Trent Arsenault Resume
Trent Arsenault WLAN & Security Engineer - Employment Resume - Last modified May-2006
Name: Trent Arsenault
Address: Home: Pleasanton, CA
E-mail: abqspz@r.postjobfree.com
Objective: Seeking to relocate from Silicon Valley to SW Missouri/N Arkansas area (within 2 hrs of
Springfield, MO area).
Background Summary: 10 years hands-on network infrastructure with a lifelong passion for security
and wireless data communications.
Industry Certifications:
CISSP - Certified Information Systems Security Professional
CWNA - Certified Wireless Network Administrator
CCNP - Cisco Certified Network Professional
CCSE - Checkpoint Firewall Certified Systems Engineer, Administrator
MCSE - Microsoft Certified Systems Engineer
SCSA - Sun Microsystems Certified Solaris Administrator
CNE - Novell Certified NetWare Engineer
FCC E - Federal Communications Commission Extra Class Amateur Radio license
Certifications in Progress:
Cisco CCIE - Voice
Employment History Overview:
NetZero, Inc Westlake Village, CA. Network Security Consultant Manager
Network Security: Updated security defense perimeter in 4 data centers for a 15 Million user ISP
environment.
Software Security: Integrated security measures into company s dialup access software.
Leadership: Managed team of network engineers and consultants for company s daily security operations
of internal and external networks.
Governance: Formed corporate security policy and guidelines.
Extranet/Intranet: Oversaw management of 5,000 plus devices consisting of Cisco, Juniper, Foundry
Networks, Dell, HP, Sun Microsystems.
Sun Microsystems (SUNW), Menlo Park, CA. Network Engineer (Video, WLAN, Voice)
WLAN: Designed and implemented WLAN perimeter networks in each Sun Silicon Valley campus based
on Cisco Structured Wireless-Aware architecture to include fast roaming and mandatory encryption.
Participated in site design of 100 node Cisco Aironet (802.11a/b/g) deployment. Design of long haul
microwave link between two Colorado campuses separated by 2 km. IDS installation and rouge AP
detection in all wireless deployments. Integrated handheld devices (Blackberry and Java PDA s) into
wireless network. Ensured network priority for various voice & video devices over the campus WLAN.
VoIP: Part of pilot design team implementing Sun s first call center VoIP infrastructure consisting of Cisco
7900 IP phones, 500-line CallManager cluster, and SIP gateway. Implemented VoIP & VPN infrastructure
for 50 remote sales offices during another pilot program. Tuned network to support VoIP traffic on top of
existing corporate data. Participated in design of call routing configuration.
Sun.Com Internet Data Center: Deployment of Cisco 12000 GSR and Cisco 6500 for Sun.Com s in-house
Internet web hosting. BGP peering with multiple Tier 1 ISPs (Verizon/MCI, AT&T/SBC, Sprint, Qwest,
Internap) using Sun s BGP AS and multi OC-3 connectivity. Configured layer 4 load balancing to Sun s
web and app servers using Foundry ServerIron. Provided network tuning to optimize FTP and HTTP
download performance. Data center handles $4Bil USD/yr in e-commerce.
Sun Campus Connectivity: Installed Internet connectivity (OC-3) for two new Silicon Valley campuses
(10,000 users) using Cisco 6500 routers. Managed routing and rate limiting policies for a 30km self-
healing fiber ring between three Silicon Valley Sun campuses for VoIP, video, and data connectivity.
Installed HA/load-balanced infrastructure and appliances for corporate web proxy traffic. Deployed firewall
policies, NAT, and OSPF routing between the Sun edge and internal networks. Oncall technical contact
for campus network and telco circuits.
Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006
Security & Firewalls: Replaced over 50 legacy software based firewalls with Cisco PIX and Juniper
Netscreen devices. Set up multi-layer defense security at datacenters using firewalls, router access
control lists, reactive Cisco IPS IDS, and host hardening. Began centralized management of security
policies on network devices. Provided compliance for U.S. Govt Sarbanes-Oxley (SOX) guidelines on
network security devices.
Sun Partner WAN: Converted over 30 Sun partner connections from legacy Frame Relay/private T-1
circuits to MPLS carriers & site-to-site VPNs using Cisco 7200, Cisco PIX, and Juniper VPN, & SSL VPN
concentrators. Configured OSPF routing, BGP routing, and firewall policies between partner sites. Oncall
for partner network issues.
Monitoring: Configured monitoring, graphing, & availability reporting of circuits using RRD, MRTG and
other web-based tools. Configured pager notifications for critical outages and link state events using
ICMP and SNMP.
Employee Remote Connectivity VPN: Part of team deploying Cisco VPN 3000 concentrators to 5 Sun
worldwide data centers serving 20,000 home/remote users & contractors.
Corp Acquisitions: Part of team that integrated corporate acquisitions into Sun s network, including
StorageTek in Colorado.
Network Troubleshooting: Oncall (24x7) escalation support for network problems, utilizing tools such as
sniffers, IP debugging, SNMP-based reporting, etc. Created documentation and training for first-level
support teams. Strong knowledge of troubleshooting Sun s network services such as SMTP, VoIP, DNS,
HTTP.
Walt Disney Company, Burbank, CA. Streaming Video /Network /Security Engineer @ Disney.Com
Disney.Com s Network Intrastructure: Set up infrastructure for Internet streaming video and audio for
Disney s ABC & ESPN TV network websites. Deployed highly-available Cisco network infrastructure &
Checkpoint firewalls during migration from colo facility to Disney s data center in Orlando, Fl. Configured
Cisco Local Director load balancing for high traffic web sites during launch of Disney.Com in 97-98.
Configured wireless and laser links between Disney and ABC hq campuses in the Los Angeles area.
PDAs & Mail Infrastructure: Implemented anti-virus filtering and PKI infrastructure for company s
Exchange and sendmail mail gateways, 10,000 mailbox environment. Piloted project to equip Disney
executives with PDA s with mailing syncing ability to MS Exchange servers.
Ecommerce Host & Network Security: Designed network & host security for Disney s online ticketing and
booking system between banks and processing partners. Disney commerce websites began handling
multi-million dollar/yr transactions.
Partner Connectivity: Installed VPN and T-1 connectivity between the Disney content providers and web
hosting location. Secured connections between partners with firewalls and ACLs.
IDS: Deployed network-based IDS to identify & defend against daily attacks of Disney web sites.
Internal Security: Performed security administration for internal Windows & Unix database and content
servers. Performed security audits of company s routers, firewall, and web hosting infrastructure.
VPN Remote Access: Project lead to convert remote access dialup pops to VPN clients.
Troubleshooting & Oncall: 24x7 oncall for Disney.Com s production network & security infrastructure.
CIBER Consulting (NASDAQ:CIBR) New York, NY - www.ciber.com. Network Engineering
Consultant - (Ciber is a Microsoft, IBM, Cisco, Sun & Novell Solutions provider with national offices).
Completed the following consulting projects while at CIBER:
Mutual of New York Bank (MONY) NY, NY - Deployed Cisco routers, Catalyst switches and Unix and
Windows based firewalls for banking network infrastructure.
Siemens Medical Systems Malvern, PA - Security assessment of corporate intranet and Internet edge
and Lotus Notes mail system.
Avantis Pharmaceuticals Philadelphia, PA - Security auditing of network infrastructure, UNIX & Windows
NT servers.
Aydin Corporation (Government Defense Contractor), Willow Grove, PA - Installation of firewalls and host
security tools on Windows and UNIX servers.
Nabisco Foods E. Hanover, NJ Designed Windows NT domain controller infrastructure for 10,000 user
intranet.
McLean Engineering. Princeton, NJ - Windows and Unix Network administration for 200 employee
office and 2 remote offices on the East coast.
Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006
United States Department of Defense. Annapolis, MD - Network administration/ training at US Navy
Academy officer school.
Knowledge & skillsets in the computer/networking/security fields:
Network Infrastructure:
Cisco: 2500, 2600, 3500, 3600, 5000, 6500, 7200, 7500, 7600, 12000 GSR, PIX, Local Director. Cisco
WAN hardware (Wic T-1, POS, Frame Relay, ISDN, OSM, etc). IOS 11x, 12x, hybrid IOS, CATOS.
Strong experience working with Cisco TAC on case escalation. Routinely read Cisco security alerts and
perform IOS updates.
Foundry: ServerIron, FastIron 400/800/1500, BigIron, GSLB load balancing.
Juniper: Netscreen 5, 25, 50, 204, 208, 500, ScreenOS, SSL VPN.
Routing protocols: RIP, OSPF, BGP, EIGRP, IRDP, static. Peering with tier-1 providers.
Switching: 802.1q tagging, trunking / port aggregation, VLANs, PVLAN, port security. Cisco Catalyst and
Foundry FastIron/BigIron.
Load Balancing: Layer 4-7 LB using Foundry ServerIron, Cisco CSM; dsr, round robin, health check,
VIPs, etc.
SSL Acceleration: Foundry ServerIron and various PCI encryption offloading cards for Windows and Unix.
Sniffers: Network General, ethereal, snoop, tcpdump, libpcap, kismet, netstumbler, Wildpackets.
WAN: Frame relay, MPLS, ISDN, T-1, circuit provisioning. Familiar dealing with managed WAN providers
(AT&T, InfoNet, etc),value added networks for EDI.
QoS: Traffic prioritization, resource reservation, rate limiting, RSVP protocol on Cisco gear.
VPN: Netscreen, Cisco 3000, 5000, PIX, Checkpoint.
OOB Management: Cisco console servers, Cyclades.
HA (high availability): HSRP, IPMP, NSRP, hot/cold standby, health checking, etc.
Wiring: Fiber, campus rings, Cat 5/6 ethernet, GBE, coax, patching, cable assembly, cable plant design.
Host-based routing software: GateD, zebra, routed, Windows connection sharing.
Monitoring/Alerting: SNMP, MRTG, RRD, Cacti, SiteScope, Siteseer, Topaz, KeyNote, NOCOL, SNIPS,
sflow, rmon, nmon.
Wireless & WLAN Experience:
AP s: Cisco Aironet, Linksys, D-Link, 3Com, Orinoco, Proxim, WRAP & StarOS AP s. Linux and Microsoft
drivers.
NICs: Various 802.11a/b/g/n NICs supporing Windows, Windows PocketPC PDA s, and Linux devices.
Cisco: WiSM module on 6500 switches, Wireless Control System (WCS), Cisco 2700 Wireless Location
Appliance, Cisco SWAN architecture, Cisco wireless NICs.
WISP/Mesh: Various IP routing protocols over WLAN, Firetide and Motorola mesh network products.
Various WISP and guest pay services services such as Boingo, Wayport, Cingular.
VoWLAN: Linksys CIT200 headset, SJ Phone for Pocket PC, 802.11e QoS standard.
Site Survey: GPS mapping software, interference reduction studies, MIMO integration, cell coverage, etc.
Miscellaneous: Fast roaming, bridging, GPS based software, power over Ethernet to AP, zigbee
standards, RFID standards and site controllers, VON attendee.
Bluetooth: Secure pairing, custom profiles.
WiMAX 802.16: Familiar with Sprint and TowerStream WiMAX business services, WiMAX frequencies
and standards.
Antennas: Directional (yagi, dish, panels, grids), hi gain omni, MIMO. Microwave amplifiers and pre-amps,
various coax,. Long-haul antenna calibration.
WLAN Security: WEP, WPA, WPA2, LEAP, IPSec over WiFi. Various rouge AP detection devices,
AirSnort, Kismet, Cisco IPS, ministumbler.
Mobile Computing / PDA:
Cellular: Various WISP providers, Cellular Internet providers (Verizon EVDO, GSM & 3G IP services),
Blackberry Enterprise mail server, Verizon Wirelessync.
Devices: Microsoft Pocket PC/CE, Microsoft SmartPhone, Microsoft SmartDisplay, Palm OS, Palm Treo,
RIM Blackberry, Symbian OS.
Mobile Email: Syncing with Microsoft Exchange, Outlook, ActiveSync, and Lotus Domino.
Misc: Various mobile location aware apps, various mobile IM software including Jabber clients, various
PDA tools and bar scanner apps.
Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006
VoIP & Video Experience:
IP Phones: Cisco 7940, 7960, 7920 (802.11b) 3Com NBX 3101, Linksys CIT200 wireless phone.
Call Processing Software/Servers: Cisco Unified CallManager, CallManager Express, Cisco Unified
Operations Manager.
Switches w/POE: Catalyst 6500, Catalyst 3750, power/distance calculations.
Management & Call Routing: Cisco Unified Contact Center (IPCC), Cisco Unified Operations Manager,
Cisco Callback.
Gateways & PSTN: Cisco IOS Gateway, Cisco VG224 analog gateway.
Protocols: RSVP, SIP, H.323.
Legacy PBX & Voicemail: Some knowledge of Nortel Meridian & Intuity Audix
Miscellaneous: E-mail integration of voicemail/fax, various consumer/business services (Vonage,
CallVantage, etc) Skype, AccessLine conferencing & call hunt, various soft phone software, VoiceCon.
Video: Servers: Windows Media Server, Real Helix server, QuickTime server (QTSS), SHOUTcast
server, Formats: MPEG4, Quicktime, WMV, Real etc. Buffering & compression w/ various video formats.
Streaming to WLAN devices.
Network Security Skills and Experience:
Firewalls, Proxies, IDS:
Firewalls: Cisco PIX, IOS firewall feature set & CBAC, Juniper Netscreen, Microsoft ISA, Checkpoint v3/4/
NG and Provider-1, Gauntlet, Sun EFS, Borderware, TIS/NAI FWTK, IPChains, IPFilter, Netfilter, Raptor,
router access lists. URL filtering, Westbridge XML firewall.
Proxies: HTTP: Netscape Enterprise, Microsoft ISA, Microsoft Proxy server, Squid, Sun Java proxy.
SOCKS: Aventail, NEC, Socks5. Media Proxies: Real-time Streaming Protocol (RTSP), Real Audio Proxy,
QuickTime proxy.
Network IDS: Sourcefire, Snort, Cisco IPS sensors and management consoles, NFR, ISS Real Secure,
AirSnort. Reflexive IDS techniques, DoS attack prevention.
VPN Clients: Cisco and Checkpoint s IPSec clients, L2TP clients for Macs, UNIX, and Windows. SSH
1.x, SSH 2.x (port forwarding, X11 forwarding, etc).
Anti-spam/Anti-virus: Brightmail, Symantec, Trend Micro, McAfee, Vipul s Razor, SpamAssassin,
MailScanner, Pyzor, Sophos, MessageLabs, RBL, blacklists/whitelists, Procmail, hypermail, m4.
Filtering: Objectionable website filtering, jpg filtering, p2p filtering.
Encryption / Key Exchange: DES, 3DES, SHA, MD5, Blowfish, PGP, SSL/TLS, IPSec.
Access/Authentication:
Servers: RADIUS, TACACS+, CHAP/PAP, Kerberos, S/Key, NIS+, LDAP, Active Directory. Security
Dynamics tokens, smart cards, single sign-on solutions.
PKI: Verisign, Twaite, Entrust PKI, digital certs.
Physical Security: Data center security, badge readers and biometrics, CCTV, etc.
Payment processing: Design and implementation of infrastructure for online credit card processing and
online stores. Experience connecting with various banks, payment and credit card clearing.
Security Policy and Enforcement
Network Auditing: Familiar with using tools such as Nmap, ISS Scanner, netcat.
Policy and documentation: Experienced writing policy, guidelines, HIPAA & Sarbanes Oxley
requirements, disaster recovery, operating system security standards.
Memberships & Subscriptions: ISSA, SANS, CERT, Bugtraq, nanog.
Internet/Intranet Services:
Mail Servers: Have administrative support experience with sendmail, MS Exchange, Lotus Notes, various
imap/pop servers, UseNet news servers.
Mail Security: TLS, SSL, PGP, Certificate Authority servers, digital signatures.
DNS & IP allocation: BIND, QIP, MetaIP, DHCP servers, ARIN, domain registrars, etc.
WWW: IIIS, Apache, Sun, OpenSSL, FrontPage extensions, Windows Media Server. Web Caching
systems such as Network Appliance, Cisco, Akamai.
VoIP: SIP and H.323 knowledge, QoS tuning on networks, latency troubleshooting, etc.
Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006
Operating System Admin Skills:
Microsoft Operating System Experience:
Microsoft Mobile Operating Systems: Windows Mobile 2002/2003/Phone Edition/CE, Windows XP
Embedded, various Pocket PC devices, ActiveSync, mobile WLAN & Bluetooth, mobile E-mail.
Microsoft: Server: 2003, 2000, NT. Desktop: (XP, Tablet).
Windows networking: Active directory, Exchange server, ISA server, WINS, DNS, DHCP, RAS, IIS, RDP
& terminal server, system polices, user profiles.
Backup utilities: Backup Exec, EMC Retrospect.
Miscellaneous: PGP whole disk encryption, registry editing, disk imaging, VMWare.
X86 Server Hardware: Compaq Proliant, IBM xSeries, Sun, etc.
UNIX Operating System Experience:
UNIX/Linux: Sun Solaris, BSD, HP-UX, AIX, Redhat, Fedora, SuSE, Mac OS X.
Hardware: IBM: AS/400. Sun: All Sun Enterprise models, E10K. Sun Ultra, E220/250, E420/450, Netra,.
HP: AlphaStation, PA-RISC.
Storage: Sun StorEdge, fiber channel architecture, Volume Manager
Command line experience: Compiling, kernel modification, performance tuning, hardened server builds,
NFS, NIS+, clustering, samba.
Operating System Security:
UNIX/Linux: Hardened/stripped down builds, security patching, file system permissions, log security,
securing services, ipchains, netfilter, Tripwire, tcpwrappers, sudo, trusted Solaris, Solaris containers,
zones, security patching.
Microsoft: Active Directory & server hardening, NTFS and file server security, SQL security, registry
hardening, security patches, desktop forensics.
Other Skills:
Programming languages
Coding/Scripting: Scripting in PERL, C++, c shell.
WWW languages: Basic scripting and security auditing of Java, HTML, PHP. Open source web portals
such as MovableType, Nuke, Mambo, WordPress.
Database: Security hardening of SQL server, mysql, Oracle. Basic dba skills.
Office Software:
Desktop Software: MS Office, MS Visio, MS Project, MS PowerPoint, Lotus Notes, StarOffice, AutoCAD,
Qualcomm Eudora, Mozilla, Thunderbird, Firefox, Pine, Elm, AOL, Opera, RSS readers on Windows,
Unix and/or Mac platforms.
Miscellaneous Network Software: Reflection X, pcAnywhere, VNC.
Video, Audio & Graphics Editing: Adobe PhotoShop, Adobe Premiere, Adobe Elements, Adobe Elements,
Media Player, Real Networks, Audacity,
Legacy NOS: Novell 3.x, 4.x, LANtastic, Banyan Vines, AppleTalk.
Enterprise Suites: Familiar with several popular change management and ticketing suites such as
Rememdy and HP Openview.
Computer related activities outside of profession:
Volunteer computer and networking skills for area schools.
FCC Amateur Radio Extra Class licensed
Bay Area Wireless Users Group
IEEE Member
Volunteer for FON Wireless Team ( Non-profit Wifi Mesh Sharing www.fon.com )
Registered Beta tester for Windows Vista
Education:
1992, University of Missouri, Rolla & St Louis. Computer Science.
Travel: Under 50% preferred. US passport holder w/ past security clearance.
Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006
References: Available upon request.
Availability: Would prefer to give at least 2 weeks notice to current employer.
For the most recent copy of my resume in Word & HTML format, visit: http://www.trent.us
Trent Arsenault Network Security Engineer - Employment Resume - Last modified 1/2006