DVT FOR THE ENTERPRISE

Built for floors where the internet isn't invited.

Air-gapped activation, credentials that never leave the machine, a published port map for your network team, and AI that runs against local models. DVT does its whole job without phoning home.

0 phone-home required1 Python package10 reserved ports, documented100% of compute on your metal

THE QUESTIONS YOUR REVIEW BOARD ASKS

Three answers, before they're asked.

WHERE DOES DATA GO?

Nowhere you didn't choose

Federation extracts run engine-to-engine over your network; cross-engine compute happens in-process on the machine running dvt. No SaaS in the data path, no third-party compute, no telemetry riding along.

WHERE DO SECRETS LIVE?

In profiles.yml, on your disk

Credentials stay in the same file dbt has always used — chmod 600, timestamped backups on every managed write. The Settings UI shows secrets masked, treats them write-only, and its endpoints answer loopback only.

HOW DOES IT ACTIVATE OFFLINE?

A signed key, verified locally

Paste a machine-bound activation key on the air-gapped server: signature checked locally, bound to that hardware, expiry enforced — no callback. Seats managed from your account when a connected machine exists; keys issued for the ones that never will be.

FOR YOUR NETWORK TEAM

Every port, every posture, published.

DVT owns one documented range — 46100–46109— far from anything that usually squats on a data engineer's machine. Every app binds 127.0.0.1 by default; exposing one is an explicit --host decision. Credential and job writes stay loopback-only no matter what.

Reverse-proxy one app inside the VPN, or none. The map is in the product itself — hub → Settings → Hosting — so what your admins read is always the version they run.

PORTAPPAUTH POSTURESTATUS
:46100DVT Hub + Settingssettings writes answer loopback only — even with --hostlive
:46101Data Catalogread-only documentationlive
:46102API Portaloptional bearer key on /api/v1; management loopback-guardedlive
:46104Chat with Martinask & save answer loopback only; keys never round-trip; offline via Ollamalive
:46105Data Profilingprofile runs answer loopback onlylive
:46106DVT Schedulerwrites loopback-only; jobs are verb-whitelisted, never a shelllive
:46103, 46107–46109Builder · Notebooks · Dashboardssame posture, one port eachroadmap

GOVERNED DATA ACCESS

Hand out endpoints, not credentials.

The API Portal turns any model into a governed REST endpoint: per-endpoint column allow-lists, locked row filters callers can't override (row-level security in one move), identifier quoting from catalog ground truth, and bearer-key enforcement when you want it. Consumers get answers; your databases stay yours.

How the portal governs →

AI WITHOUT THE LEAK

AI features that respect the air gap.

DVT's AI features (Chat with Data, Build with AI) take your keys — or skip the cloud entirely: point them at local models via Ollama, or route through AI-Proxy to use the subscriptions you already pay for instead of per-token APIs. Model metadata goes to the model you chose; credentials never do.

About AI-Proxy →

DEPLOYMENT, HONESTLY

One package on your mirror. That's the install guide.

MIRROR IT

dvt-core ships as compiled wheels on PyPI — mirror them to your internal index and pip install from there. Isolated adapter environments build on the machine, from the same mirror.

SIZE IT

Cross-engine compute runs on the machine executing dvt — the hub's Machine tab shows cores and RAM next to that exact warning. Size the box like the warehouse it's replacing for transformation runs.

SCHEDULE IT

The scheduler is honest: jobs fire while the suite runs, under your process supervision — not a hidden daemon. Kill everything, keep the schedule alive with --exclude scheduler, or wire it into your own cron.

Bring the questions your security team will ask anyway.

We'd rather answer them before the pilot than after.