Download PDF

FIras Al Naffar

IT/Infrastructure Architect & Engineering

Portfolio

         IT Infrastructure Architect & Engineering professional with over 14 years of experience in designing turnkey solutions for enterprise organizations. Skilled in Cloud Computing, SDN Technologies, Big Data, Information Security, Infrastructure Development and Virtualization. Demonstrated mastery in evaluating requirements for business integration with technology, and service activation. Proven mentor and training with expertise in communicating across organizational levels and with cross-functional teams to drive shared vision and foster culture of excellence.

         Core Qualifications

             ..  Service-Oriented Architecture

              ..  Network Programmability (Python)

              ..  Cyber Security 

              ..  Data Centers and Clouds

Education

2008

Bachelor Degree in Science of Computing

University of Portsmouth
2007

Diploma in Data Center Infrastructure

Anixter University
2005

International Advanced Diploma in Computer Studies

NCC Education

Assets

   Data Center Infrastructure Services

  • Solutions-focused IT Infrastructure professional with in-depth hands-on technical implementation skills, broad-based experience and a passion for resolving complex problems or business challenges through innovation.
  • Implementing and operating Data Center Infrastructure through Cisco Chassis, Nexus DC Switches, Cisco Service Modules, NGFW, IPS Sensors, FTD, FMC, FirePower Threat Defense enterprise platforms, and Security Modules, by configuring unified fabrics, L2 extension, DCI technologies, OTV, Fabricpath, LISP, Multicast, MSDP, MPLS, BGP Reflectors, MPBGP, DMVPN, VPN Shared Services, OSPF backbones, TE, VRFs, VPC+, enhanced VPC, VDC, AnyCast, VSS, N2K fabric extenders, Firewall Clustering, ASA Contexts, AMP, Threat Grid, Sandbox, Intrusion Prevention, FTDv, ASAv, Prime Infrastructure, ..etc, towards deliver architectural flexible and consistent networking across Cisco UCS, VCE, vBlock and Cloud Computing environments.
  • Design and deploy Data Center Networks utilizing Nexus 9K, APIC, VXLAN, EVPN, Underlying, and Overlying best practices for a Cisco ACI Architecture in a stretch fabric, ACI Multi-Pod and Multi Site environments. Develop and perform migration from traditional data center network designs into spine and leaf networks, and SDN Technology. Integrate services appliances to Cisco ACI deployments to include Application Delivery Controllers and Firewalls. Configure DCNM for ACI fabric topology view, provisioning, site visibility, and management. Knowledge in Python scripting for network automation and programmability.
  • Hands on technical experience with SDN controller architecture, create different application policies in the ACI including Tenants, ANP, VRF, BD, EPG, micro-segmentation, AVS, VMM, Contracts, Service Graphing, Subjects, and Filters. Setup Fabric Discovery, Inbound and Outband management configuration, APIC and LEAF Health verification. Configure Fabric Access Policy, switch policies, interface policies, AEPs, L3Out, L2Out, Physical and External Domains. Understanding of OpenFlow and OpenStack.
  • Design IP Schemas, wild masks, route summarization, and classless subnets based on business units, capacity, Infrastructure strategy and future expansion. Apply and control it via Infoblox DDI. Plan for an IPv6 addressing networks and migration.
  • Given a SAN environment, setup the service modules for the Cisco MDS platforms, and configure storage features like Zoning, VSAN, NPV, FCIP, FCoE, Fiber Channel domains,…etc for availability and scalability of storage networks via a unified fabric.
  • Identify and configure Security and remediation methods, used to secure borderless networks in terms of policy enforcement and compliance through pxGrid integration with Active Directory, Infoblox, FireSight Defense Center, SSL Certificates, and different Cisco ISE deployment. Implement Cisco ISE AnyConnect, Easy Connect, Profiling, MAB, Posture, 802.1X, RADIUS, TACACS+, ACS, WebAuth and MDM for more comprehensive on-boarding experience, Guest portals access, and BYOD. 
  • Plan and configure different series of Cisco security and gateway appliances to provide cryptographic security services that will flexibly support combinations of authentication, integrity, access control, and confidentiality.
  • Design and setup diverse series of Bluecoat proxy, F5 BIG-IP, Cisco ISR and ASR Routers to support range of L3 protocols, TCP compressions, FlexVPN, DMVPN, NHRP, GetVPN, AnyConnect SSL, IPSec VPN, application delivery, LTM load balancing, packet shaping, SD-WAN, PfR, and iWAN Technology based on given WAN architectures across different geographical locations.
  • Perform WLAN engineering calculations for Cisco AP design, including path analysis, propagation, technical RF surveying and inter-modulation analysis for Indoor, outdoor and Mesh wireless networks. Configuration and installation of WLAN including APs, WCS high availability, Voice of Wireless, and Mobility. Identify IoT cases, and understand Big Data Analytics in Business.
  • Configuring IXIA for end-to-end testing scenarios, generating massive amounts of traffic, while delivering the quality of experience that mission critical applications demand, with continuous testing to ensure the expected levels of reliability, speed, Data center convergence, enterprise expansion, and new service deployments using many different technologies—including physical and virtualized devices—into a single network infrastructure.

   Cloud Infrastructure Services

  • Professional in ESX vSphere Cluster Architecture, VDI designs and VMWare NSX implementations in IaaS Architecture.
  • Cloud Lock setups, Sanctioned IT, Shadow IT analysis, and implementation for Open DNS and CASB via Cisco Umbrella in a Cloud Hybrid Infrastructure environment running apps like Microsoft Office 365 and data collaboration from the Cloud.
  • Implement vCenter Servers, High Availability options, Fault Tolerance and Site Recovery Manager for replication. Use storage and VM vMotion for migration. Setup distributed resource and distributed switches for more scalable virtual infrastructure.
  • Hands-on development, standardization, and management of all Cisco UCS C, Blade Chassis and E series, including hardware server profiles, fabric interconnect, software deployment, clustering, images, recovery, and patching standards
  • Plan and design Microsoft Windows Enterprise Servers, implement Active Directory Services, functions, roles and integration setups with Infoblox GRID DNS, DHCP, Captive Portals, NTP, and IPAM for IP Management, Security and Monitoring.

    

   Voice & Video Infrastructure Services

  • Design and configure Cisco UCM for single and multi-sites networks to enable On-Net, Off-Net telephony services, mobility options, messaging services, WebEx conferencing, and integration of Skype for Business in a Cisco AVVID Architecture.
  • Implement Cisco Enterprise Call Center and CUIC for single and multi-sites deployment with various ICM instances to route calls through IP IVR, CTI Agents, and CVP based on given workflow scenarios.
  • Understand the Cisco Telepresence and the corresponding blades that are available, including their function. And operate a Telepresence to enable mixed network calls between the server and other Cisco endpoints.

Experience

Dec 2017Present

Network Designer - Cisco ACI

Unisys

I am assign as a Network Designer (Cisco ACI) with the Network & Security Team working for GovConnect NSW Project in the planning and designing phases, deployment execution, and migration from traditional infrastructure into next generation networks for multi tenancy environment-hosting clients in the government, financial services and commercial markets.

Among my job responsibilities, I handle the responsibility of advanced technical implementations for Cisco ACI fabric installation, spine and leaf networks using N9K over a multi-pod deployment across multiple Data Centers via EVPN. L2Out and L3Out configuration for network centric migration path from classic networks into ACI fabric. Virtual Fire Power, FMC, Contracts and Service Graph deployment, Virtual Machine Manager Integrations. In addition, APIC-EM installation and integration with Cisco Prime for infrastructure management, provisioning, and monitoring. 

August 2016Sep 2017

Senior Network Engineer

TAV IT

I was assigned as a Project Engineer for TAV IT Abu Dhabi Airports Project Site Office in Abu Dhabi Midfield Terminal Complex. A family characterized by its In-House Technical, Lab Testing, and Engineering Team with decades of Aviation and Airport experience.

The Abu Dhabi Airport Midfield Terminal Building is the world’s largest terminal; it is a prestige project for the Government-owned ADAC and is a linchpin of Abu Dhabi broader plans to increase tourist traffic as part of the vision 2030 strategy to diversify the economy.

My role was to deliver and implement a - critical plus - network infrastructure multi tenancy design for 25,000 + nodes and 170 IDF, configure MPLS Backbone, Multicast VPNv4, VMWare Infrastructure, and build an active: active multiple Data Centers running fabric path over dark fibers end to end with an uptime of 99.99.

In addition, plan and setup a pxgrid security blanket for access compliance and defense, as well as Advanced Malware Protection threat grid for data protection with the latest hardware technologies via Cisco FirePower 9300 and FMC Architecture.  

August 2009July 2016

IT Infrastructure Specialist

Injazat Data Systems

Technical Architect leveraged for multiple enterprise accounts. Result driven leader with extensive expertise developing innovative, cost effective technology solutions to sustain business growth. Ensure that service delivery integrated across services and delivery capabilities to meet clients’ expectation in line with industry standards and best practices based on ITIL framework. Proficient in translating business strategy into IT capabilities, increasing productivity and ensure scalability of IT Infrastructure solutions. 

Worked very closely with the client to ensure a seamless delivery of business objectives and ensure business continuity & operability through seamless implementation of products and solutions focusing on client satisfaction. Establish and monitor service metrics to drive continuous improvement and adherence to service levels, incidents, severities, & business requirements.

Among my job responsibilities, I handled the responsibility of technical implementations types of shared, dedicated service networks, virtualized and converged networks for various clients. In addition, participated in different Architecture designs for unified security, storage networks, blade enclosures, VCE converged, vBlock, unified fabric networks, cloud data centers, infrastructure as a service model, UCCE Call Center, wireless networks, IP telephony, and VMware technologies like SRM, vShpere Replication, and vCenter. 

Effectively plan, configure, and optimize the IT infrastructure to comply with clients objectives and achieve SLA.

March 2007May 2009

Senior Network Analyst

Abu Dhabi International Airport

 I was member of the Infrastructure Project Team involved in the development of Abu Dhabi International Airport Expansion Infrastructure Project. Designated troubleshooter with the ability to prioritize workload and work well within aggressive deadlines. 

This involved the migration of old Airport network to new Infrastructure, VRFs and MPLS backbone implementation, master IP Schema design, multi-tenancy model setup, vBlock configuration, installation for different Cisco and VMware technologies like, SRM, vCenter, firewalls, NAC, load balancers, wireless controllers, IP telephony, MDS storage, VPN concentrators, service modules, ..etc 

Additionally, in collaboration with Infrastructure Team, we successfully achieved Datacenter optimization project by reducing the hardware footprint 40% using virtualization and consolidation technology and decrease the power consumptions by 20%.

Oct 2004Oct 2006

Data Center Manager

AIG - American International Group

Technical Manager accounted for the Data Center and Arabia Infrastructure of UAE, Lebanon, Kuwait, Bahrain, KSA and Oman. I was primarily responsible for ICT development including all network, security and telecommunication assets, documentation and operational procedures. As well as, project architecture designs review, development of IT roadmaps, and budget planning. 

Proven ability to create and deliver solutions tied to Hub & Spoke business model growth, organizational development and business continuity plans.

Led global projects such WAN media plans, disaster recovery, Voice over IP solution, security designs, Active Directory migration, Microsoft exchange for multi-site, proxy concentrators, local and remote virtual backup & restore setup, VMware ESXi and vCenter implementation, HP NNMi monitoring, ..etc for highly available, scalable, and reliable IT Infrastructure across the Arabia Infrastructure.

May 2003Oct 2004

System Operator

Abu Dhabi Sea Port Authority

I was member of the Infrastructure Project Team, whom was responsible for designing, setting up, and managing information/network systems for a Data Center Project.

I worked alongside experienced engineers; where I gained the hands on experience and knowledge of data center best practice including; hardware management, network installations, storage implementation, system support, security policies & monitoring.

Oct 1999Sep 2002

Computer Technician

Crown Computers Co.

I worked with clients to analyze computing and network needs, and installed appropriate solutions within each organization's budget.

Referance

It's available upon request.