Enterprise Pack — Active Mirror

1. Architecture Overview

The Sovereign Stack

Active Mirror runs entirely within your perimeter. No data is sent to Active Mirror Inc. or any third party unless explicitly configured via the Hybrid Gateway.

APPLICATION LAYER
Internal Apps · Slack/Teams · IDEs
↓

                            GOVERNANCE GATEWAY (AMGL)
Auth · Rate Limiting · PII Redaction · Audit Log
↓
INFERENCE ENGINE
vLLM · Ollama · TGI · (Local Weights)

2. Security & Threat Model

Data Exfiltration

Risk: Sending IP to public model providers.
Mitigation: Local-only runtime. Network egress blocked at firewall level. Offline operation.

Prompt Injection

Risk: Malicious users hijacking the model.
Mitigation: AMGL Guard v1.1 regex filtering. Pre-inference input scanning. Context length limits.

Hallucination

Risk: Model generating false facts.
Mitigation: Truth-State Validator classifies outputs as ESTIMATE or UNKNOWN if low confidence. RAG-grounding enforcement.

3. Deployment Models

Component	Air-Gapped (Top Secret)	Hybrid (Enterprise)
Connectivity	None (VPC / Physics Gap)	Restricted Egress
Models	Llama 3, Mistral (Local)	Local + Claude/GPT via Gateway
Updates	Manual (USB/Sneakernet)	Automated (Docker Registry)

4. Logging & Retention

Audit Trails

Every interaction is logged with the following schema:

                    {

                      "timestamp": "2025-12-25T10:00:00Z",

                      "user_id": "u_12345",

                      "input_hash": "sha256...",

                      "output_hash": "sha256...",

                      "guard_status": "PASS",

                      "truth_state": "FACT"

                    }

Ready to Deploy?

Contact our engineering team for sizing and installation.

Contact Engineering →