Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Electrical Engineering
  3. Telecommunications

English Resume - About Nader Javanmardi

advertisement 
Nader Javanmardi
SeniorNetwork/SecurityEngineerandConsultant nader@javanmardi.net
www.javanmardi.net
+98-913-3088652
Basic Info



Profile:
Based in:
Currently:
Male, 35, Married
Esfahan, Iran
Senior Network and Security Engineer at Aramin IT Co.
Summary
I have 17-years specialized experience in Printing house, hardware and network support,
workstation troubleshooting and helpdesk, network engineer-design-inspect- implement – sale consultant, Security architecture and configuration. An Experienced Senior Network/Security
Engineer, with recognized strength in designing, re-designing, implementing and supporting
advanced Enterprise IP network infrastructures and security solutions. Ability to troubleshoot and
optimize legacy and new network designs. Successfully maintains complete professionalism and
personal commitment with excellent communication and people skills with the ability to train,
motivate and supervise a team.
Detailed Skills & Expertise





Routing Skills: Cisco PfR, OSPF, OSPFv3, EIGRP, BGP , VRF & VRF-lite, NHRP, RIP
Switching Skills: STP, Q-in-Q, Switching Security Mechanisms, Trunk ,VTP, Link Aggregation
,VLAN L2-VLAN L3 , L2 Configure , L3 Configure
Security Skills: IPsec, dot1x, VPN Technologies, IDS, IPS, IOS Firewall, An L2 a ack, An L3
attack.
MPLS Skills: MPLS, RSVP TE, LDP, TDP, MPLS-VPLS.
QoS Skills: Policing, Shaping, Rate Limiting, Prioritizing.
Hands-on experience with:
 Cisco Routers: 8xx,1xxx,2xxx,19xx,29xx,39xx, 7600, 7200,38xx
 Cisco Switches: 29xx,35xx,3750-x,45xx,65xx
 CISCO AS : AS53xx
 Cisco Security Products: ASA 55xx, ASAM/FWSM, NAM, ACS, NAC, ISE, MARS
 Mikrotik Devices(Router-Switch-Wireless –OS) : all brand and devices
 UTM or firewall : Mikrotik, Sophos, Fortigate, Juniper, Kerio, TMG
 Other : Foundry Switches and ASUS, 3COM,DLINK
 VoIP: Plannet, Dlink, Tenor Quantum, Zyco,Elas x,C3x,Kerio
 Network Management: CiscoWorks
 Monitoring Products: Solarwinds, GFI Products, ManageEngine Products
Limited familiarity with:
 Cloud Computing: VMware vCloud
 Virtualization: VMware vSphere ESX 4.1, 5, 5.1,5.5,6 - HyperV
 Project Skills: Preparing RFP
Page 1 of 7
CV/Resume – Nader Javanmardi


Microsoft Skills: Windows Sever 2K12, 2K8, 2K3 (AD, DNS, DHCP, Group Policy Management,
IIS, Terminal service, RIS) and Exchange server 2013
Linux Skills: Squid, OpenLDAP, FreeRadius, OpenVPN, Apache, etc
Professional Experience
There are some project of mine in summary :
Aramin IT Co
Esfahan, Iran
Senior Network and security Engineer
(5 years -Present)
Aramin IT Co. is one of famous engineering company in IT major in Esfahan with grade A in Hard and
software support, design, web programing and MIS, so I worked in its network projects in everywhere.
I have worked in many project with different duties, then I mention three vital project taking for
example.
Official Deeds and properties organization at Esfahan (3.5 years):
My responsibilities include but are not limited to:
 Conceptualizing and supporting the Network for a high performance, worldwide distributed
 Co-responsible to ensure maximum availability, scalability and Network Security of the
infrastructure
 Supporting further development of the high performance Network
 Creating professional and meaningful documentation of the Network
 Responsible for the verification and continuing maintenance of existing documentation
 Configuring, suppor ng and monitoring edge network with two ASA 5540 Ac ve/Ac ve with
SSM 40 Module in central of province and install 43 ASA 5520 in braches and lunch DMVPN
on it with IPSec Tunnel methodology.
 Configuring, supporting and monitoring Router ISR - 3945 in central of province and install
43 Router 2821 in braches and lunch OSPF dynamic rou ng protocol on tunnel in order to
fail over
 Implementing Intranet with Internet in each branch for communicate to Center, of course,
there was a kerio UTM for controlling their own internet and share it, and also with run
some services like : web filtering – traffic filtering – IPS, etc
 In center the Internet was controlled by two Mikrotik Router 450G and there were too much
packet filtering rules and then in flowed to kerio UTM( based by Linux x64)
 All province's switching (Foundry : edgeIron,FastIron and Cisco : 2960G,3750G)had secured
by L2 security rule policy like port security and storm and flow control
 All end points had protected by Kaspersky business version and all there security mechanism
had controlled by me in center and monitored by Solarwinds orion.
 I had run hosting in this center and migrated all web sites and DNS records (NS records ) into
Linux host servers.
 Email server was Alt-n Mdeamon with defining more than 1000 users
Central of Isfahan Justice (6 months):
My responsibilities include but are not limited to:


Configure Tenor Quantum two 2400AX FXO for center and connect 48 lines extensions
Configure Tenor Quantum 44 400 FXS for branches and configure dual voip gateway and use
HotLine for each line.
Page 2 of 7
CV/Resume – Nader Javanmardi

In center, I installed Mikro k Router 1100AX2 for control and share it by hotspot and I
design their Campus LAN into some L3 VLAN with more than 30 line packet filter rules. Users
fetch from radius server and for mobility users is run wireless full mesh(Groove-a52) with
new feature on mikrotik CAPMAN



Pars Jooyab consultant engineer Co. (3 months):
My responsibilities include but are not limited to:
3 internet links are prepared on router for fail over and wrote 80 lines filter rules and for
avoiding L2 a ack I run 4 mechanism like sta c ARP table and sta c DHCP scope, etc.
After flowing internet on mikrotik, then two links reach in kerio UTM and they become load
balancing topology and all users after authenticate by LDAP windows active directory are
allowed to surf into internet.
Outdoor users can remote with PPTP VPN, 7 braches connect with SSTP method and they
access to DMZ zone by IPSec Tunnel


Aeen Rayaneh Isfahan Co.
Esfahan, Iran
Network/Security specialist
(7 years)
Arico was one the oldest Isfahanian Co., but because of weak management of it, so it disbanded
2010 with 100 engineers and employees. On that me, when I were into it I have done so much
project. I bring two projects.
Esfahan Steel Co. (6 years):
My responsibilities include but are not limited to:
I worked with some Novel servers, windows servers, SQL Server, oracle, linux. I installed 40 wireless
links in factory more than 30 km distance. I transferred 4 line's phone by Tenor Quantum with wireless
link. In addition I have been working 3 or 4 years in Hardware support and helpdesk to guide users.
For some years I were backbone manager and worked by cisco devices like, router 3845, switch 29603550-3500xl-2900LR-4505-6503. Plus, because of lack of resources and large scale solution , so I had
to use two windows and established NLB and windows Cluster to satisfy their needs.
In campus LAN I use EIGRP and OSPF. For protecting edge network I used FWSM module on 6500.
According to Cisco Campus LAN design I used 3 layers design, firstly access segment was used to cisco
2950 and 2960- distribu on layer was used by 35xx and core was 4505, and also links and devices
were completely redundancy. Besides having these for farther distance in factory (because factory is
more than 45 km2) I used 24 links ADSL with Hyundai DSLAM and SDSL modem in end point and
more 10 links were used p2p G.HDSL modem Plannet. By the way in 48 points of factor I could use FX
fiber LAN card and connect to 4503 with MTRJ module and all its backbone is fiber optic. Furthermore
for some users had used to Dialup modem and I prepared Router 3645 with NM module on it for using
Remote dialing users. Managing more than 1200 ac ve users and nodes was not easy task, but it was
noteworthy experience for myself entirely.
Isfahan Government org. (1 year):
My responsibilities include but are not limited to:
Before implementing Data center into organization I installed snort for detecting attack on linux and
received the internet from Dish and radio satellite, so for sharing internet I used vpn connection and
my radius server was NTTac plus and data was saved into MS SQL server. For connec ng 65 central
organizations in central province in Esfahan, we had 4 ATM extreme switches with fiber optic links
Page 3 of 7
CV/Resume – Nader Javanmardi
between these in 4 points in big Isfahan Telecommunica on centers, so it used by OSPF version 3
rou ng protocol and established leased lines for each point and used cisco router 845(G.HDSL) and
used RIP version 2 for endpoint's routers. A er spending some mes for establishing 33 points of city
with leased lines technology and Tellabs modem (G.HDSL) and using Intranet for connecting to Isfahan.
In center 20Mb Intranet over fiber op c and had used to Optimax for it and for connecting to Interior
ministry we used MPLS-VPLS and it transfer by separated VLAN over one fiber link and transfer VOIP
with 2 port FXO cisco module on 4500 and Video (CCTV clips), it means I always was on a mission to
achieve my plans.
Samen ol aeme travel agency
Network/Security manager
Isfahan, Iran
(3 years)
This agency includes 10 branches in Iran and middle East countries.
We got wireless link and got intranet and internet over it, and also for connecting to other braches
like Tehran we had E1 link and prepared and configured on router 2021 with PRI (ISDN module) and
in each CPE we had router 1621. For protec ng this communica on we bought Sophos UTM 320 for
Isfahan and for branches Sophos 120 and I had lunched site to site VPN. For calling we used Plannet
voip gateway in each point and for central we used Elastix and Zycoo IP phone.
Civil organization
IT manager
Isfahan, Iran
(1 years)
And also in this case I managed to implement Elas x and IP phone for 44 branches and center and
we had some VMware ESXs 5.5 and Mikro k and Cisco ASA and Switch L3. For be er controlling the
Internet space I installed UTM and used dynamic traffic shaping and url filtering and packet filtering.
We had some HP Proliant servers and L2 Switches and kinds of DB, OS and business NAS. For
communica on with branched with established 44 Intranet link with G.DSL technology. In software
department coupled with having above mentioned we have ERP with Oracle and Linux and some time
I worked with them. We had two hosts for running web site and Email server with the former is
windows 2012 and asp.net and the la er is windows 2008 and Alt-n Mdemean. Indeed, I worked so
many things which I have forgotten a lots of them.
Payam-e noor university
Isfahan, Iran
Network consultant, designer

(1 year)
In center of province we bought For gate 800C (UTM) and for each city cisco router 1821 or
Mikro k 450G and a er designing by subne ng (classless) IPv4 and separated each LAN
segment, so I configured site to site vpn between UTM and cisco or mikrotik and lunch
professional video conference in all province. For controlling internet in center we used UTM
and in branches we used Kerio UTM. In center I installed ESXi5.5 and bought EMC PX4 NAS
and used iSCSI mechanism and was used to ESXi and each VM, plus, I used VM clouding and
converted all physical machines to VMs. For easing search in documents I used Linux search
engine, and also for managing better log files and monitoring all users to share files or etc, I
installed Netwrix Auditor. Furthermore, I used Cisco 3750E for InterVLAN rou ng.
Amol high tech university
Amol, Iran
Senior Network/Security designer
(2 months)
Designing based on 2 layers topology and all devices are cisco 2960s and 3750x with VLAN ،
STP ،VTP ،DTP ،Trunk, InterVLAN routing, Ehterchannel (obeying full LAN redundancy) and
Page 4 of 7
CV/Resume – Nader Javanmardi
protocol must configure on them. All server are HP and also are used ESXi VCenter 6,
Hypervisor, vShield Manager and establish high availability in basic services like DHCP-ADDNS-WEB and convert all ESX 5.5 to 6. For backuping solu on I used Symantec Backup Exec
and Veeam Backup & Recovery and also I used Windows 2012 server and implement WSUS
on them and other important network services. I design and implement QoS in layer 3 network
and configured Mul ple internet links on Mikro k router CCR1066 and lunch manu NAT rule
and dynamic traffic sharing. Run site to site vpn between cisco router 1100 and mikro k and
also running Captive Portal on it. For accounting users I used Daloradius - a linux accounting.
For accelera ng the internet I use 3 layers with 3 different so ware :
1 – Squid, 2 – TMG2010, 3 – Kerio control hierarchically. Implemen ng Dot.1x with NAC and
using Cisco ACS and for avoiding MAC spoofing, ARP spoofing, dhcp-dns-smurf, dos-mim. For
monitoring and controlling I used Solarwinds Orion Full, ManageEngine opmanager and Kiwi
Syslog server.
Isfahan City Hall (FAVA) data center.
Esfahan, Iran
(1 year)
Network and security specialist
My duty is configure cisco and HP devices.
Undoubtedly, ISF city hall Data center is the biggest data center in Isfahan with 240 servers
either physically or virtually all are HP server. By the way all of them are connected by copper
or FCA to cisco 3750 switch or 2 HP SAN switches aggregately and both of them connect to a
magnetic tape library machine and Storage box which are become RAID 6. For protecting edge
network they bought and I configured two ASA 5540 active/active. This data center is
connected to 44 building throughout city and for each building provided 3 physical links for
using redundancy (leased line, fiber and wireless) and are connected to a 4507 cisco switch.
Nami commercial Co.
IT manager
Esfahan, Iran
(4 years)
My duty is establishing 10 branches to central office in Isfahan and preserving and troubleshooting
there connections.
There are 2 links (Internet, Intranet) for each office and data flow in two tunnel (IP-IP , GRE) between
mikrotik CSR-24G and cisco 848. The internet controls by mikrotik web proxy and all mobility devices
are controlled and allowed by MAC access filter on Router by user management into Mikrotik. I have
5 SQL servers in country and into these tunnels, they are replicating with Central server in Esfahan.
Between Esfahan, Tehran and Dubai, there are DLink VOIP gateway and I can able to transfer private
analog phone line to other city, and also because of vast journey of CEO to Eastern Asian countries,
then I lunched Elastix server and bind by static public IP and defining some extensions for employees,
and installed Zoiper on Android and iOS and they can able to called with each other video and voice
with lower bandwidth and best quality because of having SIP protocol: G729 and H.264. Furthermore,
for better control employees and material's stores I have prepared DVRs into to Android and notebook
of CEO if he want to monitor them wherever or whenever. In central office, LAN infrastructure is WLAN
and I configured full mesh method by Mikrotik private protocol (MESH).
Our devices are 433AH-411AH-951G-2hnD-751ui-2hnD.
Although before that time I had designed too much mesh solution. For example; for Sun Hotel I had
configured 19 AP Tplink par ally mesh(Hybrid mesh) by WDS protocol or for National Elite Foundation
Page 5 of 7
CV/Resume – Nader Javanmardi
of Iran in Esfahan I had configured 4 different brands into full mesh topology (UBNT-DLINK-LinkSysMikrotik).
At the end, for using all branch's users or remote user from their own home I install Citrix XenApp6
and all our software are installed on this server. It ease to use everywhere they are without install
basic software.
Foolad Technic -International industrial company, Isfahan, Iran
Security specialist and consultant
(6 years)
This company includes 4 international branches in Iran and middle East countries.
I have been consul ng about 6 years in security, network, OS and message servers filed and a er
install and support Astaro UTM firewall nowadays I had to alternate to For gate 300D and protect
their LAN and balance two links WAN and share them to LAN.
Central organization of TAX
Security consultant
Isfahan, Iran
(1 years)
This huge organization in Isfahan with more than 40 offices in province. Recently I have taught their
IT staffs and encouraged them to use a strong UTM and finally after design entirely their MAN, they
bought a For gate 800C and I established Site to Site vpn between Cisco 1841 router and it with IP
subnet (Classless IP) definition.
There are so many project and company are that I were or am designer –inspector-configuresupporter or other job and technical positions since 12-year network and security work.
Esfahan steel Co. – Foolad mobareke Co.(steel Co.) – Foolad technic Co.(industrial and engineering
CO.) – Akhtar barg Co. (Electricity Co.) – Arman tadbir Co.(Broker) – Investment of Saman Gostar
and 7 branches – Pars jooyab consultant engineering Co. and 5 branches – Arico IT Co. – Aramin IT
Co. – BASA IT Co. – Civil engineering organization of Esfahan and 40 branches – House and civilization
org. and 44 branches – devotion affairs – Road and transportation org. – official Deeds and
properties org. and 43 branches – Ghaem Reza industries complex and branches - Goldasht City hall
and 1 branch – Esfahan City hall and 44 branches – Sun Hotel – House makers Co.
Central Justice of Esfahan and 2 branches - National Elite Foundation of Iran – Sadad industry Co.
Parsian Specialized Eye surgery Clinic and 1 branch - University of Medical Sciences of Esfahan
Safahan college non-profit high institution – Kanoon ISP (Internet provider) and 100 customers
Nami commercial CO. and 10 branches – Boland Aseman Commercial Co. and 1 branch
Hesab sazan IT Co. – Government of Esfahan and 32 branches and 60 org. .
Honestly, I do not remember others customers, clients and employers.
Page 6 of 7
CV/Resume – Nader Javanmardi
Iranian Certifications











Penetration Test and Anti Hack
Linux fundamental
Linux Adv.
CCNA , CCDA, CCNP R/S , CCIE R/S (self study and practical experience)
CCNP Security , CCNP Data Center (self study and practical experience)
CSCU , ITIL , CCNA DC
Citrix XenApp
Kaspersky
Infrastructure of Data Security
Term of application of Security & Internet
Crisis management of Tehran University
International Certifications












SCA (Sophos Certificate Architect)
SCE (Sophos Certificate Engineer)
SCSC (Sophos Certificate Sales Consultant)
ACA (Astaro Certificate Administrator)
ACE (Astaro Certificate Engineer)
ASE (Astaro Sales Expert)
MCITP
Frotigate FCNSA – FCNSP
Junper IJOS-JSEC
All Mikrotik Certifications (Fundamental, Wireless, Routing, Interworking, User
management, Traffic control)
Working with Computer I
Working with computer II
Languages


English: Fluent proficiency (IELTS 6)
Persian: Mother tongue
Seminar, conference and teaching







Introduction of Virus and Malware and how they work, in University of Medical Sciences
of Esfahan
Introduction of attack and methods and how to avoid and recognize them, in National
Elite Foundation of Iran
TEACHING
Mikrotik and windows in Safahan college
Mikrotik, Network + and security + in Pars Jooyab
Network+ in Technical complex of Tehran in Isfahan (10 mes)
MSCE in Technical complex of Tehran in Isfahan (5 mes)
Page 7 of 7
CV/Resume – Nader Javanmardi












CCNA in Technical complex of Tehran in Isfahan (10 mes)
CCNA security in Technical complex of Tehran in Isfahan (10 mes)
CCNP in Technical complex of Tehran in Isfahan (5 mes)
Mikrotik, Network + and security + in Telecommunication of Isfahan
UTM, Network + and security + in Gas industries of Iran in Isfahan
Mikrotik, Network + and security + in Noavran
Internet engineering in Foolad college
Internet engineering in Nabius International Co. college
Network + and security + in Touhid college
Mikrotik in Sun hotel
CEH and Security + in Payam-e noor university
Computer architecture, web programming and designer – C#.net , C ,C++, PHP, HTML-CSS,
MSSQL, MySQL and others university's courses.
Honors and Awards







IT department of Esfahan steel Co.
Payam - e noor university of Esfahan
Deeds and Properties registration of Esfahan
College of Esfahan
Association of Metallurgical Engineers
The best Master (3 years of teaching Computer Olympiad students) from Department of
Education of Isfahan
Parsian Company
Interests
Network/Security Virtualization, Cloud Computing, Security Plans, Network Management, New
technologies, listen to music and travel, watching football and art marshal
Page 8 of 7
Related documents
The Safavid Empire
The Safavid Empire
WWW+Internet+networking - Edulink
WWW+Internet+networking - Edulink
Hussein M. Farsani, Ph.D. No. 29/3, Karakol Sk., Ihlamurdere Cd
Hussein M. Farsani, Ph.D. No. 29/3, Karakol Sk., Ihlamurdere Cd
Renal Allograft Diseases, Iranian experience
Renal Allograft Diseases, Iranian experience
Cisco 2611 Router
Cisco 2611 Router
There are many ways of travelling form Bush Hill Park station to the
There are many ways of travelling form Bush Hill Park station to the
NavidBaradaran
NavidBaradaran
cv-farrokhpour
cv-farrokhpour
Job Fair- 9/9: Landover, MD
Job Fair- 9/9: Landover, MD
Download
advertisement