Our opensource service portfolio comprises a comprehensive framework that provides very good background to companies, which do not prefer expensive enterprise solutions. All services are delivered adjusted to the needs of a particular client.
– Virtual server
– Domain
– DNS and DHCP
– Firewall
– Mail
– NAS
– File/Print server
– VoIP
– VPN
– WEB
– Wifi
– Backup
– Monitoring
Virtual server – vmware ESXi
This is a highly recommended service that allows multiple virtual servers to run on one physical server. Virtualization of the environment brings many advantages, especially in terms of security and infrastructure management. Virtual servers are flexible and save costs.
Domain – samba/windows AD
This service is one of the key services in any solution. The domain can be integrated into a range of additional services – mail, NAS, VPN, VoIP. Domain is about creation of a directory of users, groups of users and computers with different parameters and the rules to which is possible to assign the rights in other services. These parameters and rules are managed centrally in one place, thereby it significantly reducing the administration and increases comfort for the user. Some examples from life: -changing the password on the domain will automatically change the password in the mail box, remote access (VPN) and so on, -by blocking a user in the domain, respectively in the Group of users will be automatically blocked his access to the documents that requires this permission. Given importance of this service is usually duplicated by using multiple domain servers.
DNS and DHCP – bind, router
DNS is a service that identifying computers on the internal network as well as present selected information from the corporate network to the Internet environment. DHCP service assign each computer on the network a unique numeric tag – IP address, which then in the DNS matches with a specific computer name. The exception are the servers providing services, where it is recommended to set the IP address manually, so called. “static”. An IP address can be linked with the unique address of a network card in your computer, whereby it is possible to induce that foreign computers in your internal network, respectively in her part, will not have any connection. Internal DNS service can be provided by a domain itself, which means that the computers in the domain are bound to each other. An external DNS service, which provides selected information which you want to share, such as. identification of the mail server, web server, a vpn server, can be operated by the provider of your Internet connection, or internally. The advantage of an internal administration of that service is flexibility, when it is possible to change any records almost immediately, while in the case of reporting changes to the internet provider, these changes take effect sometime up to 24 hours, and often it is possible to modify only selected parameters.
Firewall – untangle/sophos/mikrotik
A fairly well known service, which in this age cannot be missing on any computer, which communicates in the Internet environment. In this case, it is about the central internal network protection. Its about a control of packet coming from the outside into your network and go out to the Internet. This means in practice that this inspection is done in real time and therefore is required to have minimal impact on the speed of your Internet connection. For this reason it is provided directly by hardware – active network element – a router. Firewall setting will ensure that the outside are exposed only the services that are required, or directed only to selected sites. Inwards, it embarks only packets bound for the exposed services and packets, that are the answer to communication invoked from the inside. Other packets are throwing away. At the same time it is possible to enable the automatic filters, which block undesired communication – DoS attacks.
Mail – postfix, dovecot/MS office 365
Service which are essential to any business or individual. Often this service is placed, like the DNS, at Internet connection provider or any external provider. This entails significant limits, such as the size of the mailbox, the inability to back up mail on selected basis, the inability to use SSO (Single Sign On – logon to multiple systems with one password) or detailed settings and restrictions definition. We provide the local service through the Protocols SMTP, IMAP and POP3. Service can be linked to the domain. The standards are also security protocols SSL and TLS, in particular because of the access from the outside. Of course are mail groups, aliases, or a redirects, but also restrictions if they are required (eg. the restriction to deliver mail to the specified address only from selected addresses).
NAS – QNAP/Synology
For greater protection for data, it is reasonable to secure them by saving them to the disk array that has a wide range of security features. Large enterprise solutions are generally used in combination with large disk type SAN (Storage Area Network, data network), which are very reliable but also very expensive because of space and electricity. In our solutions we have a little small arrays type of NAS (Network Attached Storage – attached data space), which will take up one to three positions in rack, see the menu Products. The NAS itself is not a prerequisite, however, significantly increases the security of the data and allows better flexibility when working with them.
File/print server – samba
Whole disk space is split to the selected logical parts, which are, in the form of network drives, mapped to individual users.
As well as the disk space, it is possible to map a network printer to users. The advantage of printing through a print server is a single print settings for all users as well as the common queue of print jobs.
VoIP – asterisk, freePBX
This service requires also support from external provider, since it is the transmission of voice over a data network. To make a call to the other side, it is necessary to transform your data and route them farther as normal call. This transformation is usually make by an Internet connection provider in the form of service, which is referred to as a SIP Trunk. The existence of such a service is a necessary condition. Our service works like a virtual switchboard where the terminal equipment are connected. It is possible to link it with the domain and the relevant parameters define there.
VPN – openVPN
The remote access service (Virtual Private Network) will especially appreciate companies, where employees often work from home. This service can be linked to the domain, so the user is verified by the domain account and password. After the connection is established, the user is placed in a virtual internal network, which has provided the same capabilities as if he were in the workplace.
WEB – apache/IIS
This is about mediation of Web content, not about the creation of the page itself. The result is a running Web server with PHP support and a MySQL database, exposed to the Internet on standard HTTP/HTTPs ports.
WiFi – ubiquiti
This service can be solved using one wireless wifi router, or a whole network of such devices. Our added value consists in setting up and incorporating a Wi-Fi network into the corporate infrastructure according to your requirements.
Backup – ghettoVCB, rsnapshot
Data backup should be an essential part of each system. These types of backups are usually performed:
-System backup – copies of the entire OS images, which are makes usually on a daily bases, respectively a weekly basis, while new backup is overwriting the old one.
-User backup – copies of user data, usually performed incrementally several times a day.
A specific backup policy is subject to the mutual agreement.
Monitoring – zabbix
Monitoring the status of servers and services is an important part of any solution. It is not humanly possible to constantly check the status of all components, so we use tools that perform these tasks for us at regular intervals. If the set values are exceeded, a notification is generated and sent to a selected group of users.