Maxim Lanies — Founder of 2GC and CloudBridge Relay
Maxim Lanies is an information security expert, founder and CEO of the 2GC platform, and the creator of CloudBridge Relay technology. With over 10 years in cybersecurity, he has developed Russian solutions for secure corporate access.
- Mission: To create a domestic alternative to foreign VPNs and proxies, making corporate access simple and secure.
- Expertise: Zero Trust, corporate networks, automation, scalable solutions.
- Contacts:
LinkedIn | GitHub | m.lanies@2gc.ru
CloudBridge Relay: How We Built the Next-Gen Corporate Tunnel
Architecture: Corporate Network as Cellular
The core is automatic protocol selection:
- QUIC (UDP, RFC 9000) — prioritized, fast, with 0-RTT support and multiplexing.
- HTTP/2 — fallback if UDP is unavailable.
- HTTP/1.1 — last-resort compatibility.
Security: Zero Trust and Modern Authentication
- Never trust by default
- Always verify every connection
- Minimal access rights
- Continuous monitoring
For authentication, we use JWT (JSON Web Token) — a modern, open standard that allows secure transmission of user information and access rights. Each client receives a token signed with a private key and presents it when connecting to a relay.
Why is this important?
For token validation, we use JWKS (JSON Web Key Set) — a special endpoint where public keys for signature verification are stored. Relay servers periodically update keys, allowing quick revocation or replacement without system restart.
Personal Account and Role Model: Control and Convenience for Business
- Manage users and devices
- Assign roles and access rights
- View connection and security event history
- Configure access policies for different departments and projects
The system is based on a flexible role model. Each user receives one or more roles (e.g., “Employee”, “Administrator”, “Guest”), and access rights to resources and actions are determined by the role, not the individual. This allows:
- Easy system scaling as the company grows
- Quickly assign or revoke access when positions change or employees leave
- Guarantee the principle of least privilege: everyone sees and does only what they are allowed
The role model is integrated with JWT-based authentication: information about user roles and rights is included directly in the token, ensuring instant verification and no delays in resource access.
Why is this important?
AI and Automation: A Network That Learns
- The system analyzes user and device behavior
- Predicts peak loads
- Automatically balances traffic between relay nodes
- In case of suspicious activity, can automatically restrict or block the connection
Monitoring and Transparency
The entire system is built around the principle of transparency.
- Prometheus collects metrics from each node
- Grafana visualizes the network state in real time
- Telegram bot notifies administrators of important events