47DynamicsEnterprise MSP Platform
Open Platform Request Demo
Partner Delivery Blueprint

RunGuard + 47Dynamics: hardware operations and software operations in one flow

RunGuard provides field-level hardware services and customer proximity in Romania. 47Dynamics provides the multi-tenant control plane for monitoring, automation, security, compliance, PSA, and commercial operations. Together, we deliver a unified operating model for managed infrastructure contracts.

Division of responsibility

RunGuard delivery scope

  • Hardware maintenance, repair, and replacement operations
  • Endpoint refresh and on-site technical intervention
  • Romanian-language customer operations and support interface
  • Reseller-facing commercial execution and local contract management

47Dynamics platform scope

  • Tenant-isolated monitoring, patching, security, and automation
  • PSA workflows: tickets, work orders, schedules, and SLA evidence
  • Billing and contract governance with audit-linked records
  • Branding APIs for logo, accent color, and customer-facing identity controls

Tenant and access model

Surface RunGuard Access 47Dynamics Control
Partner tenant Own operator roles, scoped customer portfolio, partner workflows Core tenancy boundaries, RBAC policy templates, audit policy
Customer tenants under RunGuard Operational access via delegated roles and contractual scope Isolation, legal controls, data retention, and compliance enforcement
Platform administration No cross-tenant platform admin by default Platform-level admin and security governance remain centralized

panel.runguard.ro domain assessment

What works with CNAME

Yes, CNAME is the correct DNS direction for panel.runguard.ro, but DNS alone is not enough. The edge must also route SNI for that host and present a valid TLS certificate containing panel.runguard.ro.

  • CNAME: panel.runguard.ro -> existing edge hostname
  • Edge SNI route: include panel.runguard.ro
  • TLS SAN: certificate must include panel.runguard.ro

Important identity limitation

Authentication is issuer-bound (Keycloak hostname + JWT issuer URL). If you want a true white-label login on panel.runguard.ro, auth/public host settings must be aligned to that domain, not only redirected.

  • Fast model: canonical auth host + RunGuard tenant branding
  • Full white-label: dedicated partner host alignment for auth and issuer
  • Recommended path: phase rollout (fast model first, full white-label second)

Implementation tracks

Track A: Partner operations now (2-4 weeks)

  • Create dedicated RunGuard partner tenant
  • Apply branding via tenant branding API (logo/accent/invoice/email identity)
  • Assign partner roles and customer-tenant access boundaries
  • Start commercial execution with RunGuard-operated service catalog

Track B: Full white-label domain (4-8 weeks)

  • Enable panel.runguard.ro edge SNI + TLS SAN coverage
  • Align Keycloak public hostname and issuer settings to partner host
  • Update CORS/origins and web runtime environment for partner domain
  • Run auth/cookie/session validation and tenant-isolation regression tests

Move forward with the RunGuard rollout

We can start immediately with tenant onboarding and partner branding, then phase into full domain white-label once edge and identity alignment checks are complete.

Book RunGuard Onboarding Kickoff Open Pricing and Commercials Open Results and ROI