Deploy, expose, observe, and monitor private AI inside your boundary.

Iftah AI gives Gulf enterprises a governed way to run private models, agents, and RAG workflows inside customer-controlled infrastructure — across any cloud, on-prem, or air-gapped environment, multi-cloud and hybrid, governed from one control plane. It is productized infrastructure, not a hosted public API or a one-off consulting build.

Talk to an engineerExplore sovereignty

Platform promise

  • Product platform, not consulting
  • Runs in customer-approved infrastructure
  • One governed endpoint for apps and agents
  • Trace evidence and runtime health for day-2 operations

Six products. One governed platform.

Each product does one job well and shares the same identity, policy, and audit plane — so you can deploy, govern, observe, and prove private AI end to end. Run any Hugging Face or Arabic model, on any cloud or on-prem, multi-cloud or hybrid.

Iftah DeployDeployment pipeline
Preview
Deployment & GitOps

Iftah Deploy

Ship and govern private model workloads through GitOps.

Launch, update, and roll back private model deployments through a signed, versioned pipeline. Every change is auditable, with staged canary-to-fleet rollouts and one-click rollback to a previously approved version — online or fully air-gapped.

  • GitOps delivery of signed bundles
  • Staged canary-to-fleet rollout
  • One-click rollback to a pinned version
  • Air-gapped offline update bundles
  • Live model inventory, versions & cache state
  • Full audit of what is running where
Iftah GatewayGateway routing
Preview
Governed access

Iftah Gateway

One OpenAI-compatible endpoint for every approved model.

A single governed gateway for all your apps, agents, and assistants. Identity-aware routing to approved models, per-team rate limits and budgets, usage attribution, and guardrails on every request — with the served model verified against what was approved.

  • OpenAI-compatible API
  • Approved-model access groups
  • SSO-backed virtual keys
  • Rate limits & budgets per team
  • PII/PHI & prompt-injection guardrails
  • Served-model verification
Iftah ObserveTrace explorer
Preview
Tracing & evaluation

Iftah Observe

See and prove every request — traces, cost, and quality.

Full visibility into every call: request traces, latency, token and cost breakdowns, and quality evaluations. Configurable prompt/response handling, redaction, and metadata-only modes keep observability compatible with your data-handling rules.

  • End-to-end request traces
  • Latency, token & cost dashboards
  • Quality evaluations
  • Redaction & metadata-only modes
  • Sampling & retention controls
  • Per-team and per-app attribution
Iftah GatekeeperPolicy editor
Preview
Policy & authorization

Iftah Gatekeeper

The policy decision point — default-deny on every request.

Every request is authorized against policy before it reaches a model: identity and data classification are checked, the request is pinned to an approved deployment, and anything not explicitly allowed is denied. Decisions are fast, fail-closed, and recorded in a content-free audit trail.

  • Policy-as-code decisions
  • Default-deny, fail-closed
  • Identity + classification checks
  • Deployment pinning (no substitution)
  • Retrieval attestation for RAG
  • Content-free decision audit
Iftah AI ServiceSizing calculator
Preview
Sizing & readiness

Iftah AI Service

Right-size, generate, and prove readiness before go-live.

The control service that turns a model choice into a deployable, reviewable plan: GPU sizing for your concurrency and latency targets, generated deployment manifests, dry-run policy checks, and a readiness report your reviewers can sign off before anything goes live.

  • GPU & capacity sizing
  • Deployment manifest generation
  • Dry-run policy validation
  • Readiness & decision reports
  • Concurrency / latency planning
  • GitOps hand-off to Deploy
Iftah ClusterGuardAdmission policies
Preview
Cluster admission control

Iftah ClusterGuard

Only approved, signed artifacts ever run.

Admission control at the Kubernetes boundary: only signed, approved images and configurations are allowed to run, unauthorized or drifted changes are blocked, and every denial is recorded. Namespace isolation and network policies keep workloads contained.

  • Admission policy enforcement
  • Signed-image / approved-artifact gating
  • Drift & tamper prevention
  • Namespace isolation
  • Network ingress/egress policies
  • Audited denials

Next step

Review Iftah AI against your environment before choosing the first workload.

Talk to an engineer