de
Keywords
Extreme Networks
watchguard
MLAG
Ethernet/VLAN/VXLAN
Ubiquiti
Firewall
IPsec VPN
Meraki
VRRP
pfsense
captive portal
Consulting
Netzwerkadministrator
OpnSense
OpenVPN
Bintec
Third Level Support
Second Level Support
Network Migration
SSL-VPN
Aruba
VPN
IT-Consulting
Network Engineer
Network Infrastructure
Skills
IT-Skills – Networkadministration
LAN / WLAN / WAN
Extreme Networks (EXOS)
HPE / Aruba
Bintec Elmeg
Ubiquiti
TCP/IP – OSI-Layer
Protocols
Hardware
Cable management and OSI layer1
Monitoring
Network tools
Security
Firewall Watchguard
Firewall OPNsense / PfSense
Microsoft
Windows
IT Service Management
(ITSM) Tools
Digital Signage
CMS
LAN / WLAN / WAN
Extreme Networks (EXOS)
- Complete migration of any existing network infrastructure to Extreme Networks
(redesign, consulting, conceptual design, architecture, documentation and practical implementation) - Switches (X440-G2/X450-G2/X460-G2 / aggregations/core switches X620, X670-G2, X690)
- XMC/Netsight/Extreme Management Center (updates/upgrades and automated backup of switch configurations)
- EXOS patching (firmware patch management/backups)
- ExtremeCloud IQ APs (AP510C/CX, AP305C/CX)
- ExtremeCloud IQ Private PSK – PPSK
(Cloud Config Groups (CCG) / User-Profiles (UP) / User-Groups (UG) /
Classification Rules (CLASSRULES) / Assignment Rules (ASSIGNRULES) - ExtremeCloud IQ WPA-2/3-Personal
- ExtremeCloud IQ Captive Portal (Guest WLAN)
- OOB (Out-of-Band)-Management
- ACL (Access-Control-List) – OSI-Layer2/3 Security
- Certificate handling – SSH (Private-/Public-Key)
- ExtremeXOS License Management
HPE / Aruba
- Switches (1910/1920, 2530/2540/2930F, CX6100/6200/6300)
- WLAN APs (Aruba AP 505)
- Aruba AirWave
Bintec Elmeg
- WLAN APs (W2022ac, W2022ac-ext, W2022ax, W2044ax)
- WLAN Management Controller – Router (RS123, RS123w, RS353a, RS353aw, RS123w-4G)
Ubiquiti
- UniFi AP's (AP AC HD, AP AC PRO)
- UniFi Network Controller Windows Server
- Captive Portal (Guest network)
TCP/IP – OSI-Layer
Protocols
- IPv4 / DHCP (+Snooping) / DNS / NTP / RSTP / LACP / LAG / SSH / VLAN /
(T)FTP / (S)FTP / SNMPv3 / HTTP / HTTPS / POP3 / SMTP / IMAP / NAT /
VRRP / MLAG / non-ethernet Stacking / LLDP / CAPWAP / STP / ELRP /
SMBv1-v3 / SSDP / LLMNR / BROWSER / NBNS / WPAD / mDNS
Hardware
Cable management and OSI layer1
- Transceiver / GBICs / DAC (SFP / SFP+ / SFP28 / QSFP+ / QSFP28)
- OM4 / OS2 fiber optics (Shortrange (SR) / Longrange (LR))
Monitoring
Network tools
- CheckMK (Open Source – Nagios Core Fork)
- PRTG Network Monitor
- Datadog
Security
Firewall Watchguard
- Static/Dynamic-NAT / Firewall Policy Rules / Port Forwarding / Multi-WAN /
Firecluster / LAGG / LACP dynamic/static / DynDNS / Static Routing - Watchguard Logserver
- Watchguard Server Center
- Watchguard System Manager
- Firewalls (M370, M470, M670, M690 +Legacy XTM models)
- Watchguard SSL-VPN Client
- Mobile VPN (Route-All/Split-Tunneling OpenVPN SSL-Client-to-Site VPN)
- Branch Office VPN (IPSec Site-to-Site VPN IKEv1 and IKEv2)
- Access / User-Management
Firewall OPNsense / PfSense
- Static/Dynamic-NAT / Firewall Policy Rules / Port Forwarding / Multi-WAN /
Link-Aggregation / LACP dynamic/static / DynDNS (DDNS) / BIND / DNSCrypt /
Traffic Shaping / Dnsmasq DNS / Unbound DNS / Static Routing - Access / User-Management
- Local certificate authority (CA-Trust)
- HA-Cluster (CARP / pfSync / XMLRPC sync)
- Deciso: OPNcentral
- GitHub and GitLab Git – Configuration traceability
- Captive Portal (Guest VLAN network)
- Mobile VPN (Route-All/Split-Tunneling OpenVPN SSL-Client-to-Site VPN)
- Branch Office VPN (IPSec Site-to-Site VPN IKEv1 and IKEv2)
Microsoft
Windows
- Windows Server (2012 R2 / 2016 / 2019)
- Exchange Server 2013
- Exchange Online
- Pleasant Password Server (KeePass rollout / Authorization concepts)
- 1Password Password Manager
- LAPS (Local Administrator Password Solution)
- IIS Hardening (HTTP Response Headers / Session Cookies / HTTPS Redirect / IISCrypto)
- Fine-Grained Password Policy via PSO (Objects) inside Password Settings Containers (PSC)
- On-Prem AD FS Single-Sign-On (SSO) for Orginio as Relying Party Trust via SAML (Organigram)
- Microsoft (IPAM) IP Address Management
- PDQ Deploy / Matrix42 Deployment
- AD DS / LDAP / DC / GPO's
IT Service Management
(ITSM) Tools
- Atlassian-Confluence / MS Planner / Asana
- Atlassian-JIRA / Freshservice / osTicket / BMC Remedy / Cherwell
- Teams / Outlook / Excel / Thunderbird / Slack / Innovaphone
- MS Visio / Diagrams.net / Miro
- Portable PuTTY / Pageant / Wireshark / Nmap
Digital Signage
CMS
- Scala Enterprise Content Manager
- ZetaDisplay Engage+
Project history
10/2022
-
03/2023
Fielmann AG - Ensuring web display troubleshooting in Fielmann branches
Fielmann AG
(>10.000 employees)
Consumer goods and retail
- 100%-Remote performed testing and troubleshooting of digital signage
(web display) incident reports in over 700 branch offices using
Aruba AirWave network analytics in 3rd-Lvl support
- Coordination of service providers and in a leading role mainly responsible
for the coordinated troubleshooting of mass faults
- Support contact for the rollout of the new Engage+ software
to 700+ sites distributed across Europe
05/2022
-
07/2022
Chal-Tec Fulfillment GmbH - Network migration and hands-on implementation
Chal-Tec Fulfillment GmbH
(50-250 employees)
Internet and Information Technology
- 100%-remote performed network migration from a network based on D-Link and STP
without VLANs, to a network based on Watchguard M670 fireclusters,
Extreme Networks X690 core, X670 aggregation and 40+ X450/X460-G2
access switches with VLANs, VRRP and MLAG without noticeable interruptions (<30 minutes)
- Planning, documentation and project management with Asana, MS Teams,
MS OneDrive Cloud Storage and Draw.io/diagrams.net
11/2021
-
02/2022
Berlin Brands Group - Network redesign, IT procurement and hands-on implementation
Berlin Brands Group
(1000-5000 employees)
Internet and Information Technology
- 100%-remote performed complete network redesign, IT procurement and hands-on implementation
of two warehouse network infrastructures using Watchguard M670 Firecluster,
Extreme Networks X690 Core, X670 Aggregation and 50+ X450-G2 Access switches
- Planning and project management with Asana, MS Teams and MS Outlook
07/2019
-
11/2021
Berlin Brands Group - Network redesigns
Berlin Brands Group
(1000-5000 employees)
Internet and Information Technology
- Sole project responsibility for network redesigns of all 10+ sites and rollout of split-tunneling OpenVPN
to achieve remote work within 2 weeks due to COVID-19 pandemic.
- Configuration of the ExtremeCloud IQ instance for 70+ access points and the necessary config templates via provisioning.
06/2019
-
07/2019
DKB Service GmbH - Connecting hardware and network documentation
DKB Service GmbH
(1000-5000 employees)
Banks and financial services
- Connecting hardware and network documentation of two data centers
06/2017
-
06/2019
Chal-Tec GmbH - IT design, budget planning, procurement
Chal-Tec GmbH
(500-1000 employees)
Internet and Information Technology
- Sole project responsibility for IT design, budget planning, procurement and subsequent system connectivity, documentation
and administration of 6+ sites (offices, warehouses, data centers) in Germany, Slovakia and China using 20+ Watchguard Firewalls
and 100+ Extreme Networks switches for 800+ employees.
- Implemented VLANs and link aggregation LACP bonds in the warehouse based on
HP 1920 and HPE 2540 switch hardware resulting in over 90% reduction in incident-tickets
09/2014
-
06/2017
Deutsche Telekom AG - Corporate operation: 2nd Lvl APS-Helpdesk
Deutsche Telekom AG (T-Systems Workplace Services)
(>10.000 employees)
Internet and Information Technology
- Captive Portal (WLAN guest) conceptual design and rollout of the OPNsense firewall appliance
for the replacement of the EoL M0n0wall appliance
04/2016
-
05/2016
Deutsche Telekom AG - Language travel: 1st Lvl WLAN Helpdesk
Sosmatic S.L.
(10-50 employees)
Telecommunications
- Technical customer support for WiFi malfunctions in public places for all devices
and operating systems (Android / Apple / Linux)
- Resolving internal faults via e-mail and telephone
- Multicultural/multilingual work environment
Certifications
„DEKRA IT-Spezialist Profil IT Administrator“
DEKRA Certification GmbH
2017
Exam Pass „Implementing Cisco IP Routing (ROUTE)“
Cisco
2017
„(ESC) / Unternehmerführerschein (UF) Modul UP“
InnoCert Deutschland GmbH
2016
„telc English B2 University (Council of Europe level B2)“
telc GmbH - The European Language Certificates
2016
„Working in Europe (WIE)“
European Commission
2016
„Cisco Certified Network Associate Routing & Switching (CCNA)“
Cisco
2016
Local Availability
Only available for remote work
• Available from Monday - Sunday (At any time of the day or night). (Even at short notice in case of emergencies).
• More than 8 hours of work per day is also perfectly fine if certain deadlines must be met.
• No willingness to travel available (Only Full-Remote).
In 2022, I think, initial training periods needed for any kind of IT support,
CLI/SSH configurations on the network or, for example, web configurations on the firewall
must also work fully remotely thanks to VPN.
• More than 8 hours of work per day is also perfectly fine if certain deadlines must be met.
• No willingness to travel available (Only Full-Remote).
In 2022, I think, initial training periods needed for any kind of IT support,
CLI/SSH configurations on the network or, for example, web configurations on the firewall
must also work fully remotely thanks to VPN.
Other
• Mailo professional liability insurance available.
• Invoicing is done by my US company "Abroadpeer LLC".
• Bank transfers are also possible via any other currency by arrangement.
• Invoicing is done by my US company "Abroadpeer LLC".
• Bank transfers are also possible via any other currency by arrangement.
