projects and achievements at gosniias - victor berenshteyn
DESCRIPTION
Projects and Achievements at GosNIIAS - Victor BerenshteynTRANSCRIPT
![Page 1: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/1.jpg)
Victor BerenshteynSystems / Network Engineer
MCSE: Security 2003
Kaspersky Specialist
http://nz.linkedin.com/in/vberenshteyn
![Page 2: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/2.jpg)
Overview
The presentation highlights accomplished projects and results achieved in the role of Systems / Network Engineer and IT Team leader at GosNIIAS, Avionics Department.
Company profile 150 employees Software development and testing for Aviation Industry Contractor of Rockwell Collins, USA; Smiths Industries,
USA; Thales, UK.
![Page 3: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/3.jpg)
Server rooms – 1/3 Situation
outdated comms room without proper physical infrastructure, power and air-conditioning
no racks, equipment on tables per-server low-capacity UPS-es cabling mess company’s plans for
○ multi-floor extension○ double hiring○ update and increase the number of servers
Task design and implement a project of a central server room and per-
floor comms rooms
![Page 4: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/4.jpg)
Server rooms – 2/3 Action
selected a vendor for physical infrastructure solutions, APC learnt technologies, product lines, equipment features : vendor’s
seminars, online study communicated with vendor’s consultants: defined solutions,
created specifications, negotiated costs designed, presented and discussed with the company’s
management 3 possible solutions with different ratio of cost, reliability and scalability
communicated with and supervised the builders, electricians and air-conditioning engineers
managed procurement of the equipment designed and planned installation, goal: minimise downtime trained IT team performed installation
![Page 5: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/5.jpg)
Server rooms – 3/3 Result - well-organised, completely redundant, fully
monitored and remotely managed secure server rooms with total space decrease by 25%server racks, IP KVM, colour-coded SCS2 independent power lines terminating at two 5kVA UPS-
es to provide redundant power supply; RPS for 1-PSU units
air conditioning with redundancyenvironment monitoring and pro-active alerting (power,
temperature, humidity)managed shutdown in the case of emergency, no data lossdocumentation and change management
![Page 6: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/6.jpg)
Virtualisation – 1/2
Situationincreased demand for new servicesrequirements for
○ service isolation○ service availability
no budget
Taskimplement server virtualisation without additional
expenses
![Page 7: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/7.jpg)
Virtualisation – 2/2 Action (time: 2007)
selected free solution, Microsoft Virtual Server 2005 R2 extensively learnt (online, vendor’s conferences) created an essential documentation designed and implemented with security emphasis
Result 40% of servers are virtual server availability service continuity effective use of hardware, rack space, and AC power
Follow-up piloted Hyper-V 2.0 implementation and migration
![Page 8: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/8.jpg)
Volume licensing Continuous action
learning volume licensing from various vendorsplanningprocurement license managementusage monitoringSAM (Software Asset Management)
Resultdecreased expenses for software (approx. 20%) flexible license distributioncontrolled software installations
![Page 9: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/9.jpg)
Unified desktop environment – 1/2 Situation
high PC rotation rateconstantly increasing number of employeesrepeatedly deploying a limited set of softwarerequests to re-install a PC after testing a new
software or new development release
Taskcreate an efficient, fast and simple procedure to
deploy or restore a PC
![Page 10: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/10.jpg)
Unified desktop environment – 2/2 Action
standardised desktop software configurationscreated a procedure to rollout unified desktop
environmentcreated associated documentation and
conducted training for IT staff
Resultdeployment or complete restore of a fully
customized PC takes 15-25 minutes
![Page 11: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/11.jpg)
Enterprise Security – 1/2 Task
implement network anti-malware solution with centralised management and pro-active alerting
Actiondesigned and deployed corporate anti-malware solution –
Kaspersky Enterprise Space Securitymaintained and supported the solutiontrained IT staff, delegated activities and supervised
Resultwith 150 workstations, only 4 local incidents within 8 years
![Page 12: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/12.jpg)
Enterprise Security – 2/2 Task
implement a continuous security monitoring Action
learnt threat detection tools, selected MaxPatrol by Positive Technologies
created and documented a procedure of periodic security scanning
implemented security monitoring from both outside and all segments inside of the network
Resultno single penetration within yearsno single service compromised
![Page 13: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/13.jpg)
Network re-design – 1/3 Situation
unmanaged, undocumented reactive growth of the network
running-out of physical capacitybandwidth bottleneckslack of security
Taskre-design the network in terms of scalability,
manageability, performance and security, using existing equipment and purchasing new as necessary
![Page 14: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/14.jpg)
Network re-design – 2/3 Action
network re-design smooth implementation, no downtime introducing VLANs configuring link aggregation raising security level and implementing RBAC introducing 1Gb-to-workplace with the new equipment (Dell),
while preserving old 100Mb equipment (3Com, Cisco) for lower-demands users
configuring monitoring and alerting (SNMP, email, Dell OpenManage)
establishing network documentation and change control training IT staff
![Page 15: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/15.jpg)
Network re-design – 3/3 Result
predictive readiness for network growth in size and complexity
keeping the growth controlled and smoothchange managementVLANs
○ increased security and performance for management segment of the network
○ simple physical port reassignment at the access level link aggregation provided the network with performance,
redundancy and stabilitykeeping awareness of the network statedelegation monitoring and basic control activities to IT staff
![Page 16: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/16.jpg)
Cisco ASA 5520 – 1/2
Situationoutdated all-in-one network edge solution for
firewall, proxy- and email- server
Taskimplement dedicated firewall solution with IPS
and VPN capabilitiesmove proxy- and email- services into DMZ
![Page 17: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/17.jpg)
Cisco ASA 5520 – 2/2
Actionselected Cisco ASA, extensively learnt the
solutionre-designed network edgeextensively tested, piloted, launched,
conducted post-production testing
Resultstrengthened network securityflexible network design
![Page 18: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/18.jpg)
Microsoft SQL Server 2005 – 1/2 Situation
multiple database engines with default configuration spread across the network
after project completion, production databases remained on developers’ PCs
no backup
Taskimplement secure deployment of centralised
database server
![Page 19: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/19.jpg)
Microsoft SQL Server 2005 – 2/2 Action
configured hardware for optimum performancedeployed MS SQL Server 2005 with security
emphasismigrated production databases to the new serverestablished backup procedure
Resultdedicated server with highly secured environmentfast and reliable data accessseparated test and production environments;precise and controlled permissions for data accesssupported business continuity with current backups
![Page 20: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/20.jpg)
Microsoft infrastructure upgrade Situation
Windows NT domain connected with VAX mainframe
Windows 2000 forest
Actionupgraded the infrastructure to Windows Server
2003 level and configure forest trustspreserved mainframe connectionincluded complete testing in a virtual environment
![Page 21: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/21.jpg)
Hardware monitoring
Actiondeployed Dell OpenManage and HP SIM
Resultkeeping business continuity by pro-active health
monitoring and awareness of the entire network’s state and every single system in it
![Page 22: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/22.jpg)
Backup Action
designed and implemented backup solutions (Acronis True Image)
Resultquick and flexible backupease, precise and minutes-long restoressafety of configuration changes
Follow-updeveloped dedicated backup plans for Active
Directory and SQL Server services
![Page 23: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/23.jpg)
Remote access Situation
requirements for network access from home involving partner companies in joint work
Task implement remote access solution
Action deployed RAS on Windows Server 2003 VPN: PPTP, MSCHAPv2, very strong passwords with short life
term IP port filtering VPN users buffer subnetwork
Result simple yet secure VPN for remote access
![Page 24: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/24.jpg)
Code/change managementDeployed with advanced security: Microsoft Visual SourceSafe Subversion (SVN, incl. Apache) Telelogic (IBM Rational) software
SynergyChangeDOORS
![Page 25: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/25.jpg)
Microsoft SharePoint Services Situation
SVN usage for storing not only code but also documentation projects' and other documentation spread across multiple
shares on the network requirements for convenient collaboration system
Action learnt Microsoft SharePoint Services technology presented the technology to the management deployed Microsoft SharePoint Services and sample portals for
documentation management and Help Desk ticketing Result
Efficient web-portal environment at no cost
![Page 26: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/26.jpg)
File and Print Servers
Actiondeployed File and Print Servers with WinSrv2003
R2-extended management features
Resulteffective, flexibly-quoted use of disk spacepro-active monitoringdecrease of administrative overhead
![Page 27: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/27.jpg)
Inventory
Situationscattered and incomplete inventory information
on both hardware and software
Actiondeployed hardware and software inventory
system (Total Network Inventory by SoftInventive)
Resultstructured comprehensive up-to-date inventory
![Page 28: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/28.jpg)
Summary – 1/2 Accomplished projects developed company’s network into a
well-established up-to-date, efficient, flexible, stable and secure IT infrastructure
The value created for the company was defined by saved budgets for the equipment by using existing one with
virtualisation technologies decreasing expenses for software by SAM saved space for server rooms fast deployment and recovery efficient threat management analysing and improving IT processes within the organisation by
introducing new technologies keeping business continuity training IT staff
![Page 29: Projects and Achievements at GosNIIAS - Victor Berenshteyn](https://reader036.vdocuments.site/reader036/viewer/2022062514/559233191a28ab522f8b478d/html5/thumbnails/29.jpg)
Summary – 2/2 The achievements were backed up by
sound Systems and Network knowledge concentrating on business value and service delivery strong ability to plan and implement IT-projects within
scope, budget and schedule great communication skills at all levels strong multitasking, time-management and organisational
skills dedication for learning with passion for IT