Most growing companies run a flat network — staff laptops, servers, printers and guest Wi-Fi all on the same wire, with nothing stopping anyone reaching anything. It works fine until it doesn't. I fix that, for a fixed price, without the enterprise consulting bill.
17 years in IT · 12+ years in network security · Palo Alto PCNSE certified
Independent — I don't resell hardware or take vendor commissions.
If you answer "no" or "I'm not sure" to any of these, your network has a gap that is cheap to close now and expensive to close later.
All four gaps closed. Three weeks. One fixed price.
Blocking of malware, phishing and inappropriate categories at the DNS layer. Deployed on your existing setup — no new hardware. Includes a written acceptable-use policy your staff can actually read.
A VLAN scheme separating staff, servers, guests and devices, with an access matrix defining exactly what can reach what. Switch configuration templates included for your IT vendor to apply.
A work-from-home design with multi-factor authentication, so people reach only what they need. No shared passwords, no exposed ports.
An asset inventory, a first vulnerability scan with prioritised findings, and a simple patching routine your team can maintain without a dedicated security person.
Hardware. Firewalls, switches, access points, servers. If new equipment is needed, I'll tell you exactly what to buy and why — you purchase it directly from the vendor at their price.
Software licences. Filtering subscriptions, VPN seats, antivirus, scanning tools. Most of what I recommend has a free tier that works fine at your size; where a paid licence is genuinely needed, I'll say so before we start.
Physical installation. Cabling, rack work, on-site device swaps. Your existing IT vendor handles this — I provide the configuration they apply.
Ongoing management. This is a design and setup engagement with written handover, not a managed service. Monthly support is available separately if you want it.
I don't resell hardware, take vendor commissions, or earn anything from what you buy. That's deliberate — it means my recommendation is the cheapest thing that solves your problem, not the most expensive thing I can sell you.
Delivered remotely over three weeks. Every deliverable is a written document you keep — designs, policies, and a remediation list — not a verbal handover.
Check if it fitsNot every office needs everything at once. Each of these stands alone, and the fee is credited if you later take the full pack. All prices are for consulting and design — hardware and licences are never included.
A structured review of your current setup — firewall rules, network layout, exposed services, remote access. You receive a written findings report with every issue rated by risk, and a clear order to fix them in.
A complete segmentation plan: zones, VLAN scheme, inter-zone access rules, and ready-to-apply switch configuration. Your existing IT person or vendor implements it — I design it correctly.
Stop staff reaching malicious or inappropriate sites, and block malware and phishing domains before they load. Deployed in days, on your existing network, with no new equipment to buy.
No sales calls, no lengthy proposals, no surprises on the invoice.
Fill in the form below. Roughly how many people, what you have in place today, what is worrying you. Nothing sensitive — no passwords, no IP addresses, no network diagrams.
If it's a fit, I'll say what I'd recommend and what it costs. If it isn't — if you need something I don't do, or if you don't actually need me yet — I'll tell you that instead.
A paid call, because it keeps my calendar for people who are serious. Afterwards you receive a written summary of your requirements and my recommended approach — yours to keep, whether or not you hire me.
Half upfront, half on delivery. Scope agreed in writing before anything starts, including anything you'll need to buy separately. A mutual NDA is signed before you share a single configuration file.
Takes about five minutes. I read every submission myself.