The challenge
Thales operates restricted on-premise environments for defense programs across Europe. Each environment must be homologated, meaning qualified and certified to specific national security standards before it can handle classified or sensitive workloads.
These environments are isolated by design. They cannot depend on cloud services. Each one requires independent security controls that satisfy sovereign requirements. Adding new security tooling to a certified infrastructure is inherently difficult: any change risks invalidating the homologation.
Thales needed a way to enforce Zero Trust segmentation and access control inside these restricted environments without modifying the existing certified infrastructure and without any external dependency.
The solution
Thales deployed the Access Gate as an appliance within each restricted environment. The overlay networking model creates segmentation on top of the existing infrastructure, enforcing access policies without touching the certified network underneath.
The deployment is air-gap compatible. There is zero cloud dependency. All policy enforcement, logging, and management happen on-premise. Data never leaves the environment.
Each environment gets its own independent Access Gate deployment, maintaining the isolation that homologation requires. Identity-based access control governs who can reach what inside each perimeter.
The 4-hour deployment time means new environments can be stood up and secured quickly, without lengthy integration projects.
Results
Thales has been running Access Gate in production for over a year across multiple homologated environments. Each deployment took 4 hours from installation to enforcement.
The system has been stable throughout. No outages. No conflicts with existing certified infrastructure. Homologation requirements are met without compromise.
The approach scales: every new restricted environment follows the same 4-hour deployment pattern, with the same sovereign guarantees.