Rudolf Eggelbusch
Datacenter Engineer, Network & Security Administrator
Experience
Datacenter Engineer, Network & Security Administrator
International insurance group
Operation and enhancement of the network and security infrastructure.
Monitoring, analysis and resolution of network and security incidents.
Cross-department collaboration with other teams for operations, enhancements and reporting.
Firewall vulnerability analysis.
Firewall rule activations.
Troubleshooting IP communication issues on network and firewall infrastructure.
Security-critical IT infrastructure, handling personal data, compliance with legal regulations.
Products: Palo Alto Networks Firewalls, Cisco ACI, Checkpoint Firewalls, F5
Technologies: SDN, SDWAN, Cisco EPIC, Cisco ACI
F5 migration project as subproject lead/consultant / cybersecurity consultant
Healthcare, content and data center provider for health insurance funds
Analysis of the current state of 500 virtual servers, then development of various migration scenarios to a new F5 Loadbalancer infrastructure.
Sizing calculations, capacity analysis. Reporting as subproject lead.
Adjustment of WAF policies (Web Application Firewall).
Vulnerability analysis.
Firewall rule activations.
Troubleshooting IP communication issues on Palo Alto FW.
Products: F5 LTM VPR-B2250, F5 5200v, F5 R12600, Journeys-Tool, BIG-IP Application Security Manager (ASM), F5 Release V14 & V17, Palo Alto Networks Firewalls
Network and security administrator (firewall rules / VPN access)
Municipal utilities NRW
- Technical support and third-level support for LAN networks / firewall security / VPN access.
- Administration of VPN access.
- Setup, revision and verification of existing firewall rules.
- Coordination of LAN & Security service providers.
Security Architect / Firewall-Auditor
German fiber optic provider
Internal firewall auditor.
Overall review and evaluation of firewall rules to increase the security level of IT/ISP areas.
Recording all audit findings/events, suggestions for improvements with specialist departments.
Re-certification of existing FW rule sets, establishment of re-certification and request processes in FW administration/change_requests.
Reporting on issues and "Findings" related to FW rules during the audit.
Proposing solutions to prevent security threats.
Products: Fortinet Firewalls, Forti Manager, Forti Analyzer, Sophos Firewall, Palo Alto Networks Firewall, Shorewall Firewall
Subproject lead / security consultant - worldwide firewall rollout
Bayer/Arlanxeo
- Providing a timely and technically suitable successor solution for Plant & Office Firewall Solution and rollout for all ARLANXEO locations (based on Fortigate).
- Provider management.
- Technical Decision Papers.
- Roll-Out Plan.
- Review and adjustment of 150 existing FW configurations.
- Re-certification of existing firewall rules.
- Creation of a Master-Security-Policy for all FWs.
- Project reporting.
Network/Security Consultant – Subproject Lead (VPN Access – LMS)
Bayer/Currenta
- Provided a timely and technically suitable follow-up solution for: SiZe - UMTS-VPM LMS Access and SiZe - Remote Access Points for LMS.
- Pilot project "Specific VPN Access", solution design with technical service provider TCS.
- Managed providers / service management for ITK/NetSit and TCS.
- Aruba Wireless Access Points.
- Network expansions.
- LAN & WAN connections to campus and datacenter.
- Created and reviewed firewall/VPN security policies.
- Developed an IT process with Signavio.
Network Architect
Stadtwerke Duisburg NRW
Provided technical support for the Europe-wide tender “City Network” MPLS network 100 Gbit as One Network.
Eliminated the SDN layer and combined all networks into "One Network" based on MPLS.
Created network diagrams / planned fiber routes (path diversity) / verified technical tender documents.
Reviewed bills of materials and evaluated vendor offers.
Advised on the use of MPLS and Metro LAN technologies.
Attended vendor workshops and tested equipment for project use cases.
Created and pilot-tested a QoS concept for WAN deployment.
Created an L2 Virtual EtherLink template for future MPLS L2 services with QoS.
Built an L2 QoS pilot link in the Duisburg city area between two hospitals.
Planned GPON deployment (Huawei) for internet access in the new development area in Duisburg.
Conducted technical assessment / feasibility analysis.
Carried out capacity planning (data mux) per housing block etc.
Workshop with Huawei – clarified technical implementation and security questions.
Products: Huawei routers, GPON routers, Cisco routers, Cisco ACI.
Technologies: MPLS, LDP, BGP, Metro LAN, Cisco ACI, VPWS, VRF, QoS, GPON, provider WAN solutions, MPLS L2 VLAN.
Security Consultant
Metro Headquarters
Analyzed and approved security policy rules for the Metro Group worldwide.
Independently prepared and activated new security policies or commissioned an external security team, changes following ITIL standard.
Products: Algosec Analyzer, Check Point 61000 Appliance, Check Point Smart Domain Manager R80, Check Point SmartLog R.80.
Technologies: Security Access Control / VPN Remote Access, Web Security Application Gateway / SSL Application Security Gateway by Check Point.
Datacenter Engineer
AXA Insurance
Migrated several hundred VPN connections from Check Point to Cisco ASA 5555.
Analyzed the current state and defined updated security standards for VPN.
Planned and executed migrations with external partners.
Products: Algosec Analyzer, Check Point 61000 Appliance, Check Point Smart Domain Manager R77-20, Check Point SmartDashboard R77-20, Check Point Virtual System Firewall VSX R76, Check Point SmartLog, Cisco ASA 5555 V9.4, F5 BIG-IP V12.1.2, Cisco Nexus 7000/5000, Netscout nGenius.
Technologies: SDN / Cisco EPIC, Cisco ACI VPN IKv2.
IP Network Planner
Thyssenkrupp
WAN MPLS migration – 300 sites worldwide.
Collected, consolidated, and analyzed operational and planning data as well as existing documentation.
Analyzed device configurations (switches, routers), matching them with existing documentation.
Reverse engineered undocumented physical and logical connections.
Identified logical dependencies and potential migration obstacles.
Planned and implemented (created configuration guidelines, communication matrix, and routing tables).
Verified, adjusted, and re-certified firewall rules per site.
Coordinated and monitored implementation steps between operations teams and the MPLS provider.
Designed and created the specification document for the UNAT tool (User Acceptance Tool), successfully used for automated tests.
Technologies: TCP/IP, firewalling, routing, UNAT, ITIL changes.
Third Level Support / Network Designer
Evonik
Third Level Support / Network Design Services / Network Design Verification.
Network Designer: New secure worldwide OOB-Access Solution (All IP).
Design support for international Multiprovider MPLS Network.
Replacement of old Cisco switching network for European and ASEAN locations with Cisco 3650 switches; zero failure, zero downtime approach.
Products: Cisco ASR routers, Cisco 3650, FWSM, IDSM, CSE.
Technologies: mutual OSPF redistribution, BGPv4, BGPv4 route filters, BGPv4 communities, large-scale MPLS inter-VRF routing, advanced routing, IOS-XE, IOS-XR, IPv6 introduction & migration, IPv6 tunnels, IPv6 peering.
Project Engineer
HP
Migration of extensive firewall rules to new Checkpoint firewall systems.
Vulnerability scanning using freeware and commercial products.
Penetration testing according to BSI procedures.
Products: Cisco ASA, Checkpoint HP-D2, HP-D8, VMware, Checkpoint R70 cluster, Checkpoint VSX, Multi-Domain Manager, HP ProCurve switches.
Technologies: security, firewalls, VPN, access, virtualization.
Security Testing: Nmap, Nessus, Wireshark, HPing, John the Ripper, Egressor, BSI OSS Security Suite, BackTrack, Metasploit.
WAN Site Planner
Bayer
WAN migration/outsourcing to Verizon VzB.
Transition of more than 300 sites and 600 WAN links to a new global MPLS network.
Network management: Eramon.
Project Engineer
Deutsche-Bank / Postbank-Bank Zentrale
Expansion and update of the existing SIEM solution (ArcSight).
Measures for SOX compliance certification in security logging.
Products: ArcSight Logger, ESM, SmartConnector, Oracle Database 11g.
Technologies: SIEM, CEF, RBAC, Syslog, databases, Oracle RAC, LDAP.
Network Automation
Bayer
Development of an EXPECT TCL script for automated monitoring of OOB management access for 200 sites (~1000 ports).
By using the script, you can save 4 minutes per test case, ROI of the solution is 2 months.
Products: Cisco switch and router portfolio, DSL/analog dial-up modems.
Technologies: TCL/EXPECT.
Security & Network Architecture
Daimler/Fujitsu
Design for 4 global datacenters.
Datacenter infrastructure for 200,000 users (Applications: MS-Exchange, SharePoint, Lync).
Products: Cisco switch and router portfolio, Cisco ASA + IPS, Nexus 5000.
Network Mgmt: CA Spectrum, ManageNow.
Datacenter relocation, planning & network migration
ERGO
Planning and migration of ERGO's datacenter networks to the new Düsseldorf data center.
Products: Cisco switch and router portfolio, 6500 VSS, Cisco 3750X cluster.
Network Mgmt: Command.
Technologies: MPLS, VRF, LDP, EIGRP, BGP, EtherChannel, HSRP, Spanning Tree (802.1w), LACP, QoS, VoIP.
Subproject manager: "Project Gematik" / implementation engineer / test engineer / 3-level support
T-Systems
Rollout of the health card in Germany: setup and testing of the L2TP/IPsec VPN remote access solution with PKI/smart card authentication.
High-availability configuration of VPN and access network, security configuration of the security zone.
Assumed subproject lead for the "Secure Access Network".
Operation & support (3-level) of shared datacenter infrastructure: performing changes, resolving incidents (routing/switching).
Conducting a VPN/security training.
Proof of concept: datacenter relocation for a state bank - network design review and failover verification.
Products: Cisco switch and router portfolio, Cisco FWSM, Cisco CSS, F5 load balancer.
Network Mgmt: Cacti, Nagios, MRTG, Peregrine ServiceCenter.
Technologies: MPLS, VRF, EIGRP, BGP, EtherChannel, tunnel interfaces, L2TP, HSRP, Spanning Tree, QoS, IPsec-HA, PKI, certificates, firewall contexts.
Security architect / implementation engineer / 3-level support
AXA Colonia
Design and testing of a network admission control solution for 5,000 remote users (Checkpoint Integrity / Cisco).
Design and testing of an identity and access management solution for remote users based on smart card authentication (PKI/certificates) with dynamic access rules.
Security process management: creating security documentation for second level and helpdesk.
Security compliance management.
Products: Cisco ASA 5544, Checkpoint NGX R65, Checkpoint Integrity Server, Microsoft PKI/CA, ActivIdentity smart cards, Cisco ACS, Microsoft IAS, Microsoft IIS.
Network Designer / Testlab Engineer
KDDI
Network redesign to introduce QoS on an MPLS-based network (Cisco).
Expansion of the POP (point of presence) in Düsseldorf.
Connection of an additional internet uplink for redundancy and load sharing via BGPv4.
Products: Cisco 7600, Catalyst 6500.
Network Mgmt: HP OpenView.
Design/Implementation Engineer
Santander Bank
High-performance central firewall system based on Checkpoint/Nokia (VPN-1 NGX) and Cisco Catalyst 6500.
Development of a migration strategy to maintain 99.999% availability during switchover.
Creation of security rules considering VoIP and CTI applications.
Maximum throughput of the security solution: 10 Gbit.
Products: Checkpoint/Nokia (IPxxx, VPN-1 NGX), Cisco Catalyst 6500.
Support and Design/Implementation Engineer
Vodafone
Support and design/implementation engineer for "ONE Network", Vodafone's international MPLS-VPN network.
Setup of VPN IPsec remote access connections.
Cisco management automation using the "EXPECT" language.
Design of a VoIP toll bypass between international sites by linking PBXs over MPLS (ROI < 6 months).
Products: Cisco ONS, GSR 12000, Cisco 7600, Catalyst 6500.
Implementation and Integration Engineer
Local service provider
Installation and integration of a new multiservice data & voice backbone based on MPLS.
Use of traffic engineering for load balancing and availability.
VPN services over MPLS-VPN and multiprotocol BGP.
Products: Cisco Catalyst 6500, Cisco 3800, Cisco 2800/800.
Security Consultant
Mid-sized pharmaceutical company
- Formulation of a security policy.
- Conducting internal security audits, penetration testing and social engineering.
- Aligning with basic IT security standards (BSI) and preparing the network for certification according to BSI/ISO 17799 / ISO27001.
Security Integration Engineer
Clinic in Cologne
- Integration of a UTM (Universal Threat Management) solution for centralized scanning of network data for viruses, worms, and email spam.
Security Concept Specialist
Mobilprovider
- Developed a concept to secure billing (user cost calculation) and increase the accuracy and availability of the billing process.
Security Specialist
Papierfabrik
- Set up a high-availability network-based virus scanner and intrusion prevention system for an international paper processing company.
Technical Engineer / Sales Engineer
Fortinet
Consulted and provided technical support for ASIC-accelerated UTM (Universal Threat Management) systems.
Improved products in collaboration with product management and engineering.
Products: FortiGate, FortiManager, FortiLog.
Security Consultant
Mobile-Provider
- Developed a concept for secure data exchange over the GRX (GPRS Roaming Exchange Network) of mobile operators.
- GTP inspection, intrusion detection, and data encryption.
Security Project Engineer
Mobile-Provider
- Project: high-performance central firewall to protect the Gi interface between the provider's wireless network (UMTS/GPRS) and the Internet.
Security Architect
Mobile Network Operator
- Created a concept and POC (Proof of Concept) for a large-scale universal IPsec VPN to connect partner companies' extranets.
Consulting Engineer (Mobile Solution Team)
Cisco Systems
- Security consulting in EMEA for leading mobile operators like Vodafone, O2, Orange, and T-Mobile.
- Designed new security solutions specifically for mobile operators (GTP inspection, URL filtering, Secure CMX).
- Provided pre- and post-sales support for account teams.
- Trained the AM and SE community on security.
- Troubleshot and supported large security projects.
Infrastructure & Security Administrator
International Import/Export Agency
- Implemented a new switch infrastructure and secured network segments and internet access with a central firewall.
- Administered Windows 2000 servers and desktop PCs.
- Developed and integrated a security concept for desktop PCs.
MySAP Contentnetworking & Security Project
RAG-Informatik
- Carried out the MySAP Content Networking & Security project based on a highly available Cisco CSS11500 cluster.
- Tested the involved components, created a POC, developed a highly secure operations concept, and implemented it.
Security Consultant
Service-Provider
Managed secure operations in the central management network for a web server hosting farm.
Products: Cisco Catalyst 6500, IOS Security Features.
Internetworking Consultant
Cisco Systems
Network and security consulting in Europe for leading service providers and mobile operators.
Security-Architect: supporting service providers in building secure solutions based on Cisco products.
Know-how transfer to the Cisco sales force as a member of the 'Virtual Security Team'.
Technologies: LAN switching, routing, MPLS, xDSL, security management.
Firewall Cluster Consultant
Bank in Poland
Securing authentication servers with a highly available firewall cluster.
Products: Checkpoint, Nokia.
BGP Routing Consultant
Service Provider in Poland
- POC (Proof of Concept) and setup of BGP4 routing in the service provider backbone between Cisco routers and Nokia firewall routers.
Senior Network Consultant / Senior Technical Consultant
Nokia Internet Solutions Group
Security consultant for ISPs, channel partners and enterprise clients in Europe.
Technical trainer for security and routing trainings (BGP4).
Planning highly available firewall clusters to protect ISP server farms.
Products: IP440 firewall (IP330/650).
Network Engineer
ACI (Anixter)
WAN/LAN traffic analysis, planning, installation and troubleshooting.
New network infrastructure for Renault Germany in Bonn based on Bay Networks.
New network infrastructure for Continental Tire AG in Frankfurt based on Bay Networks and IBM.
Design and integration of a new backbone for Karmann Automobile based on ATM and Token Ring.
Products: IBM MSS 8210, 8260, 8274, 8271/72, Bay Networks.
Network Administrator / LAN/WAN Administrator
Keiper-Recaro
- Implementation of a new LAN/WAN infrastructure for over 3000 employees worldwide.
- Support and administration of the WAN network.
Service Engineer / Deputy Technical Manager
Equant / ITS
Setup and commissioning of a data communication hosting data center in Düsseldorf.
Setup and maintenance of a service provider POP in Düsseldorf for about 200 international company branches.
Planning and installation of the IT infrastructure for United Airlines at Düsseldorf Airport.
Technologies: Frame-Relay, X.25, X.28, HDLC, SDLC, TCP/IP.
Service Engineer
Fiedler Datentechnik
- Installation and repair of computer equipment from IBM, Compaq, Toshiba, and others.
Computer Consultant
Schmitt-Computersysteme
- Computer consulting.
Industries Experience
See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.
Experienced in Information Technology (20.5 years), Telecommunication (17 years), Manufacturing (6.5 years), Chemical (6 years), Healthcare (5 years), and Automotive (5 years).
Business Areas Experience
The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.
Experienced in Information Technology (38.5 years), Operations (13.5 years), Project Management (7 years), Customer Service (4 years), Audit (3 years), and Product Development (2.5 years).
Summary
20 years of experience in IT working for top customers with focus in networking & security.
Proven ability to deliver high-class consulting as a permanent employee for top vendors like CISCO, FORTINET and NOKIA/CHECKPOINT on CCIE level.
Known for the ability to establishing effective customer relationships and fulfilling customer, reseller and vendor goals.
Expert for Networking and Security in one person for design, implementation and support
IDC Security conference Speaker
Skills
Security Compliance
- Iso 17799
- Bsi It Baseline Protection
- Basel Ii
- Sox
Vulnerability Scanning / Penetration Testing
- Vulnerability Scanning With Freeware, Commercial Tools And Custom-built Script Tools
- Penetration Testing Using Bsi Methods
- Security Testing With: Nmap, Nessus, Wireshark, Hping, John The Ripper, Egressor, Bsi Oss Security Suite, Backtrack, Metasploit
- Source Code Analysis
- Development Of Attack Methods
Application Security
- Analysis, Activation And Verification Of Vendor Security And Data Protection Guidelines For Their Effectiveness At The Application And Data Level (Order: Network Security / Os Security / Application Security)
- Areas Of Review: Rbac, Authentication, Encryption, Access Control, Dos Stability
Mobile-wireless
- Technologies: Gsm, Gprs, 3g, Umts, Gtp, Smsc, Ran, Billing/charging Mediation, Lawful Interception
- Products: Cisco Cmx, Itp
- Openwave: Basic Product Knowledge
Other Areas Of Knowledge
- Project Management: Ms-project, Subproject Lead In It Projects
- Operating Systems: Sun Solaris V.8, Windows 2000/2003 Server, Xp
- Linux Distributions: Debian, Gentoo, Redhat
- Open Source Security Software: Iptables, Ethereal, Nmap, Snort, Nessus, Openvpn, Metasploit, Clamav, Spamassassin
- Programming: C, C++, Perl, Visualbasic, Java, Wmi-scripting
- Shell-scripting: Bash/csh
- Assembler Intel, Motorola 68k
- Database: Sql, Mysql, Ms Sql, Dbase, Clipper
- Www: Webserver: Apache, Iis
- Software: Excel, Power Point, Visio, Word, Access, Ms-project, Corel-draw, Adobe Photoshop, Blender-3d, Mindmanager
Languages
Education
Telekolleg II
Advanced technical college entrance qualification at evening school · Advanced technical college entrance qualification · Germany
Municipal community primary school at Helmholzstraße
Germany
Heinrich-Hertz-Kollegschule
Technical secondary school certificate · Electrical engineering · Germany
Certifications & licenses
CISSP #115361
ISC^2
Checkpoint Certified Security Administrator-CCSA
CHECKPOINT
Checkpoint Certified Security Engineer-CCSE
CHECKPOINT
Cisco Certified Internetworking Professional Security-CCIP-SECURITY
CISCO SYSTEMS
Cisco Certified Network Associate-CCNA
CISCO SYSTEMS
Cisco Certified Security Professional-CCSP
CISCO SYSTEMS
CompTIA Security+ Professional
CompTIA
IBM Certified Solution Engineer Level II
IBM
LPI Linux Professional Level I
Linux Professional Institute
MCSA-Security
Microsoft
Profile
Frequently asked questions
Do you have questions? Here you can find further information.
Where is Rudolf based?
What languages does Rudolf speak?
How many years of experience does Rudolf have?
What roles would Rudolf be best suited for?
What is Rudolf's latest experience?
What companies has Rudolf worked for in recent years?
Which industries is Rudolf most experienced in?
Which business areas is Rudolf most experienced in?
Which industries has Rudolf worked in recently?
Which business areas has Rudolf worked in recently?
What is Rudolf's education?
Does Rudolf have any certificates?
What is the availability of Rudolf?
What is the rate of Rudolf?
How to hire Rudolf?
Average rates for similar positions
Rates are based on recent contracts and do not include FRATCH margin.
Similar Freelancers
Discover other experts with similar qualifications and experience
Experts recently working on similar projects
Freelancers with hands-on experience in comparable project as a Datacenter Engineer, Network & Security Administrator
Nearby freelancers
Professionals working in or nearby Ratingen, Germany
