Tom Heinrich
Infrastructure Design and Implementation
Experience
Network Architect / System Engineer
Teleperformance
Key focus: Fortinet rollout / site homogenization / cloud / ISP migration
- Network analysis, design and optimization, change
- ISP changes
- Commissioning of service providers, decentralized IT support
- Setting up central management platform
- Routing optimization to dynamic routing
- Optimizing and creating firewall rules
- AWS integration / design
- MS Azure integration / design
Technologies / Tools: Fortigate, Palo Alto, WAN, SDN WAN, VPN, BGP, OSFP, Fortimanager, Panorama, Meraki, Alcatel, AWS, MS Azure, Network Architecture
Network Engineer / Network Architect
Douglas IT
Key focus: Fortinet rollout / site homogenization
- As-is assessment
- Documentation
- Setting up central management platform
- SD-WAN connections
- Replacement of Bintec
- Commissioning, mostly in the evening / night / weekends
- Follow-up of the local network, Cisco Meraki switches and access points
- Datacenter migration Hagen -> Düsseldorf
- Replacing Juniper DC solution with Cisco Nexus VPC
- Datacenter documentation current / target
Technologies / Tools: Fortigate, WAN, SD-WAN, Bintec, VPN, BGP, OSFP, Fortimanager, Cisco Meraki switches and APs, VMware, NX-OS, Netbox, Visio, Fortiswitch, FortiAP, Network Architecture, Juniper
Lead Network Architect
Francotyp Postalia
Key focus: Fortinet rollout / site homogenization / DC hardware migration
- Technical procurement consulting
- Network analysis, design and optimization, change
- Planning / documentation
- Commissioning of service providers, decentralized IT support
- Setting up central management platform
- Routing optimization to dynamic routing
- Darktrace analysis
- MS Azure integration / design
Technologies / Tools: Fortigate, WAN, SD-WAN, VPN, BGP, OSFP, Fortimanager, Fortiswitch, FortiAP, Juniper SRX, Darktrace, MS Azure, AWS, Network Architecture, HP Aruba
Network Architect, Network Engineer
Metabowerke GmbH
Key focus: Fortinet rollout / site homogenization
- Staging
- Firewall migration (device + policy)
- Commissioning of service providers, decentralized IT support
- Setting up central management platform
- SD-WAN connections
- Reverse engineering, hardening of firewall rule set, applying security profiles
- Adoption into central management, hypercare phase, if needed adjustments and
- AWS integration / design
- Troubleshooting
- Commissioning, also in the evening, weekends and holidays (per customer request)
- Follow-up of the local network, mostly Cisco Systems and HP Aruba
Technologies / Tools: Fortigate, WAN, SD-WAN, VPN, BGP, OSFP, Fortimanager, Fortiswitch, Checkpoint, Sonicwall, AWS, Cisco switches, HP Aruba, Network Architecture
System Engineer
Infodas
Key focus: LAN/WAN assessment, WAN/network redesign
- Network analysis, design and optimization
- Planning / documentation
Technologies / Tools: Fortigate, Cisco, VMware, MS Azure, AWS, Fortiswitch, FortiAP, Network Architecture
Network Specialist
Signal Iduna
Main focus: network separation / segmentation / zoning
- Network analysis, design and optimization
- Planning / documentation
- Creating firewall rules
- Commissioning service providers
Technologies / tools: Fortigate, HP Aruba, servers, network architecture
Lead Engineer for SD WAN rollout in Germany
Telefonica Deutschland
Main focus: SD WAN
- Customer consulting
- Network analysis, design and optimization
- Planning / documentation
Technologies / tools: Fortigate, WAN, SDN WAN, VPN, BGP, OSPF, Cisco / HP Aruba / Netgear / TP-Link switches, network architecture
Network / Firewall Specialist
Aunde
Project on behalf of CirC IT.
- Ticket handling, mainly in the firewall area
- Troubleshooting
- Local network analysis, mostly Fortinet
- Network analysis, design and optimization
- Planning / documentation
Technologies / tools: Fortigate, WAN, SDN WAN, VPN, Cisco switching, FortiSwitch, FortiAP
Network Engineer
Würth Group
Project on behalf of Computacenter AG.
- Rollout and implementation of about 200 Fortinet firewalls (model F601E/FG-101F) in over 80 subsidiaries worldwide
- Initial documentation of the IT infrastructure, coordination with local IT, alignment with central IT
- Aligning customer requirements, reviewing existing documentation
- Preparing the local network, mostly Cisco Systems
- Migrating existing rule sets using FortiConverter
- Adjusting system, interface, and VPN settings / rule sets according to central IT requirements
- Deployment, including evenings, weekends, and holidays (depending on customer needs)
- Segmentation into VLANs and subinterfaces, separation of services
- Firewall rule set optimization, adjustments in coordination with global and local IT
- Reverse engineering, hardening firewall rule sets, applying security profiles
- Migration to central management, hypercare phase, adjustments and
- Troubleshooting
- Post-configuration of the local network, mostly Cisco Systems
- Integration into PRTG, centralized global monitoring
- Documentation
- Handover to central IT, operational phase
Technologies / tools: Fortigate, FortiManager, FortiConverter, FortiAnalyzer, WAN, SDN WAN, VPN, Cisco routing / switching, Dell servers, HP servers & HP switches, VMware, MS Windows Server, Linux Server
Network Architect / Consultant
NTT DATA Business Solutions
- Concept creation, WAN design, vendor and product selection
- Design and implementation of central firewall management, FortiManager
- Design and implementation of central firewall management, FortiAnalyzer
- Design and classification of a global IPv4 IP concept, level A – enterprise
- Header policy design
- Rollout and implementation of about 80 Fortinet firewalls (models 60/100/200/600) in over 50 countries worldwide
- Expansion / redesign of LAN standards (including replacements), Cisco switches models 9500/3650/Nexus
- Coordination with site managers, usually IT staff
- Implementation of centralized DHCP services, certificate services, 802.1X
- Introduction of two-factor FortiToken, FortiAuthenticator
- Expansion of global remote dial-in
- Global monitoring with Cisco Prime and distributed PRTG systems
- Global second level support, vendor escalation
- Redesign of WAN connections using own firewall systems, VPN, BGP, OSPF
- Data center redesign, three-firewall concept (two vendors), logical separation of data center / office
- Replacement of leased MPLS, migration to VPN, SD-WAN
- Firewall rule set optimization
- Supporting UHD with tickets
- Training new employees and apprentices
- Remote and on-site assignments worldwide
Technologies / tools: Fortigate, FortiManager, FortiConverter, FortiAnalyzer, WAN, SDN WAN, VPN, Cisco routing / switching, Dell servers, HP servers & HP switches, VMware, MS Windows Server, PRTG, ServiceNow, network architecture
Datacenter Migration Consultant
Telefónica / O2
Project on behalf of Cancom GmbH.
- Move datacenter from Munich to Frankfurt
- Create quotes
- Divide devices to be replaced into installation or staging blocks
- Identify affected switches and import new switches into Command
- Review environment design and redesign
- Manage, plan, and document changes in ARS
- Assess risk and complexity
- Update network documentation (network diagrams, etc.)
- Coordinate with responsible departments and external service providers
- Create migration/move runbook and manage teams
- Site inspection
Technologies / Tools: Cisco Routing / Switching, Check Point Firewalls
Freelancer
Baumann TGA
- Plan and set up a new office in Munich (cabling, servers, clients)
- Antivirus concept with Worry-Free Business
- Expand and connect storage
- Wi-Fi with UniFi
- Installation, support and operation, training and handover
Technologies / Tools: Fortigate, Switching, HP Servers, VMware, MS Windows Server, Veeam, Trend Micro AV
Freelancer
Spelsberg
Combined projects for 2017.
Project Spelsberg II**
Expand data center (DC III) at 2 locations
Extend and configure LAN at 2 locations
In-house redesign (switches and cabling)
Create heatmap (signal coverage) – capture and optimize Wi-Fi (manufacturers: UniFi / Ubiquiti, Cisco Systems)
Installation, support and operation, training and handover
Project Spelsberg I**
Rebuild data center and infrastructure in Schalksmühle and Butttstätt
Design and set up firewall cluster for redundant VPN connections between Spielberg and Schalksmühle
In-house redesign (switches and cabling)
Create heatmap (signal coverage) – capture and optimize Wi-Fi (manufacturers: UniFi / Ubiquiti)
Installation, support and operation, training and handover
Technologies / Tools: Cisco Routing / Switching, Network Architecture, UniFi
Freelancer
Project JONA (dental practice with 14,000 patients and a day clinic).
- Set up network and firewall from scratch
- SSL VPN for remote work
- Server environment virtualization
- Site-to-site VPN
- Integrate backup solution with Veeam
- Support and operation, training and handover
Technologies / Tools: Fortigate, Switching, HP Servers, VMware, MS Windows Server, Veeam, Trend Micro AV, Network Architecture
Freelancer
- Set up network and firewall ruleset from scratch
- Server environment virtualization
- Site-to-site VPN
- Integrate backup solution with Veeam
- Support and operation, training and handover
Technologies / Tools: Fortigate, Cisco Switching, HP Servers, VMware, MS Windows Server, Veeam, Trend Micro AV, Network Architecture
Freelancer
Weka Media
- New build of the Weka Media WAN, site-to-site VPN, hub-and-spoke
- Main responsibility for the Weka Media WAN
- Management of 8 firewall clusters
- Redesign of the Kissing data center
- Operation and maintenance of the Kissing data center
- Redesign, planning and setup of 8 branches/locations: Germany, Austria, Switzerland
Technologies / Tools: Fortigate, Fortimanager, Fortianalyzer, Cisco routing/switching, PRTG, network architecture
Main responsibility for the Hoffmann WAN
Hoffman GmbH Munich
- Management of 35 firewall clusters
- Operation and maintenance of the Munich and Nuremberg data centers
- Setup of the central data center as a mirror data center
- Planning and setup of 3 branches/locations: India, Russia, North America
Technologies / Tools: Fortigate, Fortimanager, Forticonverter, Fortianalyzer, WAN, VPN, Cisco routing/switching, network architecture
Main responsibility for the Synlab network
Synlab Services GmbH
- Among other things, main responsibility for the Synlab network (data center, branches (domestic and abroad (EMEA)), MPLS and Internet)
- Main responsibility for ISO 9001/27001 (re-)certification through Q4 each year since 2010
- Project consulting / planning / implementation
- Staff planning for projects
- Planning and expansion of the Synlab network infrastructure (international)
- 3rd level support (partial coordination of staff and on-site support at branches when needed)
Technologies / Tools: Fortigate, Fortimanager, Forticonverter, Fortianalyzer, WAN, VPN, Cisco routing/switching, network architecture
Planning the replacement of the existing FDDI backbone
State Lottery Administration Munich
- Project consulting / planning / implementation
- 3rd level support
- Communication interface with external companies
- T-Systems, SGI, Deutscher Lotto-Block, external planning offices
- Communication interface with specialist departments
Technologies / Tools: Cisco routing/switching
Industries Experience
See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.
Experienced in Information Technology (9.5 years), Healthcare (8 years), Government and Administration (5 years), Telecommunication (1.5 years), Professional Services (1 year), and Construction (1 year).
Business Areas Experience
The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.
Experienced in Information Technology (23 years), Project Management (11.5 years), Operations (7.5 years), Quality Assurance (7 years), Procurement (2 years), and Customer Service (1 year).
Summary
For the past 20 years, I have been involved in infrastructure design and implementation of firewall systems and switching/router infrastructures to a standard. Site networking (WAN/SDWAN/BGP/OSPF/VPN) is part of my responsibilities. The manufacturers used here are Fortinet, Cisco Systems, VMware, Microsoft, and Linux systems. The Fortigates are usually managed via a central management system (Fortimanager). The individual sites are connected via SD-WAN and VPN aggregates (BGP). My strengths lie in the data center area. This includes segmentation and implementation of security policies, as well as hybrid clouds with MS Azure/AWS. My perspective on system availability requires my willingness and understanding to work on weekends and evenings. The design and conception of the infrastructure, from initial review to the IPv4 concept, LAN/WAN design, documentation, and handover to the customer, is my area of responsibility. My hourly rate is €100 + VAT (remote) – the all-inclusive daily rate is €1,000 + VAT (onsite).
Languages
Profile
Frequently asked questions
Do you have questions? Here you can find further information.
Where is Tom based?
What languages does Tom speak?
How many years of experience does Tom have?
What roles would Tom be best suited for?
What is Tom's latest experience?
What companies has Tom worked for in recent years?
Which industries is Tom most experienced in?
Which business areas is Tom most experienced in?
Which industries has Tom worked in recently?
Which business areas has Tom worked in recently?
What is the availability of Tom?
What is the rate of Tom?
How to hire Tom?
Average rates for similar positions
Rates are based on recent contracts and do not include FRATCH margin.
Similar Freelancers
Discover other experts with similar qualifications and experience
Experts recently working on similar projects
Freelancers with hands-on experience in comparable project as a Network Architect / System Engineer
Nearby freelancers
Professionals working in or nearby Möhnesee, Germany
