Vasek Pupkin

Postal address: Planet Earth

Contact mobile number:

e-mail: x@x.com

Date of birth:

Marital status:

Education:

Certificate of Master’s Degree with honours — 1999 Kyiv Institute of Internal Affairs. Branch of National Academy of Ukraine of Internal Affairs

The Basic qualifications:

Expert in designing and developing mixed, heterogeneous, territorially distributed networks based on Microsoft Widows 2000, Sun Solaris 8, FreeBSD operating systems and Cisco active equipment.

At present time the basic duties are:

1. Planing and development of the corporate network of the Enterprise on the basis of analysis of the current condition of the market of information technologies.

2. Responsible for maintenance of the Enterprise servers (W2K — main servers (such as Access Server, DNS (AD integrated), DHCP, AD FSMO and other common servers), Solaris 8 — Database servers and Cisco equipment at HQ office).

3. Excellent knowledge of TCP/IP networks, including implementation and maintaining most of main internal and external routing protocols, QoS technologies, data encapsulation (PPP, HDLC, FR, ATM. x.25, ISDN, xDSL) protocols, subnetting technics (VLSM, CIDR), and protocols of Application levels (5-6-7) regarding to the OSI reference model.

4. Strong knowledge of main RFC’s.

5. Responsible for organisation, support and planning of interaction between structural divisions (30 regions), and also for access of partners and others persons to Enterprise network resources.

6. Responsible for securing network infrastructure. Expert in designing and implementing DMZ networking, interoperating between many types of hardware and software firewalls (such as Cisco 1720 router’s IOS Firewall that act as Internet and VPN (VPN regard to remote branches) gateway. Microsoft ISA Server that acts as proxy, NAT, and firewall server for internal clients and also publish on the Internet my internal servers such as Web, Mail and restrict access to them. Also I configured port's access policy into my 2950 Cisco Switch so external users can access my sensitive hosts only via firewall, etc.) On my DMZ network there was only one FreeBSD host running external DNS server.

Work experience:

1. Since 1991 — independent work and hard selfstudying in the field ofcomputer engineering.

· various hardware configurations (from Atari systems to x86 models, including USSR x86-compliant computers such as "Neron", "Poisk", "Korvet", "Praktik" and others);

· DOS from versions 3 to 6.22, Microsoft Windows 3.1/3.11;

· Programming on x86 Assembler (I used Borland's TASM).

During this period I've learned:

  1. The internal organisation and architecture of x86 personal computers;

  2. PC BIOS, I/O operations;

  3. The organisation of PC memory, memory addressing. Accessing system resources. Protected mode operations on 386 CPUs. Principles of functioning of TSR programs;

  4. Accessing hard and floppy drives.

  5. DOS and BIOS interrupts;

  6. Organisation of FAT file system and methods of file storing;

  7. Configuring DOS start-up files and drivers (in config.sys and autoexec.bat files).

Study materials:

  1. Assembler for IBM PC by Abel.

  2. Norton Guider.

  3. Official Intel's manuals for 386 and 486 processors

  4. IDE devices. Article by Byte magazine. 1991.

  5. J. Holtzman "Disk Crash Rescues", PC/Computing, July 1989

  6. Bordachev Andrey. PC controllers. Article in "Library IT" magazine. ¹ 10. 1994.

  7. Bible of MS-DOS;

  8. The MS-DOS Encyclopaedia. Microsoft Press. 1988.

  9. Programmer's Technical Reference for MS-DOS and the IBM PC by Dave Williams, 1988.

  10. Assembler programming for IBM PC by Robert Jourdain;

  11. Windows 3.11 User's Guide by Microsoft Press.

 

  1. From 09.1995 till 06.1999 — assistant of the Department of Information Technologies of Firm A. (Partial time — from 2pm to 7pm, Mon to Sat — 30, hours per the week). At this period I also studied in this Institute:

Services and technologies:

· from autumn 1995 till autumn 1996 was not-organised network structure that consisted of mixture of Windows 3.11 for Workgroups and Windows 95 workstations with Novell and NT 3.51 Servers.

· from autumn 1996 — Windows NT 4 Servers domain controller and two BDCs. DHCP, WINS, DNS servers. Microsoft Exchange 5 mail Server. Clients were run Windows 95. Domains trust relationships with Ministry of Internal Affairs and National Academy of Internal Affairs local domains.

· LAN — Ethernet on coaxial cable. During 1998 year was implemented 100 M/bit network on UDP 5 cable. Above 100 users on LAN, including 3 PC classrooms approximately 10-15 PCs in each.

· WAN communication — leased channels to Ministry of Internal Affairs and National Academy of Internal Affairs. Cisco 1601 router.

Duties:

· Network and users Support. Was responsible for installing OS and other user and systems software on clients PCs, systems cleanup, defragmenting of a HDDs, antivirus protection, adjustment of network and application settings, troubleshooting, etc.

· User’s Interent access monitoring through MS Proxy 2 Server by learning logs and real-time monitoring tools. Support of interaction inside the network of the Ministry of Internal Affairs of Ukraine.

During this period I've learned:

  1. Microsoft Windows 9x and NT OS:

    1. Networking and Network services of Windows OS;

    2. Windows Administration tools. Terminal services.

    3. Installing and Uninstalling Applications.

    4. Windows Registry.

    5. FAT32 and NTFS file systems. NTFS file permissions and ACL.

    6. Sharing of resources and restricting access to them.

    7. Tuning Windows NT network services such as DHCP, WINS, DNS, RAS/RRAS. Principles of intra-, and inter-domain interactions. Domains trust relationships

    8. Domain's policies and security model.

    9. Troubleshooting.

2. General networking:

    1. Ethernet standards and implementing Ethernet LANs based on main Ethernet technologies.

    2. Principles of data presentation and transfer.

    3. TCP/IP protocol stack. IP addressing and subnetting. Socket mechanism. Winsock. TCP ports.

    4. Principles of organisation and core of Domain Name System and differences with Windows NT domains.

    5. Basic principles of routing. Gateways.

    6. Basis of data encapsulation types (PPP, Frame Relay, x25) and equipment — ZyXEL modems.

    7. Basis of network active equipment such as hubs, bridges, switches and Cisco routers.

    8. Network monitoring and management tools such as Hyena, Network monitor, Norton's PC Anywhere, Win VNC and others.

3. Ethics, Social Implications, Interpersonal Communications:

During my studying at the Institute (from 8am to 13am Mon to Sat) I’ve learned a big complex of general educational subjects such as Philosophy, Ethics, Culture, Psychology, Pedagogic, etc. (refer for details to my addition of Certificate of Degree). Also note that my specialisation was to work in law-enforcement and investigation government including anti-hackers institutions. Much attention was made to ensuring of a high level security of the office activities. Also, mach attention was paid to work with offender’s categories (in investigation sense).

Study materials:

  1. High-performance network unleashed. Sams net. Copyright by Macmillan Computer Publishing. 1998.

  2. How intranets work by Preston Gralla. 1996.

  3. Managing Multivendor Network by John Enck and Dan Blacharski. 1997.

  4. Teach Yourself TCP/IP in 14 days by Tim Parker. Sams publishing.

  5. MS BackOffice Administrator's Survival Guide by Arthur Knowles.

  6. BackOffice Intranet Kit by Stephen Winkoop. QUE. 1996.

  7. BackOffice Unliashed by SAMS publishing.

  8. Special edition Using MS BackOffice by Don Benage, Greg Sullivan, Jim Marshbank, Azam A. Mirza.

  9. Designing and Implementing IIS by SAMS publishing.

  10. Special Edition. Using Microsoft Internet Information Server by Victor Wolters.

  11. Designing and Implementing Microsoft Proxy Server 2.0. by SAMS publishing.

  12. Building an Intranet with Windows NT 4 Sever.

  13. Windows NT 4 Server Unleashed by SAMS.

  14. Peter Norton’s Guide to Windows NT 4 Workstation. 1996.

  15. Platinum Edition Using Windows NT 4 Server. QUE.

  16. Windows NT 4 Administrator's Black Book by Paul Taylor.

  17. Windows NT 4 Internet and Intranet Development by Sanjaya Hettihewa.

  18. Different Ukrainian and Russian PC magazines, such as "PC Survey", CHIP, LAN, "Networks and Systems of Telecommunication". I reading its and in the present time.

3. From 07.1999 till 02.2001 — System Administrator Firm B.

Services and technologies:

When I got this job, network had one Novell File server that used by internal clients for storing their files. Clients PC running Novell 4 DOS. IPX/SPX protocol. No WAN and Internet interaction. LAN was built on 10Base5 coaxial cable.

Duties:

During this period I accomplished following goals.

· Built regional corporate TCP/IP based network with implementing Microsoft Windows NT 4 domain. As gateway to head office in Kyiv acted a FreeBSD host with ZyXEL U336 E channel modem.

· There were 5 branch offices (each branch office had about 2-3 PC, one of them acted as dial on demand server) that dialed to modem pool at the RAS server in Kirovograd's regional office.

· During this project I used main NT 4 Server network services such as DNS, WINS, RRAS, DHCP. Proxy was Microsoft NT 4 Server with MS Proxy 2.0 installed.

During this period I have learned:

    1. Organisation and implementing a network interacting at regional level by using Windows NT 4 services.

    2. Organisation of an outgoing connection to Head Office (in Kyiv) by using FreeBSD facilities.

    3. Architecture of UNIX family OS at basis of FreeBSD OS, including Installing, maintaining, init levels, processes tracking, system scripts, organisation of file system and storing files, mounting various types of file systems, adjusting networking parameters (both LAN and WAN), working with various PC devices (HDD, modems. etc.), adjusting PPP parameters, UFS security and others.

    4. Standard UNIX network applications such as Squid, BIND, Exim, Sendmail, IPfirewall and others.

    5. From the end of 1999 I've thoroughly studied Microsoft Windows 2000 Operating Environment.

    6. Supervising project team.

Study materials:

  1. FreeBSD handbook (at http://www.freebsd.org), related documents and manuals from network forums, news groups, etc.

  2. Get Ready for Microsoft Windows 2000 by Microsoft Corporation. Published March 1999.

  3. Upgrading to Microsoft Windows 2000 by Microsoft Press.

  4. Windows 2000 Professional Resource Kit by Microsoft.

  5. Windows 2000 Resource Kit Server Operations Guide.

  6. Microsoft Windows 2000 Server Administrator's Companion by Microsoft Press. 2000.

  7. Tech yourself UNIX in 24 hours by Dave Taylor and James C. Armstrong, Jr. SAMS publishing. 1997.

  8. UNIX for intermediate users by User Liaison Section.

  9. UNIX unleashed Internet Edition by Robin Burk and David B. Horvath.

  10. UNIX unleashed System Administrator's Edition by Macmillan Computer Publishing.

  11. UNIX Power Tools by Jerry Peek, Tim O'Reilly & Mike Loukides. Second Edition. O'Reilly. 1997.

  12. UNIX in a Nutshell by Daniel Gilly. O'Reilly. 1992.

  13. Learning the Vi Editor by Linda Lamb. O'Reilly. 1994.

  14. Sed&Awk by Dale Dougherty & Arnold Robbins. O'Reilly. 1997.

  15. Learning The UNIX Operating System by Jerry Peek. O'Reilly. 1998.

  16. TCP/IP Network Administration by Craig Hunt. O'Reilly. 1997.

  17. Sendmail by Bryan Costales and Eric Allamn. O'Reilly. 1997.

  18. Sendmail Desktop Reference by Bryan Costales and Eric Allamn. O'Reilly. 1997.

  19. Building Internet Firewalls by D. Brent Chapman and Elizabeth D. Zwicky. O'Reilly. 1995.

  20. Practical UNIX And Internet Security by Simson Garfinkel and Gene Spafford. O'Reilly. 1996.

  21. Windows NT/2000 ADSI Scripting For System Administration by Thomas Eck. MT publishing. 2000.

  22. Windows 2000 Active Directory by A. Alyoshin. Piter-press. 2001.

  23. DNS and BIND by Cricket Liu & Paul Albitz. O'Reilly. 1998.

4. From 02.2001 to 10.2001 — system analyst of consulting firm "Art-Master".

Duties:

At this period I've also completed some small projects of Implementing Windows 2000 network infrastructure for different organisations, great part of it was a project related with grouping of internal clients into workgroup, determination and appointment of their appropriate rights, adjusting resources (such as folders and printers) sharing, adjust DHCP server, RRAS with purpose to connect local office to Internet via dial up or leased connection, NAT protocol, proxies, etc.

 

Services and technologies:

General:

Territorially distributed wide network with 30 regional branches, about 5000 clients.

Nonswitchable leased connection via 64K line was established between branch office and HQ in Kyiv. Also branches and certain clients could establish VPN connection to HQ in order to gain access to central databases. All VPN equipment was provided by ISP "Utel" (http://www.utel.com.ua).

Branch office side:

Usually FreeBSD or Windows NT 4 Server was acting as gateway. Each branch office had private network layout (there were both workgroups and local domains). A connection to HQ was via ZyXEL U336 E modems.

Clients in branch offices used both dialup connections to local modem pool (ZyXEL Omni 56K, ZyXEL 336RE and others) or VPN to Kyiv HQ office.

Proprietary software "XXX" was used in branch offices in order to organise interaction between client queries and central databases in Kyiv. There were two versions of XXX — dialup (old) and network (new). In dialup version of Orion (both old and new version of Orion run as system services on NT 4 server PC) client call to branch’s modem poll and establish connection using private Orion protocol, simple point-to-point protocol. With new version client establishes connection through RAS/RRAS server and interacts using standard TCP/IP protocol. In both cases XXX was making a tunnel via gateway to central databases in Kyiv.

As one can see this type of communication had many disadvantages, the major ones were big security troubles, an opportunity of the not authorized access to practically any information, absence of uniform model of network interaction and so forth.

Accomplished goals:

After completing the research I developed recommendations on designing wide-Ukraine Microsoft Windows 2000 Network Infrastructure with implementing one forest to Enterprise and per-branch domains. In order to improve replication and bandwidth usage each branch office must be configured as Active Directory site.

According to the new model of interaction all clients should use web-browsers (such as MSIE 5), as the standard tool to access databases. In order to maintain of the necessary speed and security of connection it was recommended to use a VPN connections to HQ in Kyiv via of nonswitchable connection to local ISP or a Frame Relay channels depending on funds availablity.

While doing this project I was offered by a customer (The Management of the Ukrainian Department of XXX) to become a head of a department of information technologies of one of its structural divisions — Special State Department "AAA" of Ukrainian XXX Department with the purpose of construction of a network infrastructure of the given Enterprise "from zero".

During this period I decided to pass Microsoft's Certification Exams for Windows 2000 track, and completed over of a period from April 2001 to October 2001.

Also, I begun to study and work with Cisco's Network Equipment.

See next job description to "What I’ve learned" and "Study materials" section.

5. From 10.2001 till present time — the chief of department of IT in Head Office of Special State Department "AAA" of Ukrainian XXX Department. At present time I am engaged with implementing of the corporate network of the Enterprise:

Background:

My Enterprise's main appointment is to auction selling of any articles (from closes to factories) of any types of foundlings whose movables and immovables arrested as a result of bankrupting or frauding. Forfeiting by regional offices of State CCC Service of Ukraine. The main database will be located in Kyiv. It will hold information about all articles, sells, sell contracts and other important information. All regional offices will be working only through HQ databases that help to pronouncedly control all movements of goods. It will also help all interested customers to easily access information about auctions dates and about good for sale or to make orders via the Internet (e-shop implementation was planned as final part of the project).

Branch office location scheme is almost same as at previous employment, — 30 regions (at all regional centres of Ukraine plus in all big cities). Connection of branches will be carried out exclusively on VPN technology (W2K Server to Cisco 1720 router). Database platform — Sun Enterprise 450 servers running Sun Solaris 8 Operating Environment and Oracle databases.

During this project I have already implemented:

1. Internal Network:

    1. At the HQ office network was built on UDP cat 5 cable.

    2. Each department has its own hub (Intel's and 3Com's) that’s up-linked to central Cisco 2950 switch. At present time Network has about 70 Users, and can be easily expanded if needed. All clients PCs running Microsoft Windows 2000 Professional OS.

    3. All servers connected directly to Switch to ensure restrict access to them using Switch IOS facilities.

    4. Wide communication was organised via xDSL technologies by using PairGain modems to that connected Cisco 1720 router via v.35 cable.

2. Network Services

    1. Network uses Microsoft Windows 2000 Network Environment and Services.

    2. I use 2 domain controllers (for fault tolerance purposes).

    3. One of DC hosts DNS (Active Directory integrated), DHCP, 1C (http://www.1c.ru) accounting server, "Liga" (http://www.liga.kiev.ua) server for Jurisprudence department. Hardware configuration of this DC and Mail Server is dual head AMD Athlon 1700XP+ CPUs, 1GB DDR ECC RAM, three 36Gb SCSI HDDs which I organise as RAID 5 volume.

    4. As mail server I am using Lotus Notes R5 Mail server.

    5. As internal proxy and firewall I am using Microsoft ISA Server Enterprise Edition, that’s installed on Windows 2000 Server host that configured as "bastion host".

    6. In the network I use the most common Windows 2000 services such as DFS, EFS, DHCP, QoS services, RRAS, RADIUS etc.

    7. I use RRAS server to grant some users access to corporate network via dial-in to modem pool (6 modems) on RRAS server and independently using this facility for remote administration purposes (for more security I configured call-back for my login only to my mobile phone).

    8. To permit my internal users to resolve DNS names outside my domain (mainly Internet hosts) I configured internal DNS server to use forwarders to my external DNS server that stays between ISA server and Cisco route in DMZ. To avoid expose my internal DNS data I explicitly designate with which partners can replicate data my internal DNS (second DNS server and in Future it will be Enterprise branch offices).

    9. At present time my project team involved in configuring VPN access from remote offices by L2TP/IPSec protocols.

During this and previous employments I've learned:

    1. I've got a vast experience of team working in analysing, research and documentation of the corporate wide area networks. Appertaining of research results and providing effective and cost-reducing recommendations.

    2. On the basis of my experience and knowledge I became recognised expert in Microsoft Windows 2000 Network Infrastructure.

    3. I've obtained my knowledge in UNIX systems, learned and got hands-on experience of working with Sun Solaris 8 Operating Environment. In November 2001 I got Sun educational course for Solaris 8 Operating Environment.

    4. On the basis of strong general theoretical and practice attainments of LAN and WAN networks interaction and experience in using Cisco equipment I've passed CCNA certification exam and actively preparing to pass exams to achieve CCNP, and CCIE status.

 

Study materials of this and previous employment period:

  1. Sun training courses for SCSA part I and II.

  2. Solaris 7 Administrator Certification Training Guide by Bill Calkins. New Riders 2001.

  3. Computing networks by Olifer V. and Olifer N. Piter-Press. 1999.

  4. New Technologies and Equipment of Modern IP Networks by Olifer V. and Olifer N. Piter-Press. 2001.

  5. Corporate Networks by Maxim Kulgin. Piter-Press. 2000.

  6. Practice of Computing Networking by Maxim Kulgin. Piter-Press. 2001.

  7. Microsoft press study Guide for 70-216 Certification Exam.

  8. Microsoft press study Guide for 70-215 Certification Exam.

  9. Microsoft press study Guide for 70-217 Certification Exam.

  10. Microsoft Windows 2000 Server & Professional Resource Kits books.

  11. CCNA Study Guide by Todd Lammle. Sybex. 2000.

  12. Cisco and IP addressing by Lous Rossi Sr.

  13. Cisco Catalyst LAN switching by Lous Rossi Sr.

  14. Materials from Cisco's web site (univercd) and CD's that ships with Cisco equipment.

  15. Cisco Security Architectures by Gilbert Held and Kent Hundley

  16. Cisco CCNA Exam #640-507 by Wendell Odom. Cisco Press 2000.

  17. Internet Routing Architectures (CISCO) by Basaam Halabi.

  18. Syngress Books (http://www.syngress.com)

    1. CCNA Course. Web edition

    2. Deploying Windows 2000.

    3. Email Virus protection

    4. Hack Proofing Your Network

    5. Active Directory ebook.

    6. Windows 2000 Configuration Wizards.

    7. Microsoft ISA server.

    8. Configuring IPSec in Windows 2000.

    9. Configuring Cisco Routers.

    10. Syngress Exam simulators for Windows 2000 cetification track.

  19. Boson practice exams for Cisco's and Sun's certification exams.

  20. Selftestsoftware’s practice exams for Windows 2000 cetification track.

  21. Sybex CCNA preparation tools.

 

Under all of my projects I can give the full information, including the concept of construction of a network, plans, technologies, schematic figures and so forth, except sensitive data such as real IP addressing of internal networks, dial-in numbers, passwords, etc.

Certificates:

1. MCSE Win2000 track (MCP ID 2282456)

2. SCSA (Prometric ID SP9804407)

3. CCNA (Cisco ID CSCO10424943)

LANGUAGES

Native: Ukrainian, Russian.

Good (freely reading and writing) English