 |
 |
 |
 |
Network & Security Consulting
Profile Heiko Kreutz (Director)
Technologies & Knowledge:
Network & security architecture and consulting;
Information governance, enterprise architecture;
Cyber security: FWs, Segmentation, IDS/IPS, anomaly detection, honey pots, SIEM;
Enterprise security architecture: risk analysis, risk management, ISO 27001, ISO 27002, BSI IT-Grundschutz, defense-in-depth, zero trust;
Enterprise IT: Identity and access management, privileged access management, malware protection, business continuity management, disaster recovery, ITIL;
Data protection and regulations: GDPR, Data Protection Act, Cyber Security Act;
SD-WAN: Cisco, VeloCloud, Versa;
Secure Web Gateway: Zscaler, Cisco Umbrella, Bluecoat;
Routing: (M)BGP, EIGRP, OSPF, IS-IS, LISP;
Switching: VLAN, VXLAN, Cisco SD-Access;
WAN: MPLS, LL, IPSec, DMVPN, MPOE/ demarcation point;
WLAN: Controller, APs, 802.1x/ EAP/ WebAuth, CAPWAP;
QoS: DiffServ, IPP, CoS, LLQ, CBWFQ, WRED, Policer, Shaper, HQF, RSVP, MDRR, SRR/ WRR, WTD;
Multicasting: IGMP, PIM (SM/BIDIR/SSM/DM), MSDP;
MS environments: Azure, Azure AD, Active Directory, O365, Exchange, SQL, Windows;
Virtualisation and Automation: NFV, VNF, server virtualisation (vSphere, Hyper-V), Container, Cisco DNA, REST API, Ansible, NETCONF, YAML, JSON;
Voice and Video: VoIP, SIP, SCCP; Cisco Unified Communications Manager, Cisco Unity, Polycom, Tandberg VC, Cisco VC;
Previous Projects & Roles (Extracts):
Enterprise IT Architect for global enterprise:
Contract negotiations WAN, focus on SD-WAN;
High level architecture Secure Web Gateway;
Senior Network Architect for global enterprise:
Evaluation of SD-WAN technologies;
Development of federated governance model for global WAN;
Team lead WAN architecture, implementation of global WAN;
Contract negotations WAN, focus on MPLS;
Senior Consultant:
Multiple projects to enhance security in plant networks, including security surveys, gap analysis, access controls, technical designs;
Multiple projects to carve in acquisitioned companies, including technical designs, project management, transition to operations;
Global WAN rollout for 1500+ sites, including technical designs, project management, design & optimization of operational processes incl reporting;
Global network & security carve-out projects inside major enterprise, technical project lead;
Team lead for network & security projects/ operation team inside major enterprise;
Design of global network & security processes for major enterprise;
Technical project lead for various network & security projects inside global companies with multiple service-providers;
Project member for various network & security projects, rollouts, carve-outs inside global companies with multiple service-providers;
Design and migration of existing large LAN + Voice (> 1500 users) to new LAN + VoIP + WLAN infrastructure, including 802.1x LAN/WLAN authentication, Guest VLAN/ WLAN;
Design and implementation of complex perimeter/ DMZ security environment for major enterprise (incl Nokia Check Point, Cisco ASA, MS ISA);
Providing network/security expertise and guidance for SAP Web Dispatcher, SAP Exchange Infrastructure XI and SAP Internet Transaction Server ITS implementation and various migrations;
Design, implementation and operation of a complex global Remote Access and Internet Access infrastructure (2nd and 3rd Level Support) for major enterprise;
Setup Cisco VPN Concentrator, Cisco ACS, RSA ACE, RADIUS for major enterprise;
Design and implementation of security gateway for Citibank File Services, secure automated iDOC transfer, Entrust encryption;
Design and implementation WAN concept based on VPNs with IPSec, Firewalls, IDS;
Design and Implementation SSL VPN/ Web VPN for major enterprise;
Creation of Security Policy for major enterprise;
Planning and execution of advanced technical training for all LAN and Metro teams of major European ISP, WAN carrier and business services provider;
© Kreutz Consulting Limited, London