Technical Solution Proposal · Prepared for [Customer]

AI-augmented workflow automation, delivered on-premises

AgentFlow turns fragmented, manual processes into governed, auditable automations — keeping people in control where it matters and applying AI where it accelerates, with all data (and optionally the AI models) under your own roof.

🧩 AI as a first-class workflow step 🔒 On-prem data sovereignty 👤 Human-in-the-loop governance 📈 Engineered for 50,000 concurrent users
In one line. Process owners design automations on a visual canvas, publish them under validation, and run them on a reliable, crash-safe engine — where each run can pause for human approval, invoke an AI agent grounded in your own documents, generate and e-sign official documents, read internal data, connect to third-party systems, and compose sub-processes — all inside one governance fabric.
01 / BUSINESS OUTCOMES

What it delivers

AgentFlow replaces email-and-spreadsheet processes with standardized, auditable automations that keep humans in control and apply AI under governance. On-premises delivery gives your team full custody of identity, data, and — optionally — the AI models themselves.

Standardize & automate cross-team processes
Visual workflows authored by business analysts; reusable sub-processes.
Faster, rule-driven, org-aware approvals
Human approval steps with dynamic manager-hierarchy assignment, SLA deadlines, action-button routing.
Consistent, compliant documents
Templates rendered to PDF/Word with Nghị Định 30 fidelity and built-in e-signature.
Tamper-evident audit & governance
Immutable, append-only audit trail; per-run immutable process records.
Trustworthy, controllable AI
Grounded retrieval with per-field source citations, token budgets, and sensitive-data redaction; models run under your control.
Data sovereignty
Full on-premises deployment; single-tenant hard isolation; optional air-gapped AI inference.
02 / CAPABILITIES AT A GLANCE

Solution capabilities

Capabilities are described at solution level; partial or preview features are flagged with honest maturity.

Capability areaWhat [Customer] getsMaturity
Visual workflow designerLow-code drag-and-drop canvas, rich library of process building blocks, inline validation, version historyGA
Orchestration engineReliable, crash-safe, horizontally scalable execution; concurrent branchesGA
AI agentsPer-step model selection, structured output, token budgets, sensitive-data redactionGA
Knowledge / retrievalGrounding on your own documents, version-stable scope, per-field source citationsGA
Open AI interfaceAgents consume external AI tools; a secure interface exposes workflows to approved external AI assistantsGA
Human tasks & formsDynamic forms, org-chart-aware assignment, SLA, approve/reject routing, review modeGA / recent
Document generationTemplates → PDF + Word, dynamic expressions, Nghị Định 30 formatGA
e-SignatureMulti-signer, multi-document envelopes, publish-time coverage validationGA
IntegrationsApplication connectors (HubSpot CRM); read-only internal data lookupGA
DeliveryEmail + webhook notifications, durable delivery queueGA
Platform & governanceSingle sign-on, role-based access, multi-tenancy, append-only audit, notifications, bilingual UI (en/vi)GA
Analytics / process-miningProcess-intelligence dashboard (Overview / Map / Variants / Conformance / Insights)Preview
03 / PROCESS BUILDING BLOCKS

The building blocks of a process

A workflow is a graph of these blocks connected by transitions. Every block is validated before a process can go live, and each run is frozen into an immutable record so republishing can never alter a run already in flight.

👤Human Approval / TaskHuman
Assignable task with optional form, org-aware assignment, prefill, approve/reject, SLA, review & signing modes.
🤖AI AgentAI
AI as an auditable, budgeted, governed step — per-step model, tools, knowledge grounding, structured output.
Decision / BranchFlow
First-match-wins rule-based branching over ordered conditions, with an optional default path.
📄Document GenerationDocs
Renders forms and templates to PDF or Word with dynamic expressions and Nghị Định 30 fidelity.
✍️e-SignatureDocs
Multi-signer, multi-document signing envelopes with template placement and coverage validation.
🔌System IntegrationIntegrate
Third-party connector (HubSpot today) — live read plus durable writes, connection pinned per run.
🔎Data LookupIntegrate
Read-only, parameterized query against an internal database, capturing results into workflow variables.
🗄️Data PersistenceIntegrate
Native structured-data capture — create-or-update an internal record with mapped, validated fields.
🔁Batch / LoopFlow
Fans an inline sub-process over a collection as isolated child runs — parallel or sequential, bounded.
Sub-processFlow
Synchronously invokes another published workflow as a child run — reusable, composable process libraries.
SynchronizationFlow
Explicit join barrier — holds until every incoming branch completes, then fires once. No silent stuck runs.
{x}Variables & MappingFlow
Assigns values mid-run (reference, template, or literal) — stateful workflows without external storage.
✉️EmailDeliver
Templated outbound email with attachments, durably queued for reliable delivery.
🔗WebhookDeliver
Outbound HTTP call (method, headers, auth, templated body) — push events to any endpoint.
Start / EndFlow
A single, deterministic entry point and a terminal step that declares the workflow's output contract.
i

Beyond the blocks: typed workflow variables, a shared expression engine with publish-time validation, unified triggers (recurring schedule or connected-app events, with duplicate-fire protection), per-step error handling, version history with restore, organizing groups, and per-workflow start-access control (restricted by default).

04 / LOGICAL ARCHITECTURE

A layered solution architecture

AgentFlow is organized into clear logical layers. The experience layer calls the orchestration layer; orchestration drives the intelligence, business, and integration services; and every layer rests on shared platform services (identity, audit, notifications, data & storage, observability).

Experience Layer
Visual Workflow Designer
Low-code canvas for business authors
Task Inbox & Forms
Where people receive and complete work
Admin Console
Users, roles, connections, settings
Dashboards
Operational & process visibility
Orchestration Layer
Workflow Engine
Reliable · crash-safe · horizontally scalable
Process Building Blocks
Human · AI · Decision · Document · e-Sign · Integration · Data · Sub-process · Notify · Batch · Sync · Variables
Triggers & Scheduling
Recurring calendars + connected-app events
Intelligence Layer
AI Agent Service
Governed AI invocation per step
Knowledge Base / Retrieval
Grounding on your own documents
AI Governance
Budgets · redaction · source citations
Open AI Interface
Secure access for external AI assistants
Business Services
Forms & Human Tasks
Dynamic, org-aware, SLA-driven
Document Generation
PDF / Word, Nghị Định 30
e-Signature
Multi-party, multi-document
Integration Layer
Application Connectors
CRM / HubSpot and more
Data Source Connectors
Internal databases · read-only
Delivery Channels
Email · webhook
Platform Services (shared)
Identity & Access
SSO · role-based access · multi-tenant
Governance & Audit
Immutable trail · sensitive-data redaction
Notifications
In-app · email · real-time
Data & Storage Platform
Highly available, on-premises
Observability
Metrics · logs · tracing

Reliable by design. Business logic is cleanly separated from storage and transport; every state change is transactional and audited; and each run is frozen into an immutable record so an in-flight process can never be altered by a later change — a governance property most automation tools lack. The on-premises engineering (high-availability data platform, storage, and inference options) is detailed in the companion deployment plan.

05 / AI STRATEGY

AI inference — a governance decision

The same workflows run against either external AI services or self-hosted models — configurable per deployment. Which branch you choose is a data-governance call, not an engineering one.

BRANCH A Controlled egress

  • AI agents call external AI services through a governed, allow-listed gateway.
  • Claude and HubSpot both work — the strongest models and the CRM connector are available immediately.
  • The trade-off: prompts, CRM records, and rendered documents leave the premises — this must be a signed governance decision with zero-retention terms.
Minimal added cost · usage billed per token

BRANCH B Air-gapped / self-hosted

  • AI runs on self-hosted models inside your data center — nothing leaves the building.
  • Claude cannot be self-hosted; those steps move to a self-hostable model. The HubSpot connector is unavailable air-gapped.
  • Highest data control; requires dedicated AI infrastructure and a model-quality validation pass.
Added hardware investment · no external usage bill
!

Choose from data policy, not engineering. If governed egress is permitted under zero-retention terms, Branch A is markedly cheaper and unlocks the strongest models plus the CRM connector. If a true air-gap is mandated, Branch B is the compliant path — plan for AI infrastructure and a quality bake-off. A mixed approach (simple steps on a self-hosted model, complex steps external) is also possible.

06 / INVESTMENT & DECISIONS

Indicative investment

Delivered as a self-operated, highly-available on-premises platform, pre-provisioned to peak load. Figures are planning estimates, not quotes — full engineering and sizing are in the companion deployment plan.

Headline commercials (indicative)
LineExternal-AI optionSelf-hosted-AI option
One-time investment (single site)~$480k–835k+ AI infrastructure (hardware-dependent)
Annual operating~$725k–1.6M / yrSame base + AI infrastructure running cost

Annual operating cost is dominated by the platform operations team and support subscriptions. A dual-site disaster-recovery target roughly doubles the data, storage, and network lines.

Two launch-gating decisions
⚠️ Disaster recovery
A single site has a hard recovery ceiling. A funded second site delivers near-real-time protection. This is a data-residency and budget call.
⚠️ AI inference posture
Controlled egress (Claude + HubSpot available) vs. air-gapped self-hosted (maximum data control). Decide before hardware is ordered.
i

Honest readiness note. The platform is architecturally close to this scale; a scoped set of hardening steps and a load test precede full go-live. These are folded into the phased delivery plan in the proposal — none are speculative.

Why AgentFlow
🔒 On-prem data control
Identity, data, and optionally the AI models stay under your roof — sovereignty by architecture, not by promise.
🤖 Governed AI
Every AI step is grounded, budgeted, redacted, and traceable to its source — AI you can put in a regulated process.
🧾 Immutable audit
An append-only audit trail and per-run frozen records make every execution deterministic and defensible.
👤 Human-in-the-loop
People stay in control where it matters, with exactly the approval, review, and signing controls each step needs.
📄 Document fidelity
Native Vietnamese government (Nghị Định 30) formatting and legally-binding e-signature inside the process.
🔓 Open & composable
Reusable sub-processes, connectors, and a secure interface for approved external AI assistants.