the ument Jeffrey

Document Sample
the ument Jeffrey Powered By Docstoc
					                                  Jeffrey J. Sicuranza
                                        171 Willowood Dr.

 This word document was downloaded from the website:, please
                remain this link information when you reproduce , copy, or use it.
 <a href=''>word documents</a>

                                      Wantagh, N.Y. 11793

Professional technology consultant with a strong and diverse background in enterprise network
architecture, design, planning, upgrading, securing, implementation and troubleshooting with an extensive
understanding of application systems and their cohabitation requirements on enterprise networks.

Over twenty years of computer industry experience in the professional disciplines of Business &
Technology Consulting, Data Communications Engineering, Project Management, Systems Analysis and
Design, Programming, Compliance, Executive Management, Systems Engineering/Integration, Business
Analysis, Sales and Marketing. Background includes Enterprise Network Architecture design, planning,
implementation, and troubleshooting. Has demonstrated experience as a team leader and/or member
within all levels of management, including technical staff and clients. Extensive project management
experience in network and application based integration projects.

Skills and background:
Technical experience and knowledge encompasses many product areas and technologies, some
including are: enterprise network infrastructure and Internet/Intranet design, IBM, CISCO, ORACLE, SAP,
Microsoft, Novell, Frame-Relay, DPT/SRP, SONET, Gigabit Ethernet, Ethernet(all variants), C/DWDM,
UNIX/LINUX, TCP/IP, IPX, Token-Ring, FDDI, VLANs, Spanning Tree protocols(RST/MST and legacy),
VTP, MLS, VPNs, MPLS, IPSec, DS/OC technologies, Wireless 802.11a/b/g/n, Wireline/Wireless
Broadband, RF and Spectrum analysis, IPv6, Multicast, VoIP, VoWifi, H323, SIP, SIP Soft phones, SIP
servers, QoS, Data Encryption, SNMP, Routing protocols(EIGRP, RIP, BGP, OSPF) network
management solutions, SNMP, network and application performance modeling, protocol and traffic
analysis using protocol analyzers(sniffers) from Agilent, Network General to Wireshark plus data and
network security. SCADA systems running DNP v.3 over IP analysis and design. Vast, detailed and
applied experience with many legacy and current networking, server, workstation and application
technologies. Possess understanding of basic electrical and thermal engineering concepts plus circuit
analysis and design.

Enterprise network and distributed applications planning specialist who performs in-depth, hands-on
planning, engineering, implementation, upgrading and troubleshooting of enterprise level LAN/MAN/WAN
based networks. Responsible for providing network architecture and design recommendations plus
strategic planning of complex inter-networked WANs, LANs, MANs and wireless LAN/WANs. Experience
working with applications, servers and workstation systems with an emphasis on performance, scalability
and flexibility. Experience integrating Distributed Client/Server, ERP/CRM, Internet, Intranet, security, and
E-commerce solutions into existing networks. Provide strategic and tactical direction to IT executives and
directors with regards to applying technology to business requirements. Work closely with application
developers, business analysts and end user customers to ensure sound design and implementation of
new or expanding systems.

Functional Experience:
Business and Technical Analyst

   Provide management and technology industry consultation to corporate CEO, CIO and corporate legal
   Provide network analysis and design consulting services to a diverse clientele.
   Provide in-depth network and application troubleshooting services to a diverse clientele.
   Provide business and technical guidance to a diverse clientele.
   Apply structured disciplines that include design considerations for LANs, WANs, MANs Intranets and
    Internet access.
   Perform in-depth structured analysis on all components of a LAN or WAN system to determine
    considerations for designs and supply statistical data to enforce considerations that provide insightful
    strategic or tactical direction.
   Provide application and network performance analysis for SLA compliance and determination.
   Analyze all types of networks from a technical and business perspective plus provide detailed results
    that join business needs with technological feasibility.
   Analyze client business rational to assist client in making strategic and tactical decisions relating to
    their ERP, CRM, B2B, E-commerce, Client/Server and legacy systems investment.
   Assist clients as a business and technical consultant by analyzing enterprise business or specific
    business processes and technical attributes relative to the client’s overall plans.
   Perform in-depth technical research based on design factors; considerations and statistical data
    reared from analysis to properly size and select products and services that meet the client's
   Supply recommendations and options for selection and sizing of all hardware, software and services.
   Provide economical cost of return(ROI) and residual asset value information on new or existing
    technology assets deployed.
   Analyze right sizing plans and provide detailed recommendations that provide direction and scope to
   Provide ideas and plans to implement best practices to solving technical related issues.
   Provided guidance on how to continually utilize current network infrastructure assets to their fullest

Project Management

   Provided high level and hands on Project Management services for over 200 IT projects utilizing skills
    developed from experience and PMI methodologies.
   Managed several high visibility integration projects with budgets from 50k to 10 million.
   Successful completion of many right-sizing projects by providing strategic and specific direction for
    migration of legacy based systems to Client/Server, ERP and E-commerce.
   Managed teams of consultants and engineers to obtain, qualify, manage and close system integration
    projects for a major systems integrator.
   Provided technical direction and assistance to systems engineers and team members.
   Provided logistical project direction and outline project risk impact attributes on client systems.
   Built temporary teams of engineers and project managers for large scale outsourcing projects.
   Developed new and reviewed existing legal documents and Statements of Work pertaining to
    Information Technology projects.
   Define and assign all staffing resources for large-scale integration projects.
   Created and/or reviewed all project budgets, plans and logistical information pertaining to IT projects.
   Coordinated resource information between many different corporate departmental layers to ensure
    project objects and tasks are clearly communicated and assigned.
   Created process flow structure on all project life cycle based procedures.
   Submitted monthly and quarterly Profit and Loss(P&L) reports pertaining to projects and resources
   Managed up to 35 projects simultaneously in a six-month period for a major NYC financial institution.
   Created and developed job descriptions for staff augmentation.
   Conduct all business and technical interviews for staff additions.

General Technical

   Solved many complex LAN/WAN/MAN issues related to operational, design or manufacturer oversight
    that resulted in mitigated outage time and financial impact to the client.
   Designed and built numerous homogeneous and heterogeneous network infrastructures for clients
    over the past 17years.
   Migration of routing protocols for several enterprises.
   Perform in-depth forensic protocol/traffic analysis against WEB based, ERP, two and three tier
    Client/Server, proprietary, and Legacy applications.
   Conduct network security audits and traffic analisys.
   Apply network protocol or operating system tuning methods to infrastructure components to maximize
    component’s lifecycle and to meet performance or SLA requirements.
   Developed application impact performance modeling application for a Fortune 500 client.
   Developed Network Operations Policies and Procedures with an emphasis on MAC, problem
    escalation and reporting.
   Provide RDBMS consulting pertaining to network tuning, optimizing and development of different
    RBMS platforms.
   Provide impact analysis on deployment of ERP, E-commerce, B2B, and two/three tier Client/Server
    systems on existing infrastructure.
   Authored many technical solution and White Papers.
   Designed Help Desk problem escalation process, procedures and policies.
   Developed Network Operations Center (NOC) process, procedures and policies.
   Developed Network Management strategies and policies.
   Implemented Network management systems for enterprise networks.
   Provide Year 2000 infrastructure and Client/Server consultation.
   Provide Disaster Recovery planning and testing assistance to clients.
   Developed Network and Information Security policies and procedures for Fortune 500 clients.
   Participated in many pre-production QA analysis and proof of concepts projects.
   Created technical training material and mentor network support personnel on general network
    problem isolation, troubleshooting and protocol/traffic analysis.
   Created Wireless security audit reports for a variety of clients
   Participated in several Wireless protocol analyzer beta programs by providing operational feed back
    for product improvement.
   Architect Wireless LAN/WAN solutions.
   Familiar with SCADA system analysis and upgrade over IP based networks.
   Provide consultation regarding Metro Ethernet technologies.
   Experience in basic electrical engineering circuit design and analysis
Employment history:
Employment                             Title/Role                            Date
Applied Methodologies                Principal Consultant                5/08 – Present
Consolidated Edison                  Sr. Consultant                      10/07 – 4/08
TAM/Redwood Toxicology               Sr. Consultant                      8/07 – 9/07
New York Life                        Sr. Consultant                      11/06-12/06
Consolidated Edison                  Sr. Consultant                      1/05 – 10/05
Applied Methodologies                Principal Consultant                9/02 – 12/04
Netstream                            Sr. Consultant                      5/02 – 8/02
Consolidated Edison                  Sr. Consultant                      4/01- 4/02
Applied Methodologies                Sr. Consultant                      11/00 – 4/01
Tender Loving Care                   Sr. Consultant                      10/00-11/00
New York Life                        Sr. Consultant                      9/98 – 10/00
Canon USA                            Sr. Consultant                      5/97 - 9/98
Philip Morris USA                    Technology Planning Advisor         1/97 – 4/97
MCI International                    Sr. Consultant                      10/96--1/97
NAB Construction                     Sr. Consultant                      9/96 –10/96
Chase Auto Finance                   Sr. Consultant                      3/96 – 9/96
AT&T/Chase Bank                      Sr. Project Manager/Engineer        9/94 – 3/96
NETLAN                               Sr. Network Architect               1/94 – 8/94
ENTEX Information Systems            Sr. Systems Consultant              4/91 –1/94
Various Technology Companies         Systems Engineer                    1984 – 1991

Education and Professional Certifications:

Education:     Empire State College (S.U.N.Y.) Computer Science

Industry Certifications:

      Cisco Certified Network Professional           Cisco Certified Design Professional
       (CCNP)                                          (CCDP)
      Certified Wireless Network                     ORACLE MASTER for Oracle 7 DBA
       Professional (CWNP) CWNA and
      Certified Network Expert (CNX)
      ORACLE MASTER for Systems                      NOVELL Certified NetWare Engineer
       Analyst CASE                                    (CNE)
       Pine Mountain Group Certified Network             Project Management Institute (PMI)
        Analyst                                               Member
       Agilent Internet Advisor Protocol                 Hewlett Packard Hubs, Bridges and
        Analyzer                                              Routers
       Synoptics Lattisnet Network                       IBM TOKEN RING and OS/2 LAN
        Management System                                     Server
       EICON X.25 Routers                                Apple LAN Literacy
       Over 35 additional certificates relating to various IBM technologies

                              Recent Professional Achievements

Applied Methodologies, Inc.

      Developed an IT based alternate energy generation solution to assist data centers in
       reducing their power consumption costs. Currently involved in the following processes:
       patents, prototype development, business planning, market analysis and venture capitalist

Consolidated Edison:

      Construction Oversight Manager for communication room construction projects for new
       electrical Transmission or Distribution Substations in the NYC area. Provided Project
       Management services, Project Management mentoring to new PMs assigned to IT
       substation projects and conducted communications room build out compliance oversight to
       ensure that all communication rooms within a substation meet ConED’s and National
       Electric Code technical and safety standards. Provide communication between the IT and
       construction teams to ensure that all critical redundant optical voice and data networks are
       operational prior to substation start up. Drafted and enforced several project and
       compliance related processes.

TAM Corporation/Redwood Toxicology:

       Hired as the lead remote troubleshooting consultant for a medical screening company.
        Worked with overseas developers, local network engineers and business management to
        resolve an application upgrade transaction issue. The new application was experiencing
        performance issues and timing out thus causing a backup in screening applications. Work
        was conducted remotely to analyze packet traces of SQL transactions to determine if the
        application or the network was the cause. Also, outlined potential points to upgrade and
        tune for all components(servers, client PCs, middleware, routers, switches, medical data
      acquisition equipment) involved in each screening transaction. Coordinated all
      troubleshooting activities remotely to isolate and resolve the issue.

New York Life

     Conducted a Radio Frequency(RF) and general wireless security audit for the investment
      division of New York Life. The audit covered RF leak point analysis, spectral analysis,
      rouge workstation and access point identification, cell size analysis, packet encryption and
      general 802.11 traffic/protocol analysis to determine the security issues present. A
      detailed report was submitted which outlined all issues observed with recommendations.

Consolidated Edison

     Created a Quality of Service(QoS)strategies White Paper to provide strategic
      recommendations regarding QoS planning and implementation in the enterprise. This
      document outlined the following areas regarding QoS for their enterprise: general
      introduction to QoS concepts(DiffServ/IntServ) and internal QoS reference, strategic
      recommendations regarding QoS planning and implementation, various device,
      application and protocol matrixes to facilitate planning, audit results of Cisco based
      network components to determine their QoS capabilities, QoS architecture design
      considerations and principals, identification of candidate QoS applications, identified and
      tested QoS tools to for DOS mitigation and security uses, outline several QoS models,
      details of QoS solution based on the models, introduction to ConEd’s custom command
      line and menu based QoS tool set, recommended deployment approaches, outline of
      QoS management tools, outline of troubleshooting tools and methods plus include initial
      lab result findings for pre-deployment planning. A custom IOS command line and menu
      based QoS tool set to facilitate testing, deployment and support of QoS commands and
      protocols for the network support staff was developed.

      This document was an all encompassing, strategy, plan and “how to” guide to assist
      ConEd in deploying and managing QoS across its enterprise network to support a call
      center disaster recovery VoIP based system and upcoming enterprise wide VoIP and
      Video deployments.

     Was hired by ConEd’s legal department during last minute subsidiary sale negotiations
      to provide industry based subject matter expert opinion, facts and research for ConEd
      regarding Metro Ethernet, MPLS and MST technologies to help ConEd make a decision
      regarding a multimillion dollar Metero Ethernet carrier subsidiary transaction. Conducted
      research, held interviews and provided the legal representatives facts and testimonial
      regarding Metro Ethernet business trends, technology and case studies. Attended several
      high level meetings with CEOs, and legal representatives from all interested parties to
      present and provide research findings and testimonial on such technologies and industry
      trends. This information was critical to ConEd to render a decision and direction in
      regards to a pending subsidiary sale transaction.

     Upgrade enterprise headquarters’ Catalyst 6500 based core backbone from Supervisor II
      to Supervisor 720 modules and convert configuration from Hybrid to Native. My role was
      project manager and engineer for entire project. This project was required to position the
      enterprise core to utilize new fabric enabled SFP based line cards for additional port
      density, enhance server farm support, provide IOS based feature consistency and
      advance features such as QoS, security, MPLS, plus use of fabric enable modules and
      advanced fabric switching modes for increased stability and throughput. Selected
      hardware, upgraded fans, reviewed current and new line card power and firmware
      revisions to ensure all modules worked together with the new supervisor and IOS
    Manually converted backbone software configuration from Hybrid “set” command line port
    based to IOS interface based and resolved cross core switch and various different
    redundant access layer switch, Etherchannel, Trunk, Spanning-Tree Protocol, HSRP,
    Vlan related negotiation and configuration issues resulting from different access layer
    switch platforms with different versions connecting to a new IOS based core.. Identify all
    cross core switch and router uplink EIGRP neighbor relationships and plan for expected
    EIGRP neighbor, convergence and routing state changes during the phases of the
    upgrade. All configurations were developed and tested on a similar core switch in a lab
    and checked for accuracy before deployment. Pre and post upgrade state diagrams were
    created to provide support staff easier planning and troubleshooting references.

    A detailed migration and multi scenario roll-back procedure was drafted, rehearsed with
    all support groups to ensure a transparent upgrade was completed successfully according
    to schedules ratified by management.

    This upgrade work entailed a physical migration of supervisor modules, some line card
    restacking and minor cable changes independent of each core switch with no impact to
    the business operation. A physical operational flip state from one supervisor model to the
    other of each switch was used to mitigate impact to the network and user community.

    A final disaster recovery test of both switches was also conducted to determine how the
    IOS based Core will behave in the event of a switch failure. This test provided critical
    information on the behavior of the core and for the network support staff to reference
    regarding how network management, routing protocol, core switch and floor recovery
    actually behave if a real issue arises.

   Provide support for enterprise wide DWDM optical MANs. Identify any issues with
    Dynamic Packet Transport and 802.17 Resilient Packet Rings(RPR) and Spatial Reuse
    Protocol(SRP). Identify SRP neighbor wrapping status and wrapping sequence to support
    staff and test for Intelligent Protection Switching(IPS) tuning options. Implement SRP
    advanced fail over protocol, Single Ring Recovery(SRR), to provide an extra level of
    redundancy of the DPT ring in the event of a wrapped ring experiencing a second fiber
    failure on any channel. Identify, troubleshoot and resolve Cisco 10720 DPT router
    platform and IOS issues relating to SRP priority levels for QoS, NBAR, and SRR. Tested
    failover speed and behavior of SRR using a 10720 lab and soft phone based Voice traffic
    to determine voice quality impact of a double fiber ring failure. Tested EIGRP Bidirectional
    Fail Over(BFD) to determine if feature is applicable for use on the DPT routers and
    upgraded Catalyst core switches.

   Provide in-depth hands on consulting and mentoring to engineers responsible for the
    upgrade of a major electric control Supervisory Control and Data Acquisition(SCADA)
    network. Provide network upgrade architecture guidelines and migration approaches.
    Outlined issues of simplifying the network from a static routed, with RIP and NAT Frame-
    Relay based network experiencing stability and configuration management issues to a
    simpler more secure, scalable and dynamic network using, HSRP, EIGRP and IPSec.
    Also outlined the issues and approaches on how to migrate a live IP based SCADA
    network from one architecture to another with no impact to the Electric Operations control
    centers. Identify critical application issues and behavior relating to the timing impact of
    electrical grid control and polling processing packets relying on Dynamic Network Protocol
    functions running over TCP/IP. Identify several application level bugs relating to the TCP
    stack handling of DNP on GE’s DMS 200 Master Terminal Units(MTU) it’s Ethernet,
    TCP/IP stack and redundancy limitations and bugs and corresponding Remote Terminal
    Units(RTU). Ensured the migration covered what exactly is an application layer issue and
    what is a network layer issue and what issue type causes what response so critical control
    center personnel know exactly what to expect on the SCADA system if any of the network
    components between MTUs and RTUs on the IP network fail.
       Identify and document packet level decodes of the application and network’s use of DNP
       3.0 protocol and TCP. Trained engineer on how to capture DNP packets and what to look
       for when symptoms suggest an application issue. Suggested the use of DNP simulation
       software for the SCADA lab so future DNP testing over an TCP/IP and Cisco based
       network can be accomplished without the initial need for an expensive RTU, master
       station and trained SCADA personnel to be present in the lab.

      Developed a low cost distributed protocol analysis solution to save the ConEd almost half
       a million dollars that would have been spent on a commercial solution. This solution
       consisted of shareware analyze software, Windows terminal server or VNC for remote
       control and using existing company assets for the remote network connectivity pods.
       Created a web based portal page so network support staff, via a browser can access any
       remote analyzer anywhere in the enterprise. The analyzers had from one to multiple
       10/100/1000 Ethernet adapters and were connected to multiple switches. The analyzers
       were initially deployed in a pilot program to strategic locations in the enterprise. The use
       of Ethereal and Packetyzer provided ConEd the tools to obtain detailed traces of
       application issues, conduct basic VoIP RTP jitter analysis and monitor the network for
       security issues. The saved trace files can also be uploaded to the company’s licensed
       Sniffer applications. This pilot proved that the network support staff can have low cost,
       easy to manage and scale distributed protocol analysis solution without spending
       hundreds of thousands of dollars on a commercial system which would have had only
       10% of its capabilities used.

      Provide day to day high level support of the network infrastructure and routing protocols.
       Provide mentoring to staff members and guidance to new members.

      Provide industry trend consulting to management regarding the considering of utilizing
       MPLS on their core enterprise backbone to cut costs for voice circuit switch trunking and
       cross control center SCADA traffic flow through. I created an MPLS lab mimicking their
       core backbone, but running MPLS, for the network support staff to utilize for further
       research into the subject.

      Tested and evaluated Berkeley Varitronics Systems(BVS) Yellowjacket spectrum analysis
       and wireless security tool.

Applied Methodologies, Inc.

   Provide ongoing management consultation and technical support to a diverse set of
   enterprise clientele in regards to network infrastructure changes, routing protocol issues,
   Cisco IOS enhancements, network security, wireless LAN/WAN technologies and project
   management. Some of the projects completed for clients are listed below. Clientele is listed
   on company website.

     Piloted a Point to Point(PtP) Coarse Wave Division Multiplexing (CWDM) optical solution
      for a case study on CWDM and 802.1w Rapid Spanning Tree protocol. This solution
      entailed utilizing Cisco midrange catalyst switches, 1530nm CWDM Gbics and 40dBm
      tunable Variable Optical Attenuators(VOA). The study’s goal was to provide a simple
    scalable way to use a single/dual strand of single mode fiber and scale the link’s
    capabilities using less expensive CWDM technologies. The use of Rapid Spanning-
    Tree(RST) and Multiple Spanning-Tree(MST) protocols to achieve improved link
    resiliency was applied. An optical budget analysis was performed, integration and tuning
    of the VOA to prevent laser burnout for the shorter distance, and the configuration of
    802.1w/s was added to the Catalyst switches. By using the CWDM Gbic modules and
    single mode fiber the solution is scaleable from an initial 1.2gbs 802.3z PtP campus link
    to 8Gbs Ethernet or over 40Gbs using 8 to 16 lambdas with the addition of passive
    OADMs and additional CWDM Gbics on existing or future switches. The case study
    proved that for clients with existing single mode or dispersion shifted fiber in place, longer,
    non amplified, PtP distances between buildings is achievable economically by using a
    scalable solution utilizing any of the three optical bands S,C and L that can be built with
    just a pair of CWDM modules and as apposed to a more expensive typical WAN, Metro
    Ethernet or DWDM solution.

   Completed a Wireless ISP (WISP) venture research project. This project determined
    whether it is feasible, economically and technically, to provide last mile internet and free
    SIP based voice services to a selected demographic market in the NY region. The first
    phase of this project was to conduct a technical proof of concept. This phase tested the
    concept of basic WISP functionality, RF behavior, VoIP over wireless, security and billing.
    This phase provided answers to the practical and economical use of current commercial
    and consumer grade wireless technologies by conducting a set of proof of concept tests.
    These tests were comprised of building out various single or multi cell WISP sites and
    testing many types of applications, especially VoIP, over wireless utilizing advancements
    in SIP based products.

    Developed the project plans, wireless cell, application testing matrixes and roam criteria
    for the project. Created the RF cell engineering/planning documentation, traffic generation
    criteria for distribution system and the cells. Conducted physical and RF site surveys of
    single omni and sector cells for roaming tests. Built a temporary and portable mast
    system to host the appropriate antennas. Testing includes omni directional and sector
    based high gain antennas from MaxRad and Hyperlink for cell coverage in a residential
    area. 802.11b and g cells in separate and mixed configurations were tested.
    Proxim and Asus access points were used for initial testing with possible others from
    Cisco, Motorola, Trango, Meru, Aruba, YDI et. al. to follow. Testing of multiple call and
    data services on the cell was conducted and monitored with wireless and wire line
    protocol analyzers and network management tools. Distribution System comprised of
    Cisco Catalyst switches utilizing QoS policies created for SIP traffic using Cisco’s NBAR
    technology to classify traffic. DSCP and Assured/Expedited forwarding markings were
    applied to SIP traffic.

             Selection of SIP based products such as SJlabs, Xten, Skype and PcPhoneline
    Soft phones on laptops and PDAs(thus turning the PDA into a WIFI phone). Interactive
    Intelligence SIP server and Brekeke OnDo SIP servers were evaluated for proxy and
    redirecting services. Testing of sending and receiving SIP based calls from the wireless
    cell to POTS was conducted at various traffic levels on the cell and distribution system.
    Skype and Freeworld Dialup services were also tested over the wireless cell. The results
    of such testing was included into a report that shall outline the feasibility and behavioral
    aspects of wireless last mile access as well as the mechanics of SIP based VoIP. This
    report provided vital information for the follow on phases of the project and the overall
    business plan.

   Conducted wireless networking security audits for several NYC based clients. The
    wireless security audits consisted of scanning for rogue or incorrectly configured access-
    points, WEP vulnerabilities, radio frequency leakage issues and backdoor access into the
    enterprises via wireless portals. The reports outlined the types of attacks to expect such
    as War Drivers, WEP cracking, wireless sniffing, virus launching points, open access to
    the internet via the enterprise and wireless jamming. The audits outlined all weaknesses
    regarding the enterprise’s wireless infrastructure and its security vulnerabilities to the
    internal wired infrastructure. Recommendations included reducing RF signal propagation,
    SSID and Beacon management, VPN usage, WEP key rotation, Open and Shared Key
    access point association and authentication methods. Protocols such as 802.1x and
    802.11i, as well as infrastructure component features including MAC address and upper
    layer packet filtering, centralized user and key authentication systems plus wireless
    scanning and intrusion detection tools were also reviewed.

    The audit’s recommendations also covered relevant wireless addendums to corporate
    security policies in place. A variety of Wireless enumeration, RF analysis and protocol
    analyzer tools were used. Some of the tools used to conduct the audits and
    recommended to clients were as follows: Netstumbler, AirSnort, Wepcrack, Kismet,
    Airmagnet, Packetyzer/RF Protect remote 802.11a/b/g sniffer, Linkferret 802.11b/g
    sniffer, Nsspyglass, Airsnare and Boson’s Getpass, a Cisco router password cracker.
    One of the audits helped secure a major NYC utility’s wireless network from becoming a
    potential terrorist attack target.

   Designed and implemented a custom, low cost, highly functional, license free, 802.11b
    based wireless Point to Point(PtP) solution. The solution provided network access and
    basic Microsoft Netmeeting plus VoIP capabilities between a client’s two campus based
    corporate headquarter office buildings that were almost a mile apart. The solution
    consisted of custom made wireless routers using existing server hardware, Windows
    2000 Server operating system with RAS, Orinoco 802.11b wireless radio adapters, off the
    shelf and custom made directional Yagi and Andrews Parabolic antennas. The solution
    provided up to 11mbs of secure bandwidth between the buildings for network connectivity
    and back office application access plus the use of Microsoft Netmeeting and VoIP
    between Cisco 2620s at each site with FXS interfaces and standard POTS handsets.

    The wireless segment is router and not bridged based thus utilizing static routes and
    minimizing inter building broadcast traffic. OSPF is also available for this solution when
    future growth requires it.

    The solution enabled help desk support personnel to stay connected at each building
    without the cumulative toll costs. A full RF analysis that covered reviewing RF operational
    theory, Fresnal Zone, LOS, free space LOS, diffraction, refraction, VSWR, EIRP, signal
    strength and traffic analysis was conducted.
    Antenna gain analysis and intentional radiator calculations were used to identify the most
    efficient gain in dBm and dBi for antenna selection and transmission circuits, which used
    LMR-400 cables and TNC N connectors.

    The use of Orinoco and Cisco wireless radios and utilities plus Aerocomm’s SA3000
    2.4Ghz Spectrum Analyzer and the Linkferret 802.11b protocol analyzer were used to
    determine radio interference, signal strength and protocol/traffic efficiency. Basic QoS
    services, such as QoS packet scheduler and RSVP are available for the VoIP traffic when
    required. Windows Terminal Server and VNC were used for remote management of the
    wireless routers. Digital Matrix’s AirSnare shareware Wireless IDS software was installed
    on the wireless routers and configured for email notification of any rogue radio access

    This solution provided a lower cost and an immediate ROI compared to other solutions
    from Cisco’s Aironet or Proxim’s Orinoco/Tsunami product lines which were also
    considered for this project. The increased savings from not running fiber or using
    telecomm T-1/T-3 links between the buildings were immediately realized. The solution
    also provided an easy upgrade path from 802.11b to 802.11a or g technologies for
    additional link segment bandwidth by just swapping the wireless radio cards out of the
    Windows server based wireless routers and changing or adjusting the antennas.

   Participated in the beta programs for two 802.11 based wireless protocol analyzer
    manufactures. Provided and applied my experience of over 12 years of protocol analysis
       and protocol analyzer experience to product testing and functionality. I provided critical
       functional feed back for Baseband Technologies Linkferret 802.11b protocol analyzer and
       Network Chemistry’s Packetyzer/WSP100 remote 802.11b analyzer. I provided
       operational and GUI feedback and suggestions, which have been implemented in
       enhanced versions of the products. My input was based on extensive protocol analyzer
       experience from NAI and Agilent and contributed to the ongoing enhancement of these
       newer products. Some suggestions included enhanced upper layer protocol brief displays,
       simpler packet filtering and traffic generation interfaces, RF signal discrepancies, AP
       enumeration, WEP decoding, OUI decoding, host tables, protocol colorization and ASCII
       packet searching and go to features. I also conducted in-depth testing of the products to
       determine enterprise level functionality. Documented all results and participated in
       product improvement sessions with developers. Identified improper protocol operation
       with the TZSP protocol used by the WSP100 remote 802.11b sensor. My early assistance
       with the Packetyzer/RF Protect beta program helped the product to mature until it was re-
       licensed by Wildpackets as the new RFGrabber product. Currently providing ongoing
       technical and marketing consultation to Baseband Technologies Link Ferret 802.11b
       protocol analyzer.

      Developed an online Computer/Networking Science and Cisco certification rental lab for
       remote users and clients to access as a general Computer Science research resource
       that is accessible from office or home. The lab’s purpose is to provide the tools and
       resources necessary to prepare for industry certifications like Cisco’s CCNA through
       CCIE, MCSE, CISSP and RHCE or test a network/application change before committing
       such changes on enterprise networks. The online lab can also be used for testing
       network, application, protocol and security technologies such as IPSec, VOIP and QoS or
       learning new networking, protocol, server and application technologies. The lab provides
       the resources to help IT professionals in upgrading their skills or act as a test bed for a
       solutions they may have been planning.

       The lab provides a SCRATCH PAD environment for a student or professional to learn
       new or sharpen existing skills. The online lab consisted of IBM servers, Cisco routers and
       switches, CiscoSecure and CiscoWorks servers, Red Hat Linux and Microsoft Windows
       servers, Linux routers and firewalls, several different brands of protocol analyzers for
       remoter users to access and communication equipment such as CSU/DSUs. The lab also
       contained several different network mediums from legacy(10base-T and Token-Ring) to
       current(Gigabit Ethernet and CWDM) for testing and educational purposes.
       Many different topologies were also implemented from mesh, loop, hub and spoke, point
       to point, and hierarchal to match whatever scenarios the researcher required. Wireless
       protocol analysis tools, development tools, an RFC library, protocol reference applications
       and online networking and programming tutorials were also installed.

       I Installed and tested all lab components, applications and tools plus created help menus
       for user terminal server access. I configured Cisco PIX firewall filtering, security polices
       and VPN PPTP tunnel access. I created the lab documentation manual and usage
       policies and procedures for customers to use. A VPN kit with instructions on lab access
       via, dial-up, cable, DSL or wireless, and a general web site outlining all of the lab’s
       capabilities and instructions on how to access and use was also created. The lab is
       accessed via telnet to a Digi terminal server, Windows Terminal Server and VNC for lab
       server and protocol analyzer remote access. Calculated electrical rates of usage, cost
       analysis and customer price stratification were performed. Developed pricing plans and
       access scheduling policy. The online lab has been in operation since January of 2003 and
       has several enterprise based customers.

       Upgrade a residential cable Internet provider’s T-1 ISP access link to a T-3 for improved
        access to UUNET. Installed and provisioned Eagle DL-3100 T-3 CSU/DSU and Cisco
        3640 router with an HSSI interface plus ensure internet routes are passed from the ISP
        via OSPF to head-end router. Test DHCP, default route propagation and traffic flows from
        the cable operator’s switch and router infrastructure to the 3Com CMTS and residential
        customers. Perform cutover of residential user traffic and resolve any connectivity related
        issues. Completed upgrade with minimal impact to residential users. Secure Cisco router
        access for the cable operator via access-lists and logging functions.

Consolidated Edison
Provided tactical and strategic design, implementation and troubleshooting guidance in relation to
all Consolidated Edison networking technologies. Work with all levels of Consolidated Edison
staff, management and business subsidiaries in a technical, project, and management
consultation role with a heavy emphasis on planning, mentoring and hands-on implementation.
Some of my roles and achievements are as follows:

       Provide critical network support for all Gas, Steam and Electric Operations networks and
        applications that support energy usage monitoring, billing and most importantly,
        distribution to all of New York City and upstate counties. Resolve critical network demand
        issues during times of peak energy loads during summer months. Troubleshoot all major
        enterprise level issues such as SONET OC-3, sub-optimal routing paths, all modes of
        Ethernet switching, Spanning-Tree, Trunking, Fast-Etherchannel, MLS, application
        issues, Dense Mode multicasting problems, and any general major issue concerning
        routers, switches, network performance, application response time and support for the
        entire business enterprise and Electric/Gas operations networks. Provide “level three”
        support for the enterprise network, which consists of 250 plus routers and 400 plus
        switches. Mentor Jr. and Sr. engineers during troubleshooting exercises plus assist in
        post mortem and root cause analysis documentation.

       Published an EIGRP migration white paper outlining the enterprise’s current illnesses in a
        mixed RIP and EIGRP environment. Some of the white paper topics included are:
        problems with mixing RIP and EIGRP improperly, sub optimal routing conditions, routing
        architecture scalability, failure convergence, summarization and routing protocol
        redistribution. The white paper also outlined the lost productivity to the enterprise with
        these illnesses and the increased number of outages and recovery time required under
        RIP. The white paper discussed two solutions to migrate the entire enterprise to EIGRP,
        remove RIP and increase the overall stability of the enterprise routing infrastructure.

       Successfully completed the migration of the EIGRP routing protocol from RIP across the
        entire enterprise of over 250 plus routers. I was tasked to plan and manage the entire
        project as well as implement, train the engineering staff and document the results. The
        project touched every aspect of the Consolidated Edison enterprise and was completed
        successfully with no impact to critical 24/7 electric grid support network systems. Issues
        covered during this migration entailed summarization, default route propagation, removing
        unneeded or harmful legacy static routes, DUAL boundaries and potential SIA points,
        convergence engineering, traffic flow manipulation to ensure all routes are symmetrical,
        routing loop and black hole identification plus resolution, discontinuous subnetting,
        improper redistribution, CEF IOS bugs and unequal cost load balancing. Tuning on the
    SONET core with the use of Variance and Traffic share options where applicable were
    also applied. The project was completed on time, within budget and achieved the
    business objectives of stabilizing the routing infrastructure, reduce costs associated to
    routing protocol inefficiencies and outages plus position the enterprise with an advanced
    routing protocol for scalability and performance.

   Provided design, planning and implementation assistance for the relocation of the
    Manhattan Electric Control Center network from its old location to the Consolidated
    Edison Manhattan headquarters. This network supports all the critical applications that
    control the entire Manhattan electric grid. The project was completed on time successfully
    without disrupting the Manhattan electric grid operations and also provided improved
    performance and fault tolerance of this critical network.

   Performed a cursory review of the enterprise network and outlined tactical and strategic
    illnesses as well as provide recommendations. Some of the major and minor strategic
    observations/recommendations outlined were as follows: Router/Switch Password
    Authentication, configuration archiving, Voice/Video convergence, QOS, Cisco router
    hardware platform and IOS stability, switch stability, unnecessary routing hops, IP
    Unnumbered issues, PPP Multilink uses, physical loop design of substations and work out
    locations, unnecessary traffic in network Core, bandwidth utilization on WAN links,
    DWDM broadband considerations, IP addressing schema, IP Secondary addressing and
    VLAN 1 usage, Loop-back interface usage, Terminal Server solution, Network
    Management upgrade, T-1 Circuit Protocol Analysis, usage of Cisco Works, Network
    Documentation, improper Multicasting Services, IOS version upgrade, Network Time
    Protocol and Syslogging issues, switch VTP usage, VLAN aggregation, Spanning-Tree
    tuning and legacy router command and options cleanup tasks. This review led to several
    initiatives such as general router configuration clean up, correction of some of the items
    listed above and the use of CiscoWorks to assist in the improvement of the reliability,
    functionality and administration of the entire enterprise’s routers and switches.

   Created and conducted an in-depth network training curriculum for all Jr. and Sr.
    engineers. This training covered forensic protocol and traffic analysis techniques,
    advance application and protocol analysis, advance Cisco router and switch
    troubleshooting, Ethernet and TCP/IP protocol analysis. The training also covered
    advanced Sniffer usage including packet filters, triggers and offset pattern matches.
    Advanced analysis techniques such as identifying common application issues, protocol
    mechanics and relationship to application performance with a what, when, where and how
    approach to properly identify and trace an application based issue were covered in the
    curriculum. Created guidelines and templates for engineers to follow when analyzing
    application related issues. Introduced Optimal Application Expert software to the
    department to increase productivity once the engineers learned how to dissect an
    application issue from protocols analysis by raw Sniffer trace review.
   A special EIGRP class was conducted to prepare the Network Systems staff to effectively
    identify, isolate and resolve EIGRP based issues. The training successfully increased the
    Network Systems department’s skill level, overall productivity and reduced the average
    outage occurrence time within three months.

   Drafted department protocol analysis trace request policies and procedures for entire
    enterprise to adhere too thus resulting in a streamlined manner for the Network Systems
    department to handle multiple Sniffer trace requests. Participated in Core backbone
    switch re-architecture and other major site backbone upgrade planning by provided
    engineering and network architecture guidance. Documented a design considerations
    based methodology to assist Sr. Planning Engineers in the critical thinking aspect of
    network engineering.

   Troubleshoot and investigate Internet and Firewall access issues. Manage and tune
    Internet routers and validate BGP and link performance usage levels. Uncovered DOS
    attempts at the network egress points via forensics protocol analysis. Assist firewall and
    security personnel in troubleshooting performance or hacking related issues. Assist and
      provide planning and troubleshooting guidance for the IPSEC DSL based VPN rollout to
      remote access users. Demonstrate common protocol exploits and outline steps to identify
      such exploits.

     Implemented CiscoWorks and train staff in its use and administration. Used CiscoWorks
      to resolve configuration archiving, Syslogging issues, enhanced switch management and
      administration and use its NETConfig tool to add and remove IOS commands throughout
      all enterprise routers. CiscoWorks was invaluable in the RIP removal process during the
      EIGRP migration project. Demonstrated the productivity gains by using such a tool.

     Implemented and demonstrate the use of Cisco Secure ACS in the enterprise. Provided
      management with infrastructure component access policies and procedures to ensure
      proper administration, tracking, logging and accountability of access to all routers and
      switches. Train staff on the use and administration of Cisco Secure.

     Provided guidance and planning for the migration of PIM Dense Mode multicasting to PIM
      Sparse Mode. Resolved numerous multicasting and CGMP related issues resulting from
      IOS bugs and poor multicast designs.

     Demonstrated VOIP technologies and trained staff in H323 protocol analysis, impact and
      design for Voice and Video based networks. Outlined in cursory review document the
      current QOS and infrastructure illnesses inhibiting the enterprise from embracing Voice
      and Video technologies plus provided guidance to help position the enterprise network for
      converged technologies.

     Created department standard IOS planning and upgrading procedures for all enterprise
      routers and switches.

Applied Methodologies

     Developed a VOIP pilot for multiple branches to reduce operating costs. The VoIP
      solution is Cisco based and consists of 26/3600 series routers utilizing H323 protocol
      suite, RSVP, RTP, and RTCP protocols. Quality and Class of service options are being
      tested and managed with Cisco Policy server 1.1. Research and testing into Directory
      Enabled Networking(DEN) will proceed the pilot and requires a single directory to
      administer bandwidth and access policy for each user. The directories considered are
      Active Directory and LDAP v3.

     Implemented a streaming content development architecture utilizing multicasting
      protocols such as PIM Dense and Sparse modes, RPF state and developing multicasting
      trees to deliver variable sized audio and video presentations. Implemented Windows 2000
      Media Server, Encoder and Player to encode, distribute and play content.

     Design, build, test and implement production LINUX firewalls for branch internet access.
      These firewalls allow the branch offices to access local internet portals without utilizing
      the corporate network. The access consisted of either broadband cable or DSL. The
      firewall consisted of a Red Hat Linux stripped down kernel on legacy Intel based IBM
      platform utilizing IPChains and Tripwire for access control and intrusion detection.
      Remote logging and alert notification were also implemented and managed at the data

      Analyzed a proprietary based enterprise application for network and server performance
       issues. This application supports over 1000 users with millions of transactions per day
       and affects the organizations daily financial status. The application platform consisted of
       Microsoft Windows NT 4.0 Terminal, Application and SQL 7 servers in the headquarters
       with ‘Thin clients” located at remote offices nationally. Symptoms included slow
       application response in all functions and high utilization on server components. The
       analysis uncovered numerous server sizing issues and application scalability concerns.
       Utilizing forensic protocol analysis, major application behavioral issues were uncovered.
       Direct correlations to application illnesses to server performance degradation were
       discovered and remedies defined. The analysis also covered the network infrastructure
       and components, such as routers, switches and Frame-Relay PVCs to determine if the
       network was a contributor in any manner to the application’s poor behavior. The
       deliverable to the client was a detailed report outlining the illnesses, discoveries and
       recommendations. The report contained tactical and strategic recommendations and was
       presented to the organization’s CIO and CEO for review.

New York Life, Corporate Headquarters

      Provided high level, hands-on networking design, implementation and troubleshooting services
       across a spectrum of technologies. Some of the activities are listed as follows:

      Assist engineering staff in the planning and implementation of several IT initiatives such as
       corporate campus switching migration/upgrade, WDM Dark Fiber carrier class OC-3, 12 and 48
       based MAN for Voice/Data consolidation and future application demands. E-commerce and B2B
       integration network modeling, performance and traffic impact analysis for enterprise SAP/Oracle
       based Client/Server applications including a global Oracle based business data warehouse
       system and various B2B portals.

      Participate in enterprise development and migration to SAP ERP based system for 30,000
       employees, external insurance agents, B2B access and an Oracle based data warehouse system.
       Major role was to identify whether the current enterprise network infrastructure required tactical
       and/or strategic changes to support these new applications. Assisted in providing the
       infrastructure to support the many SAP and Oracle servers based on SUN server technologies.
       Provided infrastructure options for redundant server links and UNIX fail-over utilizing Cisco
       Catalyst switches.

      Provided application impact performance analysis against the major SAP/Oracle application
       functions to determine application SLA and impact. This exercise provided CID with the proper
       information to set expectations with the end user business units. This analysis also identifies any
       options that require tuning or changes to the application system or network to support.

      Identify and solve any performance related issues pertaining to the ERP and B2B application
       integration. This was achieved through protocol and traffic analysis using tools from Optimal
       Networks, Mercury Load runner and Agilent Advisor. Utilize modeling and impact analysis
       methodologies to SAP LUW transactions to determine response time and bandwidth
       requirements for LAN and WAN segments.

      Provide consultation on integration of SAP B2B components in the corporate DMZ and handle
       design issues of options such as load balancing using Big IP F5 load balancers and multiple NT
       based Internet transactions servers. Some of the issues involved traffic distribution, connection
       persistence and consistency of WEB and SAP traffic utilizing Big IP’s F5 load balancing products.

      Completed roll out of 300+ router configuration upgrades to support a national Frame-Relay
       network. Provide third (highest) level of support and administration for all major communications
       and data components. This support encompasses 400+ Cisco routers, 300+ site national Frame-
       Relay WAN, T-1, ISDN, 300+ Cisco Ethernet Switches, Gigabit Ethernet, ATM, Token-Ring and
       FDDI topologies. Provide high-level LAN/WAN and application troubleshooting via forensic
    protocol analysis and distributed Sniffers.

   Provided support of integration of ATM technology into the campus core network. This included
    configuration and resolving issues with Cisco router ATM interfaces and Lightstream switches for
    Classical IP over ATM and LANE.

   Assisted in the design and implementation of a SONET based T-3 between data centers. Resolve
    T-3 provisioning issues by utilizing protocol analyzers to test and monitor the circuits. Ensure that
    proper load balancing and routing metrics are applied to utilize the redundant T-3s properly.

   Provided troubleshooting and design support to the campus core Gigabit and 100Mb switched
    infrastructure that included 100+ switches, Gigabit EtherChannel, MSM and multiple VTP and
    Spanning Tree domains. Participated in troubleshooting major Spanning Tree issues that resulted
    in the removal of Token Ring switching and a re-design of the switched architecture to support the
    migration from Token-Ring to Ethernet.

   Provide general tactical design and troubleshooting support to the campus core legacy router
    based FDDI backbones that link over 70+ Token-ring segments. Some of the issues involved
    Token-Ring MAC based problems, router IOS performance and bug related issues, FDDI
    performance, EIGRP for IP and IPX operational and design. Provided operational and
    administrative support for, Microsoft DNS/DHCP/WINS and SNA servers on an as needed basis.
    Utilization of tools for network support included NetView 6000, CiscoWorks 2000, Resource
    Manager Essentials, Cisco View, CWISI tools and Distributed Sniffer Systems.

   Provide design and troubleshooting support for a plethora of Cisco IOS options applied to the LAN
    and WAN routers such as, GRE tunneling for IP/IPX, NAT, policy routing, queuing, route
    summarization, route redistribution, traffic shaping, compression, HSRP and security access.
    Support of many different network protocols such as: IPX and IP suites, EIGRP for IP and IPX,
    BGP and AppleTalk.

   Provide connectivity design, implementation and troubleshooting of critical external vendor links.
    Such links provide critical financial based transaction access to SIAC, Salomon, Bloomberg, Bank
    of New York, FAS, BHC, Telerate, and NASDAQ.

   Solved several mission critical financial based applications issues. Some of these included the
    Individual Policy Services for Annuities, Corporate Financial Division, and the Telephone Inquiry
    Response system.

   Provided design and troubleshooting services to NY Life Securities and Trading systems located
    in the corporate campus and Kansas City offices. Troubleshoot network performance or trading
    application based system issues.

   Provide design and troubleshooting support for a 300+ site Frame-Relay and back-up PRI based
    WAN. WAN issues included: EIGRP bugs, traffic flows, tunneling, Frame-Relay provider issues,
    Frame-Relay Traffic shaping, SNA, RSRB, custom application performance tuning such as the
    DMS Imaging system and FileNET protocol handling. Identify problems concerning the local site
    infrastructure, WAN links or site applications and servers.

   Assisted in the design and support of the corporate DMZ for E-commerce and fault tolerance.
    This entailed the logical and physical infrastructure to support the mail and web servers and
    placement of proxy/firewall servers for optimal performance. Work with Internet support teams to
    resolve issues pertaining to ingress access utilizing proxy, LDAP and Entrust services. Support for
    NY Life WEB-based Internet applications for customers and national agent population. Handle
    issues involving egress corporate Internet access such as providing outbound routes and
    resolving Internet access performance issues. Identify security issues and possible exploits
    utilizing White Hat hacking tools.

   Participated in the corporate Internet access provisioning utilizing BGP for Internet access to
    diverse ISP (UUNET and AT&T). This included configuration and sizing of the routers for BGP,
      load balancing, redundancy, security, route summarization and IGP redistribution.

     Designed and implemented corporate router and switch infrastructure access security system
      utilizing Cisco Secure and TACACS+ protocol. Cisco Secure was used to migrate from a
      shareware script based TACACS server. Tested and configured all infrastructure components for
      AAA support Developed infrastructure component access policies and procedures to ensure
      proper administration, tracking, logging and accountability of access to critical infrastructure
      components across all support organizations.

     Developed OSPF lab to test protocol operation and resiliency for possible EIGRP retirement.
      Tested SPF convergence operation, DR overhead requirements, LSA functionality, adjacencies
      state performance, route flapping for SPF impact, summarization, priority and path cost

     Implement IPv6 based router lab to test operating characteristics and performance attributes of
      the protocol. This information was provided to CID as a strategic initiative to understanding the
      feasibility of migration and co-existence of both IP versions.

     Evaluated Multicasting applications and H.323/SIP protocol operation utilizing Real Media
      server/client and Microsoft Netmeeting over Cisco infrastructure components.

     Implemented IPSEC router lab to test the operating characteristics and performance issues
      related to building secure VPN tunnels utilizing IP SEC. The utilization of pre-shared keys and the
      Tunnel mode method was implemented. Recorded performance results based on IPSEC ISAKMP
      connection negotiation, router processing overhead and SA policies and encryption methods
      utilizing Crypto maps, AH, ESP, MD-5 and Triple DES.

Canon USA, Corporate Headquarters

     Report to Information Systems management as a strategic infrastructure and applications analysis
      expert for their Year 2000 Client/Server integration project. This project dubbed “Project 21”
      entailed deploying Oracle two-tier based custom wholesale and retail applications designed and
      written with Oracle’s Designer/Developer 2000 to replace their Mainframe based system. Oracle
      Financials was also deployed for the purchasing department. A custom written three tier-based
      application was also deployed that utilizes Oracle on the back-end for wholesale and retail
      functions. The Server platform is based on IBM’s SP multiprocessing AIX system running multiple
      Oracle instances on six different 8-way nodes. This new system will be used by 2000 plus users on
      the campus and worldwide. The project had an aggressive completion date of October 1997 when
      all users will no longer use their Legacy IDMS/2 based system and access corporate data from the
      Oracle based system.

     Immediate role was to analyze all critical application traffic/protocol characteristics and model the
      impact against the current infrastructure. Developed a traffic modeling application that provided
      estimated response time and impact statistics on 10/100Mbs segments of the current infrastructure
      and WAN. This model was used to develop a tactical architecture that entailed creating a redundant
      FDDI Client/Server backbone with high- speed routers on the periphery to balance and handle
      immense traffic loads from the campus LAN/WAN reliably and efficiently.

     The campus network was restructured using Cisco Catalyst switches for 10/100 segmentation of
      office automation and mail traffic. A 100mbs Ethernet backbone was created for all File, DNS,
      UNIX, Mail and Intranet servers. The design segregated the daily campus traffic from the production
      Client/Server traffic enabling quick deployment of the new system without a complete infrastructure
      overhaul as well as provide a simple understanding of the Client/Server traffic flow. The project was
      completed on time with minimal impact to users and other corporate systems.

     Tuned Oracle applications for optimized network performance by protocol and SQL analysis.
      Worked with developers to exploit Oracle Server and Oracle Forms tuning options to reduce
      network traffic and provide efficient delivery of queried data. Results of tuning were applied to all
    Oracle Forms based applications.

   Solve complex Oracle application and Server performance issues by protocol analysis to determine
    if the network, database server, or the application code was the cause. Review trace findings and
    point out application inefficiencies to developers for correction and tuning.

   Implemented and documented Sprint and Eagle Raptor based remote IP dial access solution for the
    entire organization. Managed entire project, assisted in implementation, troubleshooting developed
    the documentation to be added to Canon’s Intranet.

   Developed Canon’s first Network Security policies and procedures documentation. This document
    covered areas such as computer room operations, password standards, support and escalation,
    roles and responsibilities including breach of security drills.
   Authored Canon’s first Change Control Policies and Procedures document to be used by the entire
    IT division for all levels of system operations. This document covered the basic Change Control
    process and outlined procedures that must be followed when making a change to an IT
    infrastructure resource.

   Administer, troubleshoot and expand a 75 plus site router based national Frame-Relay and
    international X.25 network that supports over 10,000 remote users for the new Client/Server
    applications, office automation, manufacturing, marketing, finance, inventory and product
    distribution systems. Provide support for routing protocol operation of IGRP, EIGRP, RIP and IPX
    RIP/SAP management plus Apple-Talk, TCP/IP, and SNA. Solve complex LEC physical T-1 and
    Frame-Relay issues. Perform BERT testing and determine carrier trouble locations. Troubleshoot
    out-source VPN networks from IBM and AT&T. determine if the problem is network, carrier or
    application based.

   Administer, troubleshoot and expand a multi-protocol campus network based on Layer II Cisco
    Catalyst switches and collapsed switch and router backbones. Solve network throughput and
    protocol issues. Troubleshoot and maintain switch and router hardware components.

   Restructure of legacy Token-Ring architecture and WAN-based remote Source Routed Bridged
    network by simplifying traffic paths and spanning-tree configuration for SNA and AS/400 hosts.
    Eliminate loops, removed Cisco IOS bugs and passive MAU equipment for managed concentrators.
    Restructure traffic levels, faulty wiring and eliminate beacons and consistent ring purges. The
    restructure provided Canon with a more consistent operating Token-Ring SNA backbone.

   Developed enterprise network management strategy for IT staff consideration. This strategy
    covered all aspects of Canon’s Network and application resources. The strategy suggested an
    element building block approach to achieve a heterogeneous system that can accommodate
    changes in business and technology direction.

   Troubleshoot Novell NDS and Windows NT server and applications issues on an as needed basis.
    Provide recommendations to management regarding performance optimization for applications and
    server throughput. Evaluated CISCO PIX firewall and remote Internet access for mobile business
    applications. Provided guidance regarding security policies, encryption, authentication and methods
    of access.

   Managed the Data center relocation and consolidation project. This project entailed consolidating
    two data centers. Led critical systems relocation planning and scheduling. Ensured infrastructure
    requirements were accomplished prior to the move. The move was completed over a holiday
    weekend with no impact to the business.

   Managed relocation of entire IT division to new facilities in a different campus building. Ensured
    infrastructure and scheduling of move for personnel, help desk, and critical IT support equipment
    was available for an aggressive three week schedule. The move was handled in three phases and
    completed on time without impact or discontinuance of support to the entire business.
Philip Morris USA

      Directly reported to the director of Technology Planning and Research as a network technology
       subject matter expert. Worked with business planning managers to determine business needs and
       clarify requirements. Arbitrate business demands between IS and all domestic business units.
       Provide designs and recommendations with business and technical rational to IS clients. Perform
       research on emerging technologies. Counsel IS and its clients on tactical and strategic direction.
       Review strategic plans for the business regarding the network infrastructure and application impact.
       Provided expertise in the areas of LAN/WAN protocols, router switching architecture, risk analysis,
       Client/Server technologies, ORACLE parallel servers, IBM SP Tower UNIX RISC servers on FDDI,
       Frame-Relay and network security including firewall technologies.

MCI International

      Authored MCI’s Policies and Procedures for the Network Operations Data Center. This document
       set the IS Operations direction after an IS reorganization and prepared IS for future
       Telecommunication merger opportunities. This document covered policies and procedures from
       personnel to component management and security. Analyzed existing campus LAN, Intranet and
       international OSPF based Cisco router WAN for improvements and security violations. Managed
       and completed Novell file server migration deliverables on Data Center project. Resolved LAN/WAN
       protocol problems. Provided support of 1000 node Token-Ring infrastructure. Provided network
       architecture direction in terms of campus network infrastructure re-design. Supported Intranet
       Windows NT server integration for DHCP and DNS and Intranet access across network segments.
       Designed Data Center File Server management policy and recommend management tools.

NAB Construction

      Designed and implemented multiple site mesh Frame-Relay network for messaging and application
       developers. Developed IP and IPX addressing schema for WAN topology. Configure and install all
       CISCO routers. Manage Frame-Relay vendors and circuit translations.

Chase Auto Finance Bank
      Designed and implemented a complete ISDN backup network to provide simultaneous cut over
       from Frame-Relay and Router failures. This enabled the bank to preserve the integrity of its Imaging
       and NetWare 4.1x architecture at a reduced cost. Completed redesign of the company’s 1000 user
       Token Ring infrastructure to resolve Source Routing and Spanning Tree issues. Designed and
       implemented Network Management system that manages all routers, bridges and hubs. The system
       was based on SUN Solaris and HP OpenView.

      Completed Frame-Relay integration project for the bank to utilize Novell 4.1x NDS and support for
       Imaging based applications over a WAN. This network is tied to the division's "bottom line" which is
       based on the imaging transactions that are now supported over a WAN. Linked several regional
       offices with CISCO routers and applied the proper tuning methods to reach optimal WAN
       performance. During the lifecycle of this project, maintained roles of: Project Manager, WAN
       engineer, LAN engineer and general technical consultant. This project was completed on time
       during an aggressive implementation schedule of five weeks.
AT&T Solutions/Chase Bank

     Completed term as a Senior Consultant for AT&T on the Chase Bank outsourcing project. Managed
      an average of 35 projects that are unique in technical complexity. Also performed low/high level
      hands on protocol and traffic analysis, router support, implementation, and application impact
      analysis and infrastructure re-design support. Provide technical consultation on many SYBASE
      Client/Server based projects that require access to the corporate infrastructure.

     Perform traffic, protocol and application analysis for Client/Server application deployment in Chase.
      This entails determining traffic and response times for SQL queries, infrastructure and component
      impact. Determine which areas of the Client/Server system require tuning. Projects included Data
      Warehouse consolidation, remote access to SYBASE SQL servers and SYBASE replication traffic
      analysis from IBM Hosts.

     Provide AT&T and Chase project management, engineering and troubleshooting support. This
      entails support of CISCO Routers, immense Token Ring and Ethernet environments, backbone and
      WAN support. Performed an analysis and re-design of 1700 node remote campus architecture to
      support evolving Client/Server applications by providing additional bandwidth capacity and
      throughput. Research included options to collapse backbone architecture to either a router or
      switching technology.

     The resulting analysis report identified the network and application illnesses pertaining to protocol
      use, distribution and traffic baselines. The report also provided recommendations and plans on how
      to rectify such issues.

     Managed and contracted AT&T GIS Network Architecture Consulting group on behalf of Chase to
      perform a similar study for five major remote sites of the bank. Reviewed all reports for technical
      issues and distributed to remote sites and engineering for review and implementation. The remote
      analysis project required six months at a cost to AT&T of 500k. The project was completed on time
      and the information gathered was critical for AT&T to provide proactive support of the bank's
      network by reducing the discovery time required to engineer or troubleshoot each location.


     Reviewed and led a major water utility in Delaware in the development of right-sizing migration plans
      to move their entire data processing system from a mainframe to a distributed Client/Server system.
      Analyzed the business processes and the technical aspects of this plan. Created the business
      review and provided recommendations for selection and sizing as well as direction for migrating to a
      distributed Client/Server system. The deliverable was a detailed report with all of my findings and
      recommendations in regard to their migration plan. This document's goal is to provide specific
      direction for the client relating to their migration plans. All areas reviewed were analyzed from a
      technical and business perspective to ensure each component has a sound business rational and
      technical feasibility.
ENTEX Information Systems

     Closed a contract with IBM to be the main subcontractor to provide 300k in services and one million
      in hardware to a major Japanese bank. Developed Statement of Work, Legal documents and
      Project plans. Hired and managed group of out-source consultants to represent ENTEX and
      perform the work. Managed group of seven different consultants for a period of two months. Project
      completed ahead of schedule and ahead of budget/profit forecasts.

     Restructure of 1500 node multiprotocol and multiplatform local Internet for a major pharmaceutical’s
      corporate headquarters in New York City. The restructure provided the client with "any to any"
      connectivity to any resource, greater bandwidth, stable network management, horizontal and vertical
      scaling options. This restructure was the result of recommendations from a month long LAN/WAN
      analysis that analyzed every possible technical and business resource of the company. The
      restructure was planned and performed over the weekend with no fallout and user client issues.

     Provide Pre and Post-sales support to 35 sales executives with respect to complex communications
      and integration issues. Provide support to Systems Engineers when problems arise during
      implementation of solutions. Perform billable consulting services to clients. Act as quality control and
      project manager for all large-scale integration projects. Conduct research and development in
      respect to communication and application based products. Write analysis papers for clients.

     Inspect and design all LAN, WAN schematics/proposals and develop technically "air tight" solutions
      for the client in regard to their respective and future business and data processing goals. Manage
      all large scale and national LAN/WAN integration projects. Recipient of many branch awards.
Product and Technology Experience:

Below is a list of just some of the technologies and products I have used throughout my career.

Server and desktop operating systems:

      Windows 2003 Server and Enterprise Server and server applications
      Windows 2000 Advanced Server, Server and 2000 professional
      Windows 2000 Server DNS, WINS, DHCP services and RAS services
      Windows 2000 Resource Kit
      Windows 2000 Media Server and player
      Windows 2000 Terminal Server
      Microsoft Windows XP Professional and all previous versions
      Microsoft Windows XP Tablet edition
      Microsoft Windows CE 2.0/3.0 and Mobile 5/6.0
      Microsoft Outlook 2002 and 2003
      RedHat LINUX Server 5.2, 6.2 through 7.2 Gnome and KDE environments
      Familiar with UNIX environment and file systems
      MS-DOS All versions
      IBM X series server’s IBM Director server management tool

   Protocol Analyzers, wireline and wireless analysis tools:

      Agilent Advisor J2300 series protocol analyzer with all acquisition modules
      Agilent Advisor Software edition
      Agilent/Telegra Voice Quality Tester VQT
      Network Associates Sniffer (legacy DOS) Distributed and Sniffer Pro
      Etherpeek
      Ethereal
      TCPDUMP
      Polito Analyzer
      Network Chemistry Packetyzer
      LinkFerret 802.11b/g protocol analyzer
      Netwrok Chemistry Neutrino Distributed Wireless Sensor with Fusion Desktop
      Network Chemistry WSP100 802.11b remote analyzer
      Aerocomm SA3000 2.4Ghz Spectrum Analyzer
      Yellowjacket 802.11 spectrum anlyzer

Application/communications software:

      Microsoft Office 97 and 2000, 2003 and 2007 suite of applications
      Lotus suite of office automation and back office applications
      Experienced with hundreds of DOS/Windows and UNIX based tools, applications and utilities
      Experience in troubleshooting various custom applications encountered throughout career
      Visio 2000-2003 professional and enterprise versions
      Tardis 2000 NTP server
      AT&T Virtual Network Computing VNC server and client software
      Entrust, Cybercop, Mercury load runner Quick test for SAP R/3, Ganymede Chariot
      Hummingbird Exceed series of networking tools
      Nantech BGP traffic generator
      Pine Mountain Group Netanalyst toolkit
      A&Gs Net tools
      What’s up Gold suite
      Norton AntiVirus Corporate edition
      TFGen and UDP flood
      Netview Network management scanner
      Look@Lan
      IPScan
      TCPView
      Engage Packet Builder
      AP chat
      AirSnare
      RZKFLOW for Netflow

VOIP products and tools

Skype softphone
SJLABS softphone
Xten Softphone
PcPhoneline POTS gateway and SIP phones
Gphone softphone
Cisco Softphone
Cisco FXS and FXO interfaces and configuration
Cisco Call Manager Express
Interactive Intelligence SIP server
Brekeke OnDo SIP server
Free World Dialup(FWD) configurations

Security tools and utilities tested and used:

Nmap                                             Fscan
Netstumbler                                      NetCat
AirSnare                                         NBTscan
TripWire                                         Winifo
SamSpade                                         Enum
WepCrack                                         SNMPutil
Foundstone Netscan tools                         Wsremote
Wfetch                                           Auditpol
GetAcct                                          Pwdump2
Aptools                                          John the ripper
Cygwin                                           Keylogger Stealth
Boson GetPass                                    Rootkit
Snscan                                           Winzapper
SuperScan                                        Unicodeloader
SID2USR                                          Whisker

Relational Databases:

      ORACLE Server 6.0, through 8i for UNIX on IBM SP2, Solaris platforms, Windows 2000 SQL*NET
       version 1 and 2 with an in-depth understanding of TNS protocol. ORACLE Enterprise Manager 1.2.2
      Microsoft SQL Server 2000 basic installation and troubleshooting
      Microsoft SQL Server TDS protocol analysis
Programming languages/compilers/web development tools:

      C++ Object Oriented programming, ANSI C
      Microsoft Visual C version 6 and MSDN
      LIBNET packet building library.
      WINSOCK 2
      Microsoft FrontPage 2000, 2002 and 2003

Experience with the following networking products, protocols and technologies:

      CISCO product implementation, troubleshooting, research and design
      CISCO 2500 through 75xx series routers. All different models and interface configurations
      Cisco Catalyst 6500 series switches 6503 up to 6513
      Supervisor 1a, II and supervisor 720
      Catalyst 3750 switches
      2800, 3800, 3745 series of routes
      Cisco 10720 DPT routers
      Cisco ASA security appliances
      CISCO Catalyst 4000, 5000 and 5500 series switches
      Cisco Catalyst 3550 and 1900 and 2900 series switches
      Cisco Cluster Management Suite – CMS
      Cisco Internet Performance IPM
      Cisco CWDM Gbics and LANShack 40dBm VOA
      CISCO IOS 9.x through 15
      CISCO PIX Firewall with IOS version 6.0 – 6.3 and Pix Device Manager – PDM
      Cisco IOS Security Device Manager SDM
      CiscoWorks 2000, CiscoSecure ACS and CiscoView
      Cisco Aironet adapters and Access Points
      Operational experience with Concord E-health 5.1
      Proxim AP2000 and AP2500 Enterprise Access Point
      Asus WL-500g Access Point
      Putty SSH for SSH to Cisco routers and switches
      Ngenius Netsouct 1.4 server
      Netflow ver. 5 with RZKFLOW utility
      Teletronics 2.4Ghz bidirectional Amplifiers
      BVS Yellowjack 802.11 analyzer
      2.4Ghz ISM and 5Ghz UNNI RF wave guide and spectrum theory
      802.11b protocol analysis and 2.4Ghz spectrum analysis
      WiFi/802.11 DSSS, FHSS, CSMA/CA, DCF, PCF, RTS/CTS operation and analysis
      802.11a/b wireless technology and adapters from Cisco and Oronico/Proxim
      HyperLink Yagi and Omnidirectional 2.4Ghz antennas
      MaxRad Sector and Yagi 2.4Ghz antennas
      Andrews Mag Grid Parabolic 2.4Ghz antennas
      EZNEC Antenna design software, basic directional 2.4Ghz cantenna development
      Very familiar with complete TCP/IP protocol stack, operation and behavior
      IP addressing planning and implementation and IP unnumbered
      Very familiar with routing protocol suites and operation of BGP, EIGRP, IGRP, RIPv1,
       RIPv2, OSPF, IRDP, ODR, NHRP and ISIS
      POP, SMTP and IMAP protocol analysis for operation and security audits
      Tag switching and MPLS operation and analysis
   Very familiar with Cisco and standard bridging protocols 802.1d Spanning Tree BDDU,
    Cisco enhanced Spanning Tree operations(MST, PVST, Root Guard) Source Routing,
    RSRB, DLSW+, SRT, basic transparent and translation bridging
   802.1w Rapid Spanning Tree and 802.1s Multiple Spanning Tree protocols
   Ethernet Switching technologies and protocols, VLANs, VTP, ISL, 802.1q, Trunks,
    Etherchannels and SPAN, HSRP, VRRP, MLS and 802.1x port security.
   Utility protocols such as ARP, BOOTP, DNS, DHCP, FTP, TELNET, ICMP and X-
   Netbios and Netbeui protocol operation and tuning SAP analysis

   Tunneling and VPN protocols, GRE, STUN, VPDN, L2TP, PPTP, IPSEC AH/ESP and
    Multilink PPP channels
   Very familiar with all IEEE 802.3 variants, physical media components and frame types
    such as Ethernet II, SNAP, and Fast Ethernet 802.3u/x/z/ab/ac/ad/ae protocols and
   Ethernet standards 10Base-T/F, FOIRL, 100BaseT/F/X 1000Base-T/X/SX/LX
   Very familiar with many 802.x networking standards
   Very familiar with IEEE 802.5 Token-Ring protocol and operation
   Understanding of Data encryption and cryptography technologies, DES, RSA, MD4 and 5,
    IDEA, IPSEC, PGP, PEM, Kerberos, and KDS
   Basic IPv6 operation, addressing, protocol analysis and implementation
   Familiarity with X.25, DEC and LAT protocols
   Very familiar with Oracle’s SQL*NET and TNS Client/Server protocol as well as SQL
    Server TDS protocol.
   In-depth understanding of IPX/SPX, RIP, SAP, NCP, NLSP, IPX EIGRP and NDS
    protocol operation and troubleshooting
   In-depth understanding of 802.2 Logical Link Control (LLC) I, II primitives operation
   IPX/SPX level C programming
   RS232, HDLC, asynchronous Protocols, SDLC, PPP, LAPD, LAPF and Q921/931, SS7
    signaling protocols,
   SNMP, RMON and ASN protocol operation and analysis
   Basic understanding of CWDM and DWDM planning for dispersion, optical budgets,
    attenuators, laser amplifiers and spectrum band usage.
   SONET STS-1 and 3 protocols and operation
   In-depth experience with DDS, T-1/E-1, T-3, B8ZS, AMI, 4b/5b 8b6T, 8b/10b, CSMA/CD
    and CA, Manchester with differential signaling protocols operation and troubleshooting.
    BERT testing and CO leg tracing.
   Designed networks to utilize limited distance vector algorithm, DUAL based, hop and path
    cost based routing protocols as well as link state protocols such as NLSP and OSPF.
   In-depth experience with Frame-Relay protocol RFC 1490 operation, design and
   Multicasting protocols design implementation and operation, RPF, Dense and Sparse
    Mode, PIM, IGMP, CGMP, IGMP snooping.
   In-depth experience with ISDN operation, design and troubleshooting.
   Class of Service/DSCP, Assured and Expedited Forwarding PHB, RSVP operation and
   IP TOS, IP precedent, 802.1p, QoS analysis and operation
   Internet protocols HTTP, SHTTP and SSL operation
   ANSI FDDI protocol operation, analysis and troubleshooting
   Voice over IP(VoIP) protocols H323, H225, H245, Q931, SIP, Codecs and gatekeepers.
   IBM X series of 1U/2U servers
   DataComm 52xx series managed CSU/DSUs
   Digital Link/Quick Eagle DL3100 T-3 CSU/DSU access multiplexer
   Audiovox and Toshbia Pocket PC PDAs
   Various CF and SDIO based memory and WIFI cards for Pocket PCs
   Fujitsu Table PC series
Legacy technologies, utilities, applications and tools:

   BAY Networks 2800, 3000 and 5000 series of concentrators.
   Cabletron MMAC and MMAC + series of concentrators and switches.
   ALANTEC/FORE Power HUB Ethernet switch
   Kalpana Ethernet Switch
   Token Ring: IBM, Pure Data, Thomas Conrad, SMC, IBM 8228 MAU and 8230 CAU/LAM
   Ethernet: All Intel, 3com, Bay, Cisco, Chipcom, Netgear, Linksys, and Dlink products
   FDDI: Cabletron and CISCO products
   ARCNET: Standard Micro Systems
   Bay Networks/Nortel ASN/BCN routers
   AT&T Paradyne CSU/DSU 31, 36 and 9120 series with compression
   Bay Networks Centellion 100 Token-Ring /ATM switches
   IDNX LWX Routers. Verilink Access 2000 series.
   IBM Remote bridges utilizing ARTIC boards and UDS CSU/DSU's.
   Wireless Microwave Ethernet technologies.
   IBM Bridge Program 2.1, 2.2 and IBM 8209 Bridge,
   3Com link builder series of Routers Netbuilder I and II.
   ANSI FDDI protocol operation
   SunNet Manager and HP OpenView network management systems
   Familiar with IBM SNA, 3270 LU 6.2 design, analysis and troubleshooting.
   Practical hands on knowledge of ATM operation and MOPA, LANE protocols
   Netsuite LAN modeling software
   Intel Proshare Video Conferencing for LAN and ISDN
   Novell ManageWise
   Very strong LAN and WAN architecture design and troubleshooting disciplines
   Nine years of design and implementation experience with Frame Relay and ISDN
   NT 4.0 Server and Desktop
   Novell NetWare all versions to 5.1, SUN Solaris 2.3, 2.4
   IBM AIX, UNIX SVr4 some shell programming
   Familiar with UNIX environment and file systems
   OS/2 All versions, IBM PC LAN Pgm.,
   IBM LAN Network Manager 1.1, Apple Systems 6.06, 6.07, and 7.0 Apple Share III.
   SunNet Manager
   HP OpenView Network node manager
   Oracle NT and NetWare and OS/2. ORACLE Tools, ORACLE CASE Tools 5.0, Structured Query
    Language (SQL) ANSI, ORACLE SQL*Plus and PL/SQL procedural SQL. Developer 2000,
    Designer 2000 and ORACLE Financials.
   Lotus Notes and CC:MAIL for DOS and Windows, Attachmate and RUMBA terminal emulation
    MS-MACRO ASSEMBLER 5.1, MS-C, Quick C for Windows, ANSI SQL, SQL Forms, Power Builder
       3.0a, MS C++ version 4 and 5.

Stay abreast of current industry and scientific topics that may apply to a client's
technology investment. Some listed:

      Network security exploit/hacking analysis
      Enhancement in general networking and protocol development
      Grid, Clustering and pervasive computing
      Application development trends
      Internet/Intranet access design and implementation
      Client/Server and ERP,technology -- Oracle and SAP
      Web Services, Web 2.0, ASP, CRM, SOA applications
      Custom Workgroup/Workflow applications
      10-100G Ethernet solutions
      Broadband technologies - Broadband over Power and Fiber to the Premise
      WiFi Wireless communications (802.11a/b/g/n)
      Latest advances in microprocessor technology
      Wireless Broadband MAN 802.16a/e(WIMAX) and LTE
      FAST and Gigabit Ethernet (802.3ab) and (802.3u and z)
      Server virtualization trends
      Cloud computing trends
      Unified Computing/Communications solutions
      Network management - SNMP III
      Network Security and Cryptography
      Layer 3 through 7 switching, CoS and Qos
      Advances in WAN, Routing and Switching technologies
      WDM technologies and products – DWDM - CWDM
      Energy and Data center efficiency technologies
      Operating system and file system enhancements
      Data storage, SAN, NAS, SCSI-IP and archiving enhancements.
      Smart Grid, SCADA systems and DNP protocol

References:   Furnished upon request.

 This word document was downloaded from the website:, please
                remain this link information when you reproduce , copy, or use it.
 <a href=''>word documents</a>

Shared By: