Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Sovereign Architecture Design
- Threat modeling: identifying cloud dependencies and data egress points.
- Network topology: DMZ, internal zones, management network.
- Hardware selection: server, storage, networking, UPS.
- Disaster recovery sites and air-gap requirements.
Identity and Access Foundation
- Authentik deployment for SSO across all services.
- LDAP directory and group policy design.
- Step CA for service-to-service mTLS.
- YubiKey and hardware token enrollment.
Communication and Collaboration Hub
- Synapse/Element for chat and federation.
- Jitsi Meet for video conferencing.
- Roundcube/Nextcloud Mail for email.
- Nextcloud for file sync, calendars, and contacts.
- OnlyOffice integration for document editing.
Development and Operations Platform
- Gitea for source code and CI/CD.
- Woodpecker CI for automated builds.
- Nexus or Harbor for artifact and container registry.
- Wazuh for security monitoring and compliance.
- Uptime Kuma for service health dashboards.
AI and Knowledge Management
- Ollama deployment with local LLM serving.
- LibreChat for internal AI assistant access.
- Obsidian or Logseq for personal knowledge bases.
- Hoarder/ArchiveBox for web content preservation.
Security and Perimeter
- pfSense or OPNsense firewall deployment.
- Suricata IDS/IPS with custom rules.
- WireGuard/OpenVPN for remote access.
- Pi-hole DNS filtering and local resolution.
- Vaultwarden for team password management.
Backup, DR, and Operations
- BorgBackup central repository for all services.
- Database dump automation and off-site replication.
- Runbook documentation and incident response procedures.
- Capacity planning and scaling triggers.
- Quarterly sovereignty audit and dependency review.
Capstone Project
- Students present their fully operational sovereign stack.
- Peer review of architecture decisions and tradeoffs.
- Load testing and failure injection.
- Documentation handoff and operational readiness assessment.
Requirements
- Advanced Linux, networking, and container orchestration.
- Completion of at least two other Data Sovereignty courses or equivalent experience.
- Familiarity with DNS, TLS, firewall, and backup concepts.
Audience
- Senior infrastructure architects designing sovereign organizations.
- CTOs and CISOs planning digital independence roadmaps.
- Government and defense digital transformation teams.
35 Hours
Testimonials (2)
The knowledge and experience of the consultant, as theoretical topics are addressed by applying them to the reality of processes. The course contains a highly valuable program in information technology management.
Luis Castro Gamboa - Cooperativa De Ahorro Y Credito Ande No. 1 R.L.
Course - Site Reliability Engineering (SRE) Foundation®
Machine Translated
That it was very clear in each specification
Ricardo Ramirez - AMX CONTENIDO
Course - DevOps Leader (DOL)®
Machine Translated
