Professional Profile

Title: F5 Product Consultant
Education: F5 BIG-IP Essentials, Seattle WA

F5 Certified BIG-IP v.9 Essentials

F5 BIG-IP Advanced Topics, Seattle WA

F5 Certified BIG-IP LTM Product Consultant

F5 3-DNS, Seattle WA

F5 Certified 3-DNS

Core Competency: ASM: 9.x 10.2.4

Citrix App Firewall: 8.0 9.0 10

Imperva SecureSphere

BIG-IP 2.x 3.x 4.x 9.x (LTM)

3-DNS 3.x 4.x 9.x (GTM)

iRules: v.9 TCL rules language, 4.x and prior

iControl: Development using Java

Protocols: TCP/IP, UDP, XML, SNMP, HTTP, FTP, 802.1q, RTSP, MMS, SIP

Operating Systems: Solaris 2.5.1-11, Windows NT/2003, Linux, BSD, HP/UX

Caching: SQUID, BlueCoat, F5 Fast Cache Module

Routing Protocols: RIP v1 v2, OSPF, ISIS, BGP, HSRP, EIGRP, VRRP

Caching systems: Web Acceleration, Compression, Web Aggregation, Pipelining, QOS
Platform Experience: Primary implementer with deployment of F5 Traffic Shield 3.x and ASM v9.x-11.5.3

Primary implementer with deployment of Citrix Netscaler App Firewall (WAF) v7.x-10

Assessor and deployment assistance for Imperva SecureSphere 5.x-6

 

Additional coursework: UNIX Certification – University of Arlington

CDMA Certification – Nortel

Years at working at F5: 1999-2000

 

Years in F5 field: 1999-Present
Area of specialty: Web Application Firewall

SSL Encryption

Application Performance Tuning

iRules Programming

Web Caching & Streaming media

Additional expertise: Projects completed for clients: NV Energy, Hastings, First Marblehead, Webster Bank, Gap, FedEx, Kinko’s, Thompson Financial, Bank of America, Citi Group, etc…

·     Installed the following web application firewalls, F5 ASM, Citrix App Firewall

·     Scan\Map applications and collect and review application flows to restrict and control access.

·     Created access controls based upon geo-location rules

·     Classify classes: traffic, URI paths, headers, cookies

·     Mitigate violations with rewritten URIs

·     Define security policies to facilitate blocking mode

·     Define application flows

·     Install latest attack signatures

Create custom iRules using TCL for the purposes of:

·     Bi-directional SSL authentication

·     Persistence using universal inspection engine

·     Server redirection based upon host header parsing

·     Redistribute connections based upon the payload of proprietary protocols

Complete documentation of client infrastructure, including Visio diagrams.

Create iControl scripting for the integration into content publishing.

Found security vulnerability SOL 4944. This involved working directly with F5 development to identify and resolve these SSL security vulnerabilities

 

Abbreviated Client List:

 

Client: First Marblehead

Medford, MA

-F5 Consulting

Completed migration of F5 Traffic Shield to F5 ASM. This includes an assessment and revisions to existing application rules and application mapping.

 

Client: Hastings Entertainment

Amarillo, TX

-Citrix Consulting

  • Review the Citrix Netscaler deployment of App Firewall.
  • Revise security policies to control and restrict access to ecommerce sites.
  • Define new rules logic to correct access for partner redirection.

 

Client: Nevada Energy

Las Vegas, NV

-F5 Consulting

Design and deploy new F5 ASM product to restrict access to customer facing web sites. Defined policies following discovery process and block unauthorized client access as well as restrict access based upon geo-location. Deployed solutions to secure externalized enterprise resources.

 

Client: Harris County

Houston, TX

-WAF Consulting

  • Assessed feasibility of existing Imperva WAF solution
  • Identify gaps in PCI compliancy testing
  • Offer alternative solution utilizing F5 ASM
  • Project plan to deploy to ASM with site maps, rules and access controls with geolocation.