agora con gmbh
. we do it consulting, focusing on
strategy consulting, infrastructure and
security. we help organisations to build and maintain
their information technology in a competitive and stable way.
our clients vary from small to big, from telecommunication to
financial services.
we work with unix, bsd, linux
macos, and the people at noyb.eu ;-)
we love open source software.
contact us. office at agoracon.at or +43 660 3172 333.
rotensterngase 21, 1020 vienna, austria. fn274996g handelsgericht
wien. [ privacy policy ]
solutions
we create custom tailored systems by connecting open source
components and make them run smoothly and user-friendly.
automation as general approach - whatever is
presumably done more than once needs automation. we prepare
the project to run automatically on multiple
runways:
deployment runway,
user acceptance test runway,
failover runway and
teach runway (almost...).
we treat documentation as first class citizen, i.e.
documentation defects are equal important as source
code or design defects. we work on our solutions to be
simple (easy to operate, simple to use),
quick (low response times/high throughout) and
secure.
services
strategy consulting.
we help our clients to identify and select business areas,
where technology investments support their strategy.
on top of technology we've got industry knowledge in
telecommunication, utilities and financial services. we
appreciate learning from our clients. our song goes like this:
a wise technology selection will sustain the added value / open
industry standards do prevent vendor locks / whatever bad
happens in the early stage / increases the costs running and
maintaining the system
infrastructure.
design, implementation and hand-over to operations of
infrastructure service. to be more specific, we call
infrastructure the collection of hardware, network and system
services on the layers below business applications. that
include time, mail, file services, databases or security
services. on unix, bsd and linux. service areas: build
(data center set-up or expansion) and optimize (e.g. stateful
firewalls with high throughput: replacement of proprietary
network components with commodity hardware). you can find a
list of internal projects at the end of this page
monitoring and performance monitoring.
the times they are a-changin'. while a decade ago monitoring
was like crossing a dessert with a glass of expensive water,
that situation has improved a lot. over the last years several
devops manufactories have released great open source modules
for working with metrics in an high performance environment.
identity and access management.
we've contributed to several large identity and access
management projects, many of them based on oracle solutions or
on solutions oracle has acquired. solution architecture and
security design. an increasing number of highly integrated
components makes you focus on automation in all kind of
processes.
performance tuning.
measuring and improving application performance, from hardware,
i/o and network, over database systems to full stack web
applications. on unix/linux/bsd.
open source.
read and fork on
github
infrastructure /var/log
our infrastructure covers several use cases: office
backends, project management software, client architecture
testing and research & development. internal projects
we were working on:
-
web traffic analysis
using matomo (piwik) without tracking widgets while
respecting the eu gdpr
-
ipv6 deployment
dual stack for hundred nodes in ten vlan. name
services, firewalls, load balancers. one location
native, another one tunneled over ipv4
-
cryptpad
our pad was unmaintained, so a replacement was needed.
french xwiki labs created a really nice app based on
zero-knowledge technology
-
performance monitoring
collecting detailed metrics with collectd,
riemann (routing), graphite (storage) and grafana
(dashboards). logs: elasticsearch, logstash, kibana
-
apps: rocketchat, etherpad
rocketchat provides project oriented chat and
communication services - slack on premise. work on a
common document during conferences or conference calls
with etherpad. if we like an application we put it in
jail
-
app: sogo
finally we found the groupware backed we were
searching for and put it in jail
-
802.1x and radius
authentication and authorization for lan and
wlan networks
-
reproduceable builds with poudriere
nightly build runs for freebsd and ports update
all services with the latest security patches.
openbsd builds on additional vm
-
ipsec ikev2
migration from openvpn to ikev2
-
firewall, load balancer and router on openbsd
deployment of rcc-ve devices running openbsd
-
cisco switches
deployment of cisco switches and new network
architecture
-
dnssec and dane
secure domain name services: rfc 7671, 7672, 7673
-
migration to freebsd and jails
move services from hosted virtual machines to
containers running on premise
-
migrate email services to opensmtp and dovecot
service are running on openbsd. including
spamd, spamassassin, clamsmtp, clamav, spampd,
dkim
-
apps: openldap, heimdal kerberos
repository
-
app: gitlab
deployment of gitlab as central source code
repository
-
introduce vagrant for application development
vagrant automates virtual machine creation and
software deployment
-
app: prosody
deployment of prosody as jabber/xmpp service on
openbsd