Download PDF

FIras Al Naffar

IT/Infrastructure Architect & Engineering


         IT Infrastructure Architect & Engineering professional with over 15 years of experience in designing turnkey solutions for enterprise organizations. Skilled in Cloud and Data Centers Networks, SDN Technologies, Data Visualization, Infrastructure Security, Network Development and Virtualization with in-depth hands-on technical implementation skills, broad-based experience and a passion for resolving complex problems or business challenges through innovation and ensuring proposed technology initiatives are aligned with short and long term district goals.

         Core Qualifications

             ..  Service-Oriented Architecture

              ..  Network Programmability (Python)

              ..  Cyber Security 

              ..  Data Centers and Clouds



Bachelor Degree in Science of Computing

University of Portsmouth

Diploma in Data Center Infrastructure

Anixter University

International Advanced Diploma in Computer Studies

NCC Education


   Data Center, Network and Security Service

  • Implementing and operating Data Center Infrastructure through Cisco Chassis, Nexus DC Switches, Cisco Service Modules, NGFW, IPS Sensors, FTD, FMC, FirePower Threat Defense enterprise platforms, and Security Modules, by configuring unified fabrics, L2 extension, DCI technologies, OTV, Fabricpath, LISP, Multicast, MSDP, MPLS, BGP Reflectors, MPBGP, DMVPN, VPN Shared Services, OSPF backbones, TE, VRFs, VPC+, enhanced VPC, VDC, AnyCast, VSS, N2K fabric extenders, Firewall Clustering, ASA Contexts, AMP, Threat Grid, Sandbox, Intrusion Prevention, FTDv, ASAv, Prime Infrastructure, ..etc, towards deliver architectural flexible and consistent networking across Cisco UCS, VCE, vBlock and Cloud Computing environments.
  • Design and deploy Data Center Networks utilizing Nexus 9K, APIC, VXLAN, EVPN, Underlying, and Overlying best practices for a Cisco ACI Architecture in a stretch fabric, ACI Multi-Pod and Multi Site environments. Develop and perform migration from traditional data center network designs into spine and leaf networks, and SDN Technology. Integrate services appliances to Cisco ACI deployments to include Application Delivery Controllers and Firewalls. Configure DCNM for ACI fabric topology view, provisioning, site visibility, and management. Knowledge in Python scripting for network automation and programmability.
  • Hands-on technical experience with SDN controller architecture, APIC initialization and setups, create different application policies in the ACI including Tenants, ANP, VRF, BD, EPG, micro-segmentation, AVS, VMM integration, Contracts, Service Graphing. Setup Fabric Discovery, Inbound and Outband management configuration. Configure Fabric Access Policy, switch policies, interface policies, AEPs, L3Out, L2Out, Domains and GOLF. 
  • SDA, DNA and APIC-EM deployment. Policy provisioning, SDA Fabric VN, Borders, Edge and Fabric Extenders, Fabric and non-fabric modes, Access Policy with TrustSec, and SDA Network design and sites.
  • Design IP Schemas, wild masks, route summarization, and classless subnets based on business units, capacity, Infrastructure strategy and future expansion. Apply and control it via Infoblox DDI. Plan for an IPv6 addressing networks and migration.
  • Given a SAN environment, setup the service modules for the Cisco MDS platforms, and configure storage features like Zoning, VSAN, NPV, FCIP, FCoE, Fiber Channel domains,…etc for availability and scalability of storage networks via a unified fabric.
  • Identify and configure Security and remediation methods, used to secure borderless networks in terms of policy enforcement and compliance through pxGrid integration with Active Directory, Infoblox, FireSight Defense Center, SSL Certificates, and different Cisco ISE deployment. Implement Cisco ISE AnyConnect, Easy Connect, Profiling, MAB, Posture, 802.1X, RADIUS, TACACS+, ACS, WebAuth and MDM for more comprehensive on-boarding experience, Guest portals access, and BYOD. 
  • Plan and configure different series of Cisco security and gateway appliances to provide cryptographic security services that will flexibly support combinations of authentication, integrity, access control, and confidentiality.
  • Design and setup diverse series of Bluecoat proxy, F5 BIG-IP, Cisco ISR and ASR Routers to support range of L3 protocols, TCP compressions, FlexVPN, DMVPN, NHRP, GetVPN, AnyConnect SSL, IPSec VPN, application delivery, LTM load balancing, packet shaping, SD-WAN, PfR, and iWAN Technology based on given WAN architectures across different geographical locations.
  • Perform WLAN engineering calculations for Cisco AP design, including path analysis, propagation, technical RF surveying and inter-modulation analysis for Indoor, outdoor and Mesh wireless networks. Configuration and installation of WLAN including APs, WCS high availability, Voice of Wireless, and Mobility. Identify IoT cases, and understand Big Data Analytics in Business.
  • Configuring IXIA for end-to-end testing scenarios, generating massive amounts of traffic, while delivering the quality of experience that mission critical applications demand, with continuous testing to ensure the expected levels of reliability, speed, Data center convergence, enterprise expansion, and new service deployments using many different technologies—including physical and virtualized devices—into a single network infrastructure.

   Cloud Infrastructure and Virtualization Services

  • Professional in ESX vSphere Cluster Architecture, VDI designs and VMWare NSX implementations in IaaS Architecture.
  • Cloud Lock setups, Sanctioned IT, Shadow IT analysis, and implementation for Open DNS and CASB via Cisco Umbrella in a Cloud Hybrid Infrastructure environment running apps like Microsoft Office 365 and data collaboration from the Cloud.
  • Implement vCenter Servers, High Availability options, Fault Tolerance and Site Recovery Manager for replication. Use storage and VM vMotion for migration. Setup distributed resource and distributed switches for more scalable virtual infrastructure.
  • Hands-on development, standardization, and management of all Cisco UCS C, Blade Chassis and E series, including hardware server profiles, fabric interconnect, software deployment, clustering, images, recovery, and patching standards
  • Plan and design Microsoft Windows Enterprise Servers, implement Active Directory Services, functions, roles and integration setups with Infoblox GRID DNS, DHCP, Captive Portals, NTP, and IPAM for IP Management, Security and Monitoring.


   Voice & Video Infrastructure Services

  • Design and configure Cisco UCM for single and multi-sites networks to enable On-Net, Off-Net telephony services, mobility options, messaging services, WebEx conferencing, and integration of Skype for Business in a Cisco AVVID Architecture.
  • Implement Cisco Enterprise Call Center and CUIC for single and multi-sites deployment with various ICM instances to route calls through IP IVR, CTI Agents, and CVP based on given workflow scenarios.
  • Understand the Cisco Telepresence and the corresponding blades that are available, including their function. And operate a Telepresence to enable mixed network calls between the server and other Cisco endpoints.


Dec 2018Present

Campus Network Technical Lead

Sydney Airport

My role has me engaged within the most significant technology transformation program, tasked with providing a modern infrastructure platform support the Airport's digital initiatives aligned with the recently developed technology strategy.

This involved the transformation of Airport Campus from legacy network to next generation SD-Access (SDA) fabric networks, APIC-EM DNAC deployment, campus fabric readiness, wired and wireless network provisioning and policy, intra-vn communication between groups, internal borders for ACI Multipod Data Centers connectivity and external connections, Fabric Borders, edge and extenders, ISE/PxGrid configuration, and fabric non-fabric mode setup cases.

Dec 2017Nov 2018

Network Designer - Cisco ACI


I am assigned as a Network Designer (Cisco ACI) working with the Network and Security Team for GovConnect NSW Project, in the planning and designing phases, deployment execution, and migration from traditional infrastructure into next-generation networks for multi-tenancy environment-hosting clients in the government, financial services and commercial markets.

Among my job responsibilities, I handle the responsibility of advanced technical implementations for Cisco ACI fabric installation, spine and leaf networks using N9K over a multi-pod deployment across multiple Data Centers via EVPN. L2Out and L3Out configuration for the network-centric migration path from classic networks into ACI fabric. Contracts within micro-segmentation EPGs, Service Graph deployment via external Palo Alto firewalls, VMM Integrations with VMware Hypervisors, and ISE for RBAC.              

August 2016Sep 2017

Network Architect


I was assigned as a Project Engineer for TAV IT Abu Dhabi Airports Project Site Office in Abu Dhabi Midfield Terminal Complex. A family characterized by its in-house Technical, Lab Testing, and Engineering Team with decades of Aviation and Airport experience.

My role was to deliver and implement a critical plus network infrastructure multi-tenancy design for 25,000 + nodes distributed across 170 IDF, and comply with IXIA time convergence via different failover scenarios. Configure MPLS Backbone, Multicast VPNv4, VMWare Infrastructure, and build an active: active multiple Data Centers running fabric path over dark fibers end to end with an uptime of 99.99. In addition, plan and set up a pxgrid security blanket for access compliance and defense, as well as Advanced Malware Protection threat grid for data protection with the latest hardware technologies via Cisco FirePower 9300 and FMC Architecture.  

August 2009July 2016

IT Infrastructure Specialist

Injazat Data Systems

Technical Architect leveraged for multiple enterprise accounts. A result driven leader with extensive expertise in developing innovative, cost-effective technology solutions to sustain business growth. Ensure that service delivery integrated across services and delivery capabilities to meet clients’ expectation in line with industry standards and best practices based on ITIL framework. Proficient in translating business strategy into IT capabilities, increasing productivity and ensure scalability of IT Infrastructure solutions.

Worked very closely with the client to ensure a seamless delivery of business objectives and ensure business continuity & operability through the seamless implementation of products and solutions focusing on client satisfaction. Establish and monitor service metrics to drive continuous improvement and adherence to SLA, incidents, severities, as well as business requirements. Mentored different team members in areas of expertise and worked with engineers and external vendors to deliver and maintain overall network platforms.

As well, handled the responsibility of technical implementations types of shared, dedicated service networks, virtualized and converged networks for various clients. In addition, participated in different Architecture designs for unified security, storage networks, blade enclosures, VCE converged, vBlock, unified fabric networks, cloud data centers, infrastructure as a service model, UCCE Call Center, wireless networks, IP telephony, and VMware technologies like NSX, VDI, vShpere Replication, and vCenter.

March 2007May 2009

Senior Network Analyst

Abu Dhabi International Airport

I was a member of the Infrastructure Project Team involved in the development of Abu Dhabi International Airport Expansion Infrastructure Project. Designated troubleshooter with the ability to prioritize workload and work well within aggressive deadlines.

This involved the migration of old Airport network to new Infrastructure, VRFs and MPLS backbone implementation, master IP Schema design, multi-tenancy model setup, vBlock configuration, installation for different Cisco and VMware technologies like, SRM, vCenter, firewalls, load balancers, NAC, wireless controllers, IP telephony, MDS storage, VPN concentrators, service modules, ..etc  

Additionally, in collaboration with Infrastructure Team, we successfully achieved Data Center optimization project by reducing the hardware footprint by 40% using virtualization and consolidation technology and decrease the power consumptions by 20%.

Oct 2004Oct 2006

Data Center Manager

AIG - American International Group

Technical Manager accounted for the Data Center and Arabia Infrastructure of UAE, Lebanon, Kuwait, Bahrain, KSA and Oman. I was primarily responsible for ICT development including all network, security and telecommunication assets, documentation and operational procedures. As well as, project architecture designs review, development of IT roadmaps, and budget planning.

Proven ability to create and deliver solutions tied to Hub & Spoke business model growth, organizational development and business continuity plans.

Led global projects such WAN media plans, disaster recovery, Voice over IP solution, security designs, Active Directory migration, Microsoft exchange for multi-site, proxy concentrators, local and remote virtual backup & restore setup, VMware ESXi and vCenter implementation, HP NNMi monitoring, ..etc for highly available, scalable, and reliable IT Infrastructure across the Arabia Infrastructure.

May 2003Oct 2004

System Engineer

Abu Dhabi Sea Port Authority

I was a member of the Infrastructure Project Team, who was responsible for designing, setting up, and managing information/network systems for a Data Center Project.

I worked alongside experienced engineers; where I gained the hands-on experience and knowledge of Data Centre best practice including; hardware management, network installations, storage implementation, system support, security policies & monitoring.

Oct 1999Sep 2002

Computer Technician

Crown Computers Co.

I worked with clients to analyze computing and network needs and installed appropriate solutions within each organization's budget.


It's available upon request.