PRODUCT & SERVICE CATALOGUE
ASTRACMITS
Software · Security · Infrastructure — built for regulated Indian businesses.
Privacy is not a feature — it’s a right: your data stays sovereign, on infrastructure you own.
One partner for the operating system, the network it runs on, and the compliance file that satisfies your auditor.
Proof points
- 10 sector-specific operating systems — built, deployed, demo-able today
- 12 managed-IT and specialist service lines
- DPDPA-ready · India-hosted · on-prem, cloud, or hybrid
- Pilots and live deployments across Himachal Pradesh and Delhi NCR
See it live
- Catalogue (this document) — www.astracmits.org/catalogue
- Product demos (request-gated) — demo.astracmits.org
- Ongoing development projects — dev.astracmits.org
Version 1 · 05 June 2026
02
The catalogue at a glance
Three lanes. Scan in 10 seconds, find what you need on the next page.
| Products — AstraOS family | Services | Managed IT & Infrastructure |
|---|---|---|
| AstraLIFE — Hospitals & clinics | Cybersecurity & VAPT | Helpdesk & end-user support (<4 hr SLA) |
| AstraGMP — Pharma manufacturing | DPDPA 2023 compliance | Network, Wi-Fi & SD-WAN |
| AstraFACTORY — Other manufacturing | ISO 27001 prep & audit | Endpoint security & EDR |
| AstraSTAY — Hotels & resorts | NABH / NABL / NAAC / RBI / 21 CFR readiness | Backup & disaster recovery |
| AstraCAMPUS — Schools & universities | Custom software development | Mail server hosting with DMARC |
| AstraVAULT — Banking & cooperative finance | Web design & SEO | Server & infra monitoring |
| AstraPRO — CA, law, consulting | CRM implementation | CCTV & physical security IT |
| AstraTRAIL — Small hospitality, tour ops | GeM empanelment & tender response | VPN & secure remote access |
| AstraLAUNCH — Startups & incubators | VAPT & penetration testing | IT asset management & procurement |
| AstraCRM — Sales & Customer Ops | CRM implementation & data migration | Single-tenant private cloud hosting |
| AstraQuery — AI query platform | Compliance documentation as a service | Cloud & on-prem deployment |
Engagement shapes: monthly managed-IT retainers, scoped project work, and tender / GeM responses — tailored to the size and sector of your site.
03
Products: the AstraOS family
Ten sector-specific operating systems plus AstraCRM (cross-sector sales) and AstraQuery (cross-sector AI). Each ships with role-based access, DPDPA-grade consent and audit trails, India-hosted data, and a department-level workflow library. All ten are live and demoable.
| OS | Sector | Highlights | Demo |
|---|---|---|---|
| AstraLIFE | Healthcare — hospitals, clinics, diagnostics | OPD · OT-prep · Pharmacy · Lab · Payroll · Patient self-service rights portal · ABDM/ABHA visual stub · MLC register · PoSH IC · breach register | astralife |
| AstraGMP | Pharma manufacturing | 21 CFR Part 11 audit trail, ALCOA+ data integrity, eBMR / eLog, CSV documentation hooks | astragmp |
| AstraFACTORY | Discrete manufacturing | Work-order, machine, workforce, QC dispatch-hold (clearance), 4 cross-dept workflows, 11 file-backed depts | astrafactory |
| AstraSTAY | Hospitality | 9-dept demo, native service desk, OTA-ready, hardware-protocol stubs | astrastay |
| AstraCAMPUS | Boarding schools + universities | Admissions · Academics · Fees · Hostel · Transport · Library · Infirmary · DPDPA minor-consent gate · printable reports | astracampus |
| AstraVAULT | Banking & cooperative finance | RBI cyber-framework hooks, branch + ATM IT, AML/fraud monitoring | astravault |
| AstraPRO | CA, law, consulting | Document mgmt, legal-hold backup, client portal | astrapro |
| AstraTRAIL | Small hospitality & tour ops | Booking engine, OTA channel manager, café POS | astratrail |
| AstraLAUNCH | Startups | ISO 27001 / SOC 2 readiness scaffolding, founder-grade DPDPA | astralaunch |
| AstraCRM | Sales & customer ops — cross-sector | Pipeline kanban · recon-driven service-pitch · world map + India force graph · activity calendar · single-tenant DPDPA | astracrmtrial |
| AstraQuery | Cross-vertical | Natural-language query over your operational data | astraquery |
Deployment options for every OS: SaaS · on-prem · hybrid. Source-code escrow available on request.
04
Services
Productised wherever possible. We build the playbook once and reuse it across customers — which is why our delivery is predictable and our scope is tight.
Cybersecurity & compliance
- DPDPA 2023 compliance bundle — all sectors, 4–6 weeks
- ISO 27001 internal audit & certification prep — 8–12 weeks
- VAPT (vulnerability assessment + penetration test) — semi-annual recurring
- SOC 2 Type I / II readiness — for B2B SaaS startups
- PCI-DSS for card-payment terminals
- Cyber-insurance readiness audit
Sector-specialist compliance the wedge
- 21 CFR Part 11 audit prep (pharma)
- NABH / NABL IT readiness (healthcare)
- ABDM / ABHA onboarding (healthcare)
- NAAC / NIRF IT documentation (education)
- RBI Cyber Security Framework gap assessment (banking)
- Schedule M Revised compliance bundle (pharma)
- GeM portal empanelment + tender response (govt) — setup + retainer
Custom software & web
- Custom-built sector OS adaptations (AstraOS forks for unique workflows)
- Web design, SEO, GA4 attribution, Google Search Console health
- CRM implementation with GA4 closed-loop integration
- Mobile / tablet companion apps on top of any AstraOS deployment
Documentation-as-a-service
- Policies, SOPs, audit-ready evidence binders — recurring quarterly refresh
05
Managed IT & Infrastructure
The recurring base — what every customer buys monthly. This is what keeps the lights on between projects.
Network & connectivity
- Site Wi-Fi (high-density, captive portal, voucher system)
- Router / switch / AP configuration, segmentation, guest network
- Branch / multi-site connectivity (MPLS, SD-WAN, IPsec)
- VPN + secure remote access — battle-tested in our own stack
Endpoints & security
- EDR, antivirus, patch management, USB/device control
- M365 / Google Workspace tenant admin, MFA, DLP, anti-phishing
- Mailbox migration with zero-downtime cutover
Servers, backup & infrastructure
- Mail server hosting with DMARC tracking — we run our own
- 24×7 monitoring, alerting, capacity planning
- Daily incremental backups with encrypted off-site replication
- Quarterly restore drills — because untested backups are not backups
Physical & on-site
- CCTV / NVR setup, retention policies, remote viewing
- IT asset management, lifecycle tracking, hardware procurement
- On-site response: <4 hour SLA anywhere in HP, Chandigarh tricity, Delhi NCR
Cloud
- AWS / GCP / Azure tenant management, billing optimisation
- Cloud cost-optimisation audit (one-time engagement)
- Hybrid orchestration — your data on-prem, your collaboration tools in the cloud
06
Compliance & trust
What an auditor will ask, and how we answer.
| Their question | Our answer |
|---|---|
| Where is the data stored? | India (Mumbai or Hyderabad region). On-prem option available. |
| Is it DPDPA 2023 compliant? | Consent ledger, purpose toggles, DSR inbox with SLA — built into every AstraOS. |
| Audit trail? | Every record write is logged with actor, timestamp, before/after diff. Append-only. |
| Role-based access? | Per-department RBAC, principle of least privilege, configurable per role. |
| What about a breach? | DPDP §8 72-hour breach register with countdown is shipped in the platform. |
| Encryption? | TLS 1.3 in transit, AES-256 at rest. Backups encrypted with separate keys. |
| Source-code review? | Yes — source escrow and read access for your auditors available on request. |
| Pen-test history? | Internal VAPT every six months. Customer-commissioned pen-tests welcomed. |
Standards we hold ourselves to (and prep customers for):
DPDPA 2023 · ISO 27001 · 21 CFR Part 11 / ALCOA+ · NABH · NABL · RBI Cyber Security Framework · NAAC · PCI-DSS · SOC 2 · HIPAA (HealthTech track) · DGCA (DroneTech track)
07
How we engage
A predictable, four-stage path.
1
Discovery
1–2 weeks
Walkthroughs · scope · proposal
2
Pilot
4–6 weeks
One department or one site
3
Rollout
4–12 weeks
Remaining depts + integrations
4
Run
Continuous
Helpdesk + SLA · quarterly review
Sample engagements we've delivered or are delivering
- Healthcare — AstraLIFE pilot. 11-container clinical stack with OPD, pharmacy, lab, payroll, patient rights portal and DPDPA consent ledger live; ABDM/ABHA visual layer, MLC register, PoSH IC card and 72-hour breach register all shipped.
- Education — AstraCAMPUS deployment. Standalone 4-container stack with 11 departments, RBAC across 6 staff roles, cross-department workflow engine, DPDPA minor-consent gate for a 32-student boarding-school + university demo institution.
- Manufacturing — AstraFACTORY deployment. Standalone stack for a precision auto-component plant with 11 file-backed departments, QC dispatch-hold gate, cross-department workflows, 18 verified endpoints.
- Our own infrastructure as a reference build. We run our own mail server, VPN hub, dual-WAN edge with failover, encrypted off-site backups, and a hardened master site behind a reverse proxy with automated TLS. We can build yours the same way — or better, because we already learnt the lessons.
08
Get in touch
Three ways to take the next step.
1
Request a tailored proposal
Tell us your sector and we'll send the matching product sell-sheet within one business day.
2
Book a 30-minute discovery call
Pick a slot directly from our calendar — no back-and-forth, no obligation.
3
Try a demo
Pick any product slug. Owner-approved access takes under two hours during business hours.
Scan for the live version
Catalogue v1 · last updated 05 June 2026 · the live version at www.astracmits.org/catalogue is always current.