Cloud-only LLMs break on jurisdiction, logging, and control. DWS ships the NVIDIA stack on-site, with customer-owned hardware, bridged inference, and auditable handoff.
NVIDIA's own GB10 Grace Blackwell desktop AI workstation — same silicon as the Acer Veriton GN100, shipped with NVIDIA branding for customers who want the NVIDIA logo on the box. Includes on-site install + full Lifetime service wrap.
Same NVIDIA NIM bundle as the Control Room SKU: Llama Nemotron Nano/Super/Ultra, Cosmos Reason 2 / Predict 2.5 / Transfer 2.5, Cosmos Nemotron VLMs, Nemotron Speech / RAG / Safety, Isaac ROS, CV-CUDA, TensorRT-LLM. Refreshed monthly via the Sovereign Model Updates Subscription.
This SKU pairs with the other sovereign hardware on the ladder. See Control Room, Situation Room, Jetson Sensor Nodes, and NVIDIA Model Install. The full moat sits below.
NVIDIA is the credibility layer — production silicon and models customers already trust. The actual moat is what surrounds the box: jurisdiction, ownership, bridged architecture, auditable handoff, and a Finnish service team. Common LLM vendors can copy model access. They cannot easily copy the jurisdiction, the install, the compliance trail, or the service wrapper.
OpenAI, Anthropic, Google Vertex, Mistral cloud — every cloud-only LLM hits the same four hard failures the moment the workload sits inside an EU-regulated industry:
| Failure mode | Why it kills the use case |
|---|---|
| CLOUD Act exposure | US-incorporated cloud means US law can compel access to your customer data. Defence, healthcare, dual-use, critical infrastructure: instant deal-breaker. |
| GDPR Article 5(f) & Schrems II | Customer data crossing to a third-country processor without an adequate lawful basis is automatic GDPR liability. |
| NIS2 — 24 h incident report | Critical entities (energy, water, transport, finance, health, digital, public admin) must report incidents in 24 h. You can't reconstruct what the model did when the logs live in someone else's cloud. |
| EU AI Act Article 12 logging | Required immutable record-keeping for high-risk AI. Cloud LLMs don't surface prompt / response / decision logs at the granularity an inspector demands. |
NVIDIA does the credibility work. Buying this stack is buying the same NVIDIA components NVIDIA itself ships — not a research project, not a custom-silicon bet, not vendor risk. Customers, inspectors, and procurement teams already trust the NVIDIA name. That's half the sales conversation gone before we walk in.
Itemised. No black box. Customer signs off on what arrived, what is installed, and what gets pushed each month.
| Item | What it is | When |
|---|---|---|
| NVIDIA hardware | Acer Veriton GN100 (or DGX Spark / Veriton 2000 / customer-supplied NVIDIA-capable) — pre-imaged, customer-owned | Day 0 |
| On-site install | Lifetime engineer: validates CUDA drivers, loads NVIDIA NIM bundle, brings up local MCP endpoint, sanity-tests first inference end-to-end | Day 0–1 |
| Operator training drill | 30-min scenario rehearsal with your team · signed install protocol · runbook handover | Day 1 |
| Article 12 immutable log | Live from minute one · 7-year retention · cryptographic hash chain · sealable for inspector handover | Day 1 |
| Monthly NVIDIA refresh | New Llama Nemotron NIMs, Cosmos checkpoints, Nemotron Speech, TensorRT-LLM kernels, GB10-tuned quantization | Monthly |
| Weekly security backports | CUDA driver patches, container CVE fixes, OpenSandbox + Ubuntu 24.04 LTS updates | Weekly |
| Daily hotfixes (when needed) | Zero-day CVE patches, NVIDIA driver hotfixes, model-side jailbreak mitigations — pushed within 24 h | As needed |
| 24/7 technical support | Named Finnish engineer · SLA sized to your operation · production incidents covered | Ongoing |
| Warranty servicing | We handle hardware warranty for you (Acer GN100 RMA paperwork, swap-out coordination, redeploy) | Ongoing |
| Remote configuration | Bundle switches, patches, OS updates over your secure tunnel — sovereign always | Ongoing |
You're not buying a sealed appliance. The GN100 ships with a full Ubuntu 24.04 LTS stack you own and extend. Cron jobs, systemd timers, Docker compose stacks, custom Python services, REST gateways — anything that runs on Linux runs here, alongside the NVIDIA model stack.
| Build capability | What customers actually do with it |
|---|---|
| Ubuntu 24.04 LTS — full Linux platform | Root access. Standard apt / systemd / cron / journald — everything your DevOps already knows. Pre-imaged but never sealed. |
| cron / systemd timer workflows | Schedule nightly ETL into the Article 12 log · 06:00 dispatch-readiness report · weekly Nemotron RAG re-index of your SOPs · monthly CSRD evidence bundle export. Workflow scheduling is built-in. |
| Docker / Docker Compose + OpenSandbox | Drop in your own containers next to the NVIDIA NIMs — internal microservices, custom ETL, in-house ML models. OpenSandbox keeps them isolated from each other and from the NIM stack. |
| Local MCP server | Wire Claude Code / your IDE / your dispatcher app to the box over your internal network. No internet hop. Customer-supplied MCP tools mount alongside ours. |
| Pre-installed toolchain | PyTorch, Jupyter, Ollama, vLLM, TensorRT-LLM, NVIDIA NIMs — ready out of the box. Bring your own libraries via apt / pip / conda. |
| Article 12 log API | HTTP API for read-only access to the immutable log. Wire it to your SIEM, your CSRD platform, your inspector portal. The log is yours; the API is documented. |
| REST / webhook gateway | Expose any agent or model as an internal HTTP endpoint for your ERP, dispatcher, ticketing system — sovereign, on-prem, no third-party API call. |
| Bring-your-own model | Drop a custom fine-tune (Llama / Mistral / Qwen variants) into the NVIDIA NIM runtime alongside the curated bundle. The box doesn't care whether the weights came from NVIDIA or you. |
| Air-gap switchable | Firewall policy can cut external network at any time. Update tunnel opens only when you allow it; otherwise the box runs fully offline for as long as you want. |
Six layers. Each is hard. The combination is harder. This is what the customer is really buying — and why a cloud LLM vendor can't compete on the same axis.
| Moat layer | Why it's hard to copy |
|---|---|
| EU-sovereign jurisdiction | Lifetime Oy is Finnish-registered (Y-tunnus 0772407-9), EU-based. A US or non-EU vendor cannot credibly sell "EU sovereign" to a defence ministry, a NIS2 operator, or a CER critical entity. Jurisdiction can't be cloned. |
| Customer-owned hardware | The customer owns the box. We don't host anything. CLOUD Act exposure and Schrems II concerns die in one move. A SaaS vendor can't replicate this without reinventing themselves as a hardware vendor — and most won't. |
| Bridged inference architecture | The GN100 ConnectX-7 bridge for 405 B-param models, TensorRT-LLM tensor parallel, and Article 12 log replication across nodes — that's months of engineering against a specific hardware topology. Cloud vendors don't optimise for "your customer's two-node cluster". |
| Auditable handoff | Signed install protocol + Article 12 cryptographic log + operator drill = inspector-friendly out of the box. Most AI vendors leave compliance evidence as the customer's homework. We make it the install deliverable. |
| Service wrapper depth | Operator training + 24/7 named-engineer support + warranty servicing + remote configuration — a Finnish team that answers the phone. Copy that without a Finnish team, an EU office, and a regulated-industry customer base. |
| Front-line feedback loop | VPK / industry-specific operator notes → next month's NVIDIA NIM bundle. Field experience in EU-regulated operations compounds month over month. New entrants start at month zero. |
The pattern repeats across every EU-regulated industry. Sovereign on-site NVIDIA stack + service wrapper. Different bundle per industry, same moat.