Tempesta Technologies
  • Home
  • Tempesta FW
    • Features
      • Web acceleration
      • Load balancing
      • Application performance monitoring
    • Performance
    • How it works
    • Deployment
    • Support
    • Knowledge base
  • Services
    • Software development
      • High performance
      • Networking
      • Databases
      • Linux kernel
      • Machine learning
      • How we work
      • Case studies
    • Performance analysis
    • Network security
      • DDoS protection
      • Application security
      • Cryptography
      • Security assessment
      • How we work
      • Case Studies
  • Solutions
    • DDoS Protection
    • Web Acceleration
  • Blog
  • Company
    • Research
    • Careers
    • Contact
Tempesta Technologies

Performance analysis and network security

We answer the most tricky questions about security and performance

We have been developing network security software since 2008. We know a lot about network security and we provide consulting services in the area.

Read about our performance analyzing consulting for G-Core Labs.

icon_performance

Performance analysis

Typical engadgements of our performance consulting team may include, but not limited by:

arrow1

Mathematical modeling of how the analyzed system will behave on larger scale, different workload or using different hardware.

arrow2

Deep system analysis discovering rare performance issues, e.g. tail latencies or degradation under peak loads.

arrow1

Designing a system architecture to beat the best performance results of the competing products.

arrow2

Careful analyzing of production systems not affecting their availability and performance.

Testimonials

Clutch.co publishes verified reviews conducted by independent analysts. Read the unbiased reviews about our work.

Tempesta Technologies led a transparent and efficient process, meeting the client’s expectations. Their extensive knowledge in their field and commitment to the project enabled them to make effective, business-oriented decisions quickly.

Alexander Pavlychev
Co-Founder, Kinescope

Tempesta Technologies was able to develop and launch the system successfully. There were a couple of bugs reported by the end-users, but the team was able to react quickly and issue fixes within a couple of days. They used Zoom and Slack for daily and weekly communication.

Vladislav Podolyako
CEO, Email Management Company

Tempesta Technologies provided thorough solutions and recommendations. The team also carried out performance testing. They were great i communication and were constantly in touch.

Director
Cybersecurity Platform

Delivering user-requested features and development work, Tempesta Technologies has become an ongoing partner. Their ability to contribute to an existing code base stands out, as does their prompt communication. Future clients will encounter a partner that excels at remediating issues as they arise.

CEO
Database Software Company

Tempesta Technologies is a team of highly dependable developers. They managed to complete all the tasks that were given to them and delivered superior outputs that impressed not only the client but their customers as well.

Vadim Tkachenko
Co-Founder & CTO, Percona

Tempesta Technologies meets the client’s standards of quality and timeliness, leading to a longer partnership. Their clear communication, professionalism, and timeliness make for a further smooth workflow.

Stephan Ilyin
Co-Founder, Information Technology Company

Although the solution hasn’t been implemented yet, the client is happy with Tempesta Technologies’ work. The process was painless and professional, and the team was receptive to feedback.

CIO
Telecommunications Company
icon_security

Network security

We have been developing network security software since 2008. During these years we have delivered tens of projects using various open source software and made deep changes and wide extensions of the software. We know a lot about network security and we provide consulting services in the area.

icon_ddos

DDoS protection

Being developers of Tempesta FW, an HTTPS reverse proxy with advanced application layer (L7) DDoS mitigation features, we know a lot about the modern DDoS attacks and the state-of-the-art DDoS protection open source projects.

To protect you against L7 DDoS attacks we properly tune your web stack and the operating system, set up the most suitable open source solutions, provide you handy scripts for the logs analyzing and requests classification. We guide you how to deploy a cheap CDN-alternative solution using inexpensive public clouds to mitigate volumetric DDoS attacks.

Read about the case of our consulting of a web hosting company in application layer DDoS mitigation.

icon_WAF

Application security

We developed the core of a WAF mentioned in the Gartner magic quadrant 2015. Wallarm commissioned us development of their open source SQL detection library (read more about the case). We also develop Tempesta FW, an open source WAF accelerator.

With the significant background in the field We can help you to set up and properly tune ModSecurity, NAXSI, Suricata, Zeek, and other open source network security software to build a solid protection of your web site.

icon_cryptography

Cryptography

Our engineers developed and optimized performance of several VPN products based on the IPsec and IKE protocols. During our work on Tempesta TLS we improved the original mbed TLS performance for more than 40 times and reported a side channel attack vulnerability for the WolfSSL library. Tempesta TLS outperforms OpenSSL for more than 80% and provides up to 4 times lower latency.

Our expertise can be beneficial in blockchain VPN, TLS, and other projects dealing with cryptography.

VPN engines

Read a review from a UK Cybersecurity company how did we help them to improve OpenVPN performance.

The case study about performance optimization of a proprietary VPN engine.

icon_monitoring

Security assessment

Experienced hackers can break even very carefully developed and administered systems, so security assessment performed by external experts reveals vulnerabilities that eluded the development team’s eyes. Our experts reveal vulnerabilities in web applications, Linux/Unix networked systems and C/C++ source code.

Penetration testing

We use automated security scanners and manual methods to reveal vulnerabilities on different software levels including SQL injections, XSS, content spoofing, OS commanding, race conditions, authorization bypassing, buffer overflows, DoS, etc.

Source code analysis

C and C++ work directly with system memory, threads and system calls, so the resulting code is very fast, but may have bugs, which are hard to find, but may lead to severe security issues. Our experienced engineers with a security background review your C/C++ code for possible vulnerabilities, e.g. check the side channel attack vulnerability in the WolfSSL library discovered by our team.

icon_howwework

How we work

arrow1

We start from the discussion of the issues and targets and what we need from your side to launch the projects, signing the NDA and the contract.

arrow2

The actual analysis is started and we provide you daily or bidaily status updates via email or messenger like Slack. Typically we use Google Docs for the analysis report, which is also updated several times per week.

arrow1

When the investigations are finished we discuss the report and you can request additional research. We finish the consulting assignments with precise recommendations on how to fix the security of performance issues.

icon_whyus

Why us?

arrow2

Consulting projects require outstanding expertise, so only principal and fellow engineers of our team perform the assignments. The average experience of the experts is 15-20 years in the high performance and security areas.

arrow1

As the developers of tens of high-performance network security products, we know many performance and security gotchas.

arrow2

Typically we work on an hourly basis, but our typical contract and frequent status updates allow you to cancel the project quickly if you’re not happy with the progress.

Case Studies

Kinescope
18 October 2022

Kinescope

We provided consulting services to improve performance of the video on demand and live video CDN edge nodes. We collected the time series data on the CDN operation statistics and developed a C++ data crunching program, which computes various web cache metrics. The metrics can be directly used to estimate the hardware configuration for a CDN edge node, which is the most optimal in terms of performance and cost. Read the full client review.
Core Sound Imaging
26 October 2022

Core Sound Imaging

We analyzed performance of a MySQL node and an NFS filesystem running on top of a powerful RAID configuration. Besides recommendations on how to improve performance of the current installations, our team has answered sophisticated questions about the nature of the performance issues, including the internals of the EXT4 filesystem journaling.
NetActuate
2 October 2023

NetActuate

A full CDN PoC, including a the control plane onboarding new clients and managing the proxy nodes, and the data plane with proxy nodes built on top of Tempesta FW was developed and launched by our team. Tempesta FW and other software for anycast operating nodes is deployed in fully automated CI/CD pipeline.
G-Core Labs
26 October 2022

G-Core Labs

We analyzed performance of a production CDN edge node running in one of the largest European Internet exchange. The Linux scheduler issue was revealed using advanced eBPF and perf scripts. That was a very exciting assignment and you can enjoy reading all the technical details about it in our blog post.
Jet Infosystems
26 October 2022

Jet Infosystems

We developed a mathematical model for an enterprise p2p (torrent) network, which describes the processes in the p2p network and builds the most efficient downloading and uploading strategies for the peers.
GalleryMedia
26 October 2022

GalleryMedia

Penetration testing, performed by our team, has revealed a number of web application and networking configuration issues, including firewall and DNS server misconfigurations and exposing internal resources.
WolfSSL
26 October 2022

WolfSSL

During our work on Tempesta TLS we have deeply analyzed the code of mbed TLS, OpenSSL and WolfSSL libraries, especially in the elliptic curves implementations. We reported a side channel attack vulnerability in the WolfSSL ECDSA implementation
Masterhost
10 October 2022

Masterhost

We significantly extended features and performance of the Masterhost's massive shared hosting infrastructure.
  • A FreeBSD kernel module and an Apache HTTPD patch for high performance user switching to execute PHP scripts. The result of the project allowed the web hosting company to switch users much faster than any other existing mechanisms.
  • MySQL accounting and users limiting. MySQL and FreeBSD kernels were patched. The FreeBSD patch for per-thread rusage CPU statistics was merged into the mainstream FreeBSD source code.
  • Research in application layer DDoS mitigation algorithms based on analyzing of web users transitions among web site pages (behavior analyzing). The proposed scheme allowed to analyze million of users online on an entry level hardware.

Powered by Tempesta FW

Stay up to date with our latest developments

Useful Links

Home
Blog

Tempesta® FW

Features
Performance
Deployment
Support
Knowledge Base

Services

Software Development
Performance analysis
Network Security

Solutions

DDoS Protection

Web Acceleration

Company

Research
Careers
Contact