IT Network Consulting – Architecture – Operations and Project Management

Integration FortiManager into the existing Fortigate firewall infrastructure

• Operation and management of the global MSP platform: Ensuring the smooth operation of the MSP platform (private cloud solution for end customers)
• Firewall management: Administration and maintenance of the Juniper SRX and FortiGate firewall and switch infrastructure

• Migration of the global WAN to Fortinet Secure SD-WAN: Transitioned a global customer's wide area network (WAN) from MPLS to Fortinet Secure SD-WAN, including the implementation of three HUBs and 42 spokes for reliable and secure network connectivity (MPLS, DCIP)
• Migration of the Europe-wide WAN to Fortinet Secure SD-WAN: Execution of the migration of a customer operating throughout Europe from MPLS to Fortinet Secure SD-WAN with a central HUB and 53 spokes, including FEX backup to ensure network continuity (MPLS, DCIP, FEX backup)
• Implementation of a segmentation firewall: Integration einer Segmentierungsfirewall in eine bestehende LAN/DC-Infrastruktur, einschließlich der dynamischen Anbindung von Außenstellen durch Routing und Multi-VRF-Setup zur Verbesserung der Netzwerksicherheit und -kontrolle
• Implementation of a fail-safe internet connection: Ensuring a highly available connection of two mirrored data centers to the Internet via BGP to guarantee redundancy and uninterrupted connectivity

• Inventory of the existing infrastructure: Detailed analysis and recording of the existing IT infrastructure as a basis for migration planning
• Creation of a comprehensive documentation: Develop complete and accurate documentation of current systems and configurations to support migration and ongoing operations
• Review of the existing configuration: Review and evaluation of existing configurations to identify optimization potential
• Transfer of the configuration to new systems: Anpassung und Implementierung der bestehenden Konfigurationen in die neue IT-Umgebung, um Kompatibilität und Leistungsfähigkeit sicherzustellen
• Installation and configuration of the new FortiGate firewalls: Implementierung und Feinabstimmung der neuen FortiGate-Firewalls zur Verbesserung der Netzwerksicherheit und Leistungsfähigkeit
• Migration of the existing environment: Planning and implementation of the seamless migration of the existing IT environment to the new system
• Troubleshooting after the migration: Identification and resolution of problems that occur after migration to ensure stable and smooth operation

• Operation of the Network Operations Center (NOC): Monitoring and management of the entire network infrastructure to ensure continuous and reliable operation
• Management of the Barracuda firewall infrastructure: Operation and maintenance of Barracuda firewalls to ensure network security and IPSec VPN availability
• Management of the Aruba Wireless Mobility Controller: Pflege und Optimierung der Aruba Wireless Mobility Controller zur Sicherstellung einer stabilen und leistungsfähigen WLAN-Umgebung
• Planning and introduction of 802.1x in the LAN: Implementierung von 802.1x für Portsecurity
• ISP migration at all locations: Coordination and implementation of the change of MPLS provider at all locations to ensure an uninterrupted network connection

• Operation and management of the Network Operations Center (NOC): Ensuring the smooth operation of the global network infrastructure, including LAN, WLAN, and WAN
• Management of the global LAN infrastructure: Operation of a heterogeneous environment consisting of Aruba, HPE, and Juniper network components
• WiFi infrastructure: Operation and optimization of global WiFi networks based on Aruba IAP and Aruba Central
• Firewall management: Administration and maintenance of the Barracuda firewall infrastructure
• 802.1x implementation: Planning and deployment of 802.1x port security (role-based)
• Migration of global data centers to the cloud: Transition and integration of global data centers from on-premises to Microsoft Azure, including vWAN, VPN, and firewall management, across the EU, US, and APAC regions
• Network segmentation: Development and implementation of a new VLAN and IP addressing concepts for all locations to improve network structure and security
• Implementation of NetBox: Deployment of NetBox as an IP Address Management (IPAM) solution and central "Source of Truth" for network documentation
• Integration of a cloud-based authentication provider: Replacement of existing on-premises solutions for captive portal and RADIUS systems with a modern cloud-based authentication solution

• Development of global network architecture standards: Creation and implementation of global architecture standards and solutions for the Freudenberg Group's WAN to ensure a consistent and future-proof network strategy
• Introduction and management of group-wide peering points: Implementation and management of centralized peering points for all business groups to promote efficient and secure network communication across the group
• Tendering and optimization of the WAN: Management of the tender for the entire Wide Area Network (WAN) of the Freudenberg Group, with a focus on the introduction of future-oriented technologies such as SD-WAN to increase flexibility and cost efficiency
• Central contact person for WAN topics: Act as a central point of contact for all business groups on WAN issues, including advice and support on strategic decisions and technical challenges

• Management of the German network team: Disciplinary and technical management of the network team in Germany to ensure high service quality and efficiency

Project management for international NOC projects:

• Design and implementation of global data centers
• Development of a global NOC team: Recruitment and development of a globally distributed Network Operations Center (NOC) team in Germany, the USA, Japan, Singapore, India, and Brazil
• Introduction of global IT service management processes: Implementation of standardized processes for incident and service request management, change management, and global monitoring
• Insourcing of managed firewalls: Takeover and integration of firewall management into internal IT
• Design and introduction of unified communications with Lync Online: Development and implementation of a global unified communications (UC) solution based on Lync Online
• Creation of a global WAN concept (multivendor): Development of a flexible and robust WAN concept involving multiple vendors to ensure a highly available network connection
• Creation and introduction of a global wireless standard: Definition and implementation of a company-wide standard for wireless networks to ensure consistent and secure WLAN infrastructure

• Leading the two IT departments in Munich and Hamburg: Leading and coordinating the IT teams at the Munich and Hamburg locations to ensure consistent and efficient IT support
• Harmonization of the IT infrastructure at both locations: Aligning and standardizing the IT infrastructure of both locations to create a consistent and seamless IT environment
• Design and implementation of a fully redundant WAN structure: Developing and implementing a fully redundant WAN architecture to ensure maximum fail-safety and network availability
• Introduction of server virtualization based on VMware ESX: Planning and implementing server virtualization based on VMware ESX to improve flexibility and resource utilization in the IT infrastructure
• IT budget responsibility of €2Mio: Managing an IT budget of 2 million euros, including strategic planning, allocation, and monitoring of expenditures to optimize resource utilization

• Network and Security Management: Managing and ensuring network security and the operational network environment to guarantee smooth and secure operation

Project Management:

• Network Migration from Token Ring to Ethernet: Planning and executing the migration from Token Ring to a modern Ethernet infrastructure to improve network performance and compatibility
• Design and Implementation of the Cisco LAN Backbone in the Headquarters: Developing and implementing a robust Cisco LAN backbone infrastructure at the headquarters to maximize network stability and scalability
• Design and Implementation of Windows 2000 Active Directory Services (ADS): Setting up and introducing an Active Directory Services (ADS) environment under Windows 2000 for centralized user management and resource control
• Implementation of Microsoft Exchange 2003: Planning and implementing the introduction of Microsoft Exchange 2003 to improve company-wide email and communication services
• Technical Takeover of the Flug.de Web Server Farm: Integrating and assuming technical responsibility for the web server infrastructure of Flug.de to ensure the performance and security of the online platform