Services
Services
We deliver business systems, internal infrastructure, and network equipment end-to-end — design, implementation, and operation. The following is a technical sketch of our own product, HomeGrid VPN.
Case study: HomeGrid VPN
HomeGrid VPN is a service that securely connects home networks to external endpoints for individuals and small businesses. Rather than adding decorative features, we design for operational stability and low cost.
- Compute
- AWS Lightsail
We use minimal instance sizes that are not over-provisioned for demand, keeping fixed costs low. Scaling is performed incrementally only when requirements demand it.
- Tunneling
- WireGuard
A small, auditable protocol with low overhead, providing usable throughput even on consumer-grade routers.
- State Store
- Amazon DynamoDB
Device, usage, and billing state are held independently of the server instances themselves, so the runtime can be rebuilt without data loss.
- Configuration
- AWS Systems Manager
Keys, connection parameters, and rotation are distributed via Systems Manager (SSM), eliminating manual overwrites of configuration on the server.
Autonomous provisioning
From customer signup to AWS resource allocation, device-side configuration, and billing, the full flow is automated without manual intervention. Compared to operations driven by human-executed runbooks, this structurally reduces the opportunities for human error.
Infrastructure as Code (IaC)
Every resource that makes up production is described in code and reviewed. Even during incident response, changes are made in a way that allows intent and blast radius to be recorded in the commit log.
- Operators are, as a rule, not permitted to log directly into production hosts to make changes.
- Audit logs are retained in tamper-resistant storage, for at least the retention period required by relevant law.
- New technologies are only adopted after their operational cost and recovery procedures have been agreed upon.