Enterprise Tier

For organizations with strict security, compliance, or deployment requirements.

What's included

The Enterprise tier extends the Professional tier with deployment, compliance, and support capabilities that regulated industries and large organizations need. Everything below is in addition to theProfessional tier baseline.

Custom builds

Standard NuGet packages include optional telemetry and license-validation code paths that, while disabled by default, exist in the binary. For deployments where any outbound HTTP capability is a procurement concern (DOE labs, FISMA-moderate systems, air-gapped networks), we ship custom NuGet packages built with the following MSBuild constants set:

  • DISABLE_TELEMETRY — entire AiDotNet.Tensors.Engines.DirectGpu.Telemetry namespace compiled out
  • DISABLE_LICENSE_GUARDBuildKeyProvider and LicenseValidator compiled out; license validation handled by offline file

These flags are cryptographically gated: the open-source build refuses to honor them without a valid Ooples-issued enterprise license. This protects the BSL commercial terms while letting legitimate enterprise customers deploy clean binaries. See build/AiDotNet.Tensors.Enterprise.targetsfor the gate implementation.

Offline / air-gapped license validation

Enterprise customers receive a signed license file (JSON document with ed25519 signature over license metadata). License validation runs entirely offline — no network callout to an Ooples license server is required at any point during build, install, or runtime. License files expire annually per BSL terms and can be renewed by contactingadmin@aidotnet.dev.

FIPS 140-3 compatible cryptography

Enterprise builds use the FIPS 140-3 validated cryptographic provider via .NET 8+ on Linux (OpenSSL FIPS provider). All HMAC, AES-GCM, SHA-256 operations route through the validated module. Compliance documentation includes the relevant CMVP certificate number and a deployment guide for ensuring the FIPS provider is selected at runtime.

NIST SP 800-218 SSDF compliance

Each Enterprise release ships with:

  • SBOM (Software Bill of Materials) in CycloneDX 1.5 format
  • SLSA Level 3 build provenance attestation
  • Signed NuGet packages (Authenticode + nupkg signature)
  • Cryptographic dependency lock file with all transitive package hashes
  • Reproducible-build instructions (deterministic compile flags, locked SDK version)

Support

  • Named support contact with response SLA negotiated per contract (typically: 4 business hours for SEV-1)
  • Direct issue escalation channel (private GitHub repo or Slack)
  • Quarterly architecture review
  • Early access to security advisories

Contact

Email admin@aidotnet.devwith your organization, deployment scope, and any specific compliance requirements. We'll schedule a discovery call and quote based on your environment.

U.S. federal customers (DOE, DOD, civilian agencies, national labs): see also/federal-usefor the federal-specific terms.