about Nicholas Zurfluh

Netscaler F5 (BIG-IP) Load Balancing Expert

Title:

Principal Consultant – Load Balancing Technologies

Education:

F5 BIG-IP Essentials, Seattle WA

   F5 Certified BIG-IP v.9 Essentials

F5 BIG-IP Advanced Topics, Seattle WA

   F5 Certified BIG-IP v.9 Advanced Topics

F5 3-DNS, Seattle WA

   F5 Certified 3-DNS

Core Competency:

 BIG-IP2.x 3.x 4.x 9.x 10.x 11 (LTM)Netscaler7.x 8.x 9.x3-DNS3.x 4.x 9.x 10.x (GTM)iRules: TCL iRules language, 4.x and prioriControl:Development using JavaProtocols: TCP/IP, UDP, SOAP, CORBA, XML, SNMP, HTTP, FTP, 802.1q

Operating Systems: Solaris 2.5.1-11, Windows NT/2003, Linux, BSD, HP/UX

Routing Protocols: RIP v1 v2, OSPF, ISIS, BGP, HSRP, EIGRP, VRRP

Security systems:

 Firewalls (filter and proxy based) IDS/IPS

Platform Experience:

 Primary implementer with deployment of F5 platforms including 1000, 1500, 2500, 3400, 5100, 6400, 6800, BIG-IP v.2-4.x LTM v.9.0-9.4 GTM v.9.2-9.4

Additional coursework:

UNIX Certification – University of Arlington

CDMA Certification – Northern Telecom

Years working at F5:

1999-2000

Years in Load Balancing field:

1999-Present

Area of specialty:

 SSL EncryptionApplication Performance TuningiRules ProgrammingFirewall load-balancing

Additional expertise:

 Projects completed for clients: Constellation Energy, Citigroup, Thomson Financial, Verizon, Sun Microsystems, First Marblehead, Webster Bank, Gap, FedEx, Kinko’s, Bank of America, Epsilon, and many many more…

  • Performed and infrastructure review of F5 devices as well as site preparation for next generation platform LTM and GTM version 11
  • Audit review planning for regulatory compliance; SoX, OCC
  • Installation and integration of the latest F5 hardware platform using Big-IP version 10, 9 and 4.x
  • Developed and documented DR testing plans
  • On-site training for BIG-IP and 3-DNS
  • Upgraded older F5 switch platforms to Big-IP version 9, 10
  • Create custom Extended Content Verification send strings for various custom applications.
  • Create applications to automate load balancing functions

Create custom iRules using TCL for the purposes of:

  • Bi-directional SSL authentication
  • Diameter protocal parsing
  • Persistence using universal inspection engine
  • Server redirection based upon host header parsing
  • Redistribute connections based upon the payload of a proprietary protocol

Complete documentation of client infrastructure, including Visio diagrams.

Create iControl scripting for the integration into content publishing.

Found security vulnerability SOL 4944. This involved working directly with F5 development to identify and resolve these SSL security vulnerabilities