Mohammad Moghaddas, Network Consultant / Solutions Architecht


IP geek with recognized strengths in designing, implementing and supporting Enterprise IP network infrastructures and security solutions. Massive experience of Routing, Network Security, and Service Provider technologies. Able to troubleshoot and optimize legacy and new network designs. Successfully maintains professionalism and personal commitment with excellent communication and people skills with the ability to train, motivate and supervise a team.

Work Experience

Network / Security Consultant at AT&T:
Based on a contract with Hortor Limited, I work for AT&T as a Network and Network Security Consultant, and at the moment involved mainly in "CSC" Network Solution Architecture projects and Operations for Vattenfall, which is a huge European Energy provider.
      • Involved in delivery of Network Projects' activities across different technologies and products such as:
            o Pan European Networks across multiple countries including UK, Germany, Sweden, Netherlands, Poland, Denmark, and Finland
            o Fully redundant high available Data Centers and DC interconnections
            o MPLS VPN, L2VPN, Multilevel vPC, Enhanced vPC, MP-BGP, OSPF, EIGRP, etc.
            o Cisco Nexus 7k, 5k, 2k, Catalyst 6500, 4500, 3850 Switches
            o Cisco 7600, 7500, 7200, 3900, 3800, 2900 Routers
            o Checkpoint Firewalls
            o F5 Load Balancing solutions based on BIG -IP products
      • Dealing with incident-based trouble tickets and Service Requests
      • Taking care of the root cause analysis and fault resolution
      • Providing operational support, problem management, design input, change related activities and project implementation
      • Design input for Customers Data Networking infrastructure
      • Project implementation of Network infrastructures in line with AT&T standard offerings
      • Investigation into and resolution of incidents relating to AT&T managed network infrastructures
      • Technical Architecture in the design process and ensuring that AT&T standards are being met and followed
      • Providing technical leadership for the account with regards to the deployed Network infrastructure
      • Pro-active management of the estate to ensure compliance to AT&T Network best practice and standards

Senior Network Engineer at ProfitBricks GmbH:
ProfitBricks is a “Cloud Computing 2.0” IaaS provider delivering world's first, true virtual data center, enabling users to customize instances with live vertical scaling and class-leading double redundant cloud storage – all with simple and transparent minute-based billing, using the first graphical Data Center Designer that makes the ProfitBricks Cloud Computing service the easiest to setup and maintain. My responsibilities include but are not limited to:
      • Conceptualizing and supporting the Network for a high performance, worldwide distributed Cloud Hosting in Data Centers based in Karlsruhe, Frankfurt and Las Vegas
      • Co-responsible to ensure maximum availability, scalability and Network Security of the infrastructure
      • Supporting further development of the high performance Network (InfiniBand, 10G and 40G)
      • Creating professional and meaningful documentation of the Network
      • Responsible for the verification and continuing maintenance of existing documentation
I did a main project to redesign Inter-DC routing:
      • Redesigning inter-DC routing based on BGP, utilizing various BGP features and attributes including weight, Local-preference, AS_PATH and MED
      • Implementing highly available routing by multi-path implementation and creating at least four redundant paths to each destination
      • Implementing route damping to stabilize the connectivity
      • Optimizing BGP convergence by BFD implementation

Network/Security Consultant & Architect at Aivivid ICT - SE:
Aivivid® is an innovative Information and communication technologies company based in Stockholm, Sweden, providing innovative content delivery solutions and ICT related consulting. My role is to provide remote project-basis consultancy in Data Center Network & Security architecture, utilizing Cisco recommended design architectures including VMDC, ASR 1K6, ASA5500, CAT6509 and VS-S720-10G to provide the best content delivery solutions.

Network & Security Consultant at Iranian Red Crescent Society:
IRCS is one of the widest organizations in Middle East which provides non-profit health services. The network includes more than 1500 national branches and 50 international branches worldwide. My role is to provide consultancy in Network and Security design, cooperate in maintaining a highly available, secure and efficient IT infrastructure, and assisting in evaluation and selection of contractors for different Network and Security related tenders. My tasks involves designing and configuring cutting edge technologies including but not limited to Cisco and Juniper best practices such as:
      • Cisco Catalyst 6500, 3750-X and 2960-X series switches
      • VSS and MEC design and implementation (VS-S720-10G)
      • Edge and DC security design utilizing Juniper SSG series and HA implementation, plus ASA service modules
      • Proposing Cisco ASA 5500-X series to implement VoIP security and implementing UC proxy for remote VoIP users

Network/Security Consultant & Architect at MCCI:
MCCI is the first Mobile Communications service provider in Iran, AKA "Hamrah-e-Avval", with over 16 million postpaid and over 18 million prepaid subscribers. The network is formed by different scenarios such as IPBB, WAN and etc., utilizing high-end devices (such as 7600, 7500, 7200, 3800, 2800, 6500, Nexus series, etc.), different layers of security all over the edges of network utilizing Firewalls, and new brand switches and technologies in Data Centers. My role here was to architect Network/Security solutions to meet MCCI's needs resulting in network optimization and maintaining a secure IT infrastructure. These includes projects such as VRF-lite design to reach connectivity over MCCI-IPBB, Migration of current network to MCCI-IPBB, OSPF redesign based on best practices, Security design and hardening the access to MCCI network and etc.

Consultant & Supervisor at Ma Insurance (Mellat of Iran):
Consulting in IP Telephony design and supervisory of VoIP implementation project. The projects was designed based on CUCM 8.6, Unity Connection and UCCX. Besides the main IP Telephony system, designed features include Contact Center, Fax Server, IVR, Auto-Attendance, SRST and Voice Mail.

VoIP Consultant at 13 Aban Pharmacy:
2 months contract role for Iran largest pharmacy. Consulting in IP Telephony design utilizing CUCM 8.6 and Unity Connection. Besides the main IP Telephony system, designed features include IVR, Auto-Attendance, SRST and Voice Mail.

Chief Technical Officer (CTO) at HomaTelecom:
HomaTelecom is an IT Service Provider company, known for Internet and Data Center services. Concerned with long-term and "big picture" issues, overseeing development of new technologies (of various types), focused on technology integral to products being sold to customers or clients. Teaching in-house Cisco courses (CCNA, CCNP, and CCIP) to internal departments. Leading a team of Network and Security Administrators, responsible for the entire IT operations in the company. These operations include --but are not limited to- network, security, applications, and data center. Also I managed different projects which you can find below.
      • HomaTelecom Data Center: HomaTelecom Data Center is designed to be a TIER 2 DC, offering hosting & housing services to clients. Besides of being the project manager and integrating different parts of the project, I designed the Network and Security policies of the DC utilizing CAT6509, ASAM, Juniper ISG2000, 3750 and 3560 switches. Also cooperated with sales department in getting the service packages ready.
      HomaTelecom VoIP: We was in need of an IP telephony system. So we designed and implemented Cisco Voice solutions in integration with our Panasonic PBX system, using 2821 router, and CUCM 8.6, UCCX, Unity Connection, plus implementation of CIPC, Jabber and integration with Lync and MS Exchange.
      HomaTelecom WAN redesign (OSPF, BGP, PfR): I redesigned the WAN utilizing OSPF, BGP and PfR best practices and implemented on 7609S+RSP720, 3945 and 2921, to make the IP flow more efficient and having High Availability routing between different Internet & Intranet UpLink providers, based on required policies and SLAs.
      HomaTelecom IXP: Design and implementation of HomaTelecom Internet Exchange Point in order of peering and route exchanging with other Service Providers of country and make the Internet bandwidth usage more efficient. Thus, the internal traffic of the country between the peered providers is not routed through their Internet uplink. We designed and implemented a route-server/client scenario. The results is accessible via HomaTelecom Looking Glass or one of our route-server-clients.
      • Middle East (Khavarmiyane) Bank: The project was defined to select HSM security device aligned with the policies of Middle East Bank, Low-Level Design and basic implementation of the device. Based on the researches and evaluations I did, Thales PayShield 9000 became the choice. My role was to manage the project and my tasks included but not limited to preparing LOM, LOS, LLD and ATP.

Senior Network/Security Engineer & Architect at DPI (Ex IBM of Iran):
DPI is the best graded IT Company in Iran, which was a branch of IBM in Middle East some years ago. My role is to provide solutions, design and implement enterprise technologies and configuring high-end devices such as Nexus series, 6500 switches, 7600 and 12000 routers. I have alos participated in different enterprise projects which you can find below.
      • Iran Space Agency (ISA): Configuration of different Network & Security high-end devices and modules, and implementing related technologies, including Cisco Catalyst 6509 (VSS, FWSM, IDSM), Cisco 7606S Router (IPSec VPN SPA), Juniper ISG2000, Juniper IDP800, Cisco ACE4710, Cisco Nexus 5010 plus Nexus 2148 as FEX, and etc. (vPC, Fabric Path)
      • Tabriz Municipality: Design and Implementation of IDC & WAN
      • MCI (Mobile Communication Company of Iran): Design and Implementation of network technologies (Billing Center)
      • TDRT (Tehran Transportation): WAN Design, Proposal & LOM preparation
      • TIC (Telecommunication Company of Iran) Provincial Aggregation: Preparing ATP & configuring GSRs & 7600 Routers, 4500 Switches
      • ICT National Datacenters project (Tabriz, Esfehan, Bushehr, Tehran): Preparing ATP & Implementation of Network & Security (configuring ACE, 7600 routers, 6500 switches and related service modules, etc.)
      • Central Bank of Iran (CBI), PKI/CA Project: Design and implementation of Cisco well-known IDS/IPS module, IDSM-2 and Access Control System appliances, Cisco ACS-3415

Senior Network Manager & Engineer at HomaTelecom:
Managed WAN & LAN policies, Designing infrastructure based on new demands and technologies, Migrating from EIGRP and RIPv2 routing protocols to an OSPF multiple area network design. Interconnect through BGP to the other existing departments. Upgrade from 3550 series switches to Cisco 6509 Catalysts. 3rd. level support for both LAN (Gigabit Ethernet) and WAN. I have also participated in different projects which you can find below. HomaTelecom Environment: Cisco 7609S, RSP720, FWSM, IDSM, NAM, CAT6509, 2811, 3845, etc.
      • Audit & Evaluation of Iran National Telecommunication Infrastructure Company (TIC)
      • QoS implementation for Amirkabir University E-Learning & Online classes
      • VRF implementation for Internet Connectivity, IRISL (Iran Shipping Lines)
      • Complex BGP routing design & implementation for "Sordp" of Iran

Senior Network Engineer at Iran Post Company:
Managing WAN policies, redesigning WAN based on demands, Implementing Security using Juniper ISG2000, Configuring NAM, CSM and FWSM on Cat6513, Cooperating with the team of Datacenter maintenance

WAN Administrator at City Bank:
4 weeks contract role. Cooperating with a team in redesigning a live and sensitive routing infrastructure with over 300 nationwide, Migrating from Static routing and RIPv2 to an optimized EIGRP network. Securing WAN connections utilizing IOS Firewall mechanism and Cyberoam UTMs.

Administrator at Cisco in Persian Forum:
CCNP Club Administrator

Network Administrator at Astan Qods Razavi:
Administrating Microsoft-based network (about 2500 clients), Implementing Security using Linux IP-tables and ISA, Implementing Virtualization using vSphere ESX

Network Technician at College Computer:
Network Support, Routers and Switches configuration, Network Documentation and etc.


Journalist at JameJam Newspaper:
Writing Persian articles related to Network, Cloud Computing, Virtualization & SDN/OpenFlow for Click weekly issue
      • Introduction To Cloud Computing, Click 418 – April, 21, 2013
      • Introduction to SDN/OpenFlow, Click 419 – April, 28, 2013
      • Green Data Centers, Click 420 - May, 5, 2013
      • The Future of Data Centers, Click 421 - May, 12, 2013
      • Network Management & Monitoring, Click 423 – May, 26, 2013

Cloud Computing and the effects on NGN processes

ITPF2010, Iran December 15, 2010
ITPF2010 was one of the first conferences in Iran, which Cloud Computing was one of its main topics.
My paper which was accepted in this event, was a detailed overview of Cloud Computing, its structure and hierarchy, and describing how Cloud Computing affects the Information Technology era.

Seminar: Introduction to SDN/OpenFlow
Informatics Society of Iran & Research Institute for ICT July 2012
My seminar was the first event regarding SDN/OpenFlow in Iran.
I tried to present a detailed overview of what is SDN/OpenFlow, the ongoing evolution of the technology in the world of Networks, explaining its benefits in the research field, describing different applications of SDN in real-world, and experiments in Stanford University and GENI.

Seminar: Cloud Computing in Social Networks
The first Iran National Event of Cloud Computing, CloudTech2013
My seminar was the first idea of utilizing social networks to reach cloud computing features.
I described a summary of social networks and cloud computing, and then started a deep dive in the integration between these two phenomenon to gain computing power based on the trust in friendship


• CCIE SP(w), CCIE Sec.(w), CCIE R&S(w)
• CCSE (Check Point Security Expert)
• CCSA (Check Point Security Certified)
• PaloAlto AC Engineer
• HE IPv6 Sage
• Brocade vRouter Engineer
• Rackspace CloudU Certificate
• Cyberoam Network/Security Professional
• CCNA Voice, CCDA, CCNA Security, CCNA


Persian: Native or bilingual proficiency
English: Full professional proficiency
German: Elementary proficiency
French: Elementary proficiency
Arabic: Elementary proficiency