Tommy - Administrateur réseaux CISCO

EDUCATION

- Basisschool Everheide in Evere (Brussel) 1986-1990 (School in Dutch)
- In Brussels/Belgium : Enseignement Secondaire Supérieur Général (Bachelors), Institut Saint-Louis,
Athenée Royal de Woluwé Saint-Lambert, (French and Dutch)
options Sciences, Mathematics Economy and English, Summer 1997.
- Training courses on ADSL Technology at Wanadoo (Helpdesk), 2002.
- Training courses at Cap Gemini Ernst & Young (Certificate) : PC/Server Hardware -
Networks - Operating Systems & Software Installations - Internet/Intranet – Lan/Wan.
ITIL (Information Technology Infrastructure Library) - Telephone Skills -
Understandable Communication - Effective Communication - COJ Documenting -
COJ Presentation skills - Presentation Training & Coaching - Train The Trainer , 2003-2004.
- Network training courses at Siemens on Cisco and Huawei technology – configuration, support and routing protocols 2005-2006.
- Training on PBX communication systems Siemens Hicom 300, Siemens Hipath 3000-4000 - 2006
- Certification Avaya University “Avaya Media gateways and servers” 2007.
- IFCC Luxembourg (Kirchberg): Centre de Formation de la Chambre de Commerce (Business school). 2009
- Microsoft Training "In the loop Lëtzebuerg" - Abbaye de Neumünster (G.-D. de Luxembourg) 25 October 2012
MS Windows Server 2012, MS Windows 8, MS Office 2013.
- Johnson & Johnson certified:
13/03/2017: eSignature Verification.
13/03/2017: I/TSS Good Documentation and Data Extraction Practices.
13/03/2017: Quality Policy.
14/03/2017: ISM Change Management New IQ/OQ and GxP Requirements.
14/03/2017: ISM CHANGE MANAGEMENT PROCESS ACTIVITIES WI.
14/03/2017: ISM CHANGE MANAGEMENT SOP.
14/03/2017: ISM Licensed User Training: 1. Navigation Module.
14/03/2017: ISM Licensed User Training: 2. Incident Management Module.
14/03/2017: ISM Licensed User Training: 3. Knowledge Management Module.
14/03/2017: ISM Licensed User Training: 4. Service Request Management Module.
16/03/2017: IAPP Acceptable Use and General Privacy Training (Directives de protection des actifs d'information Johnson & Johnson (IAPP))
16/03/2017: IT GXP Overview.
24/03/2017: Records and Information Management - online course that will provide the associate with an understanding of the
main requirements of the Records and Information Management program, also known as RIM, within Johnson & Johnson.
05/04/2017: Different server connectivity technologies in the Beerse EDC like ToR (Top-of-Rack), EoR (End-of-Row), but
also about the new Nexus capabilities like FabricPath, VPC and VDC. Additionally a few words on DC processes (how to get a
device in; how to decom it)
07/09/2017: “ISM Change Management Process Activities Work Instruction”.
27/11/2017: HP Enterprise - 3 PAR - Gen 6 ASIC.
Verizon training:
14/10/2019: Privacy and Information Security
17/10/2019: ITAR (International Traffic in Arms Regulations) & EAR (Export Administration Regulations)
31/10/2019: EU General Data Protection Regulations (GDPR) and Verizon’s Binding Corporate Rules (BCR)
20/11/2019: Complying with HIPAA Privacy, Security Rules and safeguarding Protected Health Information (PHI)
14/02/2020: JIRA SCM 20.2 Release Training - Security & Compliance Monitoring
25/02/2020: Clarity 2.0 training
26/02/2020: Protecting CPNI - 2020
- SNARE agent training (Mark Murphy @ Prophecy International)
30/03/2020: Information Security - SNARE Deployment, troubleshoot and Configuration
31/03/2020: Information Security - SNARE Deployment, troubleshoot and Configuration
- Training Fortinet - Certifications
08/12/2021: Next Generation Firewall FortiNAC
14/12/2021: NSE 1 Network Security Associate Certification - certified
16/12/2021: NSE 2 Network Security Associate Certification - certified
17/12/2021: NSE 3 Network Security Associate Certification - certified
- Training Check Point Software Technologies - Cybersecurity
21/12/2021: Bienvenue à nos partenaires - French | eLearning
21/12/2021: Mastering CloudGuard Sales | Partner Program
- Training Palo Alto - Cybersecurity
28/12/2021: Amplify Security Fundamentals ASF - Assessment Certification
- Training Cisco
13/01/2022: Getting started with EA 3.0 - Portfolio deep Dives
- Training Palo Alto - Cybersecurity
19/01/2022: Prisma Cloud Services Webinar: Multi-Cloud Governance & Compliance
26/01/2022: Palo Alto “Race Against Time,” a simulated attack scenario where Cortex® by Palo Alto Networks provides
the critical steps security operations teams need to take in the first 24 hours to investigate and respond to an attack.
Learn remediation strategies and key technologies used to continuously discover and monitor their complete attack surface to
prevent future attacks and how to rapidly respond in the case of an attempted breach.Continuous attack surface discovery and
mitigation. Cross-data analytics for prevention, detection and visibility. Lightning-fast threat hunting and investigations.
Industry-leading security orchestration
- Training Palo Alto Cortex XSOAR (Security Orchestration Automation and Response) (EDU-380)
27/01/2022: Module 10: Indicators and Threat Intelligence Management. Auto extraction.
- Training Splunk - Cybersecurity
01/02/2022: Splunk EMEA Security, 4 hours Workshop: Hunting in Microsoft cloud
- Training ThousandEyes by Cisco (Cybersecurity attacks)
03/02/2022: The Top Outages of 2021: Analysis and Takeaways
Many cloud options, Complex Dependencies - DNS: Where are we going - Routing: Do We Have to travel so far - Application
Complexities - ThousandEyes agent types (Enterprise, Endpoint, cloud)
- Training Cisco Optics (Data Center, Enterprise, Service Provider)
03/02/2022: The path to an Optical World - Partner Opportunity on the Migration Journey from 1Gb to 400Gb
- Training Nutanix Cybersecurity (Week training)
07/02/2022 till 11/02/2022: How do you keep your IT-infrastructure ready for any cloud.
- Training Palo Alto Prisma SD-WAN (Next generation SD-WAN):
08/02/2022: Gaining Granular Visibility: Experience end-to-end visibility to understand their network and application
performance at per application level that allows them to troubleshoot and resolve issues quicker.
Deploying at Scale: Understand SDKs based architecture to automate deployment, configuration, and provisioning across
branches and data centers that allow them to adopt SD-WAN at scale.
Automate Application Resiliency: Remediate application performance in real-time with automated failover based on
continuously monitored performance degradation.
- Training Trend Micro Cybersecurity
09/02/2022: Modernising the security software supply chain and accelerating innovation with Trend Micro and AWS
Marketplace. Endpoints protection with Trend Micro Apex One.
- Training Palo Alto Networks Cybersecurity Predictions 2022 NEUR
09/02/2022: Improve Response and Resilience capabilities, Continuous Improvement, Gain Visibility across an agile and
diverse ecosystem and identify the organization’s Digital Crown Jewels, Leveraging Threat Intelligence, Zéro Trust (Ability to
identify segmentation failures).
- Training Palo Alto Networks - Cybersecurity Challenges of IoMT and IoT Devices in the healthcare Organizations
10/02/2022: Patient Care Risk, Compliance Risk, Security Risk (Visibility, Vulnerabilities, Access Mngt, Zero Trust)
The New UNIT42: Analyze the data available to Palo Alto Networks to identify adversaries, their motivations, resources and
tactics to better understand the threats the customers face.
Top Threats for IoT Devices: Cryptojacking, Phishing, Two factor authentication, Botnet, Backdoor Trojans, Ransomware,
Worms, Zero-day, SQL Injection, Buffer Overflow, Command Injection, Remote Code Execution and Network Scan.
- Training Palo Alto Networks: Stop Zero-Day Threats in Zero Time with PAN-OS 10.2 Nebula.
15/02/2022: High-Performance Network Security. Single Pass Architecture. Smaller Footprint, Bigger Performance.
The new PA-3400 and PA-5400 Series ML-Powered NGFWs offer 3x faster security in a smaller package.
- Training SPLUNK SOC Maturity (Cybersecurity)
15/02/2022: Understanding and Determining the Right Level for the Organization
- Training Palo Alto Networks - Next Stops zero day-Threats in Zero Time
17/02/2022: Design and Deploy Zero-Trust for Data Centers. 5 Pillars of a Best Micro-Segmentation Strategy: Complete
Visibility, Zero-Trust Architecture, Workload Tagging, Comprehensive Policy, Adaptive Security. Dynamic Address Groups via
API. Best Practices: Trust zones with advanced threat protection, Protect developer environments, Automate Security Actions
whenever possible. Use-cases: VMware NSX-T, Panorama. Adaptive Micro-Segmentation.
- Training Palo Alto Networks - The Palo Alto Networks Best Practice Assessment Plus (BPA+) and The Palo Alto Expedition is
the fourth evolution of the Palo Alto Networks Migration Tool
22/02/2022: Access BPA+, Important BPA+ Resources, BPA+ demo. Expedition 1.2: migration from 3rd party vendor firewalls
to Palo Alto Networks NGFW (including Panorama). Layer 7 features adoption. Machine Learning / Rule Enrichment. Best
Practice Adoption. Migration Workflow. Input 3rd party config and PAN-OS base config to Expedition. Expedition auto
migrate the config to PAN-OS config format. Load migrated config to PAN-OS device via XML file, Set Commands or
API calls. Machine Learning GreenField Deployment. Replacing rules that are too permissive. Automation through API calls.
Audit control & Itemised API calls based on Expedition changes. Trashed objects, Advanced filtering.
- Training Exclusive Networks - Cloud Security, how to secure.
24/02/2022: Attack surface, Four deployment models: Public cloud, Private cloud, Hybrid cloud, Community cloud.
Data Breaches, Misconfiguration and Inadequate Change Control, Lack of Cloud Security Architecture and Strategy,
Insufficient identity, Credential, Access and Key Management, Account Hijacking, Insider Threat, Insecure Interfaces and
API’s, Weak Control Plane, Metastructure and Applistructure Failures, Limited Cloud Usage Visibility, Abuse and Nefarious
Use of Cloud Services. Un-sanctioned app use, Sanctioned app misuse. DDOS attacks, phishing, Mining digital currency.
Large-scale automated click fraud, Brute-force attacks, Hosting of malicious or pirated content.
- Cyber Security Threat Briefing Palo Alto Networks: Protecting Against Russia-Ukraine Cyber Activity
********/03/2022: The Russia Ukraine cyber activity has escalated substantially, including significant increases in cyber
attacks. Beginning on Feb 15, a series of distributed denial of services (DDoS) attacks commenced. These attacks have
continued, impacting both the Ukrainian government and banking institutions. On Feb 23, a new variant of wiper malware
HermeticWiper was discovered in Ukraine.
- Training Splunk IT Security: Risk Management Through the Eyes of the Attacker (MITRE ATT&CK Framework)
22-03-2022: Common Cyber Security Attack & Response Frameworks For SOC Managers, IT Security Architecture, SOC
Analysts. OODA Loop, Diamond Model, Lockheed Martin Cyber Kill Chain, MITRE ATT&CK.
- Training Cisco ISE - IT Security: Getting started with Cisco ISE, Device Access Control using TACACS
07-04-2022: TACACS policy sets overview, user rights, Authentication details, security logs, Multi Security Product
Integration using PXGRID, TrustSEC for IOT with and without SDA, IP-SGT Binding Table propagation via Control Plane,
SXP propagation, TrustSec AAA Server, Configure Network Device for TrustSec in ISE, Switch Base Configuration (Radius
Server), ISE Endpoint Compliance Check (Posture)
- Training Trend Micro Worry-Free XDR - Technical course
13-04-2022: MSP Ecosystem, License Management Platform, Trend Micro Remote Manager, Worry-Free Services Suites,
Cloud App Security, E-mail Security, Web Security
- Training Palo Alto Networks:
08-06-2022: Domain 4 Demonstration and Evaluation
- Demonstrate knowledge of the advanced capabilities of the NGFW
Describe the value of the Palo Alto Networks consolidated Security policy
Describe the NGFW's ability to enforce application-default behavior and prevent misuse of nonstandard ports
Identify benefits of Policy Optimizer
Demonstrate knowledge of the Cloud Identity Engine's ability to simplify deployment of cloud-based services to provide user
authentication
Demonstrate knowledge of dynamic user groups
- Identify NGFW features that can protect against unknown threats
Explain how WildFire protects against unknown threats
Explain how App-ID prevents malicious use of services and ports
Describe the benefits of URL Filtering in protecting against unknown threats
Identify configuration artifacts associated with DNS Security
- Identify NGFW features that can protect against known threats
Identify configuration artifacts associated with threat prevention
Identify configuration artifacts associated with DNS Security
Identify configuration artifacts associated with Advanced URL Filtering
Explain how adopting external dynamic lists with threat intelligence protects against known threats
- Explain how NGFWs can prevent credential theft
Describe the benefits of credential theft prevention
Identify the components required to demonstrate and architect credential phishing prevention
- Explain the NGFW evaluation process
Determine the artifacts required to successfully execute a customer evaluation
Identify customer data privacy requirements
Define baseline configuration requirements
Present results of an evaluation
08-06-2022: Domain 5 Network Security Best Practices
- Define the Palo Alto Networks best practice methodology using a Zero Trust approach to network security
Identify best practice for eliminating implicit user trust , regardless of user location
Identify best practice for eliminating implicit trust within applications
Identify best practice for eliminating implicit trust of infrastructure
- Demonstrate understanding of the best practices of the five-step methodology for implementing the Zero Trust model
Explain customer-sensitive data discovery as defined in the Zero Trust model
Define best practices for network security
Define a customer's architecture in a Zero Trust network
Define Zero Trust policies and controls
Explain how Palo Alto Networks validates each transaction in a Zero Trust model
- Identify best practices for implementing SSL decryption
Identify decryption requirements
Explain the value of SSL default decryption exclusion lists
Identify the decryption deployment methods
- Training Palo Alto Networks Assessments - Certifications
26/06/2022: Next-Generation Firewall Enterprise Data Loss Prevention
26/06/2022: Cortex XDR 3.3: What’s New


SKILLS

Good teamwork skills, work well with others. Very good communication skills and of course in the different languages.
Strong work ethic and commitment to satisfying the customer. Flexibility for overtime, weekend work, being on call and adaptability. Keyboard typing speed of 58 words per minute with only correctly typed words.
Technical skills in hardware, software, networking (configuration, remote control, security) and incident management.
Highly developed sense of curiosity in new technologies and expert in troubleshooting.30/03/2020: Information Security - SNARE Deployment, troubleshoot and Configuration
Working Methods: Prince 2 - ITIL - Agile working - Leankit Enterprise Kanban.
Agile Project Management for Scrum Team: Trello
Company security: One day fireman training.
Hardware: building personalized tower computers with hardware tuning, water cooling, 0db cooling systems, desktop and laptop repair, HP Proliant DL380p Gen8, Gen9. Installation of Dell PowerEdge R610 and Dell PowerEdge R730. Black Box KVM.
UPS: Schneider Electric, APC.
Operating systems: Microsoft Windows 95,Windows 98, Win ME, Windows 2000, Win XP, Windows 7, Windows 10, Server 2003, Small Business Server, Windows Server 2008 R2, Unix servers, Linux, Sun Ray, OpenVMS (Open Virtual Memory System) = DCL (Digital Command Language), Windows Storage Server 2003 P2, Windows Media Center, Norton Ghost 10, Norton Ghost 12, Norton Ghost 15, Windows Server 2012 migration from Windows Small Business Server (SBS) 2011, SUN OS 5.1, Oracle Solaris. Windows deployment with Microsoft Deployment Toolkit by Siemens PLM.
Email systems: Exchange 2003, Exchange 2007, Exchange 2010, Outlook 2007, Windows Vista Enterprise 6.0, queries and cleanup (Microsoft Exchange), CSVDE tool (Microsoft Exchange), IBM Domino Administrator, Exchange online, StrongBox.
Software/updates deployment: SCCM, WSUS Server, INS Rollout Administration Tool 4.0.0, SMS System Management Server 2003, Package installer console, INS Rollout Administration Tool 3, Scheduled Deploy of Syncplicity Smartstorage Install, Lansweeper + CMDB.
Cyber Security Management & firewalls: Websense, Grmx Server, Windows Steady State 2.5, SSH-1, SSH-2, SecureCRT 5.0, SuperScan 3.0, Advanced IP Scanner, RPC over HTTPS, SSL config servers, Beta Systems (Sam Jupiter), MOXA NPort 6610-32 Secure device server, MOXA NPort 6610-32 Secure device server, McAfee Safeboot, HDD encryption, AT&T VPN, RSA, Public Key, Private Key, AES, penetration testing, Palo Alto and Checkpoint.
Neoteris, Juniper model MAG-SM160 - FireEye4400 - ePolicy Orchestrator 4.6 McAfee, IBM Tivoli identity manager, McAfee endpoint encryption, Avast - adnm (antivirus), AxsGuard Firewall - Barracuda Spam & Virus Firewall 300, Hitman pro 3.5, IP tools, Unipass 6.6, SAML authentication and authorization. Cisco ISE (Radius authentication), Cisco ASDM 7.6 for ASA (Cisco Adaptive Security Device Manager) - Fortinet. FortiGate 311B - Symantec Endpoint Protection.
Sun_SSH_1.1.5, SSH protocols 1.5/2.0, OpenSSL, FireEye IPS (intrusion prevention system). FORCEPOINT Websense URL blocking. Microsoft Forefront Threat Management Gateway 2010. Watchguard firewalls. Pulse Secure, Forticlient, Barracuda, Sophos anti-virus, WAF (Web Application Firewall), RASP (Run-time Application Self-Protection), Kiwi Syslog Service Manager, Snare agent (syslog agent), Duo Mobile (VPN), Local Event Collector (LEC), Symantec ICDX, SNORT (network intrusion detection system), CISSP, Fortinet Firewall FortiNAC, and FORTINET - Network Security Expert (NSE). Using Certificates (X.509v3) to Identify a Person or Device.
Cyber Security Monitoring and Logging - research analyst for log collection methods from new data sources: IBM QRadar, Wazuh Fim (File integrity monitoring), ForcePoint anti-malware/anti-spam, Protectwise, Snare agent, Microsoft System Centre Endpoint Protection Platform (SCEP), Checkpoint Smart Event, Ubiquiti EdgeRouter Infinity, Imperva Runtime Application Self-Protection (RASP), DropBox, AWS WAF (Web Application Firewall), Microsoft Windows OS, Trend Micro Control Manager, Trend Micro Apex One, Symantec Endpoint Protection, Tanium Endpoint Security, Checkpoint R80.2 etc.
Reverse Proxy: Checkpoint Mobile Access, Checkpoint 15400 Juniper SA, F5.
Proxy: Fortinet, Bluecoat
DNS: DNS bind
Storage: BackupExec, DRUVA backup, Norton Backup Exec 12, Veeam backup, Different HP backup server-tape loaders like "HP StorageWorks 1/8 G2 Tape Autoloader" - HP StorageWorks MSL2024 tape library, HP StorageWorks MSA2000 with different controllers – HP StorageWorks MSL5000 series library, Dell MD1400 with Dell PowerEdge R730. HP tape library installation.
Server systems: HPE Systems Insight Manager(SIM)
Telecom: Avaya G450, Blackberry Enterprise System (BES Server), Belgacom telecom – Avaya OneX Attendant – Blackberry support, AudioCodes,
Cloud: cloud computing (multi-platform), BPOS, Amazon cloud, Google Drive, Exchange Online, Office 365, Sophos, Sharepoint online, OneDrive, Gmail, Microsoft Azure.
Remote: MSTC (RDP), VNC, tightVNC, Reflection for Unix and Open VMS (14.0.531) SP4, PC Anywhere, Bomgar secure remote support, TeamViewer, Cisco AnyConnect, NetSupport v10.50, TSE manager, Terminal Services on servers, Radmin, VNC Server, ********, ********, HP Integrated Lights-Out (iLO) - HP inside manager, mRemoteNG, Landesk.
Office: Office 97, Office 2000, Office XP, Office 2003, Office 2007, Office 2010, Office 365 & migration, Office compatibility packs.
Ticketing tools: HP Openview Service Desk ticketing tool (v 4.5), BMC Remedy ticketing tool, Peregrine Systems-ServiceCenter 5, Assyst by Axios Systems, ISM (IRIS), ServiceNow, Mantis, Jira Service Desk (Atlassian) and vFire.
Web: Basics in web design: Html, Macromedia Dreamweaver, Flash, Action Script, Code Charge Studio, Sql & MS Access, HP Openview, IIS Server, Microsoft Web Platform Installer 5.0
Virtualization: Citrix, Citrix ShareFile, VMware support and configuration, VMware ESXi Server installation vSphere 5.5.
CRM/ERP: Used different CRM Systems like Siebel, Navision (Microsoft Dynamics Nav - enterprise resource planning (ERP)),
Scripting: PowerShell, VBA script-Microsoft Visual Basic 6.5.
Monitoring and logging: Dollar Universe Console 2.7 (********), Kaseya, PRTG Network Monitor, IBM Tivoli, Nagios, Atos Origin Super Console O.S.C.A.R.E v1.3.1, VDi stations, VDi Remote sessions management, Cacti, Kiwi syslog. Solarwinds Netflow. Axios Assyst Web. HP NNMi (network node manager), SNMP, SNMP V2-V3.
Networking: (Lan-Wan-3G-GPRS-M2M applications) - Cisco Networking (switching, routing, TCP/IP) and
VoIP for different systems. Routing and Switching Protocols: BGP, EIGRP, RIPv1, RIPv2, IGP, OSPF, EGP, STP. Nortel switching. AVAYA 8000 switches. Modem Adva FSP150CP.
Huawei DWDM OptiX OSN 1800 II.

Cisco Models:
Cisco 2921 router - Cisco Asa 5525-X - Cisco Asa 5585-X CX SSP-60 - Cisco ASA 5505 - Cisco 3560-x series PoE+ - Cisco WebEX - Cisco ACS - Cisco TACACS and TACACS+ - Cisco 2500 series - Cisco Catalyst 2960-X, Cisco router ASR1001. Cisco switch ME 3400E series.
Cisco technical: Cisco Networking (switching, routing, TCP/IP) and VoIP for different systems. Routing and Switching Protocols: BGP, EIGRP, RIPv1, RIPv2, IGP, OSPF, EGP, STP. SSH2 - SecureCRT 5.0 - Switches in stack - interface Mode “on” and “active” - ARP - spanning tree portfast - LACP (link aggregation control protocol) - LAG (link aggregation group) - switchport access, trunk - VLAN configuration - Radius (aaa) - Cisco DHCP - password-encryption - Etherchannel - port-channel - controllers CPU - Debugging - CDP - LLDP - test - counters - Wireless controllers (WLC) - Cisco Access Points (LAP) - X.509 join - DHCP option 43 - DHCP option 60 etc. - associating AP’s - universal AP priming - High availability - Redundancy - BPDU (Bridge Protocol Data Unit) - Load balancing - WLC SSO - latency - MTU - Service port - mping - cping - CAPWAP - LWAPP - DTLS (Datagram Transport Layer Security) - Flexconnect - licences - reset - reload - Configuring WLC best practices - ACL rules for WLC with AP’s - NTP - Rogue Access Points - EAP (Extensible Authentication Protocol) - Wifi Direct - UDLD - DOT1Q encapsulation - crossover or straight through cables - static routing on switches layer 3 - interface to default - SFP connections (fiber) - VRRP (Virtual Router Redundancy Protocol) - default gateway - FlexStack-Plus - Cisco AnyConnect - HP Openview Service Center - HSRP.
Network load balancing: F5, Citrix Netscaler
Cisco Certifications experiences: CCNA, CCNP and CCNA Wireless
IBM RackSwitch G8264 - IBM RackSwitch G8052
Wireless networking (Wi-Fi): Linksys, Cisco 8500 series Wireless Controller, Mobile iron (******** for Android), Aerohive, WEP, WPA, WPA2.
Payment processing: WAV4 – Openway – version 03.34.30.24 DBM version 03.34.30
Database: LDAP database, Hyena v10.0, Remedy (Mosaïc), Directory Browser – version 1.2.18 : administration tool used to add, modify and delete X500 entries from ********, Oracle Enterprise Manager 11g – Database Control, Aspen SQLplus v7.3 – aspenONE, Acronis backup & recovery 11, Microsoft DFS.


LANGUAGES (verbal and written)

French (mother tongue), Dutch (paternal tongue), English (professional) and a good level of Spanish.
Polish: fluent verbal and capable of reading.