Beschreibung
Aktuell suchen wir für unseren Kunden einen Netzwerkarchitekten und einen Firewall Administrator für ein Projekt in München.Projektstart: asap nach Absprache
Dauer: 1 Jahr
Einsatzort: München
Tätigkeitsbeschreibung:
WAN analysis
- Determine involved locations with WAN POPs and bandwidth
- Analysis of WAN POP traffic
- Cooperation in the development of concepts for logical WAN separation
Setting up basic Firewall Rule
- Update "Base Protection Ruleset” with the latest targets to be protected
- Setup of basic firewall ruleset
- Provide basic firewall rules to the firewall administration
Setting up and maintain the Policies for Application/Service
- Definition and coordination of the Policies for the Carve Out Firewall with all parties involved, especially Application/Service Owner and Technical Manager (Black- and Whitelist)
- Include agreed rules in the firewall policy
- Maintenance of the Application/Service Blacklist and Whitelist according to the "Application Master Plan”/"Switch-on plan” (plan for migration of applications/services into the network of the Carve out object)
- Test of the ruleset (coordinate tests with application/service users on the sites)
- Troubleshooting the ruleset (by mail)
- Providing the ruleset for the firewall operator
- Monitoring of the carve out firewall performance and coordination of findings with the firewall operator
- All existing rules for applications/services must be reduced more and more to zero until the planned shutdown of the firewall.
Carve Out Firewall – Ruleset for Networks (IP Rangers)
- Definition and coordination of the rules for the carve out Firewall with all parties involved (e.g. Whitelist for networks, blacklist for other countries)
- Inclusion of the agreed rules in the ruleset
- Maintenance of the black and whitelist according to the project pIan.
- Weekly review and comparison of the ruleset against the updated black and white rulesets whitelist
- Test of the ruleset (coordinated tests on the sites)
- Troubleshooting in reducing the ruleset (by mail)
- Providing the ruleset for the firewall operator
- Monitoring of the Carve Out firewall performance and coordination of findings with the firewall operator
Special Cases and Logging/Reverse Engineering/Analysis-Tool/Scripting
- Daily inspection of the firewall logs. if necessary, request actions from the responsible authorities
- Considering of project-internal special specifications
- Creation of new/modified rulesets in the ruleset tables and provision to the firewall administration
- Specification of specific logging rules in the monitoring tool
- FTP server maintenance and archiving of logging files on storage solution
- Preparation of raw data and processing of logging data
- Taking into account test results, logging data and traffic analysis, identification of the need to adapt the ruleset
- Evaluation of the result files: Revers engineering
- Create scripts automation
- Determination and cleaning up of IP ranges no longer required
- Check infrastructure separation with regard to network separation
- Recording and archiving of all Ruleset-related information in a table
Physical WAN separation
- Accompaniment of concept development
- Error analysis during the transition process
- Cleanup of WAN POPs and IP Ranges
Anforderungen:
- Mehrjährige Erfahrung im Bereich Netzwerkarchitektur
- Firewall-Kenntnisse
Sollten Sie an diesem Projekt interessiert sein, freuen wir uns über die Zusendung Ihres aktuellen Profils mit Angaben zu Stundensatz und Verfügbarkeit.
Mit freundlichen Grüßen
Telmo Pereira
Senior IT Recruitment Manager
Trans4mation IT GmbH
Glashütter Straße 55
01309 Dresden
E-Mail:
Internet: https://www.trans4mation.de/