Contact details - Khishtandar · Intrusion Detection & Prevention Mechanism, ... Elastix, FreePBX)...
Transcript of Contact details - Khishtandar · Intrusion Detection & Prevention Mechanism, ... Elastix, FreePBX)...
Contact details
Mobile telephone number: (0098) 9123021584
Email address: [email protected]
LinkedIn address: www.linkedin.com/in/khishtandar
Website: www.khishtandar.com
Career objective
An experienced senior level IT consultant with significant design, support,
administration and implementation experience of network projects. Over 10
years of IT experience with full life cycle ICT project experience. Thrives in a
customer focused, multi-site environment. Always meets client demands
and develops good long-term customer relationships.
Current position
Middle East Bank
Senior Network Datacenter and Security Consultant
Cando Higher Education Institute
Cisco and Linux Instructor
Professional Skills / Service Provider Expertise:
Pouya Khishtandar
Network / Cisco /Security /VoIP /Linux /Microsoft /Data Center Architect & Consultant
Project Skills
Project Management & Planning, Preparing RFQ, RFP, LOM, LOS, Detail
Design, ATP, Test & Delivery, etc.
Routing
Static Routing , RIP , RIPv2 , IS-IS , OSPF, OSPFv3, EIGRP, BGP and Multi-
protocol BGP, VRF & VRF-lite, NHRP, IPv6 Routing, Route redistribution
, Multicasting (PIM Sparse/Dense Mode) , EIGRPv6, RIP-ng , IPv6 & IPv4
,NAT ,PAT ,RITE ,OER ,PFR ,PBR ,IRB , CRB, Route Filtering ,
Summarization.
Switching
STP, RSTP, MST, PVST +, 802.1 Q in Q Double Tagged VLANs, CEF, Ether
Channel Protocols, VLAN Trunking Protocols, VTP, GVRP, HSRP, VRRP,
GLBP, SPAN, Stack, Ether channel, LACP, PAGP.
MPLS
MPLS unicast forwarding, MPLS VPN, VRF-lite , LDP, TDP, MPLS-TE .
WAN Technologies
PPP, HDLC, ISDN, DSL, Frame Relay, VPN, METRO-ETHERNET, etc.
QoS
Classification and Marking (CoS, IPP, DSCP & etc ), Congestion
Management and Avoidance (CBWFQ ,PQ ,CQ ,WFQ ,LLQ ,WRED & etc
), Shaping and Policing, Link Efficiency, RSVP, Switch QoS ( WRR - SRR )
Security
Network & Data Center Security Architecture, IPSec, VPN Technologies,
Intrusion Detection & Prevention Mechanism, Hardening Mechanisms,
IOS Firewall, ezVPN, DOS Mitigation, Device Hardening, IOS IPS,
Webvpn, AAA programs ( Cisco Secure ACS , Free-radius, NAP, NTTAC+
) , RADIUS &TACACS+ , NAC ,TCP intercept & etc .
L3 Security Mechanism (IP ACL, RPF Checks, TCP Intercept, CBAC,
DMVPN)
L2 Security Mechanism (Port Security, DAI, DHCP Snooping, IP source
Guard, Dot1x, Storm Control)& etc.
Penetration Testing, Ethical Hacking, etc.
Design
Enterprise Composite Model, IIN, SONA, Top Down Network Design.
Virtualization
Consulting VMware VSphere ESX Solutions, Vcenter, open stack.
VoIP
Signaling Protocols (SCCP, SIP, MGCP, H323), VGateways, Gatekeepers
, RTP , RTCP , Voice Codes , Dial Planning , Other VoIP Features ( Call
Pickup , Call Park , Call Transfer ,Call Forwarding , Intercom ,CDR & etc.
)
Monitoring & Management
Snmpv2c, SNMPv3, IP SLA, Syslog, Net flow, EEM, TCL scripting, NTP,
SDM, CCP.
Specialties & Experiences
Cisco Routers, Switches, Load Balancer:
Experience of Cisco 7600 Series, Cisco 7200 Series VXR, NPE-G2
Routers, Nexus 1000v, 2000 & 5000, Cisco ACE, Cisco Catalyst 6800
Series, Cisco Catalyst 6500 Series, Cisco Catalyst 4500 Series Switches,
Cisco Supervisor Engines SUP/RSP/SIP, Cisco C3750X – 3850X , Cisco
C3560 , Cisco 4900 , Cisco C2960X , Cisco ASR 1000 , Cisco ISR 3800 ,
2800 , 1800 , 4000.
Cisco Security, Management & Monitoring Products:
Experience of Cisco Security Monitoring, Analysis and Response System
(MARS)
Cisco ASA 5500 Series, Cisco Cat 6500/7600 Service Modules like:
FWSM/ASA/IDSM2/NAM/Anomaly Guard/SPA-IPSEC/SSL, Cisco Secure
ACS,
Juniper Security Products
Experience of Net Screen, SSG, ISG, SRX & IDP Series (Screen OS &
JUNOS)
Network Monitoring and Management Systems
Experience of Cisco Prime, Cisco ISE ,CiscoWorks Suite, Solarwinds,
PRTG, MRTG, Cacti, Zabbix, Nagios, Accelops, OSSIM OSSEC and
ManageEngine Products such OPM, NetFlow Analyzer and Security
Manager Plus, etc.
Voice over IP
Experience of CME , CUCM6-11 , CUE ,CU ,Asterisk based programs (
Trixbox, Elastix, FreePBX) , 79XX ip phones, CIPC, CUPS .
Microsoft Services
Experience of Active Directory, CA, WSUS, DNS, IIS, NAP ,etc.
Linux-Based Services
Experience of Squid, Bind, IPTables, Snort, Apache, FreeRadius, RAID
,NFS ,SAMBA ,OpenVZ ,Keepalive ,Postfix ,Sendmail, FreeNAC
,Openldap, OpenCA, Openssh, OpenVPN.
Experience of Industry leaders’ products like Astaro, Fortigate,
Brocade, HP, Foundry, Bluecoat, Huawei etc.
Assisting Corporations & Organizations in Project Management &
Planning, Designing, implementing and maintaining secure and
efficient information technology networks.
Creating networks from scratch or taking an existing one and
enhancing any or all components associated with the business tool.
Evaluating the needs of the client and preparing a detailed document
of what is needed to create a secure networking structure that will
meet those needs.
Deep understanding of Routing & Switching concepts
Deep Understanding of Service Provider related technologies
Experienced in installation and configuration of high-end devices such
as Cisco 12000, 7600 & 7200 routers, Nexus 7k, 5k, 2k and 6500/4500
switches, ACE and Supervisor engines & modules such as RSP720,
RSP16, SUP720, SUP32, SUP2T, CSM, …
Solid hands-on experience in network design, configuration, and
troubleshooting experience with Expert-Level knowledge of
Switching, Routing, WAN, MPLS , Multicast ,and Linux Services
Skills Profile
Teamwork and Leadership
Working at PDK, Vista, Cando and Cybertech Co. demonstrated
excellent teamwork and leadership skills in multiple projects
environment, such as an ability to listen to clients and managers,
perform different roles, support colleagues, share problems, and have
positive attitude to learn from setbacks resulting in promotion.
Effective communication
Able to communicate effectively with a wide range of clients and
colleagues, providing presentation and technical support for users with
varying levels of IT knowledge and competence.
Administration
Excellent ability to plan ahead and manage time effectively, I have
gathered data from a wide range of sources during my dissertation
whilst balancing my other studies, resulting in a 71% grade.
Employment history
2012-2016 - Middle East Bank
Senior Network Consultant
I was invited to cooperate with Middle East Bank 2012 when the Bank
was established, Since the Bank’s IT manager and CEO have known me
from Karafarin Bank (former workplace). My main role was:
Datacenter Design and Implementation
WAN Design and Implementation (Connectivity between branches and
datacenter all over the county)
Design and Implementation connectivity between Bank and IRAN
Central Bank and Ministry of Economic Affairs and Finance (Iran)
Infrastructure Security Design and Implementation based on Cisco
SAFE and ISMS
Training IT staffs to support and maintain Network and Troubleshooting
I was on call 24 hours a day to Troubleshoot advanced problems, During
These years I ‘ve attended IT weekly meetings with IT managers and
staffs and I’ve given solutions for on demand changes continuously.
2012-2015 - SAIPA YADAK (saipayadk.org)
SAIPA is one of the biggest Automaker Company in Iran. When they
invited me to cooperate in case of wrong Design they were experiencing
Downtime and low availability, since they had more than 5000 branches
all over the country they needed optimization. In order to solve the
problem I redesigned the network and with BGP and DMVPN
Implementation and providing redundancy for devices, I optimized the
network. With the changes I made availability reached to 99.998% per
year.
Design and implementation of VMware/Citrix
Configuring Cisco Catalyst 3650, 2960, 4500, 6500, 3750 series
switches, Cisco 878, 1841, 2811 Routers
Implement Linux based services – BIND, Apache, squid cache, nginx &
etc.
Configuring Juniper SSG 550, IPS 240, SRX 550.
Switching configuration, administration, and troubleshooting.
Installing, managing and supporting Active directory (DNS, DHCP,
Domain), Mail servers (Exchange, Mdeamon, Qmail), and Wireless
networks
Configuring 802.1X Port-Based Authentication for wired and wireless
networks
Assisting with writing procedures and documentation such as
troubleshooting guides.
2013 - China National Petroleum Company (Tehran Branch)
Senior Voice Consultant
North Azadeghan Petroleum Domain Project
2010-2012 - Hekmat Iranian Bank (http://www.hibank24.ir/)
Hekmat Iranian Bank has more than 200 branches all over the country
and I Designed and Implemented Datacenter and WAN.
Datacenter design based on Cisco datacenter infrastructure documents.
Managing & Administrating Country Wide Scale WAN in “Gateway
Project” Between more than 200 Points on 4 different Type of
Communication Platform such as Fiber, Intranet, Internet & VSAT with
Cisco & Juniper Products. Design MPLS network with traffic
engineering features.
Task Including Designing, Implementing, Maintenance and
Troubleshooting complex BGP and Routing structure. Also
Implementing QoS with Prioritizing, CBWFQ, LLQ , features for Part
of Network to Transporting VoIP Traffic.
2010-2011 - Karafarin Bank (http://www.karafarinbank.ir)
Senior Network Consultant WAN
I was responsible to redesign, optimize, Troubleshooting of their
network.
2009-2010 - Tehran University of Art (http://www.art.ac.ir)
Network, Security, Datacenter Consultant
Redesign and optimization connectivity between University faculties.
Configuring Cisco Catalyst 3750 , 4900 , nexus 1k , 5k series switches,
Cisco 878 , 1841 , 2811 , 2911 , 3845 Routers
Troubleshooting network problems.
2008-2010 - Pars Dadeh Kavosh ( http://www.pdkco.ir)
Technical Manager
Technical management of a group globally dispersed consultants and
engineers providing strategic planning and delivery of a range of
network solutions, working with the team and with the customer,
typically within strict deadlines, to ensure projects are delivered on time
and to a very high standard.
Working as a consultant and in technical sales, providing design and
installation of a range of complex network setups, to deliver LAN,
WLAN and WAN security, redundancy and performance. Design
Engineering to provide high-level design documentation followed by
configuration of Cisco Routers, Switches, ASAs, MARS, IPS, IDS,
VoIP, Content Services Switches and Wireless equipment & etc.
Technical manager, Technical consultant, and implementer in different
Projects such as:
2009-2010 - Ministry of Industries and Mines (Iran)
Senior Network Consultant Virtualization
2010 - Ardebil Governor
Video Conferencing
2010 - IRAN Khodro
Video Conferencing
2010 - Lorestan Imam Khomeini Relief Foundation
(www.emdad.ir/lrs)
WAN
2009-2010 - Bid Boland Gas Refinery Complex (www.nigc-
bidboland.ir)
Design and Implement Campus WAN
2009 - Ministry of Health and Medical Education IRAN (Salamat
Complex)
Consultant Design Implement
2009 - Noshahr Port And Maritime Organization
(http://www.pmo.ir)
Consultant Design Implement
2009 - The Organization for research and Composing University
Textbooks in the Humanities (SAMT organization)
(http://www.samt.ac.ir/)
Consultant Design Implement
2009 - Asia Insurance (http://www.bimehasia.com)
Consultant Design Implement
2009 - Kish Chips Company (http://www.MazMaz.net )
Consultant Design Implement
2009 - Research Institute of Petroleum Industry (www.ripi.ir/)
Consultant Design Implement
2008-2009 - Mazandaran Meli Bank (http://www.bmi.ir)
Consultant Design Implement
2008 - Tehran University of Medical sciences faculty of dentistry (
dentistry.tums.ac.ir )
Consultant Design Implement
2008 - Golestan Hospital
Consultant Design Implement
2008 - Islamic Azad University Karaj Branch
(http://www.kiau.ac.ir)
Consultant Design Implement
2008 - Kohkiloye Boyerahmad Telecommunication
(http://www.TCKB.ir)
Consultant Design Implement
2008 - Lorestan Governor
Consultant Design Implement VOIP
2008 - Karaj Municipality (http://www.karaj.ir)
Consultant Design Implement
2008 - Construction and development of Transportation
Infrastructures Company
2008 - Ministry of Interior (Iran) (http://www.moi.ir)
VOIP
2008 - Ministry of Interior (Iran)
WAN
2006-2008 - Pars Dadeh Kavosh ( www.pdkco.ir )
Technician
Projects:
2007 - Hormozghan Governor
WAN
2006 - Road Maintenance and Transport Organization Video
Conferencing (http://www.rmto.ir)
2006 - Governor of Semnan province: Semnan state Governor
network ( 300 users in central office, 10 WAN connectivity )
(http://www.ostan-sm.ir)
2005 - Azaran Pelastic Company (http://www.azaran-plastic.com/)
Administrating Microsoft-based network, Implementing Security
using ISA, Implementing Virtualization using vSphere ESX.
2005 - Momtaz Pelastic Company (http://www.momtaz-
plastic.com/)
2005 - Ministry of Roads & Urban Development
(http://www.mrud.ir/ )
Projects
2014-2015 - Mobile Communication Company Of IRAN
Senior Network Consultant
VOIP in contact center (Troubleshooting)
MCI is the biggest Mobile Telecommunication company in IRAN with
approximately 17 million postpaid and 49 million prepaid subscribers.
In addition to solve VOIP problem I did some Redesigns in Datacenter.
2014 - National Iranian Oil Refining and Distribution Company
Senior Network consultant
They had some security concerns, I redesigned and Optimized network
security and codified Security Strategy document.
2012 - IRISL Group (www.irisl.net )
VoIP Consultant
Spearhead design, development, and implementation of asterisk based
voip programs.
2012 - Darou Pakhsh Company (http://www.dpdcir.com)
Senior Network Consultant LAN and WAN
Training Experiences
Experience of over 11000 hours of Teaching Cisco , Microsoft , Linux & CEH
Courses at Cando higher education institute (www.cando.ac) ,Cybertech (
www.cybertech-ir.com ) , Vista ( www.networkacademy.ir ) ,and DPI”ex
IBM” ( www.dpi.ir ) :
CCNA & CCNP & CCIP ~5000 Hours
CCIE R&S ~3000 Hours
CCNA Voice ~600 Hours
CCNA Security & CCNP Security ~600 Hours
CCVP ~600 Hours
LPIC1&2 ~800 Hours
CCDP ~200 Hours
MCSE 2012 and MCITP ~Hours 300
ITIL , ISMS , Cobit ~200 Hours
CEH & Penetration Testing ~ 300 Hours
Certifications
CCIE R&S (Written)
http://www.pearsonvue.com/authenticate
Registration ID: 227946707
Validation Number: 177339327
CCIE Sec / CCIE Voice (Written)
CCNP (ROUTE, SWITCH, TSHOOT, ISCW, ONT) / CCIP / CCSP / CCDP/
CCVP
CCNA (csco11268769) / CCNA Security / CCDA / CCNA VOICE
Cisco ASA Specialist / Cisco Firewall Security Specialist
Cisco Data Center Architecture Design Specialist (CDCADS)
Cisco Data Center Networking Infrastructure Design Specialist
(CDCNID)
Cisco Security Solutions and Design Specialist (CSSDS)
CEH (EC Council Certified Ethical Hacker)v8 / CISSP
MCSE / MCITP / MCSE2012/ LPIC 101,102/LPIC 201,202 / ITIL /
ISMS/Cob
Education
Bachelor Of Science
June 2013
Computer Hardware Engineering
Islamic Azad University, Tehran Central
Publications
Analysis of Voice over IP Codecs
(B.Sc. Thesis - October 2012)
Languages
English
Persian (native)