Roboflow Enterprise · Air-gapped & regulated networks

One auditable door to Roboflow Cloud.

Secure Gateway is a caching HTTP proxy that sits between your inference fleet and Roboflow Cloud. Container images, model weights, RFDM packages, and API calls all flow through one controlled egress point — cached on disk or S3, with every request streamed to your SIEM.

Get Started Read the Manual
terminal 
# Public, anonymous pull. There is no :latest — pin a tag.
$ docker run -d --name secure-gateway \
    -p 80:80 \
    -e CACHE_S3_BUCKET=my-gateway-cache \
    -e CACHE_S3_REGION=us-east-1 \
    repo.roboflow.com/roboflow-edge/secure-gateway:0.1.0-70

$ curl http://localhost/health
{"status":"healthy"}

How it works

One egress point. Everything else stays on your network.

EDGE / OT NETWORK Inference Server Jetson Device Docker Host ... Device N HTTP / HTTPS SECURE GATEWAY Multi-tier Cache Disk or S3 Audit Log Export Webhook · Syslog · File Proxy + Allowlist SSRF-protected TLS Upstream LB or in-pod TLS Inspection Zscaler / corp proxy (optional, CA bundle) HTTPS INTERNET Roboflow api · repo · *.roboflow.cloud
Single controlled egress point
Multi-tier cache, disk or S3
Container image, model & RFDM mirror
SIEM audit log export
SSRF-protected proxy allowlist
Reaches dedicated *.roboflow.cloud
Outbound CA bundle for TLS inspection
Drop-in License Server successor

A caching mirror for your whole Roboflow footprint

Container images (/v2), model weights (/models), RFDM packages (/rfdm), setup scripts, and the API all proxy through the gateway. The first pull fills the cache; every device after that pulls locally. TTLs are tiered by mutability — content-addressed blobs cache for 7 days, models for an hour.

# Second pull — served from cache

GET /models/yolov8n/3

200 · 104 MB · X-Cache: HIT

{"request_id":"a1f3…",

 "client_ip":"10.0.1.42",

 "path":"/models/yolov8n/3",

 "cache_status":"HIT",

 "upstream_domain":"repo.roboflow.com",

 "status_code":200,

 "duration_ms":38}

Audit every request to your SIEM

Each proxied request produces a structured access record. Ship it three ways — a batched webhook (Splunk HEC, Elastic, Datadog), syslog CEF over UDP/TCP (QRadar, ArcSight), or a rotating JSON file for Fluentd, Filebeat, or Promtail. Enable any combination. Know who pulled what, when, and whether it came from cache.

# Reach a dedicated deployment

GET /proxy?url=https://acme.roboflow.cloud/infer/…

200 — allowlisted, SSRF-checked

Air-gapped by design

Devices never touch the public internet directly. The gateway is the only thing that does, and its /proxy route enforces HTTPS, a domain allowlist, and SSRF protection that blocks loopback and private addresses. Dedicated *.roboflow.cloud deployments are reachable out of the box; widen the allowlist with EXTRA_PROXY_HOSTS.

# Point a device at the gateway

curl http://gateway/install-client.sh \

| sudo bash -s -- -s gateway.lan

Drop-in successor to the License Server

Same role in your network, now with caching and audit on top. The gateway serves its own client installer, which rewires a device's Docker daemon proxy, /etc/hosts, and RFDM config to route through it. Existing License Server deployments migrate without touching inference server code.

Ready to lock it down?

Secure Gateway ships with a Roboflow Enterprise license. Talk to us about deploying in your environment, or dive into the manual for Docker, Helm, and turnkey ECS / EKS / GKE examples.

Talk to Sales Read the Manual