Systems Architecture

In the past we have successfully created many diverse systems. From embedded software performing deep packet inspection in network analysis devices to global-scale secure networking solutions. Our customers come from various high security demanding backgrounds like banking, financial and pharmaceutical industries, often with bold research & development projects.

Our goal is always to follow well-tested methodologies and by never underestimating the analysis and design stages of any project, we manage to get a long record of fulfilling both the requirements and the deadlines. Our customers typically maintain the produced solutions themselves and we are always keen on supporting them by properly training their staff or any other way.

Specialized Software Development

The challenges of developing software for tasks that were not automated before are of our utmost interest. If there is nobody to develop a program for solving a particular problem - we would like to hear about it and we can definitely help there!

As specific as the requirements might be, we understand that the tools for implementing them must sometimes also be very specific. That is why we often suggest POSIX-compliant systems and programming languages from the LISP family like Racket. However our background is strongly rooted in the computer science research and therefore we are familiar with any language the project needs.

Infrastructure Stack

For bigger projects an appropriate infrastructure is needed. We gained long-term experience with implementing and configuring server technologies from the smallest to the largest scales. But as security and reliability are always top priorities - even on the smaller side - we always integrate appropriate high-availability and access-control features as needed.

We offer design and implementation of on-premises private cloud storage systems with Ceph being our object storage system of choice. Our customers usually use the S3 layer on top of the raw storage the same way a public cloud would offer.

When it comes to smaller projects, we often design a highly-available clustered solution using online mirrored storages and live virtual machine migration technologies. Currently our favourite virtualization and small-scale storage technologies include KVM, libvirt, corosync/pacemaker and OpenStack solutions.

Secure Networking

Nowadays almost everything is connected to the Internet. That provides new opportunities for integration on very large scale - but it also provides new opportunities for nefarious actors to attack the connected systems.

Our consultation services for secure network designs ranging from protecting office networks to interconnecting autonomous systems at the backbone of the global Internet infrastructure. We are using these systems for our own needs and as member of the RIPE and CZ.NIC organizations we have the everyday experience in all the required technologies.

Yes, we are running our autonomous system ASnnnnnn with allocated IPv4 and IPv6 ranges and connected via multiple BGP peers. Both we and our clients use VPN solutions we configured based on IPSec, WireGuard or OpenVPN protocols. It is always important to maintain the current hands-on experience with communication technologies and we are proud to keep on improving in that regard.

Integrating proper authentication and authorization infrastructure is yet another example of how the experience with applied cryptography can provide an advantage against the current security threats. Multi-factor authentication and Public Key Infrastructure are always considered an essential part of our infrastructure designs.