Cloud-Native DMS Platform
Smart Device
Management.
Scaled for the Future.
A cloud platform for managing routers, CPE, and IoT devices from one place. It helps teams set up devices, monitor them, push updates, and keep service stable without onsite work.
3
Cloud Zones
TLS 1.3
Secure Transport
∞
Auto-Scale
99.9%
Uptime SLA
›DMS Controller v3.2.1 — Online
›Initializing TR-069 ACS endpoint…
✓ ACS bound to :7547 (HTTPS)
✓ TR-369 USP Agent connected
›Loading GKE node pool…
✓ us-central1-a [READY] 3 nodes
✓ us-central1-b [READY] 3 nodes
✓ us-central1-c [READY] 3 nodes
›PostgreSQL · Redis · ClickHouse
✓ All datastores healthy
›Syncing device fleet…
⏳ 4,812 devices provisioned
ℹ Telemetry stream active — Grafana HA
›System fully operational. ▌
TR-069 ACS
TR-369 USP
GCP SaaS
TLS 1.3
GCP-SaaS Infrastructure
Built on Geo-Redundant
Cloud Architecture
Deployed on Google Cloud Platform with a regional GKE cluster across three zones, so the platform stays available, scales with demand, and keeps running during upgrades.
Access Layer
Cloud Load Balancer
Anycast IP
WAF Protection
DDoS Protection
TLS 1.3
Let’s Encrypt
↓
GKE Cluster — Kubernetes Orchestration
us-central1-a
us-central1-b
us-central1-c
ACS / USP Controllers
API Gateway
Telemetry Collector
Auto-Scaler (HPA)
↓
Data & Caching Layer
PostgreSQL
HA Primary
Redis Cache
ClickHouse
GCS Object Storage
Regional Cluster
A 9-node GKE pool spread across three zones for redundancy and failure isolation.
Horizontal Auto-Scale
Kubernetes HPA adds or removes controller replicas automatically as load changes.
Zero-Downtime Deploy
Rolling updates keep device management available while the platform is being upgraded.
Sovereign Security
Enterprise-Grade
Security by Default
Every connection is protected with encryption and access controls, so the platform stays secure while devices are managed remotely.
TLS 1.3 Encryption
All ACS and USP communications are encrypted using TLS 1.3 with automatic certificate management.
HTTP Digest Authentication
Per-device credentials help prevent unauthorized device registration and replay attacks.
Subnet Access Restrictions
Management interfaces can be restricted to approved subnets and admin endpoints.
Security Status
All systems nominal
TLS 1.3
ACTIVE
HTTP Digest Auth
ENFORCED
Subnet Firewall
LOCKED
Fleet Telemetry — Real-time
LIVE
Online Devices
4,812
Alerts
3
Real-Time Analytics
Visibility Across Every Device
Real-time telemetry shows which devices are online, where alerts are happening, and how the fleet is performing.
Plain-Language Overview
What this service does in simple terms
It lets internet providers and enterprise teams manage many devices from one dashboard. You can set them up, update them, check their status, and fix problems without going onsite.
Start Fast
Remote Provisioning
Automatically onboard devices and apply the correct settings when they first connect.
See Health
Monitoring and Alerts
Track uptime, performance, and alerts so your team can act before customers notice issues.
Stay Secure
OTA Controlled Updates
Push firmware and policy changes safely while keeping device access tightly controlled.
Who Uses It
Built for the people who manage large fleets
These use cases are written for non-technical readers, but they still keep the technical foundation visible for teams that need it.
Internet Service Providers
Use DMS to activate customer routers, reduce truck rolls, and keep support work in one place.
Enterprise IT Teams
Monitor branch devices, enforce policies, and fix issues remotely across offices and sites.
IoT Fleet Operations
Track gateways and connected devices in the field with telemetry-backed diagnostics.
Quick FAQ
Common questions, answered simply
Question 1
Can it manage old and new devices?
Yes. It supports mixed fleets with TR-069 for legacy devices and TR-369 for newer ones.
Question 2
Does it help reduce support work?
Yes. Remote setup, monitoring, and updates mean many issues can be solved without field visits.
Question 3
Is this only for telecom providers?
No. It is also useful for enterprise IT teams and managed network operators with distributed device fleets.
Question 4
Can security policies be customized?
Yes. Teams can apply controls such as encryption settings, credential policies, subnet restrictions, and optional VPN integration.
Logical Architecture
Core Components
Go · Python
ACS / USP Controller
The core of the platform — handles all TR-069 CWMP sessions and TR-369 USP messaging.
Redis 7
Caching Layer
Redis provides sub-millisecond caching for active device sessions.
PostgreSQL 16
Persistent Database
Authoritative source of truth for device inventory and config profiles.
Protocol Standards
Dual-Protocol Support
TR-069 ACS
The industry-standard CWMP protocol for CPE device management.
TR-369 USP
The next-generation BBF standard built for IoT scale and speed.