Sami Bejaoui - Integration FortiManager into existing infrastructure

Tutzing, Germany

Experience

Dec 2024 - Feb 2025

3 months

Germany

Integration FortiManager into existing infrastructure

German customer

Integration FortiManager: Integration of a FortiManager into the existing Fortigate firewall infrastructure.

May 2024 - Aug 2024

4 months

Germany

Automated creation of standardized configurations for Juniper SRX firewalls

German customer

Setup and configuration of a GitHub server: Installation and configuration of Linuxbased GitHub Servers.
Creation of configuration templates and data files: Development of standardized templates and data files to simplify and automate the configuration of network devices.
Rollout of the standardized configurations to 60 SRX firewalls: Provision and implementation of the standardized "Golden Configs" on 60 SRX firewalls to ensure a consistent and secure network infrastructure.

Dec 2023 - Present

1 year 7 months

Germany

Global Network Operations for MSP Plattform (Juniper SRX, Fortigate Firewalls)

German Client

Operation and management of the global MSP platform: Ensuring the smooth operation of the MSP platform (private cloud solution for end customers).
Firewall management: Administration and maintenance of the Juniper SRX and FortiGate firewall and switch infrastructure.

Dec 2023 - May 2024

6 months

Germany

Design and implementation of a private cloud infrastructure based on Fortigate firewalls

German customer

Design and construction of a Fortinet secure infrastructure: Design and implementation of a secure network architecture based on Fortinet technologies, tailored to the customer's requirements.
Implementation of the MSP platform: Development and deployment of a robust Managed Service Provider (MSP) platform that enables efficient management and scaling of customer environments.
Connection of customer infrastructures: Integration of individual customer infrastructures into the central MSP platform to ensure seamless and secure connectivity and unified management.

Sep 2023 - Mar 2024

7 months

Germany

Consultant for Fortinet projects at customers

German customer

Migration of the global WAN to Fortinet Secure SD-WAN: Transitioned a global customer's wide area network (WAN) from MPLS to Fortinet Secure SD-WAN, including the implementation of three HUBs and 42 spokes for reliable and secure network connectivity (MPLS, DCIP).
Migration of the Europe-wide WAN to Fortinet Secure SD-WAN: Execution of the migration of a customer operating throughout Europe from MPLS to Fortinet Secure SD-WAN with a central HUB and 53 spokes, including FEX backup to ensure network continuity (MPLS, DCIP, FEX backup).
Implementation of a segmentation firewall: Integration einer Segmentierungsfirewall in eine bestehende LAN/DC-Infrastruktur, einschließlich der dynamischen Anbindung von Außenstellen durch Routing und Multi-VRF-Setup zur Verbesserung der Netzwerksicherheit und -kontrolle.
Implementation of a fail-safe internet connection: Ensuring a highly available connection of two mirrored data centers to the Internet via BGP to guarantee redundancy and uninterrupted connectivity.

Oct 2021 - Mar 2022

6 months

Germany

Renewal of the data center infrastructure core from Cisco to Aruba CX and migration of the existing Fortigate firewall HA

German customer

Gathering of the current infrastructure: Analysis and documentation of the existing network infrastructure architecture as a basis for optimization and migration planning.
Recording and conversion of the configurations: Detailed recording of existing configurations and conversion for the integration of new hardware to ensure a seamless transition.
Documentation of the firewall rule set: Creation of comprehensive documentation of the current firewall rules for better traceability and administration.
Optimization of the firewall rule set: Überprüfung und Anpassung der bestehenden Firewall-Regeln zur Verbesserung der Netzwerksicherheit und Performance.
Setup and migration of the Aruba CX core switches: Planning and execution of the implementation and migration of Aruba CX core switches for a high-performance and scalable network infrastructure.
Setup and migration of the FortiGate firewalls: Implementation and transition of FortiGate firewalls to strengthen network security and integration into the existing infrastructure.

Aug 2021 - Sep 2021

2 months

Germany

Data center firewall migration from Cisco ASA to Fortigate and introduction of SD-WAN. Multi-ISP connection of the data

German customer

Inventory of the existing infrastructure: Detailed analysis and recording of the existing IT infrastructure as a basis for migration planning.
Creation of a comprehensive documentation: Develop complete and accurate documentation of current systems and configurations to support migration and ongoing operations.
Review of the existing configuration: Review and evaluation of existing configurations to identify optimization potential.
Transfer of the configuration to new systems: Anpassung und Implementierung der bestehenden Konfigurationen in die neue IT-Umgebung, um Kompatibilität und Leistungsfähigkeit sicherzustellen.
Installation and configuration of the new FortiGate firewalls: Implementierung und Feinabstimmung der neuen FortiGate-Firewalls zur Verbesserung der Netzwerksicherheit und Leistungsfähigkeit.
Migration of the existing environment: Planning and implementation of the seamless migration of the existing IT environment to the new system.
Troubleshooting after the migration: Identification and resolution of problems that occur after migration to ensure stable and smooth operation.

Mar 2021 - May 2021

3 months

Germany

Construction of a self-sufficient guest WiFi infrastructure at 10 locations in a homogeneous Fortinet infrastructure

German Client

Design of the entire Fortinet solution: Development of a comprehensive design for the Fortinet network infrastructure, tailored to the customer's specific requirements.
Implementation of the FortiGates, FortiSwitches and Access Points: Installation and configuration of Fortinet hardware, including firewalls, switches and APs, to ensure a robust and secure network architecture.
Configuration of the SSIDs and the wireless infrastructure: Setup and optimization of SSIDs and the entire WLAN infrastructure to ensure reliable and high-performance wireless connectivity.
Installation and operation of FortiManager and FortiAnalyzer: Implementation of FortiManager and FortiAnalyzer for centralized management and analysis of security and network resources.
Configuration of the reporting for FortiAnalyzer: Customization and configuration of reporting functions in FortiAnalyzer to provide meaningful and actionable data analysis.
Operation and maintenance of the infrastructure: Operation and regular maintenance of the entire Fortinet infrastructure to ensure stability, security and performance.

Oct 2019 - Dec 2023

4 years 3 months

Germany

Network operation (13 locations)

German customer

Operation of the Network Operations Center (NOC): Monitoring and management of the entire network infrastructure to ensure continuous and reliable operation.
Management of the Barracuda firewall infrastructure: Operation and maintenance of Barracuda firewalls to ensure network security and IPSec VPN availability.
Management of the Aruba Wireless Mobility Controller: Pflege und Optimierung der Aruba Wireless Mobility Controller zur Sicherstellung einer stabilen und leistungsfähigen WLAN-Umgebung.
Planning and introduction of 802.1x in the LAN: Implementierung von 802.1x für Portsecurity.
ISP migration at all locations: Coordination and implementation of the change of MPLS provider at all locations to ensure an uninterrupted network connection.

Feb 2019 - Oct 2019

9 months

Weinheim, Germany

Director IT Architecture & Infrastructure Management

Freudenberg & Co. KG

Realignment of the department structure and team organization: Restructuring and optimization of the teams, consisting of around 25 employees, to improve efficiency and collaboration.
Development of new IT standards: Creation and implementation of enterprise-wide IT standards with focus on Microsoft and cloud-first strategies.
Management of the IT Architecture & IT Operations departments: Management of Group-IT for data centers, networks, workplace infrastructures and service desk, with responsibility for strategic direction and operational excellence.
Budget responsibility: Managing an annual budget of approximately 5 million euros, including planning, allocating and monitoring the use of funds to ensure optimal use of resources.

Jan 2019 - Present

6 years 6 months

Global Network Operations (60 locations) LAN, WAN, WiFi

Global Client

Operation and management of the Network Operations Center (NOC): Ensuring the smooth operation of the global network infrastructure, including LAN, WLAN, and WAN.
Management of the global LAN infrastructure: Operation of a heterogeneous environment consisting of Aruba, HPE, and Juniper network components.
WiFi infrastructure: Operation and optimization of global WiFi networks based on Aruba IAP and Aruba Central.
Firewall management: Administration and maintenance of the Barracuda firewall infrastructure.
802.1x implementation: Planning and deployment of 802.1x port security (role-based).
Migration of global data centers to the cloud: Transition and integration of global data centers from on-premises to Microsoft Azure, including vWAN, VPN, and firewall management, across the EU, US, and APAC regions.
Network segmentation: Development and implementation of a new VLAN and IP addressing concepts for all locations to improve network structure and security.
Implementation of NetBox: Deployment of NetBox as an IP Address Management (IPAM) solution and central "Source of Truth" for network documentation.
Integration of a cloud-based authentication provider: Replacement of existing on-premises solutions for captive portal and RADIUS systems with a modern cloud-based authentication solution.

Jan 2018 - Jan 2019

1 year 1 month

Weinheim, Germany

Manager IT Network Services

Freudenberg & Co. KG

Management of the network team: Managing and coaching the network team to ensure efficient and high-performance network operations.
Development of a new campus network design: Conception and implementation of a modern campus network design for the Weinheim site, which is designed for scalability and performance.
Introduction of new security standards: Work with the Chief Information Security Officer (CISO) to develop and implement enhanced security standards for the network infrastructure.
Contract negotiations and service meetings: Conducting contract negotiations and regular service meetings with the Managed Service Provider (MSP) to ensure the quality and cost efficiency of the services provided.

Apr 2016 - Dec 2020

4 years 9 months

Weinheim, Germany

Senior Global Network Architect

Freudenberg & Co. KG

Development of global network architecture standards: Creation and implementation of global architecture standards and solutions for the Freudenberg Group's WAN to ensure a consistent and future-proof network strategy.
Introduction and management of group-wide peering points: Implementation and management of centralized peering points for all business groups to promote efficient and secure network communication across the group.
Tendering and optimization of the WAN: Management of the tender for the entire Wide Area Network (WAN) of the Freudenberg Group, with a focus on the introduction of future-oriented technologies such as SD-WAN to increase flexibility and cost efficiency.
Central contact person for WAN topics: Act as a central point of contact for all business groups on WAN issues, including advice and support on strategic decisions and technical challenges.

Oct 2014 - Mar 2016

1 year 6 months

Germany

Head of Network and Data Center Operations

EagleBurgmann Germany

Disciplinary management: Leading and developing two teams to ensure efficient collaboration and achievement of departmental goals.
Global IT budget responsibility: Management of a global IT budget of approx. 2.5 million euros, including strategic planning and monitoring of budget expenditure.
Project management of international IT projects.

Nov 2010 - Sep 2014

3 years 11 months

Germany

Team Leader Network & NOC | Project Manager WAN

EagleBurgmann Germany

Management of the German network team: Disciplinary and technical management of the network team in Germany to ensure high service quality and efficiency.
Design and implementation of global data centers.
Development of a global NOC team: Recruitment and development of a globally distributed Network Operations Center (NOC) team in Germany, the USA, Japan, Singapore, India, and Brazil.
Introduction of global IT service management processes: Implementation of standardized processes for incident and service request management, change management, and global monitoring.
Insourcing of managed firewalls: Takeover and integration of firewall management into internal IT.
Design and introduction of unified communications with Lync Online: Development and implementation of a global unified communications (UC) solution based on Lync Online.
Creation of a global WAN concept (multivendor): Development of a flexible and robust WAN concept involving multiple vendors to ensure a highly available network connection.
Creation and introduction of a global wireless standard: Definition and implementation of a company-wide standard for wireless networks to ensure consistent and secure WLAN infrastructure.

Oct 2008 - Oct 2010

2 years 1 month

Germany

Assistant Manager IT

Alpine Electronics Europe GmbH

Management of the German network teams: Leading the network teams at the Munich and Stuttgart locations to ensure efficient and high-quality network support.
Introduction of Incident Management with Omnitracker: Implementing a standardized incident management process using Omnitracker to improve service quality and response times.
Development of a standardized IT infrastructure and workplace concept: Developing and implementing a unified IT infrastructure and workplace concept to increase efficiency and user-friendliness company wide.
Design and introduction of a Europe-wide ADS domain: Designing and implementing an Active Directory Services (ADS) domain for Europe to ensure centralized and secure user management.
Introduction of server virtualization with VMware ESX: Migrating the server landscape to a virtualized environment based on VMware ESX to optimize resource utilization and flexibility.
Restructuring of the global IP-VPNs: Redesigning and optimizing the global IP-VPNs to improve network stability and security.
IT budget responsibility: Managing an IT budget of 1.5 million euros, including planning and monitoring expenditures to ensure cost-effectiveness.

Jan 2008 - Sep 2008

9 months

Germany

Head of IT Infrastructure

Travel Overland GmbH (Otto Freizeit u. Touristik)

Leading the two IT departments in Munich and Hamburg: Leading and coordinating the IT teams at the Munich and Hamburg locations to ensure consistent and efficient IT support.
Harmonization of the IT infrastructure at both locations: Aligning and standardizing the IT infrastructure of both locations to create a consistent and seamless IT environment.
Design and implementation of a fully redundant WAN structure: Developing and implementing a fully redundant WAN architecture to ensure maximum fail-safety and network availability.
Introduction of server virtualization based on VMware ESX: Planning and implementing server virtualization based on VMware ESX to improve flexibility and resource utilization in the IT infrastructure.
IT budget responsibility of €2Mio: Managing an IT budget of 2 million euros, including strategic planning, allocation, and monitoring of expenditures to optimize resource utilization.

Jan 2004 - Dec 2008

3 years

Germany

Team Lead IT

Travel Overland GmbH (Otto Freizeit u. Touristik)

Management of the IT Department: Leading the IT department and being responsible for efficient and effective IT operations.
Member of the E-Commerce competence team: Collaborating in the competence team for e-commerce to develop and implement innovative IT solutions and strategies for online retail.
Data Protection Coordinator: Coordinating and monitoring data protection measures to ensure compliance with applicable data protection laws and guidelines.
Conducted the TÜV certification for online web portal: Responsibility for planning and implementing the TÜV certification for online services to ensure compliance and quality assurance of IT systems.
Design and implement a centralized network monitoring: Developing and implementing a central system for network and server monitoring to optimize the performance and security of the IT infrastructure.

Mar 2001 - Dec 2004

3 years 10 months

Germany

System- and Network Administrator

Travel Overland GmbH (Otto Freizeit u. Touristik)

Network and Security Management: Managing and ensuring network security and the operational network environment to guarantee smooth and secure operation.
Network Migration from Token Ring to Ethernet: Planning and executing the migration from Token Ring to a modern Ethernet infrastructure to improve network performance and compatibility.
Design and Implementation of the Cisco LAN Backbone in the Headquarters: Developing and implementing a robust Cisco LAN backbone infrastructure at the headquarters to maximize network stability and scalability.
Design and Implementation of Windows 2000 Active Directory Services (ADS): Setting up and introducing an Active Directory Services (ADS) environment under Windows 2000 for centralized user management and resource control.
Implementation of Microsoft Exchange 2003: Planning and implementing the introduction of Microsoft Exchange 2003 to improve company-wide email and communication services.
Technical Takeover of the Flug.de Web Server Farm: Integrating and assuming technical responsibility for the web server infrastructure of Flug.de to ensure the performance and security of the online platform.

Mar 1997 - Feb 2001

4 years

Erding, Germany

System- and Network Administrator

Bundeswehr Fliegerhorst Erding

Implementation of KPIs at Germany Airforce: Planning and implementation of the first Ethernet network at the Erding site, establishing a modern and powerful network infrastructure for the first time.
Design and implement the first Ethernet network at the Base in Erding: Implementation and monitoring of cost and activity accounting to ensure efficient resource planning and utilization.

Summary

Design and implementation of complex IT network architectures focused on scalability and security.
Operation, optimization, and further development of existing IT networks with a focus on performance and reliability.
3rd-level support and troubleshooting of complex network issues to ensure rapid and sustainable problem resolution.
Strategic planning and conceptualization of IT infrastructures tailored to specific business requirements and long-term corporate goals.
Leadership and management of demanding IT projects and interdisciplinary teams to ensure timely and successful execution.
IT service and change management, including the implementation of best practices for continuous improvement and adaptation.
Support for procurement processes for large IT projects: preparation of tender documents, conducting bidder conferences, evaluation, and contract negotiations.
Network automation (Network as Code): script- and template-based deployment with GitHub, Ansible, Azure Bicep.
Vendor management: establishing and maintaining long-term partnerships with strategic IT service providers.