Maintaining operational stability while securing infrastructure against an ever-growing list of vulnerabilities is a daily balancing act. Red Hat Lightspeed provides the core services required to manage your infrastructure at scale.

However, getting the most out of these services requires making a strategic decision: How should your infrastructure connect to Red Hat Lightspeed?

The process of choosing a deployment architecture goes beyond engineering; it must also take business strategy into account, as it affects your data privacy, infrastructure costs, and operational agility. Red Hat Lightspeed offers 3 distinct architectural models, outlined in Figure 1.

Lightspeed architectural models

Figure 1. Lightspeed architectural models

The model you choose will depend on your organization's regulatory requirements and risk appetite. Here’s how to think about the ways each model might align with your business goals.

Hosted (direct): Maximum agility and lowest TCO 

In the hosted model, which is included in your Red Hat Enterprise Linux (RHEL) subscription, every RHEL node in your environment connects directly to Red Hat Lightspeed via the internet.

  • The business value: This is the ultimate low-friction approach. It offers the fastest time to value with minimal setup complexity. Your teams gain immediate, real-time access to the full suite of services, including advisor, vulnerability, and compliance services, without any additional infrastructure overhead. This capability is included in your RHEL subscription.
  • The trade-off: Every node requires outbound internet access, and telemetry data resides in the Red Hat-hosted cloud.
  • The verdict: Ideal for organizations prioritizing speed, minimizing infrastructure costs, and operating in standard commercial environments where public cloud data residency is acceptable.

Proxied via Satellite: The secure middle ground

For organizations that need centralized control over their network traffic, the proxied via Satellite architecture provides an elegant compromise. Internal nodes remain safely isolated from the public internet, routing all Red Hat Lightspeed traffic through a centralized Red Hat Satellite egress gateway.

  • The business value: You maintain the real-time cloud sync benefits and full feature availability of the hosted model, but with a significantly enhanced security posture. Your internal network remains dark to the outside world, satisfying the requirements of most internal security and compliance teams.
  • The trade-off: Setup complexity is moderate, requiring the management of a Red Hat Satellite infrastructure.
  • The verdict: The gold standard for standard enterprise and financial environments. It balances robust internal network security with the power of real-time cloud analytics.

This feature requires a Red Hat Satellite subscription.

On-premise (air-gapped): Absolute data sovereignty

Organizations in industries like defense or critical infrastructure, or in highly regulated public sectors, cannot allow any data to leave their physical networks. For these environments, Red Hat Lightspeed offers a subset of services in an on-premise architecture that uses disconnected Red Hat Satellite syncs and containerized Red Hat Lightspeed services.

  • The business value: Uncompromising data residency. Telemetry data is analyzed entirely within your walls. With this model, you can still leverage powerful analytics (advisor) and vulnerability tracking without violating strict air-gap mandates.
  • The trade-off: While setup complexity is manageable (moderate), this model requires maintaining locally synced data rather than relying on real-time cloud updates.
  • The verdict: The mandatory choice for zero-trust, highly classified, or strictly regulated environments where absolute data sovereignty is the non-negotiable priority.

This feature requires a Red Hat Satellite subscription.

Making the right call

Select the architecture that aligns with your operational capabilities and risk tolerance; there is no universal right choice.

By understanding the differences between hosted, proxied, and on-premise deployments, decision makers can give their teams the tools they need to proactively secure and manage their RHEL fleets, without compromising their organization's compliance and security standards.

Additional reading

Essai de produit

Red Hat Enterprise Linux AI | Essai de produit

Essayez gratuitement Red Hat Enterprise Linux AI pendant 60 jours, une plateforme optimisée pour l'exécution des grands modèles de langage.

À propos de l'auteur

As a Senior Principal Technical Marketing Manager in the Red Hat Enterprise Linux business unit, Matthew Yee is here to help everyone understand what our products do. He joined Red Hat in 2021 and is based in Vancouver, Canada.

UI_Icon-Red_Hat-Close-A-Black-RGB

Parcourir par canal

automation icon

Automatisation

Les dernières nouveautés en matière d'automatisation informatique pour les technologies, les équipes et les environnements

AI icon

Intelligence artificielle

Actualité sur les plateformes qui permettent aux clients d'exécuter des charges de travail d'IA sur tout type d'environnement

open hybrid cloud icon

Cloud hybride ouvert

Découvrez comment créer un avenir flexible grâce au cloud hybride

security icon

Sécurité

Les dernières actualités sur la façon dont nous réduisons les risques dans tous les environnements et technologies

edge icon

Edge computing

Actualité sur les plateformes qui simplifient les opérations en périphérie

Infrastructure icon

Infrastructure

Les dernières nouveautés sur la plateforme Linux d'entreprise leader au monde

application development icon

Applications

À l’intérieur de nos solutions aux défis d’application les plus difficiles

Virtualization icon

Virtualisation

L'avenir de la virtualisation d'entreprise pour vos charges de travail sur site ou sur le cloud