Technical infrastructure
Technical & Deployment

Deploy anywhere.
Scale everywhere.

Cloud SaaS, private cloud, on-premise, or hybrid. Standalone, HA, or HADR. Extensible with IoT, GPS, VPN, SSO, MDM. Designed for paper mill IT teams who care about uptime, security, and total cost of ownership.

Talk to solutions engineering ← Pluggable architecture

Deployment Models

Four ways to deploy.

Pick the model that matches your data residency, control, and operating model preferences.

Fastest start

Cloud SaaS

Fully managed multi-tenant SaaS. Zero infrastructure. Auto-scaling, auto-patching, 99.5% SLA. Sign up Monday, transact Friday.

  • Hosted on AWS / Azure / GCP
  • Mumbai + Hyderabad regions
  • Daily backups · 30-day retention
  • Auto-scaling 10–2000+ concurrent users
  • DDoS protection + WAF
Tenant isolation

Private Cloud

Dedicated tenant in customer's preferred cloud (AWS, Azure, OCI). Your VPC, your IAM, your audit policies. Data never crosses tenant boundary.

  • Customer VPC / VNet hosted
  • Single-tenant database
  • Region locked per regulation
  • Customer-managed encryption keys (BYOK)
  • Custom backup + DR policy
Full control

On-Premise

Customer datacenter, customer hardware. Air-gapped or VPN-only access. Suited for mills with strict data residency or regulatory mandates.

  • Customer hardware + datacenter
  • Air-gap or VPN access models
  • Customer-managed PKI
  • Supported via secure remote tunnel
  • Quarterly on-site reviews
Best of both

Hybrid

API + back-end in cloud, planner UI on-prem (or vice versa). Common for mills running Deckle Optimizer on-prem with reporting in cloud.

  • Mixed deployment topology
  • Site-to-site VPN connectivity
  • Edge cache for shop floor
  • Asynchronous data sync
  • Custom failover policies

Environment Topologies

Standalone, HA, HADR.

Match topology to business criticality. Upgrade later without re-implementation.

Standalone

Single node · Dev / Pilot / Small Mill

All services on one server. Simplest topology, lowest cost. Suitable for pilots, single-mill operations, or non-critical environments.

RTO

4 hours

RPO

24 hours

SLA

99.0%

Users

Up to 100

Topology Components

Single Server

App Server

x1

PostgreSQL

x1

Redis

x1

Background Workers

x1

High Availability (HA)

Multi-node · Production · Medium-Large Mill

Load-balanced app servers, primary/replica Postgres, Redis Sentinel, auto-failover. Survives single-node failures without service interruption.

RTO

< 5 min

RPO

< 1 min

SLA

99.5%

Users

Up to 2000

Topology Components

Load Balancer
HAProxy / NGINX
App Tier
Node-1
Node-2
Node-3
Database
Primary
Replica (sync)
Cache
Sentinel-1
Sentinel-2
Sentinel-3
Workers
Worker Pool A
Worker Pool B

HADR (HA + Disaster Recovery)

Multi-region · Mission-critical · Mill Groups

HA cluster in primary region + asynchronous replica cluster in secondary region. Survives region-wide outages. Required for mission-critical mill group operations.

RTO

< 15 min

RPO

< 5 min

SLA

99.95%

Users

5000+

Topology Components

Primary Region (Mumbai)

LB + App x3
Postgres HA
Redis Cluster
Workers

DR Region (Hyderabad)

LB + App x2 (warm)
Postgres replica
Redis (async)
Workers (idle)

↔ Async replication · Global DNS failover · Encrypted vault

Failover

Automatic

Drill

Quarterly

Backup

Multi-region

Sizing Reference

Hardware by scale.

Reference sizing for typical paper-mill deployments. Solutions Engineering tailors per actual workload.

TiervCPURAMStorageDatabaseCacheNetwork
Small (≤ 100 users)8 vCPU32 GB500 GB SSDPostgreSQL 15Redis 7100 Mbps
Medium (100–500)16 vCPU64 GB2 TB SSDPostgreSQL 15Redis 7 (Sentinel)1 Gbps
Large (500–2000)32 vCPU128 GB5 TB SSDPostgreSQL 15 (HA)Redis 7 (Cluster)10 Gbps
Group (2000+)64+ vCPU256+ GB10+ TB NVMePostgreSQL 15 (HADR)Redis 7 (Multi-region)10 Gbps redundant

Software Stack

Open, standard, supported.

Built on proven open-source components. No vendor lock-in on the infrastructure layer.

Operating System

  • · Ubuntu 22.04 LTS
  • · RHEL 9
  • · Rocky Linux 9
  • · Amazon Linux 2023

Runtime

  • · Node.js 20 LTS
  • · Python 3.11+ (ML services)
  • · Docker 24+
  • · Kubernetes 1.28+ (optional)

Database

  • · PostgreSQL 15+
  • · Redis 7+
  • · Object storage (S3 / MinIO)
  • · Optional: TimescaleDB for IoT

Web Layer

  • · NGINX / HAProxy
  • · Cloudflare / AWS WAF
  • · TLS 1.3 mandatory
  • · HTTP/2 + HTTP/3

Monitoring

  • · Prometheus + Grafana
  • · Loki / ELK stack
  • · OpenTelemetry tracing
  • · PagerDuty / Opsgenie

Backup

  • · pg_basebackup + WAL archiving
  • · S3 cross-region replication
  • · MinIO multi-site
  • · Restic for filesystem snapshots

Extensions & Integrations

Plugs into your ecosystem.

IoT, GPS, VPN, SSO, MDM, ERP, statutory portals — Papyrus BPApp connects to what you already run.

IoT / SCADA Integration

Connect mill machine sensors, SCADA systems, and PLCs for real-time data ingestion.

  • · Protocol support: OPC-UA, Modbus TCP, MQTT, REST
  • · Time-series storage (TimescaleDB extension)
  • · Edge gateway for offline buffering
  • · Real-time stream into OEE, Maintenance, Quality
  • · Predictive maintenance ML pipelines

GPS / Vehicle Tracking

Track dispatch vehicles, field service technicians, and inter-warehouse transfers in real time.

  • · Driver mobile app with continuous GPS
  • · Geo-fencing for plant entry/exit
  • · ETA prediction with traffic data
  • · Route optimization (TSP solver)
  • · Customer auto-notification on arrival window

Cloud Backup & DR

Encrypted backups to cloud object storage with cross-region replication.

  • · Continuous WAL streaming to S3 / Azure Blob
  • · Point-in-Time Recovery (PITR) to any minute
  • · Cross-region async replication
  • · Encrypted at rest (AES-256) + in transit (TLS 1.3)
  • · Quarterly DR drill validation

VPN / Secure Access

Restrict platform access to corporate network or trusted endpoints.

  • · Site-to-site IPsec / WireGuard VPN
  • · Client VPN (OpenVPN, WireGuard)
  • · IP allowlisting at WAF layer
  • · Zero Trust Network Access (ZTNA) supported
  • · Bastion / jump host for admin access

SSO / Identity

Federate authentication with corporate identity providers.

  • · SAML 2.0 (Okta, OneLogin, Azure AD)
  • · OAuth 2.0 / OIDC
  • · LDAP / Active Directory sync
  • · MFA enforcement per role
  • · SCIM provisioning + auto-deprovisioning

Mobile Device Management

Manage company-issued mobiles + tablets used on shop floor and field.

  • · MDM integration (Jamf, Intune, AirWatch)
  • · Remote wipe on device loss
  • · App distribution + version control
  • · Per-device certificate auth
  • · Compliance policies enforced before app login

ERP Integration

Pre-built and custom connectors to existing business systems.

  • · SAP S/4HANA · SAP ECC
  • · Oracle ERP Cloud
  • · Microsoft Dynamics 365
  • · Tally Prime · Tally ERP 9
  • · Custom REST / SOAP / webhook

Statutory Portals

Direct integration with Indian government portals for compliance filings.

  • · GSTN (e-invoice IRN generation)
  • · NIC (e-Way Bill)
  • · EPFO (PF ECR upload)
  • · ESIC return submission
  • · Income Tax (TDS / Form 24Q)

Monitoring & Observability

External monitoring tools and observability stack.

  • · Datadog · New Relic · Dynatrace
  • · Sentry for error tracking
  • · Custom Prometheus exporters
  • · OpenTelemetry distributed tracing
  • · Slack / Teams / Opsgenie alert routing

Security & Compliance

Encrypted. Audited. Compliant.

Security built into every layer. Audit-ready evidence trails for SOC 2, ISO 27001, GDPR, and Indian regulatory requirements.

Encryption at rest (AES-256)

TLS 1.3 in transit

BYOK (Bring Your Own Key) supported

SOC 2 Type II ready

ISO 27001 controls

GDPR + DPDP Act compliant

Aadhaar Act §29 audit logs

IT Act §43A sensitive data handling

Installation Plan

From kickoff to go-live in 2 weeks.

Standard timeline for cloud or on-prem deployment. Solutions engineering tailors based on integration scope.

D1
Day 1·

Infra provisioning

  • Servers / VPC / VNet setup
  • DNS + TLS certificates
  • Storage allocation
  • Network rules + firewall
D2
Day 2·

Stack installation

  • OS hardening
  • Docker / Kubernetes setup
  • Postgres + Redis install
  • Object storage configuration
D3
Day 3·

Platform deployment

  • Papyrus BPApp services deploy
  • Database schema migration
  • Cache warm-up
  • Health check validation
D4-5
Day 4-5·

Configuration

  • Company / branch / plant setup
  • RBAC roles + users
  • Integration endpoints
  • Feature toggles per company
D6-7
Day 6-7·

Data migration + UAT

  • Master data import
  • Opening balances
  • User acceptance testing
  • Mock cutover dry run
W2
Week 2·

Go-live

  • Production cutover
  • On-site support
  • Monitoring dashboards live
  • Hypercare period begins
Paper mill

Ready to modernize your mill?

See Papyrus BPApp
in your mill.

Book a personalized demo. We'll walk through every module relevant to your operation — from Deckle optimization to GSTR-3B compliance.

Request a DemoEmail us directly
CallRequest Demo