Sites, modules, sovereign cloud, cybersecurity, applications — each layer is a distinct product. Pick what solves your problem. Own more as your demand grows.
Domain agents, vertical apps, and MCP-style skills running on your infrastructure — citizen services, CBDC, defence copilots, finance assistants, healthcare AI.
PQC + QKD defence-in-depth, sovereign HSMs, and crypto-agility — protecting workloads with sensitivity lifecycles measured in decades.
Bare-metal, VMs, GPU pools, QPU queues, object/block/file storage — all in-country, addressable from a single white-label control plane.
Three steel modules, twenty 20 kW racks, dual UPS, in-row DX cooling — witness-tested before shipping. Capacity lands when the trailer arrives.
SEZ land tenure, geothermal and hybrid renewables, fibre, water — the physical conditions that make sovereign compute possible at all.
A complete 400 kW Tier III data centre packaged into three insulated steel modules. Twenty 20 kW racks, dual UPS, eighteen in-row cooling units, hot-aisle containment, integrated fire detection and suppression — all assembled, witness-tested, and commissioned at the factory before being trucked to site. Civil works run in parallel; capacity lands when the trailer arrives.
Three insulated steel enclosures combine into one Tier III data centre: two IT rooms hosting twenty 20 kW racks plus a dedicated power-and-cooling room. Witness-tested at the factory before shipping.
An EIA-310-D cabinet with 70% perforated front and split rear doors that open 130° for service. Tool-less doors, removable power trough, and a removable bottom cover for raised-floor cabling. Frame rated to 1,420 kg, IP20.
A real-time platform spanning every rack and site: live PUE and energy analytics, rack-level asset and capacity views, ITIL-aligned incident and work-order flow, plus a mobile inspection app with QR-coded assets.
Two 1,600 A main distribution boards with automatic transfer, two 500 kVA UPS systems, and vertical PDUs giving every rack independent A and B feeds. No single point of failure.
Eighteen in-row DX cooling units with paired outdoor condensers, hot-aisle containment throughout, and a dedicated split system for the electrical room — independently validated against Nairobi's 20-year ASHRAE profile at 400 kW IT load.
Multiple terrestrial and submarine carriers terminating into a meet-me room. Customer cross-connects on request, no lock-in.
Modules are wired, plumbed, and commissioned off-site, then put through a factory witness test. Civil works run in parallel; capacity lands when the trailer arrives.
Insulated 80 mm steel panels with 60-minute fire rating, EI60-rated entrance and internal doors, integrated detection and clean-agent suppression. Optional aspirating smoke detection for early warning.
Optional PoE-managed access control with card-and-keypad readers on EI60 doors, full IP CCTV with NVR, and a managed PoE switch — all wired, mounted, and configured at the factory.
Sites placed where the energy, fibre, and regulatory clarity converge. Operated by local teams under local jurisdiction, monitored from the DCIM platform you control.
Performance verified at Nairobi altitude across the full annual temperature band — efficiency holds where most reference designs degrade.
Factory-assembled modules deliver a complete Tier III megawatt at a fraction of a ground-up build's cost, and compress time-to-deploy from 18–36 months down to about six. Every infrastructure decision sized to maximise compute per watt and compute per dollar.
Each rack is engineered backwards from the workload — every watt of the 20 kW envelope spent on compute, or every rack unit spent on capacity, sized to what the customer actually runs. Five reference configurations cover the most common sovereign-compute use cases — four compute-led, one storage-led — and everything ships pre-integrated, cabled, and commissioned.
A single 20 kW rack pre-built for university, lab and research workloads — three CPU nodes for general compute, two 8-GPU training nodes, and a half-petabyte NAS, on a redundant 25 / 100 G fabric. Fourteen rack units left free for the team to grow into.
Five 20 kW racks built around 8-GPU training systems, each paired with a Blackwell-class PCIe accelerator node to fully utilise the 20 kW envelope. Engineered for large-model training and high-throughput inference, with a flat 400 G fabric across the cluster. Ships pre-integrated with vLLM, Ollama, and an OpenAI-compatible endpoint — the same serving stack as the sovereign cloud, on dedicated silicon. Two tiers: latest-generation or prior-generation HGX.
Five 20 kW racks built around dense PCIe inference nodes — tuned for serving traffic, not training runs. Memory-bandwidth-rich silicon, packed as tightly as the 20 kW envelope allows, behind a vLLM-class serving stack with continuous batching and paged-KV-cache. Optimised for the metric that actually shows up on the bill: cost per million tokens out, not peak FP16 TFLOPS.
Five 20 kW racks built around a non-mainstream AI accelerator paired with general-purpose PCIe compute. For customers who want serious training and inference capacity without committing the entire stack to a single silicon supplier — sovereignty and supply-chain diversity, by design.
Storage-led racks shaped to whatever the customer actually holds — from a few hundred terabytes for a research lab to multiple petabytes per rack for sovereign archives, scientific data lakes, and long-tail data residency. Mostly disk shelves, a slim controller, and the same dual-corded power and 25 / 100 G fabric the compute racks ride on. Configurations span all-flash for low-latency archive, hybrid NVMe + HDD, and pure HDD for true cold tiers.
We engineer infrastructure backwards from the application — not from the catalogue — to match each workload and its environment. Optimal performance, cost-efficiency, and seamless integration with the modular Tier III data centre that hosts it.
Configurations selected by end-use case — AI inference, HPC analytics, training, storage. The most suitable hardware system is determined by the use case's performance requirements and cost constraints, not by what's on a SKU sheet.
Vertical and horizontal scaling paths to track software evolution, with margins of safety so customers never top off on compute. Cooling, IT-load and space envelopes are sized after the application is locked, not before.
Competitive CapEx operationalised through energy-aware configurations and PUE-tuned designs. A modular growth model — capacity follows demand, not the other way around — keeps every euro and every watt working.
Encrypted storage, tamper-evident racks, in-jurisdiction compute. High availability and extended warranties are included by default — never retrofitted at the contract stage.
Compute racks are sized so steady-state load lands ≈95% of the 20 kW envelope; storage racks are sized to whatever capacity the customer actually holds. Every dollar of CapEx spent on what gets used, not stranded.
Every node is dual-corded across A and B PDUs and sized so that on single-feed failover, the surviving feed carries the full ≈19 kW load within budget.
Cluster-wide Ethernet — 25 / 100 G for the research rack and the inference cluster, full 400 G for training and open-accelerator clusters — built around a vendor-open switch stack rather than a closed network silo.
Crating, freight, on-site rack-and-stack, network and software bring-up — handled by a specialist field team. Customer takes delivery of a working cluster, not a parts list.
Every configuration — research rack, training cluster, inference cluster, open accelerator, cold-storage rack — is sized to the same 20 kW rack envelope used in the 400 kW MDC, so compute and storage live side-by-side under the same facility, DCIM, and cooling budget.
Where the workload demands the latest GPU silicon, we ship it. Where customers want to hedge supply-chain or sovereignty risk, we offer a fully-credible non-mainstream accelerator path — same rack, same fabric, same operating model.
The research-rack reference design — three CPU nodes, two 8-GPU training nodes, half-petabyte NAS, dual leaf fabric, dual-corded power. Click any unit to inspect its hardware, networking, and load.
Two GPU nodes for training and high-throughput inference. Three CPU nodes for general compute and orchestration. One NAS for shared training data and checkpoints. Two leaf switches and two PDUs in active/active redundancy. Hover any rack unit to highlight its connection.
—
| Device | PSU config | Feed A draw | Feed B draw | Total | Notes |
|---|---|---|---|---|---|
| GPU Node 1 | 2× 3 kW redundant | 3.25 kW | 3.25 kW | 6.50 kW | Active/active across A+B |
| GPU Node 2 | 2× 3 kW redundant | 3.25 kW | 3.25 kW | 6.50 kW | Active/active across A+B |
| CPU Node 1 | 2× 1.6 kW redundant | 0.75 kW | 0.75 kW | 1.50 kW | Active/active across A+B |
| CPU Node 2 | 2× 1.6 kW redundant | 0.75 kW | 0.75 kW | 1.50 kW | Active/active across A+B |
| CPU Node 3 | 2× 1.6 kW redundant | 0.75 kW | 0.75 kW | 1.50 kW | Active/active across A+B |
| NAS | 2× 1.6 kW redundant | 0.50 kW | 0.50 kW | 1.00 kW | Active/active across A+B |
| Asterfusion leaves | 2× PSU per switch | 0.28 kW | 0.27 kW | 0.55 kW | Primary on A, redundant on B |
| Feed totals | 9.53 kW | 9.52 kW | 19.05 kW | Failover load per feed: ≈ 19 kW (within 20 kW budget) |
Load figures are steady-state estimates derived from component TDPs (EPYC 9965 ≈ 500 W; RTX 5090 ≈ 575 W TGP) plus platform overhead. Peak training bursts can push GPU nodes ≈ 10–15% higher — size PDUs and breakers for peak, not average. On single-feed failover the surviving feed carries the full ≈19 kW, so both PDUs are sized to 20 kW.
A complete sovereign cloud stack: bare metal and virtual machines for general-purpose CPU workloads, multi-tenant GPU pooling for AI training and inference, sandboxed access to partner quantum hardware, and object, block and filesystem storage — all under one API, all in your jurisdiction. Built on best-of-breed open source where it adds leverage, white-labelled where it pays.
Bare metal servers, virtual machines, managed Kubernetes, and managed databases for everything that isn't AI training. Provision in minutes through a single API; private VPCs, firewalls, and cross-cloud gateways for hybrid workloads. The right answer for web services, data platforms, internal tooling, and the long tail of compute that doesn't need a GPU.
Software-defined GPU pooling layered on Navon's bare metal — overcommit-aware scheduling pushes utilisation toward 100%, with VRAM and TFLOPS provisioned in real time. Rebrandable self-service portal, consumption billing per tenant, and a one-click model library. White-labelled on the hosted·ai GPU cloud platform.
Production model serving on owned GPU pools — vLLM, TGI, and TensorRT-LLM for high-throughput workloads, Ollama-ready for self-hosted open weights. An OpenAI-compatible endpoint sits in front, so SDKs and tools you've already integrated — LangChain, LiteLLM, OpenRouter, LlamaIndex, Cursor — work without code changes. Bring your stack; we provide what's underneath.
Sandboxed access to curated partner quantum hardware via a queue API — algorithm development, benchmarking, and hybrid HPC + QPU pipelines, all under Navon's sovereignty posture. For research teams, defence labs, and government programmes building toward post-classical workloads alongside their classical compute.
NVMe-backed object, block, and filesystem storage tiered to match the workload — fast media for live data, hybrid for working sets, cold HDD for archive and compliance retention. S3-compatible API for object, POSIX for filesystem, iSCSI for block. All in the customer's jurisdiction by default; cross-region replication only on explicit request.
Cloud customers who can size their floor — production inference, recurring training jobs, working-set storage — pre-commit a 1-year or 3-year horizon and land closer to colocation economics than to public cloud, without leaving the jurisdiction.
Indicative anchors · normalised to a $1,000/mo baseline · final pricing confirmed at contract
The big three (AWS, Azure, GCP) run proprietary stacks top-to-bottom. There's a parallel universe of open-source projects that, composed correctly, replicate most of what a hyperscaler does — already in production at OVHcloud, CERN, Walmart and dozens of telcos. We've assembled the full stack, layer by layer, and engineered around the gaps the open ecosystem leaves behind.
Pure open source has known gaps — billing & invoicing, marketplace & service catalogue, global traffic management, managed-database wrappers, SLA & support tooling. These are where most open-stack projects die. Our white-label control plane closes them — so customers get the cost-curve and sovereignty of open source and the polish of a commercial cloud.
On top of the seven-layer base, three upstream OSS projects sit inside the GPU layer where they matter most — distributed inference, memory optimisation, and AMD-tuned kernels. Credit and links to upstream below.
A decentralised LLM inference engine that splits transformer blocks across heterogeneous peers. Workers run with as little as 4 GB VRAM, so models that don't fit any single node still run cleanly across the cluster — useful for very large open-weight models on mixed silicon.
SVD-compressed inference for memory-bandwidth-bound workloads — demonstrated ≈1.45× end-to-end speedup on Llama-class models with logit-matched accuracy. Useful where serving cost is gated by memory throughput rather than raw FLOPs.
Optimised distributed kernels for 8× AMD MI300X — All-to-All for MoE, GEMM-ReduceScatter for tensor parallelism, AllGather-GEMM for distributed inference. Where customers run AMD silicon for inference, we ship these for the throughput uplift.
Every workload — CPU, GPU, QPU job, storage object — lands and lives within the customer's jurisdiction. Cross-border replication only on explicit contract, never by default.
Bare metal, VMs, GPU pools, QPU queues, and storage tiers all addressable through the same REST API and the same self-service portal. Customers don't switch consoles to switch silicon.
Take the platform under your brand — telcos, ministries, and DFIs run a sovereign cloud with their colours, their pricing, their tenants. The hosted·ai layer rebrands end-to-end; the rest of the stack follows.
Every operator action exposed through REST, with Terraform providers and Ansible playbooks for repeatable deployment and Day-2 ops. Automation-first, console-second.
VRAM-hours, TFLOPS, CPU cores, storage GB-month, bandwidth, QPU shots — all metered and billed per tenant, with regional pricing across multi-DC and built-in WHMCS hooks.
30+ GPU SKUs across both major vendors, alternative non-mainstream accelerators, and curated partner QPU hardware — all addressable from the same control plane. No silicon lock-in.
Security without sovereignty is rented trust. Sovereignty without quantum protection has an expiration date. Navon collapses the two into a single deployable platform — the modular shell, the power, and the cryptographic layer, all under the customer's flag, all engineered to outlast the post-quantum transition.
Data security gives the cryptographic foundation. Data sovereignty gives the physical and legal control. Quantum protection makes both durable across the post-quantum transition.
Hardware-native protection, not a software overlay. Tamper-resistant key vaults, physics-based entropy, and an agility engine that re-encrypts the estate as standards move.
Sovereignty is a physical condition, not a contractual assurance. Customers own the shell, the power, the network perimeter, and the keys — across National Vaults, cross-border Data Embassies, and air-gapped pods.
Quantum protection is not a 2030 retrofit — it is built in. Classical and PQC algorithms run in parallel today, with QKD reserved for the highest-assurance links between sovereign nodes.
Physical infrastructure controls digital sovereignty. The organisations that own the shell, the power, and the cryptographic layer own the trust.
Quantum security is not one technology — it is a layered defence. Physics-based key exchange and software-defined post-quantum cryptography address different threat vectors at different points in the stack. Together they cover both current and future quantum threats.
Live at Hell's Gate Deep Tech Park. Hardware-level QKD and software-defined PQC running side by side in a single, integrated environment — open to governments, telcos, banks, and research partners for evaluation, validation, and deployment of quantum-secure systems on commercially proven gear.
Built with ID Quantique (Geneva — global leader in QKD, deployed in Korea, Singapore, EU) and ExeQuantum (ISO 27001 certified PQC stack — discovery, encryption, sovereign architecture).
Each model ships the full Navon security stack — HSMs, QRNGs, hybrid PQC, the crypto-agility engine. The differentiation is the sovereignty model, the connectivity posture, and the physical context.
| Model ANational Vault | Model BData Embassy | Model COffline Quantum Pod | |
|---|---|---|---|
| Location | On-prem, within national territory | Geopolitically neutral third jurisdiction | Mobile or fixed · air-gapped |
| Sovereignty | Full sovereign control by host nation | Extraterritorial sovereignty via legal framework | Complete physical and network isolation |
| Connectivity | Connected · QKD-secured inter-site links | Connected · encrypted cross-border links | Air-gapped · no external network access |
| Primary use | National registries · CBDC · defence systems | Disaster recovery · cross-border resilience | Elections · currency issuance · classified research |
| Assurance level | Highest | High | Maximum (isolation) |
Citizen registries, treaty archives, and central-bank infrastructure carry sensitivity lifecycles measured in decades. They are the first to demand quantum-resilient sovereignty — and the largest beneficiaries of getting it right early.
Quantum-resilient citizen registries, digital embassies, classified research, and national cryptographic inventories ahead of mandate.
Encryption upgrades for core banking, quantum-secure transaction APIs, and PQC-mandate readiness ahead of global regulation.
Quantum-secure managed services for enterprise, inter-city QKD links, and backend protection against harvest-now-decrypt-later.
Hardware-rooted resilience for industrial control, IoT communications secured with pre-shared quantum keys, sector-specific compliance.
Lifelong patient records, biometric registries, and identity systems whose sensitivity windows exceed any classical cipher's lifetime.
University collaboration, applied quantum-security research, and a continental sandbox for cybersecurity startups building on real infrastructure.
The top of the Navon stack — sovereign AI applications running on your data, in your jurisdiction, on your hardware. Three composable layers: applications solve sector problems, agents orchestrate the work, and skills are the atomic primitives both depend on. Operable through low-code workflows for business and operations teams, full SDKs for engineering groups — same platform, same data, different entry points.
Vertical applications shaped to the workflows of each sector — running on Navon's sovereign cloud, encrypted at rest with PQC, and trained on locally held corpora. Each is a packaged, low-code outcome — configurable by domain teams without an engineering rebuild.
Identity, registries, document workflows, and government copilots that keep every byte under national control. Designed for ministries that cannot send citizen data to a foreign cloud.
CBDC issuance, real-time fraud and AML, lending models, and quantum-secure transaction processing — built for central banks, commercial banks, and exchanges with sub-second SLAs.
Patient-record platforms, medical-imaging AI, and clinical-trial assistants — running on data whose sensitivity windows exceed any classical cipher's lifetime.
Sovereign LLMs on classified corpora, encrypted comms, and ISR analytics — deployable in offline quantum pods where no byte ever crosses an external boundary.
Demand and load forecasting, predictive maintenance for turbines and substations, and operations copilots — running close to the SCADA layer for low-latency decisions.
Network-optimisation agents, customer-service automation in local languages, and revenue-assurance models — for operators ready to embed AI in the OSS/BSS stack without offshoring data.
Personalised tutors in local languages, sovereign research compute for universities, and a continental innovation hub — built with academic partners and on-site internship programmes.
Industrial control monitoring, IoT fleet management, and safety-critical anomaly detection — at the edge, on-prem, with quantum-resilient device identity.
Customs and border copilots, supply-chain agents, and port operations AI — designed for the cross-border data flows of regional trade blocs and the harmonisation of customs regimes.
Agents are the workers — long-running, tool-using, multi-step reasoners that combine skills to deliver outcomes. They are the substrate every application above this layer is built on.
Parses, classifies, extracts, and reasons over unstructured documents at scale — passports, contracts, medical scans, legal filings, customs declarations. Outputs JSON, decisions, or downstream actions.
Maps the regulatory landscape, scans transactions and configurations against policy, generates audit-ready reports, and flags violations the moment they appear. Ready for NIST, NDPA, GDPR, and emerging PQC mandates.
Retrieval-augmented research across closed-domain document stores — internal reports, citizen records, legislation, scientific literature. Cites sources, supports follow-up reasoning, and never leaks the corpus to a foreign endpoint.
Forecasts, scenario simulation, and structured trade-off analysis on operational data — for executive dashboards, central-bank monetary committees, energy operators, and ministers running national programmes.
Real-time translation and speech across English, French, Arabic, Swahili, Amharic, Yoruba, Hausa and more — text, voice, and call-centre integration. Tuned for the languages global LLMs underserve.
Long-running, stateful workflows that wire AI into existing systems — approvals, escalations, notifications, ticket routing, downstream API calls. Replaces glue code, RPA, and the spreadsheet-and-email layer.
Skills are the Lego bricks. Every agent is composed of skills; every application is composed of agents. Build once, reuse across sectors — and swap implementations as the underlying models improve.
For workloads where classical compute is hitting its ceiling — combinatorial optimisation, drug discovery, financial risk, post-quantum cryptography — Navon ships a quantum-AI development environment alongside the classical stack. Build, benchmark, and deploy hybrid algorithms on the same infrastructure your AI already runs on. No bespoke research project. No vendor lock-in. No second pipeline.
Your existing models do feature engineering and shortlist candidate inputs. No code rewrite — drop a quantum subroutine where it pays off.
Optimisation, sampling, or quantum-enhanced learning runs on a real QPU or simulator — selected automatically by the queue based on availability and cost.
Multishot results aggregate into a final answer; the artefact is shipped through the same control plane your classical workloads already use.
Simulators plus real quantum hardware. Build, test, and benchmark on the same machines the next decade of AI will run on.
Seamless quantum-classical orchestration. Mix classical AI inference with quantum subroutines without rewriting your pipeline.
Quantum machine learning, optimisation, and post-quantum cryptography — production-grade starting points, not from-scratch research projects.
Sandbox to production on Navon Sovereign Cloud — same artefact you trained, same security posture, no rewrite at the line.
No-code execution and side-by-side benchmarking across solvers. Multishot aggregation, full result histories, and audit-ready reports.
Simulators, quantum-inspired, ion-trap, superconducting, neutral-atom, photonic — all addressable through one API. No vendor lock-in, ever.
An encrypted SDK that keeps your data yours. In-country keys, sovereign HSMs, and security baked into the protocol — not bolted on at the perimeter.
Simple integration via RESTful API plus a built-in Web3 oracle. Wire quantum results into existing IT systems and on-chain workflows.
Skills compose into agents. Agents compose into applications. Build a skill once — every sector benefits.
We'll walk you through the workload, the constraint, and the right starting layer — usually a 30-minute conversation, not a sales process. Or browse the docs first if you'd rather.