A common and effective deployment strategy is to deploy heavy assets on premises, or “on-prem”, and to deploy specific assets to private cloud servers. This architecture provides extreme flexibility and agility in deployment and incident response. Satellite cloud assets coupled with heavy on-prem support provide a potent combination with a reduced attack surface, resulting in mission resilience in hostile environments. As assets are virtualized they are not dependent on specific host hardware and can easily be backed up or migrated to another host system. This allows an organization to avoid vendor lock-in, and be assured that the hardware and all virtual solutions will be able to grow as workflow requirements change.
Configurable in either subnet form or as a primary organizational LAN, connectivity and access is customized to an organization’s needs. Console access is provided via the web interface and HTTPS. Assets that do not require graphical access are available via the network.
All hypervisor nodes utilize modern, typically Intel Xeon processors. Virtual CPUs, known as vCores, are how we quantify the CPU cores used by a virtual host. A single node can support up to 2 physical CPUs providing 48 vCores.
Modern error correcting server RAM aids in preserving data integrity. Typically configured with 64GB of memory, nodes can be built with 32-256GB of RAM as needed.
Tarvos hypervisor nodes utilize 2.5″ hotswap bays for easy storage maintenance. Each hotswap bay can support up to a 4TB SSD, with internam NVME storage being an availabe expansion option. Internal 3.5″ HDDs can also be configured supporting up to 48TB of storage.
Backup & Recovery
Backups of virtual resources are taken in intervals depending on operational requirements of the resource. In the event of a critical failure the average time for a system to be restored to operation is 90 minutes.
Standard parts to ensure global availability
Windows Virtual Workstation
Leverage the benefits of a full Windows workstation from any web browser on any device. As more of the workforce transitions to a work-from-home arrangement, virtual workstations are an excellent and cost-effective way to provide your staff with a company computer. As virtual workstations exist in an on-prem hypervisor cluster, this greatly improves data security and makes keeping data within an organization’s network far simpler.
Linux Virtual Workstation
The Linux operating system is responsible for running over 96% of servers on the web. Linux is chosen for its security, expandability and open-source nature. Over the past decade, desktop Linux has evolved into a highly usable workstation system. By far the best choice when it comes to scientific and research teams, Desktop Linux has also proven to be an extremely effective choice for common office use cases.
Ephemeral Virtual Workstation
For workflows which require special attention to operational security, organizations may choose to utilize Ephemeral workstations. These virtual machines run Linux, are rebuilt to a clean state on each boot, and retain ZERO data. Further these live Linux distributions have full-featured privacy tools built in, Tor Browser, KeePassXC, OnionShare and others. While default configuration does provide persistent storage, it can be configured to have a persistent storage volume.
Private VPN Server
It is now common knowledge that using a VPN offers added privacy and security to an organization’s online activity. VPNs come in many different designs and configurations, public VPNs have millions of users and are an excellent for mixing internet traffic and obfuscating origin. However IP addresses of publicly known VPNs are often blocked by governments and organizations making access unpredictable. Our cloud VPN servers are deployed for the client specifically and have a random country specific IP. This allows for an organization to have a private and unrecognized connection to another location.
Cluster Health Monitoring
The health of your virtualization cluster is essential to smooth and sustainable operations, therefore early notice of issues is critical in identifying and rectifying issues before they become user impacting. Dedicated host-life monitoring can notify you of the early warning signs of hardware fatigue allowing corrective action to be taken. As well as inform you of down services in real time.
Live Threat Monitoring
A sentinel server can be configured in many different ways and is able to scan for malicious incoming connections and failed access attempts to your resources. Similar to health monitoring, threat monitoring can give early warning to an asset under attack and allow your security team the best head start in taking protective action.
Private Chat / Video Conferencing
Video chat services like Zoom and others are controlled by outside entities, this makes them susceptible to outside influence by either government or advertisers. Your data is mined to pay for the servers that host the service. As video conferencing has become an essential part of today’s workflow, having a conferencing server dedicated to your organization is an excellent way to reduce reliance on outside services and increase your privacy.
Encrypted Vault Server
File accessibility is essential for team productivity, many small organizations rely on cloud storage such as Google Drive, Dropbox, and Microsoft Onedrive. Historically all of these services put your data at risk, as your data is stored on the service provider’s servers the provider potentially has access to any file stored in their cloud. Apple’s recently enacted policies allowing them to scan any file uploaded to iCould illustrate this perfectly. The best way to minimize risk of data compromise is for an organization to host file storage locally.
Private DNS Server
The public Domain Name System, or DNS is responsible for translating a human readable URL, such as www.tarvos.io, to the IP address of the web server. Every time a user visits a website or follows a web link a DNS query is made, as each query is logged with the IP of the origin this is the number one way that internet activity is tracked. Hosting a private DNS server not only massively increases security for your organization, it also allows you to have custom DNS entries which may have been removed from public DNS if your organization is operating in a region with a restricted internet.
Virtual Database Host
Databases are essential staples of advanced automation and modern workflows. Database servers and the access APIs used to submit queries require special considerations in respect to implementation and deployment. Tarvos has deployed multiple database servers that have enabled drastic improvements in organization and workflow automation. The combination of a database and a bespoke solution, can heavily augment an existing workforce, automating monotonous work, saving man-hours and improving employee quality of life.
Private Git Code Repository
For organizations with a software development team or which outsources their software development having an internal code repository allows for the organization to have greater control over their software and track the progress of ongoing development projects. This becomes especially important if an unintended leak of code would result in significant financial loss.
For use-cases requiring unique design elements outside the scope of our standardized solutions, we offer a bespoke development service. Our team has experience in database structures, networking, API design, storage and security. Our team has built and deployed over 70 customized solutions to address the various specialized needs of our clients. We are able to work with organizations to review specific workflows and design a strategy to eliminate inefficiencies and automate processes.