Schlagwörter
Skills
Fähigkeiten, Kenntnisse, Erfahrungen:
Cisco CCIE #23009 Routing & Switching, Microsoft MCSE, CISSP, Checkpoint CCSE, Cisco CCSP, Juniper JNCIP -Security,
20 Jahre Projekterfahrung - PMI PmP, ISEB IS Projektleiter, Prince 2 Foundation, Agile PM
Planung:
+ Ausschreibungsunterstützung
+ Individuelles Netzwerkdesign
+ Projektplanung
+ Konzepterstellung
Realisierung:
+ technische Projektleitung - PMI PmP, ISEB IS PM, Prince 2, Agile
+ Migrationsplanung
+ Prestaging
+ Implementierung
Betrieb:
+ Netzwerk-Review
+ Consulting
+ Fehlerbehebung
+ Problemanalyse
+ Redesign
Technologien:
+SD-WAN, SDN
+Meraki WiFi
+ Riverbed WOS
+ Fortigate Firewalls
+ EIGRP, OSPF, BGP, Multicast, IPv6 und IPv4
+ MPLS, MPLS/VPN, Multiprotokoll-BGP
+ Campus-/Enterprise switching
+ IP-Transit,
+ Multihomed BGP
+ Cisco 7600,
+ Catalyst 6500
+ NX-OS ink NEXUS 7000, 5000, 2000 and 1000 series,
+ HP Procurve – 2610, 2810, 2820,5406zl, 5800, 7000, 12000 series and 6608 routers
+ Sichereit – Arcsight, CheckPoint, Juniper,Arcsight, SSL VPN, ACS, ASA, IDS/IPS
+ Big-IP F5 Loadbalancers – 3900 and 6900
+ Checkpoint, Check Point VSX, Smart Centre Server, Procurve Plus, CiscoWorks,Enteo, NTOP, NIMSOFT
+ VMWare - Installing the VMWare Hypervisor (ESXi), Configuring ESXi, Building Virtual Machines and Installing VMWare Tools.
Projekthistorie
Between February 2018 and today, I analyzed, designed, implemented, migrated and tested a technical solution for the ARLANXEO Network as a Service (NaaS) infrastructure based on a “Cloud First” model using central services provided by Microsoft Azure, SAP and Microsoft O365. The NaaS consisted of the following integrated platforms and components delivered under a managed service model.
- SD-WAN.
- Managed LAN/wLAN and local and global Wi-Fi.
- IP Telephony.
- Managed Security Services
To provide security for local breakout users, the SD-WAN solution was integrated with a cloud based managed security service based on Zscaler Internet Access (ZIA) technology. Integration with Zscaler was through IPsec tunnels within Internet breakouts on SD-WAN routers. The IPsec tunnels connected to Zscaler Enforcement Nodes (ZENs) that sat between the user and the Internet. Traffic from mobile/remote users was forwarded to Zscaler via a lightweight app or an IPsec tunnel file. Zscaler Internet Access Service features were determined by a licence bundle for 4,600 users. The Zscaler Private Access (ZPA) Service replaced an on premise security service such as remote access VPNs provided by Palo Alto GlobalProtect, to avoid backhauling internet traffic to pass through on premise security devices, which would create performance issues. By replacing legacy (IPSec-) VPNs like Globalprotect or Cisco Anyconnect, the Zscaler Private Access (ZPA) Service reduced network complexity and provided secure access for “cloud first” based applications. The ZPA Service also provided access for contractors and partners on a per-user level to specific applications. The ZPA access infrastructure was located across over 20 datacentres globally, whereas policies and customer data was processed in 3 data centres in Europe . The ZPA Architecture included Z-connectors that sat in-front of customer applications in private data centres or the main CSPs.
Created and tested MPLS and Internet Access for Remote sites to integrate with the Managed SD-WAN Service based on Cisco Viptela SD-WAN technology, Telefónica’s IP MPLS backbone and internet access networks and global SD-WAN Gateways using varying Cisco ISR4331, ISR4451 and ISR1001-X routers, Riverbed models: CXA-00570-B120, CXA-00770-B120, CXA-03070-B110, CXA-05080-B010 and a SteelCentral Controller SCC Appliance SCC-01000, Cisco Core Catalyst 6807-XL, 6880_X_LE, 3650/4000-X switches, inclusive of OSPF/BGP routing, VLAN structure, transfer and internal IPv4 and IPv6 subnetting.
The LAN/wLAN was designed using the following elements:
Core Layer: The Core Layer was where the service connects to Riverbed devices and SD-WAN CPE for connection to the SD-WAN. The design includes Meraki MS450-12P Core Switches in a high availability configuration.
Aggregation Layer: The Aggregation Layer joined multiple Access Layer switches and aggregates traffic from the access switches. Sites with two or more buildings and a higher density of users included a core level. Design templates for up to 600 and 1,300 ports followed this principle. Aggregation layer switches will be stacked for redundancy purposes.
Access Layer: The Access Layer was where users connected into the network. Access switches work as a consolidation point for office devices such as PCs, Access Points and printers. Specified Access Points (AP) were Meraki MR45 integrated with the Meraki Dashboard.
Provided Remote support in evenings and weekends when required.
Reisebereitschaft
NRW Gebiet bevorzugt
Sonstige Angaben
1. Member Institute of Electrical Engineers ((MIET(Formerly IEE))
2. Member British Computer Society (MBCS)
3. Member Institution of Electrical and Electronic Engineers (MIEEE) (USA)
4. Chartered Engineer (C.Engineer)
5. Chartered Information Technology Practitioner(CITP)
6. European Engineer (Eur.Ing)
Professional Training
Network Design, Routing and Switching Certifications
1.Cisco Certified Internetwork Expert (CCIE) Routing and Switching CCIE 23009
2.Cisco Certified Network Professional (CCNP)
3.Cisco Certified Design Professional (CCDP)
4.Cisco Certified Network Associate (CCNA)
5.Cisco Certified Design Associate (CCDA)
Service Provider
1.Cisco Service Provider CCIE Written (350-029)
Network Security Certifications
1. CISSP – Certified Information Systems Security Professional
2.Information Systems Security (INFOSEC) Professional – National
Security Agency
3.Cisco Certified Security Professional (CCSP)
4. Cisco Qualified Security Specialist (CQSS1)
5. Check Point Certified Security Expert (CCSE)
6.Check Point Certified System Administrator (CCSA)
7. Checkpoint Certified Managed Security Expert NGX
8.Securify Network Administrator
JUNIPER Networks
1.Juniper Networks Introductory Course 5 day bundle
2.Juniper Networks Certified Internet Associate –ER (JNCIA-Routing)
3.Juniper Networks Certified Internet Specialist-ER (JNCIS-Routing)
4.Juniper Networks Certified Internet Associate -EX(JNCIA-Switching)
5.Juniper FXV Associate (JNCIA-FWV)
6.Juniper Networks Certified Internet Specialist Security (JNCIS-SEC)
Hewlett Packard - ID 21928225
- HP Master ASE - Network Infrastructure [2011].
- HP AIS - Network Infrastructure [2011].
- HP ATP - FlexNetwork Solutions V1.
- HP ASE - Network Infrastructure [2011].
- HP0-Y32 Designing and Troubleshooting Open Standards Networks
- HP0-Y37 Migrating and Troubleshooting HP Enterprise Networks
F5 Networks - F5 Networks BIG-IP LTM 101 – Application Fundamentals
- BIG-IP LTM 201 – TMOS Administration.
1.Avaya Specialist IP Telephony Design
VMWare
- Installing the VMWare Hypervisor (ESXi)
- Configuring ESXi
- Building Virtual Machines and Installing VMWare Tools.
Nortel (inclusive of SDH/DWDM) Certifications
1.Nortel Networks INM (NRM)
2.Nortel Networks TN16X
3.Nortel Networks TN4XE
4.Nortel Networks TN1X
Microsoft Certifications and Training
1.MCSE Vista 2003
2.Configuring Windows Vista Client (070-620)
3.Managing and Maintaining Microsoft Windows Server 2003 Environment (070-290)
4.CompTIA Security SY0-101
5.Implementing, Managing and Maintaining Microsoft Windows Server 2003 Network Infrastructure (070-291)
6.Planning and Maintaining Microsoft Windows Server 2003 Network Infrastructure (070-293)
7.Planning, Implementing, and Maintaining Microsoft Windows Server 2003 Active Directory Infrastructure (070-294)
8.Designing Security for a Microsoft Windows Server 2003 Network (070-298)
Project Management Certifications
1.Certified Project Management Professional (PMP)
2.ISEB Certificate in IS Project Management
3.Member Project Management Institute (PMI)
4.Prince 2 Foundation
5.OU Project Management Course M865
6. Certified Agile PM