IT Infrastructure and Cybersecurity Consulting
Practical expertise for SMBs, startups, and individuals. Transparent pricing, no lock-in.
Get in TouchServices
Zero Trust and Identity Security
Replace legacy VPN with policy-driven overlay networks and enforce identity-first access across every application and service.
- ZTNA design and deployment — policy overlay networks replacing traditional VPN
- Identity provider setup with Authentik (OIDC, OAuth2, SAML)
- Single sign-on for self-hosted and internal applications
- Multi-factor authentication enforcement and rollout
- Reverse proxy deployment with authentication middleware (Nginx, Traefik)
- Access policy design and least-privilege review
Network Security Architecture
Perimeter hardening, segmentation, and traffic control across leading platforms and open-source alternatives.
- Firewall design, hardening, and migration (FortiGate, Cisco ASA, pfSense)
- Network segmentation, VLAN design, and micro-segmentation
- NGFW deployment and policy management
- DNS security, filtering, and split-horizon DNS
- Supported platforms: Cisco, Meraki, UniFi, pfSense, FortiGate, ZenArmor
Vulnerability Management
Identify, prioritize, and close security gaps before they become incidents.
- Vulnerability assessments and CVE tracking
- System and service hardening (Linux, Windows, network devices)
- Patch management strategy and cadence review
- Security configuration audits and CIS benchmark alignment
- Security monitoring and alerting (Wazuh, Graylog)
- Remediation planning and verification
ICS and OT Security
Specialized security for operational technology and industrial control environments, aligned to IEC 62443.
- OT/ICS security assessments aligned to IEC 62443
- IT/OT network segmentation and convergence consulting
- Secure remote access design for OT environments
- OT-aware backup and recovery strategies
- Threat detection and incident response for industrial systems
Infrastructure Services
Hypervisor setup, storage design, containerized workloads, and resilient backup architecture.
- Hypervisor setup and management (Proxmox, VMware ESXi)
- Storage design and deployment (TrueNAS, NAS, NFS, ZFS)
- Backup architecture and DR planning
- Containerized workloads (Docker, Kubernetes)
- Connectivity and networking infrastructure
Cost Reduction and Open-Source Migration
Cut licensing costs by migrating from expensive proprietary stacks to proven open-source alternatives.
- ESXi to Proxmox migration
- Cloud storage to self-hosted TrueNAS
- Proprietary network gear to UniFi or pfSense
- Commercial identity providers to self-hosted Authentik
- Subscription elimination and infrastructure optimization
Why Safeqbit
We solve real problems without unnecessary overhead.
No lock-in
We recommend what fits your needs, not what generates recurring revenue. Open standards, open-source tools, and vendor-neutral advice.
Transparent pricing
Flat-rate or usage-based billing. You know exactly what you pay for before any work begins.
Real expertise
Hands-on experience with Proxmox, FortiGate, Cisco, UniFi, TrueNAS, and more. No learning on your dime.
Cost reduction mindset
We actively look for ways to reduce your ongoing infrastructure costs, not increase them.
Selected Projects
A sample of infrastructure and security work delivered for clients.
VMware to Proxmox Migration and Hardware Consolidation
2025Migrated a client's multi-host VMware ESXi environment to Proxmox VE following Broadcom's licensing overhaul, consolidating workloads onto leaner, more efficient hardware. The project covered full VM migration, Proxmox cluster setup, storage replication, and decommissioning of servers that were no longer cost-effective to run under the new VMware licensing model.
Eliminated VMware licensing costs entirely while improving cluster performance and reducing rack footprint
Cloud Workload Migration to Self-Hosted K3s
2026Migrated a client's cloud-hosted Docker workloads to a self-hosted K3s cluster, simplifying operations through Helm-managed deployments. Traefik was deployed as the ingress controller handling TLS termination and routing, while Authentik provided OIDC-based identity management with Cisco Duo enforcing MFA across all application access points.
Reduced monthly cloud spend significantly while adding identity-aware, MFA-enforced access to every workload
NAS Deployment and Linux Desktop Rollout for Ultrasound Clinic
2025Deployed a TrueNAS-based NAS for an ultrasound clinic, centralizing imaging and patient data storage across redundant ZFS pools with automated snapshots and off-site replication. Alongside the storage project, we migrated all clinic workstations from Windows to Fedora Atomic immutable desktops, simplifying endpoint management and eliminating Windows licensing costs across the practice.
Immutable workstations eliminated OS-level drift and reduced IT support time for clinic staff
Post-Incident Hardening and 802.1X NAC Across Campus and Data Center
2024Engaged following a cyber incident to help the client harden their environment and achieve compliance. Deployed 802.1X port-based authentication across 50+ Cisco Catalyst 2900 series campus switches and their Nexus 5K and 9K data center fabric, with Cisco Duo enforcing MFA on all authenticating endpoints. As part of the same remediation effort, we configured Entra ID with Microsoft Authenticator for their corporate VPN, replacing credential-only authentication and closing the access control gaps that contributed to the incident.
Closed the access control gaps that contributed to the incident and achieved full NAC coverage across campus and DC fabric
Who We Work With
From single-person home offices to multi-site businesses.
Small and Medium Businesses
SMBs needing reliable infrastructure, network security, or compliance assistance without enterprise pricing.
Startups
Early-stage companies building foundational IT infrastructure that scales as they grow.
Home Offices and Individuals
Remote workers, freelancers, and home lab enthusiasts who want professional-grade setups.
Multi-Site Operations
Organizations managing connectivity, security, and infrastructure across multiple locations.
Non-Profits and Charities
Mission-driven organizations that need dependable IT without enterprise budgets.
Educational Institutions
Schools, tutoring centers, and training organizations requiring secure and reliable networks.
Medical Clinics
Small practices and clinics needing HIPAA-conscious infrastructure and dependable uptime.
Churches and Houses of Worship
Faith communities managing AV systems, networks, and staff devices on tight budgets.
IT Support Packages
Pay for what you use. Nothing more.
Free 1-Hour Assessment for New Clients
Every new engagement starts with a complimentary one-hour assessment call. We review your current setup, identify gaps, and outline a realistic path forward — no obligation.
Our IT support is billed per actual usage at rates well below market. No retainers, no bloated flat-rate packages, and no surprise invoices.
- Billed per hour, per actual usage
- No monthly retainer or minimum commitment
- Transparent, competitive rates
- Suitable for SMBs, home offices, startups, and multi-site setups
- Remote and on-site support available
About Safeqbit
Safeqbit is a small team of IT and security professionals with hands-on experience across industrial control systems, enterprise networking, and infrastructure. We work directly with clients. No account managers, no ticket queues. When you engage Safeqbit, you work with the people who do the work.
- Direct communication, no intermediaries
- Honest assessments, not sales pitches
- Long-term thinking over short-term fixes
The Team
The people behind the work.
Fadi Qazzazee
Safeqbit Founder
Expertise
Get in Touch
Ready to discuss your infrastructure or security needs?
services@safeqbit.comWe respond to all serious inquiries within one business day.