Gerasimos Melissaratos

As the systems administrator for two organizations, I had to find a quick and effective way to enable secure remote access to the resources of their respective workplaces. Using the facilities of LDAP-based authentication and a lot of scripting, I automated the creation of VPNs from their homes to their offices and enabled remote access to their office computers and files in less than two weeks. The systems are still in use one year later and are being expanded to accommodate other uses.

An organization of about 1,500 users, with few to spare and in dire need of collaboration software, decided to deploy Zimbra in the back end but with a more versatile front end for spam protection and mailing list management.

I designed and implemented a front-end solution with Postfix, Rspamd, and ClamAV handling incoming and outgoing traffic; Mailman catering to the organization's numerous mailing lists; and a cluster of open SMTP servers distributing outgoing traffic. This solution provided far greater flexibility to use the custom filters and external tools that the organization needed to handle message routing with flexibility not provided by Zimbra.

A startup company with shared infrastructure and minimal access to the premises' network infrastructure needed reliable access to its own servers, using dynamic IP addresses, and the ability to access its roaming workstations by name. For the roaming workstations, OpenVPN provided secure connections with the offices via an external VPN gateway. The dynamic IP addresses were countered by the usage of names for servers and services. Split views and dynamic updates of BIND DNS allowed them to cover both requirements in a secure and reliable manner.

A boutique web development company with some big clients needed to migrate to a self-hosting solution in order to reduce monthly costs and acquire better control over its infrastructure. But leaving their cloud provider increased the risks of disruption in case of a server or service failure. I solved the problem by using multiple Apache and Nginx web servers with shared storage serving the sites and front-end Nginx reverse proxies checking the health of the web servers and handling rate limiting and caching.

Healthentia is exploring new ways to conduct decentralized clinical trials and provide personalized patient care.

I'm responsible for server-side security and operations, managing the Azure-hosted Kubernetes cluster, conducting periodic security audits, and monitoring and regulating the assigned resources.