Projectsat work
Company:
Apex Systems
Role:
Senior Principal Network Engineer at U.S. Air Force
Timeframe:
Sep 2018 - Dec 2018
Air Force Kessel Run Program - Global Security Deployment
Led on-site architecture and implementation for Dell EMC's secure network infrastructure deployment supporting the Air Force Kessel Run initiative. Completed design and deployment of Palo Alto Networks PA-5260 firewalls in active-passive high-availability configurations across four classified sites (two domestic, two international) within three weeks - two months ahead of schedule.
Centralized Management & Automation
Leveraged Palo Alto Panorama virtual appliance on classified networks to rapidly deploy eight PA-5260 firewalls with consistent security policies, network objects, and interface templates. Streamlined build processes through Panorama automation and standardized rack templates, reducing deployment time by 50%.
Advanced Routing & Connectivity
Designed and implemented four Cisco ASR1001 routers as perimeter devices with full-mesh site-to-site IPSec VPN topology. Implemented BGP between routers and firewalls for external routing, and OSPF between firewalls and Dell S6010-ON switches for optimized internal traffic flow across the IPSec mesh.
DISA STIG Compliance
Applied DISA STIG-aligned baselines across all firewall, routing, and management systems. Maintained strict crypto compliance on IPSec tunnels and management channels while adhering to DoD change-control procedures. Delivered comprehensive operational runbooks and turnover documentation for global sustainment.
Projects
Sort by Date:
Project Title:
Securing Global Communications: A High-Stakes Tech Adventure
Timeframe:
Sep 2018 - Dec 2018
Description:
In a world where digital security is paramount, one team embarked on a three-week mission that spanned the globe. Their task was formidable: design and deploy cutting-edge firewall systems to safeguard a classified network across four crucial sites, both nationally and internationally.
The journey began with the careful design and implementation of Palo Alto Networks PA-5260 firewalls. These formidable guardians of digital information were configured to work in an active-passive high availability setup, ensuring that even in the face of disruptions, the flow of classified data remained unbroken.
With the stage set for enhanced security, the team turned to the power of the Palo Alto Networks Panorama virtual appliance. This strategic move enabled the rapid deployment of not one, but eight PA-5260 firewalls. The result? A standardized fortress, unwavering in its defense of devices, networks, and the sanctity of security policy configurations.
But the team's vision extended beyond firewalls. They architected a robust network infrastructure, introducing four Cisco ASR1001 routers to act as gatekeepers to the classified realms, bridging the external world to the secret communications within.
As the four sites stood fortified, a seamless communication network was vital. The team wove a complex web of site-to-site IPSec VPN tunnels, turning separate outposts into a unified entity, enabling servers and users to converse in the securest of languages, unintelligible to any eavesdroppers.
To orchestrate the flow of information, the Border Gateway Protocol (BGP) was implemented, allowing the Cisco routers and Palo Alto firewalls to dynamically manage external IP addresses, a digital ballet danced on the global stage.
But the internal landscape was not forgotten. The Open Shortest Path First (OSPF) routing protocol was infused into the network's veins, linking Palo Alto firewalls and Dell S6010-ON distribution switches in a dynamic routing symphony. This meticulous planning also ensured that OSPF could route traffic through the IPSec VPN tunnels, connecting the four sites in an unbreakable chain.
This was not just a series of technical implementations. It was a saga of strategic foresight, technical dexterity, and unyielding commitment to securing a network against the threats of a digital age.
SEND A MESSAGE
Learn how and when you can deploy Julian’s services.