Maintaining operational stability while securing infrastructure against an ever-growing list of vulnerabilities is a daily balancing act. Red Hat Lightspeed provides the core services required to manage your infrastructure at scale.

However, getting the most out of these services requires making a strategic decision: How should your infrastructure connect to Red Hat Lightspeed?

The process of choosing a deployment architecture goes beyond engineering; it must also take business strategy into account, as it affects your data privacy, infrastructure costs, and operational agility. Red Hat Lightspeed offers 3 distinct architectural models, outlined in Figure 1.

Lightspeed architectural models

Figure 1. Lightspeed architectural models

The model you choose will depend on your organization's regulatory requirements and risk appetite. Here’s how to think about the ways each model might align with your business goals.

Hosted (direct): Maximum agility and lowest TCO 

In the hosted model, which is included in your Red Hat Enterprise Linux (RHEL) subscription, every RHEL node in your environment connects directly to Red Hat Lightspeed via the internet.

  • The business value: This is the ultimate low-friction approach. It offers the fastest time to value with minimal setup complexity. Your teams gain immediate, real-time access to the full suite of services, including advisor, vulnerability, and compliance services, without any additional infrastructure overhead. This capability is included in your RHEL subscription.
  • The trade-off: Every node requires outbound internet access, and telemetry data resides in the Red Hat-hosted cloud.
  • The verdict: Ideal for organizations prioritizing speed, minimizing infrastructure costs, and operating in standard commercial environments where public cloud data residency is acceptable.

Proxied via Satellite: The secure middle ground

For organizations that need centralized control over their network traffic, the proxied via Satellite architecture provides an elegant compromise. Internal nodes remain safely isolated from the public internet, routing all Red Hat Lightspeed traffic through a centralized Red Hat Satellite egress gateway.

  • The business value: You maintain the real-time cloud sync benefits and full feature availability of the hosted model, but with a significantly enhanced security posture. Your internal network remains dark to the outside world, satisfying the requirements of most internal security and compliance teams.
  • The trade-off: Setup complexity is moderate, requiring the management of a Red Hat Satellite infrastructure.
  • The verdict: The gold standard for standard enterprise and financial environments. It balances robust internal network security with the power of real-time cloud analytics.

This feature requires a Red Hat Satellite subscription.

On-premise (air-gapped): Absolute data sovereignty

Organizations in industries like defense or critical infrastructure, or in highly regulated public sectors, cannot allow any data to leave their physical networks. For these environments, Red Hat Lightspeed offers a subset of services in an on-premise architecture that uses disconnected Red Hat Satellite syncs and containerized Red Hat Lightspeed services.

  • The business value: Uncompromising data residency. Telemetry data is analyzed entirely within your walls. With this model, you can still leverage powerful analytics (advisor) and vulnerability tracking without violating strict air-gap mandates.
  • The trade-off: While setup complexity is manageable (moderate), this model requires maintaining locally synced data rather than relying on real-time cloud updates.
  • The verdict: The mandatory choice for zero-trust, highly classified, or strictly regulated environments where absolute data sovereignty is the non-negotiable priority.

This feature requires a Red Hat Satellite subscription.

Making the right call

Select the architecture that aligns with your operational capabilities and risk tolerance; there is no universal right choice.

By understanding the differences between hosted, proxied, and on-premise deployments, decision makers can give their teams the tools they need to proactively secure and manage their RHEL fleets, without compromising their organization's compliance and security standards.

Additional reading

Produkttest

Red Hat Enterprise Linux AI | Testversion

Laden Sie die kostenlose 60-tägige Testversion von Red Hat Enterprise Linux AI herunter, einer für das Ausführen von LLMs optimierten Plattform.

Über den Autor

As a Senior Principal Technical Marketing Manager in the Red Hat Enterprise Linux business unit, Matthew Yee is here to help everyone understand what our products do. He joined Red Hat in 2021 and is based in Vancouver, Canada.

UI_Icon-Red_Hat-Close-A-Black-RGB

Mehr erfahren

Nach Thema durchsuchen

automation icon

Automatisierung

Das Neueste zum Thema IT-Automatisierung für Technologien, Teams und Umgebungen

AI icon

Künstliche Intelligenz

Erfahren Sie das Neueste von den Plattformen, die es Kunden ermöglichen, KI-Workloads beliebig auszuführen

open hybrid cloud icon

Open Hybrid Cloud

Erfahren Sie, wie wir eine flexiblere Zukunft mit Hybrid Clouds schaffen.

security icon

Sicherheit

Erfahren Sie, wie wir Risiken in verschiedenen Umgebungen und Technologien reduzieren

edge icon

Edge Computing

Erfahren Sie das Neueste von den Plattformen, die die Operations am Edge vereinfachen

Infrastructure icon

Infrastruktur

Erfahren Sie das Neueste von der weltweit führenden Linux-Plattform für Unternehmen

application development icon

Anwendungen

Entdecken Sie unsere Lösungen für komplexe Herausforderungen bei Anwendungen

Virtualization icon

Virtualisierung

Erfahren Sie das Neueste über die Virtualisierung von Workloads in Cloud- oder On-Premise-Umgebungen