Kreutz Consulting
  Kreutz Consulting Limited
Network & Security Consulting

Profile Heiko Kreutz (Director)

Technologies & Knowledge:

Network & security design and architecture;
Network & security technologies : routing, switching, remote access, Internet access, firewalling, Intrusion Detection/ Prevention;
Security in enterprise networks: WebVPN, IPSec, DMVPN, RADIUS, TACACS+, AAA, PKI, FW, IPS, IDS, Token Server (RSA ACE/Server), LDAP, Perimeter;
Enterprise security architecture, defense-in-depth, risk analysis, risk management, disaster recovery, ITIL;
WAN: MPLS L2/L3 VPNs, Frame-Relay, PRI/BRI, LL, Dialing/ Backup;
Configuration of network & security hardware: Cisco, HP, Alcatel, Nokia, Check Point, Bluecoat, Nortel, ...;
Troubleshooting network & security incidents in complex networks (3rd/ last level);
Routing: EIGRP, OSPF, IS-IS, (M)BGP, Policy-based routing;
Reliability/ Redundancy (L1 - L4);
WLAN: Controller, APs, 802.1x, H-REAP;
Bluecoat Proxy + AV; Cisco Content Engine, MS ISA, WCCP, Websense Enterprise;
QoS: DiffServ, IPP, CoS, LLQ, CBWFQ, WRED, Policer, Shaper, RSVP, MDRR, SRR/ WRR, WTD;
TCP/IP in heterogeneous networks;
Multicasting: IGMP, PIM (SM/BIDIR/SSM/DM), MSDP;
Polycom, Tandberg/ Cisco Videoconferencing Systems;
Cisco Call Manager, Cisco Call Manager Express, Cisco Unity;
MS Environments (Active Directory, LDAP, IIS, Exchange, SQL, CMS);

Previous Projects & Roles (Extracts):

Senior Consultant:
Multiple projects to enhance security in plant networks, including security surveys, gap analysis, access controls, technical designs;
Multiple projects to carve in acquisitioned companies, including technical designs, project management, transition to operations;
Global WAN rollout for 1500+ sites, including technical designs, project management, design & optimization of operational processes incl reporting;
Global network & security carve-out projects inside major enterprise, technical project lead;
Team lead for network & security projects/ operation team inside major enterprise;
Design of global network & security processes for major enterprise; 
Technical project lead for various network & security projects inside global companies with multiple service-providers;
Project member for various network & security projects, rollouts, carve-outs inside global companies with multiple service-providers;
Design and migration of existing large LAN + Voice (> 1500 users) to new LAN + VoIP + WLAN infrastructure, including 802.1x LAN/WLAN authentication, Guest VLAN/ WLAN;
Design and implementation of complex perimeter/ DMZ security environment for major enterprise (incl Nokia Check Point, Cisco ASA, MS ISA);
Providing network/security expertise and guidance for SAP Web Dispatcher, SAP Exchange Infrastructure XI and SAP Internet Transaction Server ITS implementation and various migrations;
Design, implementation and operation of a complex global Remote Access and Internet Access infrastructure (2nd and 3rd Level Support) for major enterprise;
Setup Cisco VPN Concentrator, Cisco ACS, RSA ACE, RADIUS for major enterprise;
Design and implementation of security gateway for Citibank File Services, secure automated iDOC transfer, Entrust encryption;
Design and implementation WAN concept based on VPNs with IPSec, Firewalls, IDS;
Design and Implementation SSL VPN/ Web VPN for major enterprise;
Creation of Security Policies for major enterprise;
Configuration Cisco ASA/ PIX;
Configuration Astaro Security Linux;
Implementation of Coarse Wavelength Division Multiplexing (MAN);
LAN-Installation: Switching, Routing, Security;
Setup McAfee Intrushield;
Planning and Setup of MS CRM;
Planning and implementation Active Directory;
Installation and administration Windows Server, Back-Up, RAID;
RAS-WAN-Connectivity, Dial-on-Demand;
Design, implementation and administration MS Exchange and Active Directory;

Providing Courses/ Workshops:
Cisco Routing and Switching;
Cisco Security;
Troubleshooting in the Enterprise Network, Campus;
Layer2-, Layer3-Switches (especially Cisco+Nortel), VLAN-Configuration, Advanced Router-Configuration (i.e. Cisco);
Concepts and Protocols in Multilayer-switched Networks;
Redundancy in Enterprise Networks: Spanning Tree; Linkaggregation/ Etherchannel/ (Split)Multilinktrunking, VRRP, HSRP, GLBP;
Cisco IOS Firewall Feature Set;
Network Security through ACLs, Traffic Filter, Policy Routing;
Firewall, Intrusion Detection and PKI;
Active Directory Planning and Implementation;
Security in heterogeneous Networks: Firewall, IDS, VPN, AAA;
TCP/IP with Windows NT 4.0;
Basics of Networking Technology;
Windows 2K3/2K/NT Server/Workstation;
Specific Sales Software for Insurance Companies;

Description of processes;
Description of services/ service catalogue, SLAs;
Creation of issue-specific security policy;
Creation of functional specifications for network migrations;
Documentation of Networks;
Creation of Course Handouts;

Creation of Instructor Guidelines;
Creation of User Guides
[start] [profile] [certs] [contact]

Kreutz Consulting Limited, London