Network / Security Consultant
Based on a contract with Hortor Limited, I work for AT&T as a Network and Network Security Consultant, and at the moment involved mainly in "CSC" Network Solution Architecture projects and Operations for Vattenfall, which is a huge European Energy provider.
• Involved in delivery of Network Projects' activities across different technologies and
products such as:
o Pan European Networks across multiple countries including UK, Germany, Sweden, Netherlands, Poland, Denmark, and Finland
o Fully redundant high available Data Centers and DC interconnections
o MPLS VPN, L2VPN, Multilevel vPC, Enhanced vPC, MP-BGP, OSPF, EIGRP, etc.
o Cisco Nexus 7k, 5k, 2k, Catalyst 6500, 4500, 3850 Switches
o Cisco 7600, 7500, 7200, 3900, 3800, 2900 Routers
o Checkpoint Firewalls
o F5 Load Balancing solutions based on BIG -IP products
• Dealing with incident-based trouble tickets and Service Requests
• Taking care of the root cause analysis and fault resolution
• Providing operational support, problem management, design input, change related activities and project implementation
• Design input for Customers Data Networking infrastructure
• Project implementation of Network infrastructures in line with AT&T standard offerings
• Investigation into and resolution of incidents relating to AT&T managed network infrastructures
• Technical Architecture in the design process and ensuring that AT&T standards are being met and followed
• Providing technical leadership for the account with regards to the deployed Network infrastructure
• Pro-active management of the estate to ensure compliance to AT&T Network best practice and standards
Senior Network Engineer
at ProfitBricks GmbH:
ProfitBricks is a “Cloud Computing 2.0” IaaS provider delivering world's first, true virtual data center, enabling users to customize instances with live vertical scaling and class-leading double redundant cloud storage – all with simple and transparent minute-based billing, using the first graphical Data Center Designer that makes the ProfitBricks Cloud Computing service the easiest to setup and maintain.
My responsibilities include but are not limited to:
• Conceptualizing and supporting the Network for a high performance, worldwide distributed Cloud Hosting in Data Centers based in Karlsruhe, Frankfurt and Las Vegas
• Co-responsible to ensure maximum availability, scalability and Network Security of the infrastructure
• Supporting further development of the high performance Network (InfiniBand, 10G and 40G)
• Creating professional and meaningful documentation of the Network
• Responsible for the verification and continuing maintenance of existing documentation
I did a main project to redesign Inter-DC routing:
• Redesigning inter-DC routing based on BGP, utilizing various BGP features and attributes including weight, Local-preference, AS_PATH and MED
• Implementing highly available routing by multi-path implementation and creating at least four redundant paths to each destination
• Implementing route damping to stabilize the connectivity
• Optimizing BGP convergence by BFD implementation
Network/Security Consultant & Architect
at Aivivid ICT - SE:
Aivivid® is an innovative Information and communication technologies company based in Stockholm, Sweden, providing innovative content delivery solutions and ICT related consulting.
My role is to provide remote project-basis consultancy in Data Center Network & Security architecture, utilizing Cisco recommended design architectures including VMDC, ASR 1K6, ASA5500, CAT6509 and VS-S720-10G to provide the best content delivery solutions.
Network & Security Consultant at
Iranian Red Crescent Society:
IRCS is one of the widest organizations in Middle East which provides non-profit health services. The network includes more than 1500 national branches and 50 international branches worldwide.
My role is to provide consultancy in Network and Security design, cooperate in maintaining a highly available, secure and efficient IT infrastructure, and assisting in evaluation and selection of contractors for different Network and Security related tenders.
My tasks involves designing and configuring cutting edge technologies including but not limited to Cisco and Juniper best practices such as:
• Cisco Catalyst 6500, 3750-X and 2960-X series switches
• VSS and MEC design and implementation (VS-S720-10G)
• Edge and DC security design utilizing Juniper SSG series and HA implementation, plus ASA service modules
• Proposing Cisco ASA 5500-X series to implement VoIP security and implementing UC proxy for remote VoIP users
Network/Security Consultant & Architect
MCCI is the first Mobile Communications service provider in Iran, AKA "Hamrah-e-Avval", with over 16 million postpaid and over 18 million prepaid subscribers.
The network is formed by different scenarios such as IPBB, WAN and etc., utilizing high-end devices (such as 7600, 7500, 7200, 3800, 2800, 6500, Nexus series, etc.), different layers of security all over the edges of network utilizing Firewalls, and new brand switches and technologies in Data Centers.
My role here was to architect Network/Security solutions to meet MCCI's needs resulting in network optimization and maintaining a secure IT infrastructure. These includes projects such as VRF-lite design to reach connectivity over MCCI-IPBB, Migration of current network to MCCI-IPBB, OSPF redesign based on best practices, Security design and hardening the access to MCCI network and etc.
Consultant & Supervisor at Ma Insurance (Mellat of Iran):
Consulting in IP Telephony design and supervisory of VoIP implementation project. The projects was designed based on CUCM 8.6, Unity Connection and UCCX. Besides the main IP Telephony system, designed features include Contact Center, Fax Server, IVR, Auto-Attendance, SRST and Voice Mail.
VoIP Consultant at 13 Aban Pharmacy:
2 months contract role for Iran largest pharmacy. Consulting in IP Telephony design utilizing CUCM 8.6 and Unity Connection. Besides the main IP Telephony system, designed features include IVR, Auto-Attendance, SRST and Voice Mail.
Chief Technical Officer (CTO) at
HomaTelecom is an IT Service Provider company, known for Internet and Data Center services.
Concerned with long-term and "big picture" issues, overseeing development of new technologies (of various types), focused on technology integral to products being sold to customers or clients. Teaching in-house Cisco courses (CCNA, CCNP, and CCIP) to internal departments.
Leading a team of Network and Security Administrators, responsible for the entire IT operations in the company. These operations include --but are not limited to- network, security, applications, and data center. Also I managed different projects which you can find below.
• HomaTelecom Data Center: HomaTelecom Data Center is designed to be a TIER 2 DC, offering hosting & housing services to clients. Besides of being the project manager and integrating different parts of the project, I designed the Network and Security policies of the DC utilizing CAT6509, ASAM, Juniper ISG2000, 3750 and 3560 switches. Also cooperated with sales department in getting the service packages ready.
• HomaTelecom VoIP:
We was in need of an IP telephony system. So we designed and implemented Cisco Voice solutions in integration with our Panasonic PBX system, using 2821 router, and CUCM 8.6, UCCX, Unity Connection, plus implementation of CIPC, Jabber and integration with Lync and MS Exchange.
• HomaTelecom WAN redesign (OSPF, BGP, PfR):
I redesigned the WAN utilizing OSPF, BGP and PfR best practices and implemented on 7609S+RSP720, 3945 and 2921, to make the IP flow more efficient and having High Availability routing between different Internet & Intranet UpLink providers, based on required policies and SLAs.
• HomaTelecom IXP: Design and implementation of HomaTelecom Internet Exchange Point in order of peering and route exchanging with other Service Providers of country and make the Internet bandwidth usage more efficient. Thus, the internal traffic of the country between the peered providers is not routed through their Internet uplink. We designed and implemented a route-server/client scenario. The results is accessible via HomaTelecom Looking Glass or one of our route-server-clients.
• Middle East (Khavarmiyane) Bank: The project was defined to select HSM security device aligned with the policies of Middle East Bank, Low-Level Design and basic implementation of the device. Based on the researches and evaluations I did, Thales PayShield 9000 became the choice.
My role was to manage the project and my tasks included but not limited to preparing LOM, LOS, LLD and ATP.
Senior Network/Security Engineer & Architect
at DPI (Ex IBM of Iran):
DPI is the best graded IT Company in Iran, which was a branch of IBM in Middle East some years ago. My role is to provide solutions, design and implement enterprise technologies and configuring high-end devices such as Nexus series, 6500 switches, 7600 and 12000 routers. I have alos participated in different enterprise projects which you can find below.
Iran Space Agency (ISA): Configuration of different Network & Security high-end devices and modules, and implementing related technologies, including Cisco Catalyst 6509 (VSS, FWSM, IDSM), Cisco 7606S Router (IPSec VPN SPA), Juniper ISG2000, Juniper IDP800, Cisco ACE4710, Cisco Nexus 5010 plus Nexus 2148 as FEX, and etc. (vPC, Fabric Path)
Tabriz Municipality: Design and Implementation of IDC & WAN
MCI (Mobile Communication Company of Iran): Design and Implementation
of network technologies (Billing Center)
(Tehran Transportation): WAN Design, Proposal & LOM preparation
TIC (Telecommunication Company of Iran) Provincial Aggregation:
Preparing ATP & configuring GSRs & 7600 Routers, 4500 Switches
ICT National Datacenters project (Tabriz, Esfehan, Bushehr, Tehran):
Preparing ATP & Implementation of Network & Security (configuring ACE, 7600 routers,
6500 switches and related service modules, etc.)
Central Bank of Iran (CBI), PKI/CA Project: Design and implementation of Cisco well-known IDS/IPS module, IDSM-2 and Access Control System appliances, Cisco ACS-3415
Senior Network Manager & Engineer at
Managed WAN & LAN policies, Designing infrastructure based on new demands and technologies, Migrating from EIGRP and RIPv2 routing protocols to an OSPF multiple area network design. Interconnect through BGP to the other existing departments. Upgrade from 3550 series switches to Cisco 6509 Catalysts. 3rd. level support for both LAN (Gigabit Ethernet) and WAN. I have also participated in different projects which you can find below.
HomaTelecom Environment: Cisco 7609S, RSP720, FWSM, IDSM, NAM, CAT6509, 2811, 3845, etc.
• Audit & Evaluation of Iran National Telecommunication Infrastructure Company (TIC)
• QoS implementation for Amirkabir University E-Learning &
• VRF implementation for Internet Connectivity,
IRISL (Iran Shipping Lines)
• Complex BGP routing design & implementation for
"Sordp" of Iran
Senior Network Engineer at Iran Post Company:
Managing WAN policies, redesigning WAN based on demands, Implementing Security using
Juniper ISG2000, Configuring NAM, CSM and FWSM on Cat6513, Cooperating with the
team of Datacenter maintenance
WAN Administrator at City Bank:
4 weeks contract role. Cooperating with a team in redesigning a live and sensitive routing infrastructure with over 300 nationwide, Migrating from Static routing and RIPv2 to an optimized EIGRP network. Securing WAN connections utilizing IOS Firewall mechanism and Cyberoam UTMs.
Cisco in Persian Forum:
CCNP Club Administrator
Network Administrator at Astan Qods Razavi:
Administrating Microsoft-based network (about 2500 clients), Implementing Security
using Linux IP-tables and ISA, Implementing Virtualization using vSphere ESX
Network Technician at College Computer:
Network Support, Routers and Switches configuration, Network Documentation and etc.