Trent Arsenault Resume

Trent Arsenault WLAN & Security Engineer - Employment Resume - Last modified May-2006

Name: Trent Arsenault

Address: Home: Pleasanton, CA

E-mail: abqspz@r.postjobfree.com

Objective: Seeking to relocate from Silicon Valley to SW Missouri/N Arkansas area (within 2 hrs of

Springfield, MO area).

Background Summary: 10 years hands-on network infrastructure with a lifelong passion for security

and wireless data communications.

Industry Certifications:

CISSP - Certified Information Systems Security Professional

CWNA - Certified Wireless Network Administrator

CCNP - Cisco Certified Network Professional

CCSE - Checkpoint Firewall Certified Systems Engineer, Administrator

MCSE - Microsoft Certified Systems Engineer

SCSA - Sun Microsystems Certified Solaris Administrator

CNE - Novell Certified NetWare Engineer

FCC E - Federal Communications Commission Extra Class Amateur Radio license

Certifications in Progress:

Cisco CCIE - Voice

Employment History Overview:

NetZero, Inc Westlake Village, CA. Network Security Consultant Manager

Network Security: Updated security defense perimeter in 4 data centers for a 15 Million user ISP

environment.

Software Security: Integrated security measures into company s dialup access software.

Leadership: Managed team of network engineers and consultants for company s daily security operations

of internal and external networks.

Governance: Formed corporate security policy and guidelines.

Extranet/Intranet: Oversaw management of 5,000 plus devices consisting of Cisco, Juniper, Foundry

Networks, Dell, HP, Sun Microsystems.

Sun Microsystems (SUNW), Menlo Park, CA. Network Engineer (Video, WLAN, Voice)

WLAN: Designed and implemented WLAN perimeter networks in each Sun Silicon Valley campus based

on Cisco Structured Wireless-Aware architecture to include fast roaming and mandatory encryption.

Participated in site design of 100 node Cisco Aironet (802.11a/b/g) deployment. Design of long haul

microwave link between two Colorado campuses separated by 2 km. IDS installation and rouge AP

detection in all wireless deployments. Integrated handheld devices (Blackberry and Java PDA s) into

wireless network. Ensured network priority for various voice & video devices over the campus WLAN.

VoIP: Part of pilot design team implementing Sun s first call center VoIP infrastructure consisting of Cisco

7900 IP phones, 500-line CallManager cluster, and SIP gateway. Implemented VoIP & VPN infrastructure

for 50 remote sales offices during another pilot program. Tuned network to support VoIP traffic on top of

existing corporate data. Participated in design of call routing configuration.

Sun.Com Internet Data Center: Deployment of Cisco 12000 GSR and Cisco 6500 for Sun.Com s in-house

Internet web hosting. BGP peering with multiple Tier 1 ISPs (Verizon/MCI, AT&T/SBC, Sprint, Qwest,

Internap) using Sun s BGP AS and multi OC-3 connectivity. Configured layer 4 load balancing to Sun s

web and app servers using Foundry ServerIron. Provided network tuning to optimize FTP and HTTP

download performance. Data center handles $4Bil USD/yr in e-commerce.

Sun Campus Connectivity: Installed Internet connectivity (OC-3) for two new Silicon Valley campuses

(10,000 users) using Cisco 6500 routers. Managed routing and rate limiting policies for a 30km self-

healing fiber ring between three Silicon Valley Sun campuses for VoIP, video, and data connectivity.

Installed HA/load-balanced infrastructure and appliances for corporate web proxy traffic. Deployed firewall

policies, NAT, and OSPF routing between the Sun edge and internal networks. Oncall technical contact

for campus network and telco circuits.

Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006

Security & Firewalls: Replaced over 50 legacy software based firewalls with Cisco PIX and Juniper

Netscreen devices. Set up multi-layer defense security at datacenters using firewalls, router access

control lists, reactive Cisco IPS IDS, and host hardening. Began centralized management of security

policies on network devices. Provided compliance for U.S. Govt Sarbanes-Oxley (SOX) guidelines on

network security devices.

Sun Partner WAN: Converted over 30 Sun partner connections from legacy Frame Relay/private T-1

circuits to MPLS carriers & site-to-site VPNs using Cisco 7200, Cisco PIX, and Juniper VPN, & SSL VPN

concentrators. Configured OSPF routing, BGP routing, and firewall policies between partner sites. Oncall

for partner network issues.

Monitoring: Configured monitoring, graphing, & availability reporting of circuits using RRD, MRTG and

other web-based tools. Configured pager notifications for critical outages and link state events using

ICMP and SNMP.

Employee Remote Connectivity VPN: Part of team deploying Cisco VPN 3000 concentrators to 5 Sun

worldwide data centers serving 20,000 home/remote users & contractors.

Corp Acquisitions: Part of team that integrated corporate acquisitions into Sun s network, including

StorageTek in Colorado.

Network Troubleshooting: Oncall (24x7) escalation support for network problems, utilizing tools such as

sniffers, IP debugging, SNMP-based reporting, etc. Created documentation and training for first-level

support teams. Strong knowledge of troubleshooting Sun s network services such as SMTP, VoIP, DNS,

HTTP.

Walt Disney Company, Burbank, CA. Streaming Video /Network /Security Engineer @ Disney.Com

Disney.Com s Network Intrastructure: Set up infrastructure for Internet streaming video and audio for

Disney s ABC & ESPN TV network websites. Deployed highly-available Cisco network infrastructure &

Checkpoint firewalls during migration from colo facility to Disney s data center in Orlando, Fl. Configured

Cisco Local Director load balancing for high traffic web sites during launch of Disney.Com in 97-98.

Configured wireless and laser links between Disney and ABC hq campuses in the Los Angeles area.

PDAs & Mail Infrastructure: Implemented anti-virus filtering and PKI infrastructure for company s

Exchange and sendmail mail gateways, 10,000 mailbox environment. Piloted project to equip Disney

executives with PDA s with mailing syncing ability to MS Exchange servers.

Ecommerce Host & Network Security: Designed network & host security for Disney s online ticketing and

booking system between banks and processing partners. Disney commerce websites began handling

multi-million dollar/yr transactions.

Partner Connectivity: Installed VPN and T-1 connectivity between the Disney content providers and web

hosting location. Secured connections between partners with firewalls and ACLs.

IDS: Deployed network-based IDS to identify & defend against daily attacks of Disney web sites.

Internal Security: Performed security administration for internal Windows & Unix database and content

servers. Performed security audits of company s routers, firewall, and web hosting infrastructure.

VPN Remote Access: Project lead to convert remote access dialup pops to VPN clients.

Troubleshooting & Oncall: 24x7 oncall for Disney.Com s production network & security infrastructure.

CIBER Consulting (NASDAQ:CIBR) New York, NY - www.ciber.com. Network Engineering

Consultant - (Ciber is a Microsoft, IBM, Cisco, Sun & Novell Solutions provider with national offices).

Completed the following consulting projects while at CIBER:

Mutual of New York Bank (MONY) NY, NY - Deployed Cisco routers, Catalyst switches and Unix and

Windows based firewalls for banking network infrastructure.

Siemens Medical Systems Malvern, PA - Security assessment of corporate intranet and Internet edge

and Lotus Notes mail system.

Avantis Pharmaceuticals Philadelphia, PA - Security auditing of network infrastructure, UNIX & Windows

NT servers.

Aydin Corporation (Government Defense Contractor), Willow Grove, PA - Installation of firewalls and host

security tools on Windows and UNIX servers.

Nabisco Foods E. Hanover, NJ Designed Windows NT domain controller infrastructure for 10,000 user

intranet.

McLean Engineering. Princeton, NJ - Windows and Unix Network administration for 200 employee

office and 2 remote offices on the East coast.

Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006

United States Department of Defense. Annapolis, MD - Network administration/ training at US Navy

Academy officer school.

Knowledge & skillsets in the computer/networking/security fields:

Network Infrastructure:

Cisco: 2500, 2600, 3500, 3600, 5000, 6500, 7200, 7500, 7600, 12000 GSR, PIX, Local Director. Cisco

WAN hardware (Wic T-1, POS, Frame Relay, ISDN, OSM, etc). IOS 11x, 12x, hybrid IOS, CATOS.

Strong experience working with Cisco TAC on case escalation. Routinely read Cisco security alerts and

perform IOS updates.

Foundry: ServerIron, FastIron 400/800/1500, BigIron, GSLB load balancing.

Juniper: Netscreen 5, 25, 50, 204, 208, 500, ScreenOS, SSL VPN.

Routing protocols: RIP, OSPF, BGP, EIGRP, IRDP, static. Peering with tier-1 providers.

Switching: 802.1q tagging, trunking / port aggregation, VLANs, PVLAN, port security. Cisco Catalyst and

Foundry FastIron/BigIron.

Load Balancing: Layer 4-7 LB using Foundry ServerIron, Cisco CSM; dsr, round robin, health check,

VIPs, etc.

SSL Acceleration: Foundry ServerIron and various PCI encryption offloading cards for Windows and Unix.

Sniffers: Network General, ethereal, snoop, tcpdump, libpcap, kismet, netstumbler, Wildpackets.

WAN: Frame relay, MPLS, ISDN, T-1, circuit provisioning. Familiar dealing with managed WAN providers

(AT&T, InfoNet, etc),value added networks for EDI.

QoS: Traffic prioritization, resource reservation, rate limiting, RSVP protocol on Cisco gear.

VPN: Netscreen, Cisco 3000, 5000, PIX, Checkpoint.

OOB Management: Cisco console servers, Cyclades.

HA (high availability): HSRP, IPMP, NSRP, hot/cold standby, health checking, etc.

Wiring: Fiber, campus rings, Cat 5/6 ethernet, GBE, coax, patching, cable assembly, cable plant design.

Host-based routing software: GateD, zebra, routed, Windows connection sharing.

Monitoring/Alerting: SNMP, MRTG, RRD, Cacti, SiteScope, Siteseer, Topaz, KeyNote, NOCOL, SNIPS,

sflow, rmon, nmon.

Wireless & WLAN Experience:

AP s: Cisco Aironet, Linksys, D-Link, 3Com, Orinoco, Proxim, WRAP & StarOS AP s. Linux and Microsoft

drivers.

NICs: Various 802.11a/b/g/n NICs supporing Windows, Windows PocketPC PDA s, and Linux devices.

Cisco: WiSM module on 6500 switches, Wireless Control System (WCS), Cisco 2700 Wireless Location

Appliance, Cisco SWAN architecture, Cisco wireless NICs.

WISP/Mesh: Various IP routing protocols over WLAN, Firetide and Motorola mesh network products.

Various WISP and guest pay services services such as Boingo, Wayport, Cingular.

VoWLAN: Linksys CIT200 headset, SJ Phone for Pocket PC, 802.11e QoS standard.

Site Survey: GPS mapping software, interference reduction studies, MIMO integration, cell coverage, etc.

Miscellaneous: Fast roaming, bridging, GPS based software, power over Ethernet to AP, zigbee

standards, RFID standards and site controllers, VON attendee.

Bluetooth: Secure pairing, custom profiles.

WiMAX 802.16: Familiar with Sprint and TowerStream WiMAX business services, WiMAX frequencies

and standards.

Antennas: Directional (yagi, dish, panels, grids), hi gain omni, MIMO. Microwave amplifiers and pre-amps,

various coax,. Long-haul antenna calibration.

WLAN Security: WEP, WPA, WPA2, LEAP, IPSec over WiFi. Various rouge AP detection devices,

AirSnort, Kismet, Cisco IPS, ministumbler.

Mobile Computing / PDA:

Cellular: Various WISP providers, Cellular Internet providers (Verizon EVDO, GSM & 3G IP services),

Blackberry Enterprise mail server, Verizon Wirelessync.

Devices: Microsoft Pocket PC/CE, Microsoft SmartPhone, Microsoft SmartDisplay, Palm OS, Palm Treo,

RIM Blackberry, Symbian OS.

Mobile Email: Syncing with Microsoft Exchange, Outlook, ActiveSync, and Lotus Domino.

Misc: Various mobile location aware apps, various mobile IM software including Jabber clients, various

PDA tools and bar scanner apps.

Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006

VoIP & Video Experience:

IP Phones: Cisco 7940, 7960, 7920 (802.11b) 3Com NBX 3101, Linksys CIT200 wireless phone.

Call Processing Software/Servers: Cisco Unified CallManager, CallManager Express, Cisco Unified

Operations Manager.

Switches w/POE: Catalyst 6500, Catalyst 3750, power/distance calculations.

Management & Call Routing: Cisco Unified Contact Center (IPCC), Cisco Unified Operations Manager,

Cisco Callback.

Gateways & PSTN: Cisco IOS Gateway, Cisco VG224 analog gateway.

Protocols: RSVP, SIP, H.323.

Legacy PBX & Voicemail: Some knowledge of Nortel Meridian & Intuity Audix

Miscellaneous: E-mail integration of voicemail/fax, various consumer/business services (Vonage,

CallVantage, etc) Skype, AccessLine conferencing & call hunt, various soft phone software, VoiceCon.

Video: Servers: Windows Media Server, Real Helix server, QuickTime server (QTSS), SHOUTcast

server, Formats: MPEG4, Quicktime, WMV, Real etc. Buffering & compression w/ various video formats.

Streaming to WLAN devices.

Network Security Skills and Experience:

Firewalls, Proxies, IDS:

Firewalls: Cisco PIX, IOS firewall feature set & CBAC, Juniper Netscreen, Microsoft ISA, Checkpoint v3/4/

NG and Provider-1, Gauntlet, Sun EFS, Borderware, TIS/NAI FWTK, IPChains, IPFilter, Netfilter, Raptor,

router access lists. URL filtering, Westbridge XML firewall.

Proxies: HTTP: Netscape Enterprise, Microsoft ISA, Microsoft Proxy server, Squid, Sun Java proxy.

SOCKS: Aventail, NEC, Socks5. Media Proxies: Real-time Streaming Protocol (RTSP), Real Audio Proxy,

QuickTime proxy.

Network IDS: Sourcefire, Snort, Cisco IPS sensors and management consoles, NFR, ISS Real Secure,

AirSnort. Reflexive IDS techniques, DoS attack prevention.

VPN Clients: Cisco and Checkpoint s IPSec clients, L2TP clients for Macs, UNIX, and Windows. SSH

1.x, SSH 2.x (port forwarding, X11 forwarding, etc).

Anti-spam/Anti-virus: Brightmail, Symantec, Trend Micro, McAfee, Vipul s Razor, SpamAssassin,

MailScanner, Pyzor, Sophos, MessageLabs, RBL, blacklists/whitelists, Procmail, hypermail, m4.

Filtering: Objectionable website filtering, jpg filtering, p2p filtering.

Encryption / Key Exchange: DES, 3DES, SHA, MD5, Blowfish, PGP, SSL/TLS, IPSec.

Access/Authentication:

Servers: RADIUS, TACACS+, CHAP/PAP, Kerberos, S/Key, NIS+, LDAP, Active Directory. Security

Dynamics tokens, smart cards, single sign-on solutions.

PKI: Verisign, Twaite, Entrust PKI, digital certs.

Physical Security: Data center security, badge readers and biometrics, CCTV, etc.

Payment processing: Design and implementation of infrastructure for online credit card processing and

online stores. Experience connecting with various banks, payment and credit card clearing.

Security Policy and Enforcement

Network Auditing: Familiar with using tools such as Nmap, ISS Scanner, netcat.

Policy and documentation: Experienced writing policy, guidelines, HIPAA & Sarbanes Oxley

requirements, disaster recovery, operating system security standards.

Memberships & Subscriptions: ISSA, SANS, CERT, Bugtraq, nanog.

Internet/Intranet Services:

Mail Servers: Have administrative support experience with sendmail, MS Exchange, Lotus Notes, various

imap/pop servers, UseNet news servers.

Mail Security: TLS, SSL, PGP, Certificate Authority servers, digital signatures.

DNS & IP allocation: BIND, QIP, MetaIP, DHCP servers, ARIN, domain registrars, etc.

WWW: IIIS, Apache, Sun, OpenSSL, FrontPage extensions, Windows Media Server. Web Caching

systems such as Network Appliance, Cisco, Akamai.

VoIP: SIP and H.323 knowledge, QoS tuning on networks, latency troubleshooting, etc.

Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006

Operating System Admin Skills:

Microsoft Operating System Experience:

Microsoft Mobile Operating Systems: Windows Mobile 2002/2003/Phone Edition/CE, Windows XP

Embedded, various Pocket PC devices, ActiveSync, mobile WLAN & Bluetooth, mobile E-mail.

Microsoft: Server: 2003, 2000, NT. Desktop: (XP, Tablet).

Windows networking: Active directory, Exchange server, ISA server, WINS, DNS, DHCP, RAS, IIS, RDP

& terminal server, system polices, user profiles.

Backup utilities: Backup Exec, EMC Retrospect.

Miscellaneous: PGP whole disk encryption, registry editing, disk imaging, VMWare.

X86 Server Hardware: Compaq Proliant, IBM xSeries, Sun, etc.

UNIX Operating System Experience:

UNIX/Linux: Sun Solaris, BSD, HP-UX, AIX, Redhat, Fedora, SuSE, Mac OS X.

Hardware: IBM: AS/400. Sun: All Sun Enterprise models, E10K. Sun Ultra, E220/250, E420/450, Netra,.

HP: AlphaStation, PA-RISC.

Storage: Sun StorEdge, fiber channel architecture, Volume Manager

Command line experience: Compiling, kernel modification, performance tuning, hardened server builds,

NFS, NIS+, clustering, samba.

Operating System Security:

UNIX/Linux: Hardened/stripped down builds, security patching, file system permissions, log security,

securing services, ipchains, netfilter, Tripwire, tcpwrappers, sudo, trusted Solaris, Solaris containers,

zones, security patching.

Microsoft: Active Directory & server hardening, NTFS and file server security, SQL security, registry

hardening, security patches, desktop forensics.

Other Skills:

Programming languages

Coding/Scripting: Scripting in PERL, C++, c shell.

WWW languages: Basic scripting and security auditing of Java, HTML, PHP. Open source web portals

such as MovableType, Nuke, Mambo, WordPress.

Database: Security hardening of SQL server, mysql, Oracle. Basic dba skills.

Office Software:

Desktop Software: MS Office, MS Visio, MS Project, MS PowerPoint, Lotus Notes, StarOffice, AutoCAD,

Qualcomm Eudora, Mozilla, Thunderbird, Firefox, Pine, Elm, AOL, Opera, RSS readers on Windows,

Unix and/or Mac platforms.

Miscellaneous Network Software: Reflection X, pcAnywhere, VNC.

Video, Audio & Graphics Editing: Adobe PhotoShop, Adobe Premiere, Adobe Elements, Adobe Elements,

Media Player, Real Networks, Audacity,

Legacy NOS: Novell 3.x, 4.x, LANtastic, Banyan Vines, AppleTalk.

Enterprise Suites: Familiar with several popular change management and ticketing suites such as

Rememdy and HP Openview.

Computer related activities outside of profession:

Volunteer computer and networking skills for area schools.

FCC Amateur Radio Extra Class licensed

Bay Area Wireless Users Group

IEEE Member

Volunteer for FON Wireless Team ( Non-profit Wifi Mesh Sharing www.fon.com )

Registered Beta tester for Windows Vista

Education:

1992, University of Missouri, Rolla & St Louis. Computer Science.

Travel: Under 50% preferred. US passport holder w/ past security clearance.

Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006

References: Available upon request.

Availability: Would prefer to give at least 2 weeks notice to current employer.

For the most recent copy of my resume in Word & HTML format, visit: http://www.trent.us

Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006

Contact this candidate