Linux Services & Systems
Linux system design, domain registration, PEC and managed hosting on Open Source stack
Network services and infrastructure
Since 2000 we have been designing and configuring network services for businesses, public bodies and professionals on Open Source stack. Open-source expertise has been part of the company's DNA since its founding.
After the initial setup, we prefer to remain alongside the client as a technology partner rather than as an occasional supplier.
noze S.r.l. is an essential entity under the NIS2 directive.
Linux System Design & Open Source
We design, install and configure systems based on Linux and foundational Open Source software: web servers, databases, network services, perimeter security. We analyse the context, select the appropriate components and integrate them into a coherent architecture.
- Web servers — Apache HTTP Server, Nginx: configuration, virtual hosts, reverse proxy, TLS termination
- Databases — PostgreSQL, MariaDB: installation, replication, tuning, automated backups
- Email — Postfix, Dovecot, Rspamd: complete email stack on client infrastructure with DKIM, SPF, DMARC
- DNS — BIND, PowerDNS, Unbound: authoritative zones, DNSSEC, split-horizon, validating resolvers
- Monitoring — Prometheus, Grafana, LibreNMS, Zabbix: metrics, alerting, network mapping
Domain Registration & DNS
We have been an accredited Registrar with the Italian Registry since 2002 (code NOZE-REG), when the role was still called maintainer. We register .it domains with DNSSEC and are authorised for edu.it and gov.it. For all other TLDs — over 730 gTLDs and ccTLDs — we rely on international providers such as OpenSRS and Namecheap.
Beyond registration, we manage two types of DNS service:
- Production DNS — Authoritative zones for active domains: A, CNAME, MX, TXT, SPF, DKIM, DMARC, DNSSEC records. Monitored propagation and optimised TTLs for live services.
- DNS parking — Standby configuration for registered domains not yet connected to active services. Courtesy page or redirect, ready for activation when needed.
PEC — Certified Email
We are an Aruba reseller for Certified Email (PEC). PEC is the legally binding communication tool — equivalent to registered mail with return receipt — required by Italian and European regulations for official communications between businesses, professionals and public administration.
- Activation & configuration — Single and multi-user PEC mailboxes with custom domain. Full setup on Outlook, Thunderbird, Apple Mail and mobile clients.
- Authentication DNS records — Configuration of MX, SPF and DKIM records specific to PEC, ensuring correct delivery and legal validity of messages.
- Compliant archiving — Support for legally compliant message archiving according to AgID technical rules, with integration into the client's document workflows.
- Migration — Transfer of PEC mailboxes from other accredited providers without message loss and with service continuity.
Managed Hosting
Our managed hosting is a service designed and built to measure, distinct from off-the-shelf shared hosting: we select the components, configure them according to best practices, monitor them and keep them up to date.
- Open-source stack — Apache or Nginx, PostgreSQL or MariaDB, PHP-FPM or application-specific runtimes. Every component selected for the use case.
- On-premise or client cloud — We preferably install on client-owned resources: dedicated servers, VMs or cloud accounts. Data and infrastructure remain under the client's control.
- Hardening & security — Configuration according to CIS benchmarks, automatic TLS certificates via Let's Encrypt, firewall, managed security updates.
- Backup & monitoring — Daily backups with Restic or BorgBackup, proactive monitoring with structured alerting.
- Automation — Every environment is described by versioned, idempotent Ansible playbooks. Reproducible, auditable, documented.
Linux, Open Source & System Administration
These are not line items on a price list: they are the technical depth we bring to every project. We list them to help assess the scope of the collaboration.
We choose free software because it is inspectable, modifiable and backed by global communities. For our clients this means transparency, zero vendor lock-in and full control over the infrastructure.
- Linux distributions: Debian, Ubuntu Server, RHEL/AlmaLinux, Rocky Linux
- Virtualisation: KVM, Proxmox VE
- Storage: LVM, software RAID, NFS, GlusterFS, ZFS
- Networking: VLANs, bonding, bridging, routing with FRRouting (BGP, OSPF)
- Firewall & IDS: nftables, Suricata, Fail2Ban
- VPN: WireGuard, OpenVPN
- Web servers: Apache, Nginx, HAProxy, Keepalived
- Databases: PostgreSQL, MariaDB, replication and tuning
- Email: Postfix, Dovecot, Rspamd, DKIM/SPF/DMARC
- DNS: BIND, PowerDNS, Unbound, DNSSEC
- Monitoring: Prometheus, Grafana, Zabbix, LibreNMS
- Automation: Ansible, Terraform, Restic, BorgBackup
- Authentication: OpenLDAP, FreeRADIUS, 802.1X
Frequently Asked Questions
Which TLDs can I register through noze?
For .it domains we have been operating as an accredited Registrar with the Italian Registry (Registro.it, code NOZE-REG) since 2002, when the role was still called maintainer. We register with DNSSEC and are authorised for institutional edu.it and gov.it domains. For all other TLDs — over 730 gTLDs and ccTLDs — we rely on international providers such as OpenSRS and Namecheap. We manage the full lifecycle: registration, transfer, renewal and registrant changes.
What is the difference between production DNS and DNS parking?
Production DNS is the active configuration that resolves the domain to real services: web servers, mail servers, validation records. We manage it with authoritative zones, DNSSEC and propagation monitoring. DNS parking, on the other hand, is a standby configuration for registered domains not yet connected to active services: it keeps the domain reachable with a courtesy page or redirect, ready for activation.
What kind of hosting do you offer?
Our managed hosting is not off-the-shelf hosting. The stack is fully Open Source — Apache/Nginx, MariaDB/PostgreSQL — and is configured, hardened and monitored by us. We prefer to install it on-premise at the client's site or on cloud resources owned by the client: data and infrastructure remain under your control, we handle operations.
Why do you choose Open Source software?
It's not about saving money — it's a technical and strategic choice. Open-source software is inspectable, modifiable and doesn't create dependency on a single vendor. Projects like Linux, Apache, PostgreSQL and WireGuard have global communities and lifecycles that outlast many commercial products. For us, this means guaranteeing transparency, continuity and full control over our clients' infrastructure.
What sets your approach apart?
We have been on Linux since 2000, we are classified as an essential entity under the NIS2 directive and we work as the client's technology partner. After the initial setup, we stay alongside the team for hardening, monitoring and infrastructure evolution.
How do you handle PEC (Certified Email)?
We are an Aruba reseller for PEC. We activate compliant mailboxes, configure access from standard email clients (Outlook, Thunderbird, smartphones) and support compliant archiving. For businesses, we offer multi-user PEC with a custom domain and authentication DNS record configuration.
SMEs
NIS2, security and AI governance for SMEs.
IndustryPublic Administration
On-premise AI for municipalities and regions.
IndustryHealthcare
On-premise clinical AI, MDR, sovereign data.
IndustryResearch & Academia
25+ years of applied R&D, partner of European consortia.
IndustryMSPs & SIs
White-label, enterprise support, dedicated channel.
IndustryProfessional Firms & Consultants
NIS2, AI Act and GDPR compliance for firms and consultants.
Let's discuss your project
Describe your context: we'll assess the most suitable solution together.