Max Benana

• · Cloud Architecture & Transformation: Optimization of the Azure Hub & Spoke architecture: integration of Internal Load Balancers (ILB) and deployment of Palo Alto NVA clusters in high availability (Active/Passive). VNET peering with different spokes and Express-route.

• · SDWAN Architecture: Deployment of Meraki Hub in DC and integration of spokes in Europe.

• · Cloud Security: Deployment of Zscaler connectors (ZPA) on GCP, Azure, and ESxi; migration of Pulse Secure IPSec VPNs to ZPA.

• · Automation: Migration of security policies (Checkpoint/Fortigate to Palo Alto) using Python scripts and API calls.

• · Standardization: Design of templates and Device Groups on Panorama for the standardization of ~110 Palo Alto firewalls for campus sites, private cloud, GCP, and Azure.

• · Datacenter Engineering: Design and integration of new On-prem Datacenters (HA Passive-Active) with BGP announcements to the corporate network via an operator. Definition and integration of the new Out of Band architecture.

• · Migration and Standardization: Standardization of different patterns (Dual operator or SDWAN) for Campus sites, and migration from an inter-site iBGP and eBGP architecture to the new patterns. Result: Simplification of the design and therefore more efficient MCO.

• · Documentation & Strategy: Drafting of HLD and LLD design documents for Datacenter and Campus site infrastructures.

• · Environment: Meraki, Cisco, Fortigate, ZPA, ZIA, Global Protect, Azure, Palo Alto, BGP, Splunk, VNET Peering.

• · WAN Evolution: Migration of the MPLS backbone to Cisco DMVPN (mGRE + BGP).

• · WAN Evolution: Migration from DMVPN to SD-WAN VeloCloud solution (Dual WAN Internet)

• · Infrastructure Design: Design of 3-tier LAN architectures (Meraki/Cisco) and deployment of Meraki WiFi at headquarters in Spain, France, and Germany.

• · Security Expertise: Traffic analysis and rule compilation on Palo Alto; administration of Cisco Firepower (NGIPS) and Cortex XDR.

• · Modernization: Migration of DHCP/DNS relays from Windows Server 2008 to Infoblox.

• · Network Expertise: Administration of local traffic rules on F5 BIG-IP LTM. Troubleshooting BGP, DMVPN, Meraki, and Cisco Prime.

• · Core Network Management: Implementation of BGP/EIGRP routing and maintenance of the VSS network core (Cisco ASW/DSW).

• · Perimeter Security: Administration of Checkpoint, Palo Alto, and Cisco ASA firewalls; management of TACACS access via Cisco ACS.

• · Network Expertise: Management of PaloAlto IPSec VPN sessions and Juniper SSL VPN. Configuration of HSRP, Port-security, and participation in troubleshooting Reverse-proxy.

• · Network Integration: Integration of Palo Alto firewalls and network infrastructure (Catalyst switches) at agencies in Germany, Tunisia, and French sites.