Skill Set Synopsis

NETWORK SUPPORT
  • 3rd Line Operational Support to Global networked environments
  • Network and Team technical management
  • Network Security, Firewall configuration, rule-base policies
  • Secure DMZ Lan / Wan network topologies
  • Network re-engineering and expansion to facilitate new technologies
  • IPSec VPN and secure remote access topologies
  • Collapsed core and large scale network design for medium and large scale enterprises
  • Specification and procurement and deployment of network infrastrucuture and security devices to enterprise scale global commercial and global banking enterprises
NETWORK SECURITY
  • Defence-in-Depth topologies via all layers OSI
  • Operational use of Websense and Bluecoat web proxies
  • Penetration testing, firewall testing, and perimeter hardening
  • Advanced protocol handling, access control lists, content and URL filtering
  • IPsec Crypto Maps, Transform sets, authentication, AES Encryption
  • Cisco ASDM, Wireshark, Cisco Prime WLAN management, Solarwinds Professional Network management, IP Netflow,  Cisco Secure Access Control, other SNMP based network analytics
  • High level and low level network design and documentation
  • Network management of IP address space, subnet allocation, subnetting, NAT/PAT and experience of obtaining IP4 space
  • Firewall Security
  • PCI Analysis and Compliance and monitoring of security policies
  • Configuring SSL, Secure Shell, Encryption security payload, authentication header and other security protocols
  • Baseline Monitoring and network defence
ROUTING
  • Implementing and resolving issues within Path Vector, link state and distance vector routing protocols
  • Resolving path selection problems, route optimisation, controlling updates, loop avoidance, asymmetric routing and suboptimal forwarding, bandwidth conservation
  • IP summarisation, supernetting, subnetting, implementing and optimising variable length subnet subnet masking
  • Route maps, route redistribution within multi-protocol networks, multiple path load-balancing, network address and port translation configurations, WAN routing, encrypted network tunnelling via VPN technologies
SWITCHING
  • Multi-layer switching (MLS) with Cisco Catalysts (45xx, 5000, 6500), Cisco Express Forwarding (CEF), Autonomous Switching, Distributed Switching
  • Net flow and PFC, MSCF, RSFC, Supervisor engines
  • Troubleshooting data-link interconnectivity, Trunking , ether channelling, virtual network segmentation, general broadcast radiation and collision containment and facilitation of interVLAN routing
  • Layer 2 Spanning Tree / Pagp / Virtual Port channeling
    Switch block design, layer 4 Quality of service and traffic shaping & queuing techniques
  • Design of High Availability networks (Access, Distribution, Core / Collapsed Core models)
NETWORK TROUBLESHOOTING
  • Ethernet, LAN/Campus/Wan/DMVPN fault resolution /IPsec VPN
  • Application reachability, process and application latency, firewall / access list misconfiguration, congestion, excess broadcast and collision issues, inappropriate design, general routing errors, physical / logical circuit failures
  • Troubleshooting at all OSI layers
  • WAN circuits,  leased line, MPLS, Frame Relay and ATM and all other general TCP / IP /  connectivity issues such as routing loops, redistribution problems, asymmetric routing, traffic latency, congestion and sub-optimal routing
  • Cisco debug, network packet analysis, resolution to IP addressing and DNS/WINS issues, software and hardware and cabling faults, routing and switching problems
  • Use of probes and SPAN port analysis
WAN AND REMOTE ACCESS SERVICES
  • IPsec VPN / Citrix CAG,  UAG ForeFront Direct Access,  Checkpoint Nokia VPN, Citrix CAG / VDI
  • Configuring and trouble shooting LAN/WAN
  • Remote access and site to site Virtual Private Networks
  • Deploying bandwidth on demand, circuit failover, diverse routing, co-sepracy designs
  • Installing and monitoring bounded and wireless technologies
  • Secure remote access for network access control
  • MPLS,  Frame Relay, LES (LAN Extender Service), BT Frame stream, IPASS Roam server, Cisco VPN concentrators, and other LAN technologies
NETWORK APPLICATION AND SERVER RESILIENCE
  • Enhancing network resilience through design (Load balancing, avoidance of single point of failure, hardware and circuit redundancy, and multi-path diverse-routing techniques)
  • High availability methodologies including GLBP, HSRP and VRRP and statefull failover
  • Configuring resilience at Layer 2 and Layer 3 (STP and routed multiple equal cost paths) and various clustering, fail-over and load balancing technologies for web servers routers and firewalls
  • Web server NAT- TCP load distribution
  • Redundant links & spanning tree protocol with uplink fast and portfast
  • Seperacy and co location design for resilience, disaster recovery, business continuity
SECURE NETWORK DESIGN AND MANAGEMENT
  • Experience of specifying, purchasing and deploying routers switches, firewalls Also full technical design, IP addressing and configuring of Cisco equipment
  • Capacity testing, integrating fault tolerance, load balancing, resilience, and failover systems (HSRP, VRRP, GLBP)
  • Resolving network issues; network monitoring, threshold alerts, historical trend analysis, and Root Cause analysis with SMARTS software (System Arts), Network Management Service platforms and other analysis tools
  • Cisco centric tools i.e. Debug (access list filtered to reduce bandwidth/CPU hit), IP accounting, IOS based data gathering
NETWORKING KNOWLEDGE INCLUDES
  • Wide range of Cisco routers, supervisor engines and switches from access to core level, including 800, 1600, 2600, 3600 Multi Access, 4000, 5500, 6509, 7200, 7500 to IGX ATM switches
  • Access servers, VPN Concentrators, Radius SHIVA, TACACS, Nokia Checkpoint Firewall, Cisco ASA, SideWinder Enterprise Firewalls, SMARTS, Net screen
  • BlueCoat, Surf control, WebSense, N2H2, CiscoSecure Access Control, HP Open view, Cisco Campus Manager, Vlan Director, CiscoWorks, Cisco View, Info Vista, Link View Analyser, MRTG Big Brother, NetCool
  • RMON, IP Sentry, BindView EMS, NFS Maestro, Netcool, Clarify, Protocol Analysers, and other LAN/WAN network management including intelligent real-time SNMP management products
  • Terminal servers, VNC, FTP / SSH / Telnet, DNS / WINS, DHCP
  •  Load balancer, content filters, and other network security, diagnostic and reporting tools
OPERATING SYSTEMS
  • Nexus, Win/Unix/FINESSE/Linux/IOS platforms & environments including SET based & Hybrid Cisco Internet Operating Systems, ASDM, Checkpoint and other vendor command line interface and GUI based interface permutations

Comments are closed.