Projects

Network Security 802.1x

In today's world, keeping networks secure is more important than ever. One effective way to do this is by using 802.1X port-based network access control for both wired and wireless connections. By setting up tools like Windows Network Policy Server (NPS) and Cisco Identity Services Engine (ISE), I help create smart, policy-based access controls that make sure only the right people and devices can get on the network.
To keep things secure, I use certificate-based protocols like EAP-TLS and PEAP-MSCHAPv2, which provide solid authentication and encryption to block unauthorized access. On top of that, I implement dynamic VLANs, which help enforce consistent security policies across the entire network. This way, everyone and everything follows the same security rules, no matter where they connect.
Overall, my goal is to build a strong, flexible security setup that protects against today’s threats and is ready for whatever comes next.

In this project, I designed a data center network focused on delivering high availability with minimal downtime, even during resource migrations. The IP addressing scheme was carefully planned to ensure that resources remain accessible at all times. To build a resilient network, I used Cisco vPC and Dell VLT technologies. These tools create a strong foundation for fault tolerance and high availability, making sure that the network stays up and running, even if some components fail. I also implemented Link Aggregation Control Protocol (LACP) to bundle multiple network links together, which boosts bandwidth and improves performance for both servers and network devices. This helps the network handle high traffic loads smoothly.
A big part of the design was optimizing network performance. I used the Multiple Spanning Tree (MST) protocol to reduce unnecessary spanning-tree calculations, which, in turn, lowers CPU and memory usage. This makes the network more efficient and responsive. Security was also a priority in this design. I included strong access controls, network segmentation, and encryption protocols to protect data and ensure that the network remains secure.
Overall, this network design balances reliability, performance, and security, creating a robust environment that can adapt to future needs. It’s built to handle the demands of a modern data center, providing a solid foundation for any enterprise.

This project is all about making our IT systems work better and more efficiently by moving to a hybrid cloud environment. Here’s what we’re doing:

Moving to Azure AD: We’re shifting our on-premise Active Directory users to Azure AD. This means everyone can sign in more easily with Single Sign-On (SSO), and managing users will be simpler and more secure.
Boosting Connectivity: We’re setting up ExpressRoute and VPN Gateway to ensure secure and fast connections between our on-premise systems and the cloud. This will help keep everything running smoothly and securely.
Microsoft 365 Integration: We’re rolling out Microsoft 365 to manage our devices and policies all in one place. We’re also migrating our old Exchange and SharePoint systems to Microsoft 365 to make teamwork and communication more seamless.
Moving VMs to Azure: Our VMware ESXi virtual machines are moving to Azure. This will give us more flexible and scalable cloud infrastructure, making it easier to adjust resources as needed.

I recently managed a big email migration project, moving accounts from Zoho to Google Workspace and Microsoft 365. I planned everything carefully to keep data intact and avoid any downtime, so the transition was smooth and didn’t disrupt daily operations.
To make things even better, I set up a split mail delivery system that routes emails between Microsoft 365, Google Workspace, and Zoho Mail. By using precise DNS settings and smart routing, I improved email performance and created a system that’s ready to grow with future needs.
My goal is to ensure that email systems run smoothly and efficiently, adapting to whatever changes come next.