Support & Help Center

Yes, Garnet supports various deployment models including on-premise, cloud-based, and hybrid environments, offering flexibility in integration with different IT infrastructures and operational setups.

Garnet enables these sectors to utilize LLM technologies while maintaining strict data privacy standards and regulatory compliance. It ensures data integrity and confidentiality through robust security protocols, making it an ideal choice for organizations prioritizing data protection

Garnet supports various deployment models including on-premise, cloud-based, and hybrid environments, offering flexibility in implementation.

Garnet leverages a Qdrant vector database and operates entirely in a confidential enclaive cloud, employing advanced security measures like confidential computing.

Garnet takes documents, vectorizes them, pre-filters, generates prompts, and pseudonymizes data before contacting LLMs, ensuring GDPR compliance and data confidentiality.

enclaive’s billing cycles are monthly. We typically bill on the first day of each month and automatically debit your account’s primary payment method.

We accept Visa, Mastercard, American Express, Discover, Carte Bancaire (for customers in France). For other payment options, including bank transfers and custom orders, please contact us. Note that when adding a card, we may send a temporary pre-authorization request to the issuing bank. This pre-authorization fee will be released by enclaive immediately, but it may take a few days to be cleared from your card, depending on the bank.

The booked storage volume can be expanded at any time according to the offered tier sizes. Reductions always take effect at the end of the current billing period.

We do not offer refunds. If there are extenuating circumstances, contact support.

If you are interested in prepayment for resources, book a call with us and let's talk about that.

To remove a saved payment method, visit the product billing page, click the payment method menu, and then click “Delete”. In the “Delete Card Confirmation” window that opens, click “Delete” to remove the card. You cannot remove the default payment method on the account.

Yes, you can set up billing alerts and we will email you if the monthly spending exceeds an amount you specify.

Read the documentation to learn how to delete Buckypaper VMs, Dyneemes Kubernetes clusters or managed database clusters and applications.

If taxes (e.g. sales tax in Germany) are due, they are included in your invoice. In some countries, local additional taxes (e.g. withholding tax) may be incurred, which are then not shown in the invoice and must be paid by you independently or are additionally charged separately by enclaive when it is invoiced to us.

No. Your card will only be charged at the beginning of the billing period or when you exceed a certain usage limit. Preauthorization Fee: When you add a card, we may send a pre-authorization request to the issuing bank. This is to verify that the added card was issued by the bank and that it will authorize future charges. These temporary pre-authorizations usually amount to €1, but can vary in amount and will be cancelled by us immediately. Depending on the bank, it may take a few days before the charge is credited again.

The solution ensures end-to-end security by running databases in your account's enclave, accessible only through whitelisted requests via the public internet, providing a secure hosting environment.

Choose from databases like MongoDB, Postgres SQL, MariaDB, and Redis, all offering confidential capabilities and easy scalability, adapting to the evolving needs of your business.

Encryption in use guarantees the highest level of data security without compromising performance, thanks to hardware-accelerated encryption, providing a robust security measure throughout the entire lifecycle.

The solution streamlines key management and rotation complexities associated with data-in-use encryption, ensuring a secure process without compromising the efficiency of the database hosting solution.

The solution addresses challenges related to data-in-use encryption complexities, key management and rotation, potential performance overhead concerns, and the crucial task of ensuring end-to-end security in a hosting environment.

Data-in-use Encrypting Database Hosting ensures unparalleled security, allowing you to set up your preferred database within minutes while guaranteeing that your hosting provider never accesses your data throughout its lifecycle.

With the Confidential Nextcloud service, you can enjoy all the benefits and features of Nextcloud without the administrative effort or technical expertise. You can back up your data, synchronize it automatically, and organize and transfer photos, videos, and other data in no time. The data transfer is completely encrypted. enclaive operates your Confidential Nextcloud in German data centers in compliance with the highest security standards. We take care of regular maintenance and all necessary system updates. Nevertheless, you are always in control of your Nextcloud and your data. Who you grant access to is entirely up to you.

You’ll notice the first benefit of Confidential Nextcloud as soon as you use it – no programming skills are required. As part of the purchase process, you choose the Nextcloud sizing, set your domain, and create an administration account. You can then get started right away. enclaive will take care of all system updates, network configuration, and infrastracture. You’re only responsible for updating the Nextcloud apps that you’ve selected. Confidential Nextcloud is particularly suitable for companies without a high level of technical expertise who do not want to take care of regular maintenance and carry out all necessary updates themselves.

If your data has been stored with another provider, such as Google, OneDrive, or similar, you can migrate within the time that is convenient for you. You can simply drag and drop the files from the old environment to the enclaive Confidential Nextcloud. If you plan to move large amounts of data we recommend doing this in a two-step approach a) test how it works and see if you notice any performance impact on your side b) move the main part of the data in off hours to avoid business impact/interruptions on your side.

The Confidential Nextcloud service provides 100% runtime encryption ensuring that the legally required security and privacy is built in without having to worry about potential regulatory implications due to the origin of the provider. The enclaive service ensures the application and data are always safe and built into the technology disconnected from the infrastructure. This ensures that no operator has potential access at any time.

Nextcloud is open source software that is primarily used as cloud storage, but can be flexibly expanded with various features for communication and productivity. With Nextcloud, you can back up and synchronise your files automatically and, if necessary, include data from other users in the cloud. You can access data and/or business apps in the cloud from any location and from any device – whether on a smartphone, tablet, desktop PC or laptop. It’s also possible to set up individual sharing and access rights that can be configured and customised. In addition to the wide range of possible uses, one major difference compared to other cloud storage – such as Dropbox, Google Drive and OneDrive – is the protection of your data. With the enclaive Confidential Nextcloud, you keep control over your data and your privacy leveraging the flexibility of the cloud. Confidential Nextcloud from enclaive provides you with GDPR compliant data storage as well as strict European data security and other services. This flexible and secure data storage is suitable for companies, institutions and associations, as well as for self-employed and private individuals.

Gitlab's solution offers confidential capabilities that are easy to scale, providing a high-security execution environment for apps. It enables easy setup and maintenance through a user-friendly interface, ensuring optimal performance and resource allocation by allowing dynamic scaling of the app cluster based on changing requirements. Additionally, it ensures data sovereignty with default vault protection achieved through encryption at rest, in transit, and while in use.

Gitlab's curated offering focuses on swift and secure app deployment, demanding a delicate balance between speed and integrity, allowing users to set up and manage applications within minutes.

Gitlab implements robust security measures to prevent unauthorized access, ensuring that even the cloud provider cannot access the contents of hosted applications, providing an added layer of protection.

Gitlab's solution addresses the challenge of balancing data sovereignty with zero trust, providing a secure environment for hosting applications and ensuring rapid setup while maintaining data control.

Gitlab's solution achieves a delicate equilibrium between speed, security, and data control, going beyond traditional measures to ensure that even the cloud provider cannot access the hosted application's contents.

Gitlab's Confidential Application Hosting offers a gold standard of data sovereignty and zero trust, allowing users to set up popular apps within minutes with a level of security that even the cloud provider cannot breach.

Vault facilitates IAM by identifying users through various authentication methods, integrating with cloud platform IAMs (AWS, Azure, GCP), and enabling fine-grained access control based on roles or groups. It also supports JSON web tokens for secure instantiation of workloads and services.

Vault is crypto-agile, capable of handling PK, EC, and PQ cryptography while adapting to evolving NIST/BSI/NATO standards and technological advancements. This ensures that cryptographic operations remain aligned with the latest security standards.

Vault establishes trust in the hardware foundation by allowing users to select either the CPU, TPM, or HSM as the anchor and source of randomness. This ensures a secure foundation for managing and safeguarding critical information.

Vault is versatile, supporting deployment in various cloud or on-premises environments. It is ideal for hybrid, confidential, and cross-cloud architectures, providing flexibility and adaptability to different organizational infrastructures.

Vault offers elasticity, allowing organizations to adjust resource scaling efficiently to accommodate fluctuating demands without unnecessary allocation. This feature enhances operational flexibility in response to varying workloads.

Vault is a robust solution designed to centralize key control, strengthen data protection, and streamline operations across diverse cloud platforms. It empowers organizations by providing unprecedented control over secrets, regardless of their location, ensuring flexibility and security in managing critical information.

Workload Identification in Nitride involves leveraging confidential compute to assign unique identities to workloads, facilitating automatic identity assignment and rotation in multi-cloud environments.

Nitride identifies persistent vulnerabilities in the infrastructure of cloud service providers, especially those associated with cloud IAM (identity and access management) services. These vulnerabilities can facilitate unauthorized access and compromise the security of sensitive data.

Nitride empowers organizations to enforce their data governance policies and compliance requirements, preventing non-compliance issues and ensuring adherence to industry regulations.

Nitride provides greater visibility into how data is processed in the cloud. This overcomes the challenge of limited transparency and enables the effective detection and response to security incidents.

Nitride helps organizations meet data residency requirements by implementing secure measures, guaranteeing that data stays within predefined geographical boundaries.

Nitride is a sophisticated solution designed to bolster cloud security. It ensures confidentiality by leveraging advanced security measures and protocols, granting access to specific resources within a cloud infrastructure only to attested workloads.

Yes, comprehensive encryption significantly reduces the risk of data breaches by securing information during processing, storage, and transmission, making it more challenging for unauthorized entities to access sensitive data.

Encrypting data at all stages helps organizations meet regulatory requirements (e.g., GDPR, HIPAA) by ensuring the protection of sensitive information throughout its lifecycle.

In-transit encryption safeguards data as it travels between the database and other systems or applications, preventing interception or tampering during transmission.

Data-at-rest encryption secures data stored in the database, preventing unauthorized access to sensitive information even if physical storage devices are compromised.

Data-in-use encryption protects sensitive data while actively being processed within the database, adding an extra layer of security and confidentiality during runtime.

Encrypting databases at all stages—in use, at rest, and in transit—ensures comprehensive security by safeguarding sensitive information during processing, storage, and transmission.

Yes, Confidential Kubernetes is well-suited for compliance-sensitive environments as it incorporates security features and measures to adhere to industry-specific compliance requirements, ensuring a secure and compliant deployment.

Confidential Kubernetes includes robust auditing and monitoring capabilities, allowing administrators to track and log identity-related events, access patterns, and potential security threats for comprehensive visibility.

Yes, Confidential Kubernetes is designed to integrate with identity and access management systems, providing a seamless and unified approach to identity management within the Kubernetes environment.

Confidential Kubernetes supports rolling updates, enabling the deployment of new versions without downtime. In case of issues, it allows for seamless rollbacks to previous versions, maintaining operational continuity.

Yes, Confidential Kubernetes is designed to be versatile and can be deployed across various environments, including private, public, hybrid and multi-cloud setups, ensuring consistent security measures regardless of the underlying infrastructure.

Confidential Kubernetes provides fine-grained access control, allowing administrators to define precise permissions for each workload. In addition, each workload has a unique identity that can be verified via remote attestation, which is what makes it special.

Confidential Kubernetes employs hardware-based security features, including secure enclaves, to isolate and protect both code and data during processing, at rest and in transit, thereby ensuring the confidentiality of sensitive information.

Confidential Kubernetes places a strong emphasis on security by leveraging confidential virtual machines and hardware-graded security, providing an additional layer of protection for sensitive workloads and applications.

Confidential Kubernetes is an advanced deployment of Kubernetes that focuses on running both master and worker nodes in confidential virtual machines, utilizing hardware-based security features for enhanced protection of workloads and data.

Yes, confidential VMs are designed to integrate seamlessly into existing virtualized environments. They can be deployed alongside non-confidential VMs, allowing organizations to selectively apply enhanced security measures to specific workloads.

Confidential VMs create a protected execution environment, preventing unauthorized access to code and data. This protection against intellectual property theft is especially valuable for organizations developing proprietary software or running proprietary algorithms.

Applications dealing with sensitive information, such as those in financial services, healthcare, and cryptographic operations benefit significantly from the confidential execution environments provided by confidential VMs. This ensures the integrity and confidentiality of critical operations.

Yes, confidential VMs are well-suited for deployment in cloud environments. They provide an added layer of security for workloads in shared, virtualized spaces, making them a valuable solution for organizations leveraging cloud services.

Yes, confidential VMs are designed to meet data compliance standards. Their advanced encryption and security measures contribute to safeguarding sensitive data, making them suitable for industries with stringent regulatory requirements.

Confidential VMs often implement end-to-end encryption, ensuring that data remains encrypted not only during storage and processing but also during transit. This comprehensive approach to data security safeguards sensitive information throughout its lifecycle.

Confidential VMs are particularly beneficial in scenarios where organizations need to process or store sensitive data. They are also valuable in multi-tenant private, public and hybrid cloud environments where secure isolation of workloads is crucial.

Confidential VMs are designed with optimized performance in mind, incurring only a minimal 3% CPU cycle overhead. This means that the encryption and protection mechanisms implemented for sensitive workloads have a negligible impact on overall computational efficiency.

Confidential VMs enhance security by creating confidential execution environments (CEEs) where sensitive workloads can operate securely. These VMs typically employ advanced encryption, protection against insider threats, and secure multi-tenancy features to ensure the confidentiality and integrity of data and applications.

Confidential VMs are a specialized type of virtual machine designed to provide enhanced security measures for sensitive workloads. They utilize hardware-based security features, leveraging confidential compute to isolate and protect data and code within the virtualized environment.