Server General — Cryptographic data transfer for regulated infrastructure
[SG] Server General
Request a PoC
Server General · Platform Talk to an engineer
Server General · Cryptographic infrastructure for regulated clouds

Move data across clouds with cryptographic proof, not a signed SOW.

Server General builds data-transfer and database-encryption software for regulated, federal, and AI infrastructure. Our products deploy inside your cloud accounts — your IAM, your KMS, your perimeter. Data never touches us.

Request a proof of concept Transfer General detail
Encryption
AES-256-GCM · FIPS 140-2 Level 2
Signing
ECDSA P-384 / SHA-256
Clouds
AWS · GCP · Azure
Product portfolio · v3 Live
Flagship · Data transfer
Transfer General
Cross-cloud object transfer with signed chain-of-custody per object. Deploys across AWS, GCP, and Azure as a customer-owned mesh.
Editions Std · AI · Fed Marketplace GCP · Carahsoft
Private connectivity
TG Connect
BGP-routed private interconnect across AWS, GCP, Azure, and Equinix. No public internet in the transfer path.
Throughput Up to 50 Gb/s Paths Dedicated
Database encryption
Armored SQL
File-level encryption for MySQL and PostgreSQL with no code changes. Compliance-ready for HIPAA, PCI DSS, and GDPR.
Targets MySQL · PG Compliance HIPAA · PCI
Deployment
Customer-owned VPC
Data plane
Never traverses SG
Billing
MACC / CUD eligible
Verified & listed
Google Cloud Ready
Regulated & Sovereignty
GCP Marketplace
Draws against MACC / CUD
Carahsoft
Federal & SLED channel
FIPS 140-2 Level 2
Validated modules
Flagship product

Transfer General is installed inside your cloud accounts — not routed through ours.

Transfer General is deployed as a mesh across AWS, GCP, and Azure. Data never traverses Server General infrastructure. Keys stay in your KMS. The control plane, audit log, and attestation record all live where your compliance scope already lives.

  • 01
    Three-cloud mesh deployment
    AWS, GCP, and Azure in any two- or three-cloud combination. Three IAM systems, three KMS integrations, one orchestration layer.
  • 02
    Object-layer encryption before transit
    AES-256-GCM applied before data crosses any boundary. Keys are pulled from your KMS on demand and never retained by Transfer General.
  • 03
    Signed attestation per object
    Source hash, destination hash, signing key ID, timestamp, and compliance mapping — assembled into one tamper-evident record. No reconstruction required.
  • 04
    Forensic-grade immutable audit log
    Every event in the object's journey is recorded in an append-only log you can export to your SIEM. The evidence other tools never capture.
Deployment topology · customer-owned tg.mesh/v3
YOUR AWS ACCOUNT
Source / staging
TG pipeline in-region
KMS: aws-kms
YOUR GCP ACCOUNT
Landing / destination
TG pipeline in-region
KMS: gcp-kms
YOUR AZURE ACCOUNT
Landing / destination
TG pipeline in-region
KMS: az-key-vault
mTLS + AES-256-GCM Signed per-object
Orchestration & attestation
Immutable log · control plane · deployment UI
Signing
ECDSA P-384
Clouds supported
3
AWS · GCP · Azure
Attestation / object
1
Tamper-evident
Data touches SG
None
By design
Also from Server General

Three products, one deployment model — inside your perimeter.

Each product solves a different piece of the same problem: keeping regulated data under your own cryptographic and compliance control while it moves or lives in multi-cloud infrastructure.

Private connectivity

TG Connect

High-speed private interconnect paths across AWS, GCP, Azure, and Equinix. BGP-routed, dedicated bandwidth — no public internet in the transfer path.

Throughput
Up to 50 Gb/s
Pairing
With Transfer General
TG Connect overview
Database encryption

Armored SQL

File-level encryption for MySQL and PostgreSQL with zero application refactoring. Deploys as a drop-in layer that sits between the database engine and the filesystem.

Engines
MySQL · PostgreSQL
Compliance
HIPAA · PCI · GDPR
Armored SQL overview
Who we are

We build the cryptographic infrastructure your security team would have built — if they had the time and the cryptographers.

We do not
Route your data.

Transfer General installs inside your AWS, GCP, and Azure accounts. The data plane never leaves your perimeter.

We do not
Hold your keys.

Encryption keys are pulled on demand from your KMS — AWS KMS, Cloud KMS, or Azure Key Vault — and never retained by us.

We do not
Terminate your TLS.

mTLS endpoints live in customer accounts. No SG-managed proxy in the transfer path. No certificates we control.

Founded
2015
Privately held · Baldwin, NY
Deployments
Regulated only
Healthcare · federal · financial · AI
Data touches SG
Never
By architecture, not policy
How to buy

Three procurement paths. All of them draw against existing cloud commitments.

You do not need to stand up a new vendor relationship to run Transfer General, TG Connect, or Armored SQL. We transact on the paper your procurement team already uses.

Google Cloud Marketplace
GCP Marketplace

Transact against your Google Cloud commitment. Charges draw down MACC and CUD balances automatically. Contract on Google paper.

Listing · Google Cloud Ready · Regulated & Sovereignty
Open marketplace listing
Federal / SLED
Carahsoft channel

Available through Carahsoft's full portfolio of public-sector contract vehicles. Works with your existing Carahsoft relationship.

Contract · Federal · SLED
Carahsoft portal
Direct
Server General direct

Annual or multi-year contracts direct with Server General. MSA & DPA templates available. For customers whose procurement rules do not permit marketplace transactions.

Procurement · MSA · DPA · BAA
Contact direct sales

Ready to run a proof of concept in your environment? No commitment required.

Request a PoC Open Transfer General page Compare editions