Modern Support Consult

MSC On-Premises Edition (Build)

For air-gapped, regulated, or sovereignty-sensitive environments, MSC can be deployed as a self-contained virtual appliance on Azure Local (formerly Azure Stack HCI), Hyper-V, or VMware infrastructure.

Deployment fit

Sovereignty-first, offline-ready, and customer-controlled.

Security posture

No public exposure required. Internal DNS + HTTPS only.

Azure Local — Microsoft's on-premises cloud platform

Azure Local solution overview showing hybrid cloud architecture

Learn more: Microsoft Learn — Azure Local overview

MSC Appliance Stack

◫Browser (User Access)

◈Reverse Proxy (TLS Termination)

⬡Portal (Next.js Static)

✦API (.NET 8 Worker)

◉Postgres (data + metadata)

◇Artifact store (evidence + exports)

∞Scheduler

◫RASCOM Engine (Module Execution + Optional Local AI)

🖥️Azure Local / Hyper-V / VMware Host

◈ Air-Gapped Ready

Operates fully offline. No internet required after initial deployment. Customer data never leaves the premises.

◫ Multi-User

Team members connect via browser to the same portal instance. Shared journeys, evidence, and artifacts.

∞ Server-Managed Scheduling

RASCOM cycling, maintenance, and artifact generation run automatically via a server scheduler (Hangfire or equivalent).

◫ Optional Local AI

Customer-owned AI management integration API. Optional Ollama/vLLM for local inference without cloud dependency.

How the Appliance Works

1Deploy the VM image to your Azure Local cluster, Hyper-V host, or VMware environment.

2Configure network settings (internal IP/DNS) and import your TLS certificate for HTTPS.

3Access the portal via browser. Team members authenticate via local accounts or optional AD/Entra integration.

4Run journeys — the scheduler executes RASCOM modules, collects evidence, and generates artifacts automatically.

5Export customer-safe deliverables (HTML, PDF, PPTX) for internal distribution — no cloud upload required.

Azure Local — Deploy VMs with Azure Arc

Azure Local VM provisioning through Azure Arc

Learn more: Microsoft Learn — Azure Local VM management (Azure Arc)

Network Modes

◫ Connected Mode

Appliance can reach the internet for optional updates, cloud sync, and external Refresher knowledge. Outbound only — no inbound ports required.

◈ Air-Gapped Mode

Fully isolated. Updates delivered via USB/file transfer. All module content and AI models pre-loaded. Customer data never leaves the network boundary.

Comparison: Cloud vs On-Premises

Feature	Cloud (SWA)	On-Prem Appliance
Deployment	Azure Static Web Apps	VM on Azure Local / Hyper-V / VMware
Internet Required	Yes (always)	Optional (air-gap supported)
Scheduling	Azure Functions timer triggers	Hangfire on local server
Data Residency	Azure region	Customer premises (full control)
Multi-User	Via Entra ID	Local accounts or AD/Entra
AI Integration	Azure OpenAI / external	Optional local LLM (Ollama/vLLM)

Status: The On-Premises Edition is currently in active build (early access / preview).