Pirum Systems

Datacentre Move
Due to notification of early termination of lease in our datacenter (they were decomissioning the building and so everyone was asked to leave). We needed to relocate our production infrastructure without interrupting client service. In less than 3 months we completed a fitout of new racks of equipment in geographically separate datacentres, with high speed divergent links for synchronisation. Even though we were remaining with the same ISP, the location change required a new allocation of IP addresses. This was a logistical issue as many clients had strict firewall rules for service access. Because of this significant resource had to be expended to ensure that everyone was notified and prepared for the IP switchover. To avoid the IP change issue in the future we became a member of RIPE, obtaining our own IP allocations for IPv4 and IPv6, and setup BGP peering with multiple upstream service providers out of both physical sites for maximum redundancy.
Firewall Upgrades
Security requirements of handling financial data called for complex firewall configurations. This was quite difficult to maintain and tune by hand ( several thousand rules on each firewall). I built a tool that would read from a more human readable higher level configuration written in yaml, and calculate all the iptables rules required to meet the specification automatically. The rules would be custom built for each firewall in the infrastructure considering the network topology, and would consolidate duplicate rules, structuring the iptables chains to make the firewall decisions operate in as efficient a manner as possible. Future changes to firewall requirements then became a one or two line change to simple logical config rather than a deep dive into multiple iptables init scripts.

BBC / Siemens

Borg 2
The Borg is the primary ingest and delivery system for all content made available on the BBC website. It offers a standard ftp interface to staff and automated systems, and ensures that what is uploaded is distributed to the appropriate servers for the content type. I was part of the team involved in rolling out this new release, working on bug fixes and feature requests.
Project Ripcord
The BBC had a requirement to automatically Blank1 any programming mentioning the Olympics as the BBC only had streaming rights for the UK. Normally this would actually be scheduled in and our media selector hardware would switch from the live radio feed to a pre-recorded minidisk. However this could only be for planned events. It also needed to happen if a live conversation switched to an Olymipcs topic2 The requirement for a "Big red button" came to us 1 week before the 2004 Olympics. In 4 days I designed, built, tested and deployed an integration into the existing media switching system that would, on request switch a channel to a blanking message, prevent any sheduled switch, while maintaining that switching state, in order to restore back to which ever feed input had been requested.


My work at NetBanx/NetInvest/Transact Group was quite varied, included here is some of the more interesting items.

E-commerce Security
In late 1999 I was asked by the IT Director to write an article on E-commerce Security. I believe it was published in the September 1999 Issue of "Connect Magazine" however I never actually saw it in print :-(. I do still have it of course and it is reproduced here for your amusement. If anyone did see it, I would love to know I got published (well kind of anyway :-) ).
I worked on the original build of Paul Raymonds Sexclub. Installing the web servers. Writing Perl, CGI and SSI code for the interactivity of the site. Integrating it with NetBanx etc. I also built some games in Java for the project. See the Games page for more details.