compliance, evaluated live
Total data privacy control across all six Gulf states, scored from real system state. One click exports a Sovereign Report PDF, generated fully offline.
Sovereign knowledge base
Local RAG over your private documents with cited sources. PDF, Word, Excel, PowerPoint. Arabic and English, indexed locally, uploaded nowhere.
Bilingual by design
Automatic language detection and full right-to-left rendering. Ask for a 07:30 Arabic morning brief and it is prepared overnight, on your hardware.
Secrets stay secret
Credentials are injected by reference from a local vault and redacted from results. The model never sees raw values.
Who it is for
For institutions that cannot leak.
Faheem Sovereign exists for organisations where a foreign cloud is not a policy question, it is a hard no. If your data could not survive a leak, this tier was built for you.
- Ministries, regulators and government entities
- Central banks, sovereign wealth funds and financial institutions
- Defence and national security organisations
- Hospitals, clinics and healthcare groups
- Law firms and advisors bound by client confidentiality
- Telecoms, energy and critical infrastructure operators
- Family offices and holding groups
- Any enterprise with data it would never hand to a foreign cloud
Under the hood
Real engineering, not slideware.
The same components on every Faheem deployment, with the boundary drawn at your building. Models are selected at deployment to fit your hardware and jurisdiction.
The other tiers
Same platform. Different boundary.
Sovereign is the flagship: maximum control, on your premises. If you need residency without running hardware, or frontier models behind a privacy gateway, the other tiers are built from the same system.
Questions, answered
Faheem Sovereign, in plain terms.
Is it truly air-gapped?
It can be. Air gap is a deployment choice: with the network switch off, every external tool refuses to run and Faheem operates entirely inside your walls. Many clients keep a controlled connection for Telegram notifications instead; that choice is yours, and either way the AI, your documents and all processing stay local.
Where do the models run?
On your hardware, inside your building. Models are selected at deployment, capable open-weight models or Faheem fine-tuned variants prepared for your domain, and they run on your machines. There is no external AI API anywhere in the loop.
How do updates work without connectivity?
There is no auto-update channel, no telemetry and no remote access, so nothing changes unless you decide it should. Updates are delivered as versioned packages and applied by your team, or by Netveva on site, on your schedule.
Who holds the keys?
You do. Handover includes every key, credential and admin account. Credentials live in a local vault and are injected by reference, so even the model never sees raw values.
How is the audit actually proven?
Every query, file operation and outbound byte is written to a hash-chained black box anchored with a signed checkpoint. Verification recomputes the whole chain and reports the exact record where anything was edited, deleted, reordered or truncated. You can run it yourself, any time, offline.
What hardware do we need?
A GPU server class machine that you buy and own. The stack auto-profiles to the GPU class installed, from data-centre cards to workstation GPUs, and the exact sizing depends on the models and workload you choose. We scope it with you during discovery, before any commitment.
Maximum sovereignty. See it proven.
Book a live demo. We will show you Faheem Sovereign working real tasks with the egress meter at zero and the audit chain verifying in front of you.