Go to Website
  • en
  • de

Tom H.

Infrastructure Design and Implementation

Möhnesee, Germany

Experience

Jan 2025 - Present
8 months

Network Architect / System Engineer

Teleperformance

Technical focus: Fortinet rollout / site homogenization / cloud / ISP change

  • Network analysis, design and optimization, change
  • ISP changes
  • Engaging service providers and decentralized IT support
  • Setting up central management platform
  • Optimizing routing to dynamic routing
  • Optimizing and creating firewall rules
  • AWS integration / design
  • MS Azure integration / design

Technologies / Tools: Fortigate, Palo Alto, WAN, SDN WAN, VPN, BGP, OSFP, FortiManager, Panorama, Meraki, Alcatel, AWS, MS Azure, Network Architecture

Apr 2024 - Dec 2024
9 months
Düsseldorf, Germany

Network Engineer / Network Architect

Douglas IT

Technical focus: Fortinet rollout / site homogenization

  • Initial survey
  • Documentation
  • Setting up central management platform
  • SD-WAN connections
  • Replacement of Bintec
  • Commissioning, mostly in the evening / night / weekends
  • Follow-up of the local network, Cisco Meraki switches and access points
  • Data center move from Hagen to Düsseldorf
  • Replacing Juniper DC solution with Cisco Nexus VPC
  • Documentation of current and target data center

Technologies / Tools: Fortigate, WAN, SD WAN, Bintec, VPN, BGP, OSFP, FortiManager, Cisco Meraki Switch and AP, VMWare, NX-OS, Netbox, Visio, FortiSwitch, FortiAP, Network Architecture, Juniper

Jan 2024 - Present
1 year 8 months

Lead Network Architect

Francotyp Postalia

Technical focus: Fortinet rollout / site homogenization / DC hardware migration

  • Technical purchasing advisory
  • Network analysis, design and optimization, change
  • Planning / documentation
  • Engaging service providers and decentralized IT staff
  • Setting up central management platform
  • Optimizing routing to dynamic routing
  • Darktrace analysis
  • MS Azure integration / design

Technologies / Tools: Fortigate, WAN, SDN WAN, VPN, BGP, OSFP, FortiManager, FortiSwitch, FortiAP, Juniper SRX, Darktrace, MS Azure, AWS, Network Architecture, HP Aruba

Jan 2024 - Apr 2024
4 months

Network Architect, Network Engineer

Metabowerke GmbH

Technical focus: Fortinet rollout / site homogenization

  • Staging
  • Firewall migration (device + policy)
  • Engaging service providers and decentralized IT staff
  • Setting up central management platform
  • SD-WAN connections
  • Reverse engineering, hardening firewall rule set, setting security profiles
  • Taking over into central management, hypercare phase, and if necessary adjustments
  • AWS integration / design
  • Troubleshooting
  • Commissioning, also in evenings, weekends and public holidays (depending on customer request)
  • Follow-up of the local network, mostly Cisco Systems and HP Aruba

Technologies / Tools: Fortigate, WAN, SD WAN, VPN, BGP, OSFP, FortiManager, FortiSwitch, Checkpoint, Sonicwall, AWS, Cisco Switch, HP Aruba, Network Architecture

Jun 2023 - Sep 2023
4 months

System Engineer

Infodas

Technical focus: LAN/WAN assessment and network/WAN redesign

  • Network analysis, design and optimization
  • Planning / documentation

Technologies / Tools: Fortigate, Cisco, VMware, MS Azure, AWS, FortiSwitch, FortiAP, Network Architecture

Jun 2023 - Sep 2023
4 months

Network Specialist

Signal Iduna

Technical focus: network separation / segmentation / zoning

  • Network analysis, design and optimization
  • Planning / documentation
  • Creating firewall rules
  • Engaging service providers

Technologies / Tools: Fortigate, HP Aruba, Server, Network Architecture

May 2023 - Apr 2024
1 year
Germany

Lead Engineer for SD-WAN rollout Germany

Telefonica Deutschland

Technical focus: SD-WAN

  • Consulting customers
  • Network analysis, design and optimization
  • Planning / documentation

Technologies / Tools: Fortigate, WAN, SDN WAN, VPN, BGP, OSFP, Cisco / HP Aruba / Netgear / TP-link switches, Network Architecture

Mar 2023 - May 2023
3 months

Network / Firewall Specialist

Aunde

Project on behalf of CirC IT.

  • Ticket handling, especially in the firewall area
  • Troubleshooting
  • Network analysis of the local network, mostly Fortinet
  • Network analysis, design and optimization
  • Planning / documentation

Technologies / Tools: Fortigate, WAN, SDN WAN, VPN, Cisco Switching, FortiSwitch, FortiAP

Nov 2022 - Mar 2023
5 months

Network Engineer

Würth Group

Project on behalf of Computacenter AG.

  • Rollout and implementation of about 200 Fortinet firewalls (models F601E/FG-101F) in over 80 country subsidiaries worldwide
  • Initial capture of IT infrastructure, coordination with local IT, alignment with central IT
  • Aligning customer requirements, reviewing existing documentation
  • Preparing the local network, mostly Cisco Systems
  • Taking over the existing rule set using FortiConverters
  • Adjusting system, interface and VPN settings/rules according to central IT specifications
  • Commissioning, also in evenings, weekends and public holidays (depending on customer request)
  • Segmentation into VLANs and subinterfaces, separation of services
  • Optimizing firewall rule set, adjustments in consultation with global and local IT
  • Reverse engineering, hardening firewall rule set, applying security profiles
  • Taking over into central management, hypercare phase, and if necessary adjustments
  • Troubleshooting
  • Follow-up of the local network, mostly Cisco Systems
  • Integration into PRTG, centralized global monitoring
  • Documentation
  • Handover to central IT, normal operation

Technologies / Tools: Fortigate, FortiManager, FortiConverter, FortiAnalyzer, WAN, SDN WAN, VPN, Cisco Routing / Switching, Dell Server, HP Server & HP Switches, VMware, MS Windows Server, Linux Server

Oct 2018 - Oct 2022
4 years 1 month

Network Architect / Consultant

NTT DATA Business Solutions

  • Concept creation, WAN design, vendor and product selection
  • Design and implementation of central firewall management, FortiManager
  • Design and implementation of central firewall management, FortiAnalyzer
  • Design and classification of a global IPv4 concept, level A – enterprise level
  • Design header policy
  • Rollout and implementation of about 80 Fortinet firewalls (models 60/100/200/600) in over 50 countries worldwide
  • Expansion / redesign of LAN standards (including replacement), Cisco switch models 9500/3650/Nexus
  • Coordination with site managers, usually IT staff
  • Implementation of centralized DHCP services, certificate services, 802.1X
  • Introduction of two-factor FortiToken, FortiAuthenticator
  • Expansion of remote dial-in globally
  • Global monitoring with Cisco Prime and distributed PRTG systems
  • 2nd level global support, vendor escalation
  • Redesign of WAN connections with own firewall systems, VPN, BGP, OSPF
  • Redesign data center, three-firewall concept (two vendors), logical separation data center/office
  • Replacing leased MPLS, migrating to VPN, SD-WAN
  • Optimizing firewall rule set
  • Supporting UHD with tickets
  • Training new employees and apprentices
  • Remote and on-site deployment worldwide

Technologies / Tools: Fortigate, FortiManager, FortiConverter, FortiAnalyzer, WAN, SDN WAN, VPN, Cisco Routing / Switching, Dell Server, HP Server & HP Switches, VMware, MS Windows Server, PRTG, ServiceNow, Network Architecture

Apr 2018 - Oct 2018
7 months
Frankfurt am Main, Germany

Datacenter Migration Consultant

Telefónica / O2

Project on behalf of Cancom GmbH.

  • Data center move from Munich to Frankfurt
  • Creating proposals
  • Dividing the devices to be replaced into installation and staging blocks
  • Identifying affected switches and importing new switches into Command
  • Design review of the environment, new conception
  • Steering, planning and documentation of changes in ARS
  • Assessing risk and complexity
  • Updating network documentation (network diagrams, etc.)
  • Coordination with responsible organizational units / external service providers
  • Creating migration/move script and directing the teams
  • Site inspection

Technologies / Tools: Cisco Routing / Switching, Checkpoint Firewalls

Jan 2017 - Dec 2017
1 year
Munich, Germany

Freelancer

Baumann TGA

  • Planning and implementing new Munich office (cabling, servers, clients)
  • Antivirus concept with Worry Free Business
  • Expansion and reconnection of storage
  • WLAN with UniFi
  • Commissioning, support and operation, training and handover

Technologies / Tools: Fortigate, Switching, HP Server, VMware, MS Windows Server, VEEAM, Trendmicro AV

Jan 2017 - Dec 2017
1 year
Schalksmühle, Germany

Freelancer

Spelsberg

Combined projects for the year 2017.

  • Project Spelsberg II**

  • Expansion of data center (DC III) in two locations

  • Expansion and configuration of LAN in two locations

  • In-house redesign (switches and cabling)

  • Heatmap creation (coverage) – capturing and optimizing WLAN (manufacturers UniFi / Ubiquiti, Cisco Systems)

  • Commissioning, support and operation, training and handover

  • Project Spelsberg I**

  • New build of data center and infrastructure in Schalksmühle and Butttstätt

  • Design and setup of firewall cluster for redundant VPN connections between Spielberg and Schalksmühle locations

  • In-house redesign (switches and cabling)

  • Heatmap creation (coverage) – capturing and optimizing WLAN (manufacturers UniFi / Ubiquiti)

  • Commissioning, support and operation, training and handover

Technologies / Tools: Cisco Routing / Switching, Network Architecture, UniFi

Jan 2016 - Dec 2016
1 year

Freelancer

Project JONA (dental practice with 14,000 patients and day clinic).

  • New network and firewall build
  • SSL VPN for telework
  • Virtualization of server infrastructure
  • Site-to-site VPN
  • Integration of backup solution with VEEAM
  • Support and operation, training and handover

Technologies / Tools: Fortigate, Switching, HP Server, VMware, MS Windows Server, VEEAM, Trendmicro AV, Network Architecture

Jan 2015 - Dec 2015
1 year

Freelancer

  • New network and firewall rule set build
  • Virtualization of server infrastructure
  • Site-to-site VPN
  • Integration of backup solution with VEEAM
  • Support and operation, training and handover

Technologies / Tools: Fortigate, Cisco Switching, HP Server, VMware, MS Windows Server, VEEAM, Trendmicro AV, Network Architecture

Jan 2015 - Dec 2015
1 year
Switzerland

Freelancer

Weka Media

  • Rebuilding Weka Media WAN, site-to-site VPN, hub and spoke
  • Main responsibility for Weka Media WAN
  • Management of 8 firewall clusters
  • Data center redesign Kissing
  • Support and operation of data center Kissing
  • Redesign, planning and setup of 8 branches/subsidiaries: Germany, Austria, Switzerland

Technologies / Tools: Fortigate, FortiManager, FortiAnalyzer, Cisco Routing / Switching, PRTG, Network Architecture

Jan 2014 - Dec 2014
1 year
Russian Federation

Overall responsibility for the Hoffmann WAN

Hoffman GmbH München

  • Management of 35 firewall clusters
  • Support and operation of data centers in Munich and Nuremberg
  • Building central data center as a mirrored data center
  • Planning and setup of 3 branches/subsidiaries: India, Russia, North America

Technologies / Tools: Fortigate, FortiManager, FortiConverter, FortiAnalyzer, WAN, VPN, Cisco Routing / Switching, Network Architecture

Jan 2007 - Dec 2013
7 years

Overall responsibility for the Synlab network

Synlab Services GmbH

  • Among others, main responsibility for the Synlab network (data center, branches at home and abroad (EMEA), MPLS and internet)
  • Main responsibility for (re-)certification ISO 9001 / 27001 each by Q4 since 2010
  • Project consulting / planning / execution
  • Resource planning for projects
  • Planning and expansion of the Synlab network (international)
  • 3rd level support (partly coordinating staff and providing on-site support at branches in emergencies)

Technologies / Tools: Fortigate, FortiManager, FortiConverter, FortiAnalyzer, WAN, VPN, Cisco Routing / Switching, Network Architecture

Jan 2003 - Dec 2007
5 years
Munich, Germany

Planning the replacement of the existing FDDI backbone

Staatliche Lotterieverwaltung München

  • Project consulting / planning / execution
  • 3rd level support
  • Communication interface with external companies
  • T-Systems, SGI, Deutscher Lotto Block, external planning offices
  • Communication interface with specialist departments

Technologies / Tools: Cisco Routing / Switching

Summary

For the past 20 years, I have been involved in infrastructure design and implementation of firewall systems and switching/router infrastructures to a standard. Site networking (WAN/SD-WAN/BGP/OSPF/VPN) is part of my responsibilities. The manufacturers used here are Fortinet, Cisco Systems, VMware, Microsoft, and Linux systems. The Fortigates are usually managed via a central management system (FortiManager). The individual sites are connected via SD-WAN and VPN aggregates (BGP). My strengths lie in the data center area. This includes segmentation and implementation of security policies, as well as hybrid clouds with MS Azure/AWS. My perspective on system availability requires my willingness and understanding to work on weekends and evenings. The design and conception of the infrastructure, from initial review to the IPv4 concept, LAN/WAN design, documentation, and handover to the customer, is my area of responsibility.

Languages

German
Advanced
English
Advanced

Certifications & licenses

CCDA Cisco Certified Design Associate

Cisco

CCDP Cisco Certified Network Design Professional

Cisco

CCNA Cisco Certified Network Associate V2010

Cisco

CCNA Security Cisco Certified Security Associate

Cisco

CCNA Voice Cisco Certified Network Associate Voice

Cisco

CCNP R/S Cisco Certified Network Professional

Cisco

CSSP Certified System Security Professional

FCSNA Fortinet Firewall Administrator

Fortinet

FCSNP Fortinet Firewall Professional

Fortinet

JNCIA-FFW Juniper Networks Internet Associate

Juniper Networks

MCTIP Windows Server Administrator

Microsoft

MCTS Windows 2008 AD

Microsoft

MCTS Windows 2008 NI

Microsoft

MCTS Windows 2008 SBS

Microsoft

VMWARE VCA VMware Certified Associate – Data Center Virtualization

VMware

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Mustafa K.

Senior Network Design and Engineer

View Profile
Sami B.

Integration FortiManager into existing infrastructure

View Profile
Christian D.

Managing Director and Senior Consultant

View Profile
Eddy A.

Network Administrator

View Profile
Khyser S.

Life Cycle Infrastructure Network Analyst

View Profile
Andreas A.

Project Manager for Network and Infrastructure Project migration EU/US/MEX

View Profile
Dirk E.

Senior IT Engineer

View Profile
Christian W.

Cisco Catalyst Center - SDA Wireless Consultant

View Profile
Mohamed H.

Sr. Network Consultant

View Profile
Alagi M.

Project Manager & IT Security Architect Logging & Monitoring for QRadar & Splunk, ISO 27001

View Profile
Stephan S.

IT-Security Manager

View Profile
Thomas H.

Project Manager & Tender Manager

View Profile
Andreas F.

Project Manager & Portfolio Owner for Infrastructure (Automotive)

View Profile
Vladimir M.

Senior Security Analyst

View Profile
Andreas W.

Freelancer

View Profile
fratch Part of Bitkom logo
linkedIncrunchbaseyoutube
  • English
  • Deutsch

2025 © FRATCH.IO GmbH. All rights reserved.