Recommended Best Practices
Deployment best practices for SaaS and on-premise models with operational guidance
This guide provides actionable best practices for deploying and operating the Revenue Recovery platform. These recommendations help you make informed deployment decisions, avoid common pitfalls, and help ensure stable operations.
1. Deployment Model Recommendation
Best Practice: Choose SaaS deployment unless you have specific requirements that mandate on-premise infrastructure.
The SaaS deployment model (Ailevate-managed tenant) provides the optimal balance of speed, stability, and support for most organizations. We recommend this approach as your default choice.
Why SaaS Should Be Your Default
- Faster time-to-value: Streamlined deployment process with minimal infrastructure setup
- Lower operational burden: No infrastructure management, automatic scaling, zero-downtime updates
- Simplified security posture: Outbound-only connectivity eliminates inbound firewall rules
- Better support experience: Full infrastructure visibility enables faster issue resolution
- Predictable costs: No capital expenditure for hardware or infrastructure overhead
When On-Premise Is Justified
Consider on-premise deployment when:
- Regulatory mandates require data processing in geographic locations not supported by available Azure regions
- Existing infrastructure investments in Elasticsearch clusters can be leveraged cost-effectively (>=8.19.1)
- Custom security architectures require network patterns unavailable in standardized SaaS
- Organizational policies mandate direct control of data storage infrastructure
Recommendation: Schedule a consultation with [Ai]levate Solution Engineers before committing to on-premise deployment. Many perceived requirements for on-premise can be satisfied through SaaS regional deployment or configuration options.
Key Tradeoffs to Consider
| Factor | SaaS (Recommended) | On-Premise |
|---|---|---|
| Operational Overhead | Minimal | Significant (Elasticsearch + AI hardware) |
| Support Complexity | Direct (full visibility) | Coordinated (limited visibility) |
| Infrastructure Flexibility | Azure - East US (more regions to come) | Any provider or private datacenter |
| Custom Security Patterns | Standardized controls | Full customization |
For architectural details, see Deployment Architecture. For deployment procedures, see SaaS Deployment Guide or On-Premise Deployment Guide.
2. On-Premise Deployment Best Practices
Organizations proceeding with on-premise deployment should follow these practices to ensure successful implementation and stable operations.
Pre-Deployment Planning
Assess operational readiness before committing to on-premise deployment:
- ✅ Team capabilities: Ensure staff have Elasticsearch administration experience and can manage specialized AI hardware
- ✅ Infrastructure capacity: Validate datacenter resources for cooling, power, and network bandwidth
- ✅ Timeline expectations: Work with [Ai]levate Solution Engineers to align on deployment timeline (hardware procurement and infrastructure setup require planning)
- ✅ Budget alignment: Include hardware costs, operational overhead, and extended support SLAs
Engage [Ai]levate early for infrastructure planning:
- Work with Solution Engineers to right-size Elasticsearch cluster for your claim volume
- Review AI Warehouse hardware options (LoudBox vs QuietBox) based on your facility constraints
- Validate network architecture and firewall requirements before procurement
Infrastructure Best Practices
Elasticsearch cluster configuration:
- Deploy minimum 3-node cluster for high availability (see On-Premise Deployment Guide for specifications)
- Use only Elasticsearch >=8.19.1 (supported version)
- Implement automated backup procedures from day one
- Plan capacity for growth (storage, compute, network)
AI Warehouse deployment:
- Follow manufacturer specifications for cooling, power, and physical installation
- Coordinate with [Ai]levate for container image deployment and validation
- Establish maintenance procedures for specialized hardware
Network architecture:
- Deploy Relay Service in same network zone as EHR for optimal performance
- Work with network security teams early to approve inbound HTTPS from [Ai]levate Cloud Services
- Implement TLS certificate management and renewal procedures before go-live
Operational Best Practices
Monitoring and maintenance:
- Integrate Elasticsearch and AI Warehouse monitoring with existing platforms (Datadog, Splunk, Prometheus)
- Establish regular health check routines (daily: connectivity, weekly: capacity)
- Implement log aggregation for Relay, Elasticsearch, and AI Warehouse components
Change management:
- Maintain version parity across dev/staging/production environments
- Test all infrastructure changes in non-production before applying to production
- Coordinate Elasticsearch upgrades with [Ai]levate (never upgrade independently)
- Schedule AI Warehouse container updates during maintenance windows
Support engagement:
- Establish clear escalation procedures between your IT team and [Ai]levate support
- Prepare diagnostic collection procedures (logs, metrics, health checks) for faster issue resolution
- Understand extended SLA timelines due to coordinated troubleshooting model
Decision Checkpoint
Architecture Note: On-premise deployments use a hybrid model - claim data stays on your infrastructure, but [Ai]levate Cloud Services orchestrates operations via inbound API calls. Complete air-gapped isolation is not supported.
Support Impact: On-premise deployments have extended support SLAs compared to SaaS due to limited infrastructure visibility. Budget additional time for issue resolution.
3. Capacity Planning and Scaling Best Practices
Whether deploying SaaS or on-premise, understanding capacity planning, monitoring, and performance optimization helps ensure a stable and responsive Revenue Recovery platform.
Best Practice: Work with [Ai]levate Solution Engineers for capacity planning, especially for on-premise deployments.
Storage Planning (On-Premise)
- Engage early: Collaborate with Solution Engineers to estimate Elasticsearch storage based on claim volume
- Plan for growth: Size infrastructure for 12-18 months of growth, not just current needs
- Implement backups from day one: Establish automated backup procedures and geographic separation before production
- Monitor proactively: Set alerts when storage reaches 60% capacity to allow time for expansion planning
Monitoring Best Practices
| Monitoring Area | SaaS Deployment | On-Premise Deployment |
|---|---|---|
| Infrastructure Monitoring | [Ai]levate manages automatically | Integrate Elasticsearch and AI Warehouse into existing platforms (Datadog, Splunk, Prometheus) |
| Relay Service | Monitor connectivity and EHR integration health | Monitor connectivity and EHR integration health |
| Critical Metrics | Automated alerting by [Ai]levate | Elasticsearch cluster status, disk utilization, AI Warehouse availability, Relay connectivity |
| Escalation | Direct to [Ai]levate support | Infrastructure alerts → Internal team → [Ai]levate support |
High Availability Best Practices
On-premise HA configuration:
- Deploy Elasticsearch with replication across cluster nodes (see On-Premise Deployment Guide)
- Implement Relay Service backup procedures (VM snapshots, documented recovery)
- Test DR procedures during non-production hours before issues occur
SaaS deployments: High availability is managed automatically by [Ai]levate.
Performance Optimization
Critical best practice: Deploy Relay Service in the same network zone as your EHR system. Network latency between Relay and EHR directly impacts claim processing throughput.
On-premise Elasticsearch tuning: Work with [Ai]levate to optimize index configuration for your specific query patterns.
4. Version and Upgrade Best Practices
Best Practice: Maintain version consistency across all environments and never upgrade infrastructure independently.
Environment Parity
- Keep Elasticsearch, Relay Service, and platform configurations identical across dev/staging/production
- Version drift between environments causes unexpected production failures
- Test all changes in staging before production deployment
Upgrade Coordination Best Practices
| Component | SaaS Deployment | On-Premise Deployment |
|---|---|---|
| Cloud Services Layer | [Ai]levate manages automatically with advance notification; zero-downtime deployments | [Ai]levate manages automatically with advance notification; zero-downtime deployments |
| Elasticsearch | [Ai]levate manages all upgrades | Never upgrade independently. Use only Elasticsearch >=8.19.1. Coordinate all upgrades with [Ai]levate Solution Engineering |
| AI Warehouse | [Ai]levate manages all updates | Schedule container updates during maintenance windows; validate before resuming operations |
| Relay Service | Coordinate update timing with [Ai]levate; minimal EHR impact | Coordinate update timing with [Ai]levate to ensure Cloud Services compatibility |
| Testing Requirements | Focus on Relay and EHR integration changes | Test all infrastructure changes in non-production before production deployment |
Critical for on-premise: Unsupported Elasticsearch versions will cause platform failures. Contact Solution Engineering before making any version changes.
5. Network and Security Best Practices
Best Practice: Design network architecture for performance and security, prioritizing Relay-to-EHR placement and controlled external connectivity.
Network Architecture Best Practices
Critical: Deploy Relay Service in the same network zone as your EHR system. Network latency between these components directly impacts claim processing throughput.
Relay Service Requirements:
The Relay Service is a mandatory component for all deployments with specific VM, network, and security requirements.
📘 Complete Requirements: For detailed Relay VM specifications, network configuration, and deployment procedures, see:
- System Requirements - Technical prerequisites and sizing
- Relay Service Deployment Guide - Complete deployment procedures and operational runbooks
Key connectivity requirements:
- Relay to Cloud Services: Outbound HTTPS (TCP 443) to
*.ailevate.com—no inbound ports required - Relay to EHR: Access to EHR database (typically SQL Server TCP 1433)
- On-premise only: Controlled inbound HTTPS from [Ai]levate Cloud Services to Elasticsearch and AI Warehouse APIs
Best practice: Use network segmentation. Place on-premise Elasticsearch and AI Warehouse components in dedicated network zones with firewall rules restricting access to only required endpoints.
Certificate and Credential Management
On-premise deployments:
- Implement automated TLS certificate renewal for Elasticsearch and AI Warehouse endpoints
- Establish alerts when certificates are within 30 days of expiration
- Use enterprise PKI where available to simplify certificate lifecycle management
All deployments:
- Rotate EHR database credentials according to your security policy
- Store credentials securely using Azure Key Vault or enterprise secret management
- Test credential rotation procedures in non-production before enforcing in production
Azure Arc Best Practices
Relay Service management: Azure Arc enables [Ai]levate to manage Relay Service updates remotely without requiring inbound connectivity to your network.
Best practice: Ensure Relay VM maintains reliable outbound internet access for Arc functionality. Network interruptions can delay critical security updates.
6. Operational Readiness Best Practices
Best Practice: Establish operational processes during deployment planning, not after production issues occur.
Pre-Deployment Best Practices
Complete the Pre-Deployment Checklist in full. Skipping prerequisite steps causes deployment delays and requires rework.
Validate connectivity before deployment:
- Test network paths from Relay location to Cloud Services endpoints
- Confirm EHR database access and credential validity
- Verify identity provider configuration (Entra ID or Magic Link)
Define operational ownership: Clarify which team handles monitoring, patching (on-premise), incident response, and support escalation before deployment begins.
Ongoing Operational Best Practices
| Operational Area | SaaS Deployment | On-Premise Deployment |
|---|---|---|
| Infrastructure Monitoring | Managed by [Ai]levate | Implement proactive monitoring with automated alerting (integrate with existing platforms) |
| Relay Service Health | Monitor connectivity and EHR synchronization status | Monitor connectivity and EHR synchronization status |
| Patching & Updates | [Ai]levate manages all infrastructure patching | Maintain patching schedules for Relay VM, Elasticsearch, and AI Warehouse OS components |
| Log Management | [Ai]levate manages infrastructure logs; customer monitors Relay logs | Retain logs per compliance requirements; integrate with centralized logging for Relay, Elasticsearch, and AI Warehouse |
| Disaster Recovery | Managed by [Ai]levate with automated backups | Document and practice DR procedures before they're needed |
| Review Cadence | Regular reviews of claim volumes and user activity | Daily: connectivity checks; Weekly: capacity planning |
| Support Escalation | Direct to [Ai]levate support | Internal IT team troubleshooting → [Ai]levate support coordination |
Support Engagement Best Practices
Establish clear escalation paths: Define when issues should be escalated to [Ai]levate support vs handled internally.
Prepare for support engagement: When contacting [Ai]levate, provide issue details, relevant logs, error messages, and timeframes to enable rapid resolution.
For on-premise customers: [Ai]levate support boundaries align with deployment responsibilities—Cloud Services layer issues are fully supported, infrastructure issues require customer troubleshooting with [Ai]levate guidance.
Next Steps
After reviewing these best practices, continue with your deployment planning:
- Complete the Pre-Deployment Checklist to ensure all requirements are met
- Review the Deployment Architecture for detailed comparison of SaaS vs on-premise models
- For SaaS deployments, proceed to the SaaS Deployment Guide
- For on-premise deployments, review the On-Premise Deployment Guide
- Understand Network Security Considerations for your chosen deployment model
- Plan your Relay Service Deployment
Updated about 1 month ago