بهروز همتی

مهندس بهروز همتی متخصص باتجربه در زمینه شبکه و امنیت با تمرکز بر فناوری‌های سیسکو است که در پیاده‌سازی و مدیریت شبکه‌های پیشرفته و آموزش تیم‌های IT نقش کلیدی داشته است. او در پروژه‌های بزرگ موفق به بهینه‌سازی امنیت و کارایی شبکه‌های سازمانی شده است.

مدارک تحصیلی و بین المللی

GHODS
Computer & Information Sciences – Bachelor(BSc/BA)

Cisco
Cisco SD – Georgia

Cisco
CCNP Security -Iraq

Cisco
CCNP SWITCH-Iraq

Cisco
CCNA-Iraq

Cisco
CCNP Route-Iraq

Cisco
CCNA(Security)-Georgia

سوابق اجرایی

(Aliasys(Iran, Tehran

Deployment of Cisco SMC Stealthwatch Management Consol
Deployment of Cisco Stealthwatch Flow Collector
Configure Netflow on Cisco Firepower 2110
Integration with Cisco ISE for Better User Identity
Configure Cognitive Analytics For Encrypted Data Flow
Create Zone and Servers for Collect and Analyze of Data Flow
Deploy , Install and Configuration of Cisco Email Security Appliance (ESA)
Cisco ESA Incoming and outgoing Mail Policy Configuration
ESA HAT and RAT Best practice configuration
ESA SPF, DKIM , DMARC Configuration
ESA Integration with Active Directory
ESA Email Encryption Configuration

:Golgohar Company

Install Cisco Firepower Management Center and Smart License
Initial Firepower 4110 Setup and Configuration with Firepower Chassis Manager ( FCM )
Install and Deploy and Configuration of Cisco Firepower Threat Defense 4110
Cisco FTD basic routing and advance routing configuration
Cisco FTD basic setup and integrate with Firepower management center
Network object , Host Object , Service object configuration
Cisco FTD policy configuration for each zone
Cisco FTD IPS configuration including Network Access Processor , Preprocessor Best
practice
Cisco Firepower 4110 HA Configuration
FMC , FTD , URL , IPS , Geo location Update
SSL Decryption Configuration
Cisco Identity Server Engine ( ISE SNS 3615 )
Design , Install and Deploy Cisco ISE
Integration With Active Directory and fetch Groups
Wired Users Dot1x , Profiling , Wired MAB Configuration per Internal ISE Group
Authentication and Authorization Config per Group and Different Access for each Group
Configuration Cisco ISE Posture Assessment for different type of Users
ISE HA Config with CA Server
ISE Backup periodic Config ( Configuration and Operational )
Ministry of Power ( TAVANIR):
Support and Maintenance of the Routing and Switching Platforms
Install Cisco Firepower Management Center and Smart License
Re-image Cisco ASA to Firepower Threat Defense ( FTD)
Network object , Host Object , Service object configuration
Cisco FTD policy configuration for each zone
Cisco FTD IPS configuration including Network Access Processor , Preprocessor Best
practice
configuration and associate with Access control Policy
FMC , FTD , URL , IPS , Geo location Update
SSL Decryption Configuration
Cisco FMC integration with Active Directory with Realm and Agent configuration .
FMC registration with Smart account and FTD smart licensing (URL,Malware,Threat)
Install and configuration Cisco ISE ( Device Admin, Profiling )
Propilen JAM Petrochemical :
Install and configure Cisco ISE for Device Admin (TACACS Service )
Deployment Network Hardening include
( DHCP Snooping , ARP inspection , port security for tehran office and Company Factory
in Assaluyeh)
Deployment , install and configure Cisco Firepower Threat Defense
( Routing , Objects , IPS , Policy , Malware Policy , and best practice )
Deploy , Install and Configuration of Cisco Email Security Appliance (ESA)
Cisco ESA Incoming and outgoing Mail Policy Configuration
ESA HAT and RAT Best practice configuration
ESA SPF, DKIM , DMARC Configuration
ESA Integration with Active Directory

MAPNA

Cisco ISE 2.7 Wired Dot1x Configuration (Authentication , Authorization , DACL , … )
Cisco ISE 2.7 Wireless Dot1x Configuration (Authentication , Authorization , DACL , … )
Cisco WLC Wireless Dot1x Configuration (Authentication , Authorization , Advance AP
configuration )
Cisco ISE profiling Best Practice Configuration
Active Directory GPO configuration for wireless users .
Wireless resolve problems for Lightweight Access point and Cisco 5508 WLC
Network resolve problems (Core , Distribution and Access switches )
Power Research Institute :
Design , Install and Deploy Cisco ISE
Integration With Active Directory and fetch Groups
Wired Users Dot1x , Dynamic Vlan Assignment Per Group
Authentication and Authorization Config per Group and Different Access for each Group
ISE HA Config with Self Sign Cert
ISE Backup periodic Config ( Configuration and Operational )
Folad-Mobrakeh Company:
Install and Deploy and Configuration of Cisco Firepower Threat Defense 2140
Cisco FTD basic routing and advance routing (OSPF) configuration
Cisco FTD basic setup and integrate with Firepower management center
Network object , Host Object , Service object configuration
Cisco FTD policy configuration for each zone
Cisco FTD IPS configuration including Network Access Processor , Preprocessor Best
practice
Cisco Firepower 2140 HA Configuration
Research Institute of Petroleum Industry :
Install and Deploy and Configuration of Cisco Firepower Threat Defense 2110
Migrate from ASA 5540 to Cisco FTD
Cisco FTD basic routing and advance routing (OSPF) configuration
Cisco FTD basic setup and integrate with Firepower management center
Cisco FTD NAT configuration (Manual NAT , Auto NAT , Dynamic NAT)
Network object , Host Object , Service object configuration
Cisco FTD policy configuration for each zone
Cisco FTD IPS configuration including Network Access Processor , Preprocessor Best
practice
configuration and associate with Access control Policy
FMC,FTD,URL,IPS , Geo location Update
Cisco FMC integration with Active Directory with Realm and Agent configuration .
FMC registration with Smart account and FTD smart licensing (URL,Malware,Threat)
Communications and Infrastructure:
Install and Config Cisco Prime 3.4
Base Config of Cisco Prime (SNMP, Group,Location)
Switch and Router running Backup Configuration
Configure Cli Template for Switches
Configure Map and Network Design
Arvand Petrochemical Co:
Cisco 6500 Hardware Assemble
routing & Switching Configuration on 3 Layer Devices (Access , Distribute and Core)
Access Switch (Layer2) Configuration
Replace Core Switch ( 3750 replaced with 6500 )
Cisco Prime 3.4 Configuration (SNMP,Map,Backup Config and …)

Zar Macaron Industrial Company

Redesign Network Infrastructure for Layer 2 and Layer 3 in the Zarmacaron and Zarnam
Install and Deploy Cisco ACS 5.8 for Central Mange of Admin Users
Configure Cisco Core Switches for inter vlan Routing and separate Data planes for Users
, Camera , Voice,Wireless
Configure redundancy between Core Switch 3750x with Stack-Data and Stack-Power
Configure Ether channel Between Cisco 3750x Multi chassis and Cisco Access Switch
Create Documents and Visio Topology from all of Network Design
Configure Load Balancing and Fail over Between Cisco 3750x Stack-Switch and Mikrotik
1036 CCR
Install and Deploy and Configuration of Cisco Firepower Threat Defense 2110
Cisco FTD routing Configuration
Cisco FTD basic setup and integrate with Firepower management center
Network object , Host Object , Service object configuration
Cisco FTD policy configuration for each zone
Cisco FTD IPS configuration including Network Access Processor , Preprocessor Best
practice
configuration and associate with Access control Policy
FMC,FTD,URL,IPS , Geo location Update
Cisco FMC integration with Active Directory with Realm and Agent configuration .
FMC registration with Smart account and FTD smart licensing (URL,Malware,Threat)
Teaching the Firepower course to IT Team for about 60 hours

FASP (Fanavary Asre Shabake Pasargad)

Configuration IP SLA For Internet Redundancy with Dual ISP
Install and Configuration Of Cisco ACS 5.2 for Authentication , Authorization and
Accounting of Cisco Switches
Integration of ACS5.2 with Active Directory for Central Mange of Admin Users
Network and Security Device Support and Maintenance For example ( Cisco ASA 5525X
Firewall Firepower )
Cisco 4500X VSS Core Switch , Cisco Access 2960S/X
Preparing Documents all of Taleghani and three Buildings about Network and Security
Infrastructure ( Traffic Flow and Traffic Pattern )
NOOR Institution
Install and Customize Monitoring ( Cisco Prime 3.1 and OP Manager )
ASA 5525 x Firewall Tuning and Fixed Problems for Clustring
Orchid Pharmed (Pharmaceutical Company )
Cisco VM WLC and Access point Config and Installation (2700 Series)
Optimize Cisco Router 2900 series Configuration
Optimize Cisco 3850 Core Switch Configuration
Optimize Cisco 2960X Access Switches Configuration
Configuration of Cisco Network Devices Hardening
Install and Config Wireless Dot1x With Cisco ISE 2.0 , Tuning Cisco ISE 2.0 , Backup of
Config and System Configuration
Install and Config Cisco Prime 3.1 and integrate with Cisco ISE 2.0 for User
authentication and authorization
Install Cisco Fire sight Management Center
Deploy SFR Module To Fire sight Management Center
Install and Config Cisco ASA 5525X Firewall Firepower
Zone Creation and Configure Policy For each Zone
Firewall Policy Creation and redirect desirable Traffic To Source Fire
ASA 5525 x AVC Configuration , IPS Configuration
ASA 5525 x Any Connect configuration for Remote Access VPN
ZABOL University
Basic installation of ASA 5545x and combine with Fire sight Management Center
Basic installation of Cisco Identity Service Engine 2.0
Basic installation of Cisco Access Control Server 5.2
Veterinary Organization
Install Fire sight Management Center for two ASA 5525x and Basic Config
SATA Organization
Juniper SRX 240H
Basic Configuration of Juniper IP Addressing and J-WEB
Zone configuration and Policy creation for each Zone
NAT Configuration and Creation Policy For NAT
Dynamic VPN On Juniper with Pulse-Secure
Traffic Load Balancing and Fail over with Dual-ISP
Install and configure ZABBIX Monitoring 3.2
Configure SNMP Protocol Of Server and Switches
Configure ZABBIX Agent on Clients and Servers and monitor with ZABBIX
Install and Configuration of Cisco ACS 5.8
Integration of ACS with Active Directory for Central Mange of Admin Users

 (SAPCO (Iran, Tehran

Cisco Admin in SAPCO ( Layer 2 & Layer 3 )
Support and network maintenance of SAPCO(Department of Industrial Research of IRAN
KHORO)
Deploy , support and Maintenance of Cisco ISE 1.3 for wired Dot1x
Deploy , support and Maintenance of Cisco WLC 8.0 and integrated with Cisco ISE for
Wireless Dot1x
Deploy Wireless Guest and Sponsor with cisco ISE and WLC
Wireless network support and maintenance within the enterprise SAPCO
Install and Deploy Cisco prime Infrastructure Version 3.0
Integrated Cisco ISE with Cisco prime and monitor useres activity and track of useres
Integrated Cisco WLC with Cisco prime and monitor Cisco AP and wireless useres
Install and Deploy Cisco Mange Engine 9 and track of client applications and Bandwidth
and traffic flow
Install and Deploy Cisco Mobility Service Engine (MSE 10 ) and integrade with WLC and
ISE and Prime 3.1
Track Wireless users with Cisco MSE in all of position.
Finding and resolving problem in Routing (EIGRP) and Switching
(Etherchannel,STP,VLAN)
SAPN , RSPAN Configuration on 6509 , 3750 , 2960s for traffic mirroring and traffic
analyzer
Design and IP address Subneting for EIGRP routing and manage traffic flow and traffic
pattern
improvement EIGRP routing by consideration and Configuration STUB and summery
route
Participation in the Network project (BABOL SAPCO)

(PAZH (Iran, Tehran

International Imam Khomeini Airport: Changing whole topology – support,
documentation, development and optimization data network – Prepare plan for security
and optimization of data network – Prepare plan for Internet – Implementation network
monitoring software (Cisco prime, Zabbix, Solarwidns) – Implementation NetFlow
Iran Water Resources Company Management: member of design team for
implementation
of Routing and Security
Familiar and Experience with These Conceptes:
VPN and Tunneling on WAN : GRE, SITE TO SITE, Remote Access VPN, SSL VPN,
DMVPN, Flex VPN, Get VPN, Easy VPN,IPS/IDS/IPsla , EEM ,Switching technologies
(VSS, Stack, VTP, STP, Etherchannel, Port Security, Trunking,..)
Redundancy Technology : HSRP, GLBP and VSS
Advanced Routing Protocols (RIP, Static Route, PBR, BGP,OSPF, EIGRP, Route
Redistribution, Route filtering,…)
Firewall (ACL, Routed, Transparent, NAT,…)
Cisco IWAN Technology (PFR,OER,WAAS) and related concept
Network Devices:
Cisco ASA: 5510, 5520, 5540, 5550, 5512X, 5515X, 5525X, 5545X
Router: 1800 series, 1900 series, 2800 series, 2900 series
Switch: 2950, 2960 series, 3550, 3560 series, 3750 series, 4500, 4500X, 6500
Tools: Edraw , Visio
Network Monitoring Tools: Solarwinds, Zabbix , WireShark , Cisco Prime Monitor

دوره های سازمانی

Cisco Firepower ( ZAR Macaron )
Cisco Firepower ( Golgohar Hospital )
Cisco Firepower ( Gardeshgari Bank )
Cisco ISE ( Golgohar )