|Title:||F5 Product Consultant|
|Education:||F5 BIG-IP Essentials, Seattle WA
F5 Certified BIG-IP v.9 Essentials
F5 BIG-IP Advanced Topics, Seattle WA
F5 Certified BIG-IP LTM Product Consultant
F5 3-DNS, Seattle WA
F5 Certified 3-DNS
|Core Competency:||ASM: 9.x 10.2.4
Citrix App Firewall: 8.0 9.0 10
BIG-IP 2.x 3.x 4.x 9.x (LTM)
3-DNS 3.x 4.x 9.x (GTM)
iRules: v.9 TCL rules language, 4.x and prior
iControl: Development using Java
Protocols: TCP/IP, UDP, XML, SNMP, HTTP, FTP, 802.1q, RTSP, MMS, SIP
Operating Systems: Solaris 2.5.1-11, Windows NT/2003, Linux, BSD, HP/UX
Caching: SQUID, BlueCoat, F5 Fast Cache Module
Routing Protocols: RIP v1 v2, OSPF, ISIS, BGP, HSRP, EIGRP, VRRP
|Caching systems:||Web Acceleration, Compression, Web Aggregation, Pipelining, QOS|
|Platform Experience:||Primary implementer with deployment of F5 Traffic Shield 3.x and ASM v9.x-11.5.3
Primary implementer with deployment of Citrix Netscaler App Firewall (WAF) v7.x-10
Assessor and deployment assistance for Imperva SecureSphere 5.x-6
|Additional coursework:||UNIX Certification – University of Arlington
CDMA Certification – Nortel
|Years at working at F5:||1999-2000
|Years in F5 field:||1999-Present|
|Area of specialty:||Web Application Firewall
Application Performance Tuning
Web Caching & Streaming media
|Additional expertise:||Projects completed for clients: NV Energy, Hastings, First Marblehead, Webster Bank, Gap, FedEx, Kinko’s, Thompson Financial, Bank of America, Citi Group, etc…
· Installed the following web application firewalls, F5 ASM, Citrix App Firewall
· Scan\Map applications and collect and review application flows to restrict and control access.
· Created access controls based upon geo-location rules
· Classify classes: traffic, URI paths, headers, cookies
· Mitigate violations with rewritten URIs
· Define security policies to facilitate blocking mode
· Define application flows
· Install latest attack signatures
Create custom iRules using TCL for the purposes of:
· Bi-directional SSL authentication
· Persistence using universal inspection engine
· Server redirection based upon host header parsing
· Redistribute connections based upon the payload of proprietary protocols
Complete documentation of client infrastructure, including Visio diagrams.
Create iControl scripting for the integration into content publishing.
Found security vulnerability SOL 4944. This involved working directly with F5 development to identify and resolve these SSL security vulnerabilities
Abbreviated Client List:
Client: First Marblehead
Completed migration of F5 Traffic Shield to F5 ASM. This includes an assessment and revisions to existing application rules and application mapping.
Client: Hastings Entertainment
- Review the Citrix Netscaler deployment of App Firewall.
- Revise security policies to control and restrict access to ecommerce sites.
- Define new rules logic to correct access for partner redirection.
Client: Nevada Energy
Las Vegas, NV
Design and deploy new F5 ASM product to restrict access to customer facing web sites. Defined policies following discovery process and block unauthorized client access as well as restrict access based upon geo-location. Deployed solutions to secure externalized enterprise resources.
Client: Harris County
- Assessed feasibility of existing Imperva WAF solution
- Identify gaps in PCI compliancy testing
- Offer alternative solution utilizing F5 ASM
- Project plan to deploy to ASM with site maps, rules and access controls with geolocation.