Skip to main content
Klyrix/platform
LoginSign Up

Your RDP infrastructure,
running on its own.

Redundant architecture, self-healing servers, office-hours VPN and full session recordings. One panel, four plans, first three sessions on us.

Get started free

Sound familiar?

What every IT team lived through before Klyrix existed.

VDI licensing keeps compounding

Citrix/VMware bills grow with every renewal and a new 'tier' shows up each year.

IT solves the same 5 tickets

Password reset, printer install, Office, frozen screen, broken profile — the loop never ends.

After-hours outages are brutal

Friday 22:00 RDP drops, nobody can log in, and the logoff script is also dead.

Offboarded users linger

Exit form filed, AD account still active 6 months later, WG key roaming free.

Four promises

Four pillars that explain Klyrix in one line. The rest is detail.

100%
yours

Own your infrastructure

Runs on Contabo or your own VPS (BYOS). You hold the keys; we just orchestrate.

0
open ports

Security-first

WireGuard mandatory entry, single-device lock, no open port without a handshake.

9
watchdog layers

Self-healing

9 watchdog layers: from BSOD to certs, every failure is repaired before you notice.

200+
ready apps

Zero-IT operations

200+ one-click apps, first 3 users free, 99.5% SLA.

How the system flows

From click to session — what happens in 5 steps.

01

WireGuard tunnel

User authenticates with WG key first. No open port without the key.

02

Identity & role check

AD + Klyrix role matrix: which farm, which role, which hours?

03

Smart routing

HAProxy hits the least-loaded RDS node; failed nodes are skipped; sessions auto-redirect.

04

Profile center

FSLogix containers synced via DRBD. Wherever you land — same desktop.

05

Self-healing in background

9 watchdog layers: BSOD, hibernate, WinRM, certs, disk, spooler — all auto-remediated.

Core VDS / RDP

Everything you need to run a desktop fleet — from one console.

One console, many farms

Manage every independent VDS farm from a single panel.

RDP seat provisioning

Windows Server 2022/2025 sessions; first 3 users free, then $99/user/month.

Auto-scaling RDS

Add unlimited RDP nodes (16 users/node); capacity-aware daily scaling.

One-click server wizard

IP/user/password → cloud-init → bootstrap → metrics; a new node in minutes.

Bring your own server (BYOS)

Register Contabo or an existing VPS; via SSH on any provider. Your hardware.

Active-Active Multi-Tenant Isolation

One click, every server, same result

Office, Adobe, your in-house app. Pick from a 200+ catalog, choose target servers, get back to work. New servers receive the same apps automatically.

  • Completely isolated tenant databases and file systems
  • Instantly scalable infrastructure with zero conflict risks
  • Dynamic routing to least-loaded node via HAProxy load balancing
  • One-click provisioning for over 200+ enterprise applications
Explore Now
[VDS Farms Active-Active Simulation]
ACTIVE-ACTIVE HA
HAProxy LoadBalancerLeast Connections
Active isolation: Tenant Alpha database container is 100% physically firewalled.
Switch

Pricing at a glance

Pay only for what you use. Three users free in every plan; flat price after — no surprises.

Minimum

Essentials — getting started

49 USD/mo
Mid-month upgrades are prorated daily. Cancel anytime — no lock-in.
  • 1× Gateway + 1× AD-DC (no redundancy)
  • Unlimited RDP scale-out
  • WG + office-hours + AppLocker security
  • No built-in HA — manual recovery on failure
Choose this plan
Recommended

Optimum

Recommended — 1+1 HA pair

199 USD/mo
Mid-month upgrades are prorated daily. Cancel anytime — no lock-in.
  • 2× Gateway (VRRP) + 2× AD-DC (replication)
  • 1+1 userdata-fs HA pair (DRBD)
  • FSLogix shared profiles
  • Auto-failover ~10s (VRRP + DRBD)
  • Zero-downtime planned maintenance
Choose this plan

Ultra

Mission-critical — 1+2 HA triple

499 USD/mo
Mid-month upgrades are prorated daily. Cancel anytime — no lock-in.
  • 3× Gateway + 3× AD-DC + 3× userdata-fs
  • Survives 2 simultaneous node failures
  • Cross-zone failover ~30s (DNS TTL)
  • Strict monitoring thresholds
  • Certified 11×9 cold backup (R2 / B2 / S3)
  • Everything in Optimum
Choose this plan
Extra RDP seats$99/user/mo
First 3 free in every plan, prorated daily.
Klyrix HR module$5/user/mo
Bundled price; $15 standalone.
Session DVRadd-on
250ms scrub recording, 7-day retention.
Warm backup setadd-on
Always-on synced standby, 2-min failover.
Cold standby + APIadd-on
Off-site bucket + RESTful API gateway.

Consolidated Invoice Calculator

Utilization is tracked daily. Upgrades are prorated down to the day and combined into a single consolidated monthly invoice. First 3 users are free on every plan.

Total Active Users5
1First 3 users free200
Dedicated VDS Farms1
1 (Min Plan)2 - 3 (Optimum Plan)4+ (Ultra Plan)
Optional Add-ons & Standby

Consolidated Invoice Summary

VDS Base Plan: Minimum1 Farm infrastructure license
$49
User Sessions5 Users (first 3 free)
$198
Est. Monthly Total$247
DAILY SLOT COSTConsolidated, prorated daily cost
$8.23/gün
Start 14-Day Free Trial

Your first 14 days

No contract, no credit card. Everything ready — just press the next button.

00
Minute 0

Sign up & grab WG

Email sign-in, WireGuard QR ready. First farm provisions in 3 minutes.

01
Day 1

First 3 users + apps

Add people to AD, pick department. Install what you need from 200+ catalog.

02
Day 3

Policies settle in

Pick AppLocker profile, set office hours, toggle DVR, audit log starts streaming.

03
Day 7

HA tier decision

After real traffic, pick Minimum/Optimum/Ultra. Day-level prorated billing.

Day 14

Move to billing

Happy? Add a card. Not happy? One-click cancel, zero lock-in.

Architecture and growth

Your main system is deployed redundantly from day one; add unlimited RDP, warm and cold servers on top. WireGuard required at the gate, office-hours enforced every time.

Klyrix · canlı mimari simülasyonu
Bölüm 1/5
HA CLUSTER DURUMU99.98%
Sistem Yükü:Normal (34%)Aktif Node:5 / 5 ÇevrimiçiSenkron:Eşzamanlı (DRBD)
PERSONELYetkili kullanıcılarWIREGUARD TÜNELİ
AESŞifreli, cihaz-kilitliGEÇİT
WG harici
Mesai dışıMesai kontrolüRDP SUNUCULAR · +SINIRSIZR1R3R5ANA SİSTEM · HA CLUSTERM1M2M3M4M5WARM YEDEK · +SINIRSIZW1W2W3COLD YEDEK · +SINIRSIZC1C2C3Restic + 3 farklı sağlayıcı
Bölüm 1 / 5

Your main system is internally redundant

The main system isn't a single server — it's a cluster of synced nodes. If one node fails unexpectedly, another takes over the load in seconds. Your users never notice a thing.

Security that handles itself

Servers closed to the internet, keys in your hand. Staff only get in on the terms you set.

Your servers are invisible online

Outsiders can't even check if 'the system is up' — no ports, no IPs, no door. Inside only via the WireGuard certificate you issue, one device per user. Compromised? Revoke in one click.

Off-hours lock, by the clock

You define working hours; outside them VPN drops and RDP closes. Need an exception? Grant a one-off. Night-shift staff get their own window — individual rules, not blanket policy.

Unapproved apps don't start

Only apps you've approved can run. Downloaded .exe, sneaky .msi, queued installers — none of it launches. Virus, ransomware and surprise-software incidents drop to zero.

16 controls × 4 roles, one table

Staff, Supervisor, Manager, Admin. USB ports, screenshots, printing, clipboard — manage who can use what from a single matrix.

Single-device enforcement

One physical device per user (MB+disk+CPU+MAC fingerprint); changes need admin approval.

Immutable audit logs

Every action logged and undeletable — searchable by user, action, timestamp.

Clipboard tracking

Copy/paste operations logged with direction and source/target window.

Screen watermark

Semi-transparent user/time/server stamp on every session for accountability.

URL filtering by hours

Social, streaming, gaming and P2P blocked during shift hours; open after.

SECURITY & COMPLIANCE MATRIXKlyrix PlatformCitrix / VMware (Legacy VDI)Traditional RDP
VPN Network Access
WG Mesh device-bound tunnels.
Forced WG Mesh
SSL Gateway
Exposed port 3389
AD Privilege Control
JIT Elevation with 5min auto-revocation.
5-60min JIT elevation
Permanent Groups
Permanent AD Admin
Remediation watchdog
9 layers: BSOD, WinRM, Spooler re-healers.
9-layer Watchdog
Manual alerts/pager
Manual VM reboots
User Compliance Tracking
GPO URL Logger & looping Session DVR.
URL Logger + DVR
Expensive log addons
No audit path
High Availability
1+1 Active-Active DRBD sync replication.
VRRP + DRBD HA pair
VDI cluster / SAN storage
No shared user profile
SaaS License Structure
Daily prorated consolidated flat cost.
3 Free + Consolidated
Compounding per-seat VDI
Exorbitant CAL licenses

Self-correcting infrastructure

When something breaks, it doesn't call you. It tries to fix itself first — and usually does.

No 3am phone calls

Service crashed, driver hung, screen frozen. Nine recovery layers spot the issue, restart, verify, log. You read the report with your morning coffee.

Recovery — 6 steps, one click

Restoring from cold backup isn't an hour of panic, it's a 15-minute automated flow. New server boots, data restores, users activate, DNS updates — you just confirm.

Stuck services restart themselves

When print spooler dies, your staff don't call you — the agent restarts it before they notice. RDP service, license service, log service — all caught the moment they fall.

One click, every server, same result

Office, Adobe, your in-house app. Pick from a 200+ catalog, choose target servers, get back to work. New servers receive the same apps automatically.

Windows licensing — handled

Add a new server and RDP CALs activate themselves. No Microsoft portal navigation, no key entry — the Server 2025 hardened flow runs in the background.

Watchdog Watchers

ONLINE

Nine watchdog layers continually query nodes, Active Directory services, and WireGuard tunnels for instant anomaly resolution.

BSOD Monitor
WinRM Service
Print Spooler
SSL/AD Certs
Disk Quotas
VRRP HA Gateway
DRBD Profile Sync
JIT Watchdog
EDR/SIEM Agent
Query Frequency
100ms
Remediated
0
klyrix-watchdog-terminal ~ ssh optimum.01

See what's happening

Track staff productivity, system health and compliance from one panel. No extra tools.

Every session recorded like video

Need a specific moment? Jump to last Tuesday 14:32 and watch the screen. Live windows open on demand. Staff see a 'recording' watermark — both deterrent and legally clear.

USB plugged, clipboard copied, file moved

Which apps stayed open, who plugged in USB, which file got copied, what came through the clipboard. Suspect a leak? One search finds it. Routine audit? Export CSV.

Who, what, when — recorded

Admin actions and system events land in timestamped logs. Deleted a user, changed a setting, took a backup — searchable, downloadable, audit-ready.

Visual work-hours dashboard

Daily active time, busy hours, break patterns — all in one graph. No separate time-tracking tool to buy and train staff on.

Farm health %

Live servers-online ratio and a per-farm health score at a glance. A failing node turns red instantly; a trend chart shows the last 24 hours of fluctuation.

Server grid

Per-server CPU, RAM, disk and network usage plus last-heartbeat time. Metrics over threshold are color-coded; click through to the node detail.

Open alerts

Unresolved issues sorted by severity (P0–P3) with auto-refresh. Each alert arrives with its source node, the rule that fired it and a suggested action.

Backup status

Type, time and result of the latest backup per farm. Failed or overdue backups surface instantly; restore points are listed on a timeline.

WireGuard peer monitor

Per-user WireGuard status: assigned IP, last handshake, live data rate and connected device. Dropped peers or single-device-rule violations are flagged.

Klyrix HR — personnel via Telegram

Hiring, leave, sessions — all in one panel. Your staff talk to a bot in their pocket.

Staff message the bot, it handles it

'How many hours this week?' 'Leave tomorrow.' 'Log me off.' — Telegram bot takes it, hits the system, replies. No forms, no portals, no IT tickets.

Hiring, transfer, offboarding — one panel

Hiring, role changes, department transfers, offboarding — all run through HR panel. Windows account, RDP slot, permissions sync automatically.

Weekly shift scheduling

Per-user per-day schedule with shift-transition peak calc for server sizing.

Auto-offboarding

Marked inactive in HR → AD account disabled, WG keys revoked, seat freed.

Federated identity (SCIM)

HRIS → Klyrix → AD sync with slot-reservation seat model.

$5 / user with Klyrix VDS · standalone klyrix-hr is $15. Bundle saves 66%.

Integrations

Talks to your existing tools; not a closed box.

Active Directory + GPO

Automatic AD join, AppLocker/RDP/security GPOs, Credential Guard + NLA.

White-label RDP domain

rdp.yourco.com CNAME → Klyrix HAProxy; LetsEncrypt SSL auto-renews.

Telegram bot

WG config + RDP link + QR for new hires; operators trigger manual actions via Telegram.

Email webhooks

Audit events + notifications over Resend SMTP.

API gateway (add-on)

RESTful endpoints for customer scripts; unlocked with subscription.

Built for these teams

One tool, 4 operations — same muscles, different shapes.

5–50 people

SMB

RDP infra without an IT team. First 3 users free, 200+ apps one-click.

50–200 people

Operations

AD integration, department-aware role matrix, office-hour lock, audit log.

100–500+ people

BPO / Call center

Shift access, session DVR, scrub for QA, USB/clipboard tracking.

Any size

Regulated (Legal/Finance)

AppLocker allowlist, GDPR-compliant tracking, strict role layers, immutable logs.

Klyrix Family

Klyrix is not a single product, but four modules designed for a running business. Start from whichever one you need.

Klyrix/platformLive
Fleet Orchestration

The brain of your server fleet. VDI/RDP sessions, license pool, self-healing layer, monitoring and subscription flow in one operator console.

Klyrix/hrLive
Workforce

Employee onboarding, department & permission map, leave tracking. Bound to the platform via AD integration and slot-reserve model.

Klyrix/ledgerLive
Finance

Customer subscriptions, prorated invoicing, VAT/Stripe Tax, revenue reconciliation and white-label invoice templates.

Klyrix/supportLive
Helpdesk

Single-hat helpdesk for customer tickets, SLA dashboard, escalation rules and working-hour auto-assignment.

Questions and answers

Everything you might want to know before signing up.

Does the first-3-free rule apply to every plan?+
Yes. Starter, Pro, Pro + Warm and Pro + Cold all include 3 free RDP users every month. From the 4th user on it's $99 / user, prorated daily.
Do I need a credit card for the 14-day trial?+
No. Just sign up with email. When the trial ends, pick a plan and add payment then. No surprise charges.
Is there a limit on backup servers?+
No. On Pro + Warm and Pro + Cold you add unlimited warm/cold backups from the panel — no separate subscriptions, all included.
Some staff work nights — does the office-hours lock break that?+
No. Work hours are defined per user. Night-shift staff get their own window; day-shift staff can't connect at night.
Does adding more RDP servers cost more?+
No. RDP scale-out servers are included with no limit. You only pay per-seat (from user 4 up).
Does the HR Module bill separately?+
No. Activate HR on a farm and it shows as a line item ($5/user) on your monthly invoice. Standalone klyrix-hr is $15 — bundling with Klyrix VDS saves 66%.
How fast does the system recover?+
On Pro + Warm, automatic failover completes in 5–30 seconds. On Pro + Cold, full disaster recovery to a fresh VDS takes ~15 minutes.
How and when does billing run?+
On the 1st of each month, the previous month is invoiced. Plan fee + per-seat (from user 4) + HR Module (if active) consolidated. Yearly billing saves 17%.

Up and running in minutes

Try 14 days free, no card. Want setup help? Our team remotes in and handles it for you.

Create accountSign in

Trust & Compliance

Audit-ready; the evidence pipeline is visible.

SOC 2 Type IISoonISO 27001SoonGDPRKVKKTrust CenterControl Registry

Encryption at rest & in transit · Supabase Vault secrets · ~150 mapped controls

SOC 2 Type II and ISO 27001 are not yet certified — the control infrastructure is in place; the audit is planned.