dholmes@lanwanprofessional.com| (205) 440-2543

IT professional with over 10 years of experience in administration, escalation support, configuration, maintenance, engineering and troubleshooting of various technologies for professional to global enterprise environments and include proficiency in routing, switching, security (firewall), voice, wireless and data center technologies.

 

§ Cisco Certified Network Professional – Routing/Switching CCNP – R/S

§ Cisco Certified Network Associate – Routing/SwitchingCCNA - R/S

§ Cisco Certified Network Associate – VoiceCCNA - Voice

§ Cisco Certified Network Associate – WirelessCCNA - Wireless

§ Cisco Certified Network Associate – SecurityCCNA – Security

§ Cisco Certified Design AssociateCCDA

§ Cisco Certified Network Associate – Data Center                                                                    DCICN

§ Certified WAN ProfessionalCWP

§ Certified WAN Enterprise AdministratorCWEA

§ Security Clearance-Secret                                                                                                          United States Government

Cisco Routers/Switches:Cisco IOS, Routers (3900, 2900, 1900, 800), Cisco Catalyst (6500, 5500, 4900, 4500, 3000, 3100), Cisco Nexus (1010/1010x, 2000, 5010, 5020, 5548P, 5548UP, 7000).

Connectivity & Hardware:Blade Servers, Web Servers Ethernet, Fast Ethernet, WAN, LAN, TCP/IP, RAID systems, Cisco ASA 5500, CDP, Frame-relay, PPP, ACL, Network Address Translation (NAT), Port Address Translation (PAT), OSPF Virtual links, RIPng, RIP, RIPv2, OSPF, EIGRP, BGP, MPLS, VTP, SNMP, SNMPv3, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN Trunking, Multi-Area OSPF, NBMA, Sonet, VLAN, VTP, HSRP, STP, SVI, CEF, Etherchannel, BPDU, Portfast, GLBP,UPS

Security Technologies:AAA, IPS/IDS, TACACS+, RADIUS, SSH, VPN, Cisco ACS, Data Loss Prevention, IPSec, Data Management Zone, Pretty Good Protection (PGP), Public Key Infrastructure (PKI), Port Security, MAC Address Filtering, IPS/IDS, NPS, Bluecoat Proxy & Antivirus, Checkpoint, Firewall

Wireless/VoIP Technologies:802.11 a/b/g/n, WLAN, WAP, SSID, LWAPP, CSMA/CA, Cisco ACS, VoIP, IP Phone, Catalyst, CUCM, QoS, PoE, CME, CUE, MAC Address Filtering, SIP, RTP, SCCP, SRTP, UCCM, UCCX.

Monitoring Tools/Apps:Finisar, Wireshark, Remedy, Openview, Cacti, Nagios, VMware, Solarwinds, F5, Cisco Works, LogicMonitor, Cisco Security Manager Suite, Checkpoint Smart Console, Checkpoint Smart view Tracker, ASM

Enterprise Technologies:        Windows XP/VISTA/7, Windows Server 2003/2008/2012, Exchange 2010, Active Directory, DNS, WINS, PHP, MSSQL, MySQL, Typo3 CMS, Moodle LMS, Microsoft Office Suite, Linux, Red Hat, Ubunto, Desktop and Networked Printers, MAC, Netcool, LogMeIn Central, GPMC, RDP, Internet Information Services, Security Surveillance Installation, Digital Signage Technologies, Emergency Notification Systems (Microwave Technology),Polycom Video Teleconference System, Tandberg Video Teleconference System

 

H. Councill Trenholm State Community College                    Network Engineer (Technician)                                     2005-Present

•Member to a team of professionals responsible for the day-to-day administration and maintenance of the IT infrastructure to include onsite administration and support, scheduled installation, configuration activities and internal/external security applications.

·   Duties include installation of computer and computer peripherals and software and make sure that they are in optimal running condition.

·   Technologies handled by the team include but not limited to local area network (LAN) technologies, wide area network (WAN) technologies, server and enterprise applications and desktop technologies. Specific technologies include management of fiber-connected network supporting Windows and Linux environments, wireless hotspots and internal phone system.

·   Professional responsibilities included project coordination, administration, following corporate policies and procedures, documentation, and scheduling as needed reports to management.

·   Provide recommendations on technologies and software for users to better perform their duties.

Certified WAN Engineering ProgramLANWAN Professional

Bachelor of Science in Computer Information SystemsAlabama State University

 

 

Routing & Switching

·               Implement VLAN Trunking Protocol to reduce administrative overhead.  Enable secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switchports following Layer 2 security best practices. 

·               Create and manage Local VLANs based on department function, and configure ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding.  Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays.

·               Configure frame-relay point-to-point and multipoint connections to establish connectivity between each of the four sites as required.  Establish frame-relay point-to-point connections three of the sites creating a full mesh.  Implement hub and spoke network between three of the sites with the main office as the hub for redundant connections. 

·               Implement EIGRP routing for point-to-point and Non Broadcast Multi-Access networks.  Ensure that the spoke routers are receiving routing information about each other from the hub.  Configure EIGRP unequal-cost load balancing to also use the lower capacity multipoint links when routing packets.

·               Prevent neighbor adjacencies from being formed as well as the sending and receiving of routing updates on unnecessary interfaces.  Configure EIGRP MD5 Authentication between sites to prevent unauthorized insertion of routes into the domain.  Implement manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain the routing table. 

·               Implement OSPF routing with multiple areas for networks between sites.  Implement totally stubby areas to lower the system resource utilization of routing devices for the network.  Implement NSSA area to allow injection of external routes into the area and propagation into the OSPF domain.

 

Voice

·               Implement a local voice network with the following network elements:  Cisco 2811 ISR (VoIP) with a Cisco Unity Express Network Module (NM-CUE) installed, Cisco Communications Manager Express, a standard Cisco 3550 Switch, and a Cisco 3550 switch with Power-over-Ethernet.  Create and manage Data and Voice VLANs, and configure ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding.  Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays.

·               Configure Fast Ethernet main and sub-interface assignments as required for inter-vlan routing.  Implement static routes for local connectivity.  Implement NTP server, DHCP server, and TFTP server for support of the VoIP network.  Modification of system level parameters including max phones, max directory numbers, display format for date and time, and setting the Time-Zone. 

·               Implement Unity Voicemail on the Cisco Unity Express Network Module.  Configure a dial-peer on the Cisco 2811 ISR to define the attributes of the packet voice network connection to the Cisco Unity Express Network Module.  Enable call forwarding on busy or no answer.  Implement Message Waiting Indicators and Voicemail access via SMTP.  Daisy-chain PCs to VoIP phones to reduce network cabling costs.  Utilize PoE ports for VoIP phones to reduce power infrastructure costs.

 

Security

·               Implement an IPSec Site-to-Site VPN between the Cisco ASA5505 at small office location and Cisco 1841 ISR with a security IOS image at the main office.  Implementation of the VPN includes the following configurations:  Internet Key Exchange Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmac to define how the traffic is protected, crypto-map to associate the previously configured elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint. 

·               Additional implementations include PAT with NAT exemptions for the VPN traffic on the Cisco ASA5505, and PAT using a route-map to exclude VPN traffic from translation on the Cisco 1841 ISR.

·               Implementation of Zone-Based Policy Firewall on the Cisco 1841 ISR with the following components:  three zones, class-maps specifying traffic that must have policy applied as it crosses a zone-pair, policy maps to apply action to the class-maps’ traffic, zone-pairs, and application of policy to zone pairs.

 

Wireless

·               Implementation Create and configure dynamic interfaces for VLAN and WLAN association.  Create wireless LANs and configure interface association, security parameters, and radios used.  Utilize the Wireless LAN Controllers web GUI to configure and manage the wireless network.  Configure internal DHCP scopes for WLANs. 

·               Prepare infrastructure for AP registration on same subnet as management VLAN and for AP registration on different subnet.  Implement option 43 for DHCP where necessary.  Configure AAA AP policies to allow Self Signed Certifications for APs shipped without a Manufacturer Installed Certificate. Implement AP Grouping to ensure WLAN SSIDs are only broadcast by the APs desired.

·               Implementation of secure SSIDs for internal users and open SSIDs for guest users.

 

 

F5 Load Balancer

·               Implementation of performance and visibility for inbound and outbound traffic, so the engineer can cost-effectively protect the entire user experience by encrypting everything from the client to the server. It also defends against potentially crippling DDoS attacks and provides ICAP services for integration with DLP and virus protection.

·               Implementation of improvement page load times and the user experience by making real-time protocol and traffic-management decisions based on application and server conditions, extensive connection management, and TCP and content offloading.

·               Implementation of static and dynamic load balancing to eliminate single points of failure. Application proxies give protocol awareness to control traffic for the most important applications. BIG-IP LTM also tracks the dynamic performance levels of servers in a group, verifying that applications are not just always on, but are easier to scale and manage.

 

 

UPS

·               Installation of UPS (Uninterruptable Power Supply) for switches, servers and workstations. Prevention of equipment damage and data loss is important for the organization.