Deployment Models¶

We support various Deployment Models to decide "where" tenants will be placed and meet your custom needs:

• Your Account: Deployed in your (SaaS Provider) account
• Bring Your Own Cloud (BYOC): Deployed in your customers' account
• On-premise: Deployed to isolated cloud environments and local hardware
• Omnistrate Account: Deployed in Omnistrate's account

For a comprehensive overview of all deployment scenarios and use cases, visit our Use Cases section.

Deployed in your account (SaaS Provider account)¶

Most common Deployment Model is to deploy in your own account and provide a fully-managed experience to your customers.

Many SaaS Products like Slack, Stripe, GitHub are offered in this model.

Here is a reference architecture:

Customer Networks¶

For enhanced security and network isolation while maintaining this deployment model, you can enable Customer Networks. This advanced feature allows your customers to define network partitioning on dedicated stacks, providing complete isolation and the ability to set up private network paths for customer connectivity. This gives you the benefits of dedicated infrastructure per customer while keeping services self-served and deployed in your account.

To learn more about configuring customer networks, see Customer Networks.

Bring Your Own Cloud (BYOC)¶

Your customers requires that data stays in their account due to security and migration cost. To support them, you have to host your application in their account as a fully-managed solution.

The BYOC tenancy model exactly addresses this use-case by seamlessly establishing the trust relationship between your account and your customers' accounts enabling the deployment and management of resources.

We follow the industry standard secure techniques to reverse the connection to prevent any inbound connections to your customers' account, encrypted channel through TLS and OAuth to secure the connectivity between your customers account and your account.

Many SaaS Products like Databricks, RedPanda BYOC are offered in this model.

Here is a reference architecture:

To learn more, check the BYOC use case.

BYOC Copilot¶

For customers requiring maximum security and control, BYOC Copilot offers an enhanced deployment model where customers can maintain completely offline environments while still receiving on-demand support. In this mode, customers have full control over their infrastructure and can establish secure, temporary support connections only when needed for installations, upgrades, patches, or troubleshooting. This provides the ultimate balance between security, control, and managed service benefits.

Here is a reference architecture:

Learn more about BYOC Copilot in the BYOC Copilot use case.

On-premise¶

On-premise installations are suitable for air-gapped or isolated environments, running on a company's local hardware. This model offers the greatest control, security, and independence but requires high initial costs and internal maintenance. In contrast, cloud installations run on a provider's remote servers, offering significant cost savings through a subscription model, enhanced scalability, flexibility, and faster deployment, though at the cost of less direct control and reliance on the internet and the provider.

Here is a reference architecture:

Learn more about On-Premise in the On-Premise.

Deployed in Omnistrate account¶

If you are a young startup or not that familiar with the cloud or don’t want to deal with the hassle of even creating the cloud account, you can also use Omnistrate hosted mode to deploy your data plane with us.

Here is a reference architecture: