Anton Gurov - Skills - Network administration

1. Legend

1.1. Strong

1.2. Fair

1.3. Weak

2. Network

2.1. Concepts:

2.1.1. OSI Layers

2.1.2. VLANs

2.1.3. STP

2.1.4. NAT/PAT

2.1.5. Routing

2.1.6. Wireless

2.1.7. DHCP

2.1.8. Port Mirroring/Monitoring

2.1.9. Link aggregation

2.1.10. Stacking

2.1.11. Configuration files management

2.1.12. AAA

2.1.12.1. Active Directory RADIUS/IAS integration

2.2. Devices:

2.2.1. Cisco

2.2.1.1. Catalyst

2.2.1.1.1. 4510R

2.2.1.1.2. 3750X

2.2.1.2. Aironet

2.2.1.2.1. AP1142N

2.2.1.2.2. AP1200

2.2.1.3. 1841, 1921, 2621, 2821 Routers

2.2.1.4. SG200 PoE

2.2.2. Extreme Networks

2.2.2.1. Summit 400

2.2.2.2. Summit X450a

2.2.3. HP

2.2.3.1. ProCurve 2610

2.3. Management tools:

2.3.1. Cisco Network Assistant, EPICenter 7.1, WebUI, CLI

3. Security

3.1. IDS/IPS

3.1.1. Sourcefire

3.1.1.1. 3D Sensor

3.1.2. TrendMicro

3.1.2.1. Deep Security

3.2. Remote VPN access

3.2.1. Windows PPTP

3.2.2. Juniper Secure Access VPN appliance

3.2.2.1. SA4000

3.2.2.1.1. SSL VPN 7.0

3.2.3. Cisco SSL VPN on ISR

3.2.4. Cisco SSL VPN on ASA

3.3. Security Appliances

3.3.1. Concepts:

3.3.1.1. ACLs

3.3.1.2. NAT/PAT

3.3.1.3. Site-to-site VPNs

3.3.1.4. FW upgrades

3.3.1.5. Failover/HA

3.3.2. Cisco

3.3.2.1. PIX

3.3.2.1.1. Management of 100+ VPN tunnels

3.3.2.1.2. Management of 5500+ lines of ACLs

3.3.2.1.3. 515, 525

3.3.2.2. ASA

3.3.2.2.1. 5520

3.3.2.2.2. 5510

3.3.2.3. ISR

3.3.2.3.1. 1921

3.3.3. Juniper

3.3.3.1. ISG-1000

3.3.3.1.1. ScreenOS 5.0

3.3.4. VMware

3.3.4.1. vShield Zones

3.3.4.2. vShield App

3.3.5. Management tools:

3.3.5.1. Cisco ASDM-IDM, WebUI, CLI, Cisco CP

3.4. 2-Factor Authentication

3.4.1. RSA

3.4.1.1. Authentication Manager 7.1

3.4.1.2. Soft and hard tokens deployment

3.4.1.3. Linux/Windows login security

3.4.1.4. VPN MFA via RSA

3.5. SOX compliance

3.5.1. Running various audit scripts to collect data for compliance

3.6. PCI-DSS 2.0

4. Loadbalancers

4.1. Concepts:

4.1.1. Loadbalancing methods

4.1.2. Complex iRules

4.1.3. Session management

4.1.4. SSL certificates management

4.1.5. Securing any tcp unencrypted traffic with SSL encapsulation

4.1.6. Mirrored failover

4.2. F5

4.2.1. BIG-IP LTM (9.3)

4.2.1.1. 1500, 6400

4.3. Full evaluation of capabilities

4.3.1. Array Networks

4.3.1.1. SPX2000

5. Protocols

5.1. SMPP, HTTP/HTTPS, AJP13, MM7, NFS, FTP, LDAP, TFTP, SMTP, Telnet, DNS, DHCP, ISO8583

6. Network tracing/capture/analysis

6.1. tcpdump/snoop

6.2. Wireshark/Ethereal

6.3. NIKSUN(Sandstorm)

6.3.1. NetIntercept

7. Back to resume

8. VOIP

8.1. Network prep-work for VOIP-phone installations (Nortel/Polycom)