Kerry Thompson BSc., DipCompSci., CISSP, CCNA
Portfolio of Recent Works



The following is a list of recent works and projects that I have been involved with. Most recent ones are at the top. On the right is a list of the major technologies and software packages used.

Network upgrade for a complex enterprise LAN/WAN environment with redundant WAN links to remote offices. This involved migrating an enterprise network with routing performed by low-end Cisco routers to one performed by new Juniper SRX router/firewalls.
  • Juniper SRX firewall/routers installation & support
  • JUNOS installation, upgrades
  • JUNOS Enterprise Routing - OSPF
  • Juniper SRX VPNs : site-site IPSec, Dynamic VNP
  • Cisco IOS - JUNOS integration
  • Telecom OneOfice integration
Advanced Unix/Linux C programming. A short stint developing Unix system software written in C.
  • Unix/Linux system programming
  • Shared memory structures, semaphore locking
  • Messaging, queuing
  • Unix process control
  • Networking interfaces : sockets, TLI
Network & Security systems design for a major telecoms company.
  • Advanced & complex telco network design
  • Data centre strategies
  • Security requirements specification & implementation
  • Cisco, Netscreen, F5 technologies
Network strategy and design for large enterprise. Covered such items as rearchitecting the core network, implementing Intrusion Prevention Systems (IPS) and developing a stratagy for network architecture in an expanding enterprise.
  • Core network architectures for multi-gigabit switching
  • Service Oriented Architecture strategies
  • Tipping Point Intrusion Prevention Systems
  • Cisco 6509 switches
  • WAN acceleration products (such as Riverbed and F5)
  • VOIP architectures
Two articles for SysAdmin magazine written & submitted for publishing. The first on using OpenSSL & GPG for encrypting backups (published March 2007), and the second on using PasTmon for measuring application performance by passively monitoring network traffic (published July 2007).
  • UNIX/Linux backup & recovery
  • OpenSSL, GPG
  • Encryption and key management
  • PasTmon
Network design in an ISP environment, remodelling a classical 3-Tier network architecture into an architecture modelled on Sun's SDN (Service Delivery Network) model. Extensive analysis of existing application connectivity and network architectures.
  • Switching, routing, firewalls
  • Sun Service Delivery Network (SDN) architecture
  • Analysis of application data flows and network requirements for applications
Testing of an GSM SMS router for mobile messaging systems.
  • Telsis SMS Router equipment
  • SMSC's & SMPP protocol testing
  • Perl::SMPP library
Installation of a Cisco MDS 9216 Fabric Switch
  • SAN topologies, VSAN switching
Presented a paper at the Bright*Star 2006 Security Summit Conference in Auckland. Topic covered was "Incident Response Best Practices"
  • Incident response procedures & practices
CCNA recertification. See CCNA Tips II
  • Cisco switching
  • Cisco routing
  • ... and the rest of the CCNA syllabus!
Network design work for large ISP/Telco. Plenty of switching, routing, firewall design and troubleshooting.
  • Cisco switching
  • Cisco routing
  • Checkpoint firewalls
  • Cisco FWSM firewalls
  • Microsoft Word advanced
  • Microsoft Visio network diagrams
Implementation of a system to replicate a Linux OS image throughout a cluster of 50 servers taking part in a computing cluster for Bioinformatics. By using SystemImager and a system for autonomous network booting, a system for automatically installing and updating the OS on many systems was implemented.
  • SystemImager
  • SystemConfigurator
  • ISC DHCP server
  • SysLinux, PXELinux installation & build environments
  • SuSE Linux 9.3 Professional
Implementation of a file and print server for a small company, including migration from a legacy Windows NT server for approx 25 users. Linux server installation and lots of Samba work, including a seamless migration from a Windows server to a Linux server for all file and print services.
  • SuSE Linux 9.2 Professional
  • Samba v3
  • CUPS printing system
  • AVG anti-virus for Windows workstations (update server for Linux)
  • Amanda backup and recovery
  • mkcdrec "bare metal" recovery
  • Postfix MTA
  • Nagios service monitoring
  • NTOP network monitoring
Diagnosis of VPN issues between Windows XP PPTP VPN clients and Windows 2003 Server. DSL routers at each end ( Netgear and Linksys ). Lots of packet capturing and analysis.
  • Windows 2003 server VPN services (PPTP)
  • Netgear DG834G ADSL router & wireless access point
  • Ethereal packet capture and analysis
HP-UX Recovery Exercise. A trial recovery of a midrange HP9000 server running HP-UX.
  • HP-UX
  • HP-UX Ignite system recovery
AIX Recovery Exercise. A trial recovery of a low-end IBM RS/6000 AIX based server.
  • IBM AIX v5.1
  • AIX mksysb backup/recovery system
Network design for WiFi access portal. Design of network infrastructure and security model for the servers which service a public-access WiFi network.
  • Cisco routing/switching
  • Cisco FWSM firewalls
  • Advanced network security modelling
Linux server automated build and configuration control system for IBM blade servers running RedHat Enterprise Linux v3. Using a combination of the RedHat Kickstart building tool, and CFEngine - a tool for maintaining system configurations for large numbers of servers.
  • CFEngine
  • RedHat Kickstart
  • RedHat Enterprise Linux v3
Migration of multiple VLANs from a haphazard array of small Cisco switches to a single ( stack ) of three 3750 switches.
  • Cisco IOS switching
  • Cisco 3750 stackable switches
Migration of a laboratory information system to Linux. The system code consists of approx 90,000 lines of C which implements a transactions-processing and communications environment to support application programs written in Cobol and connecting to Oracle. Originally designed to run on SVR4 ( and variants such as AIX, SCO Unix, etc ), the system was ported to run on Linux systems.
  • Linux C programming
  • Linux TCP/IP interface programming
  • Microfocus Cobol
  • Oracle Pro*Cobol
  • Oracle RDBMS
Paper : A Security Review of the ASB Netcode Authentication System - an unsolicited review of a two-factor authentication system fielded by the local bank.
  • Authentication models
  • Internet security models
Management of core data network and security systems for large ISP. Security Operations ( including 7x24 support ) for a large core data network and associated firewall systems. Includes design and architecture input covering many varied project implementations.
  • Cisco IOS switching & routing
  • Cisco FWSM firewalls
  • Checkpoint firewalls
  • Rainwall HA for Checkpoint firewalls
  • Sun Solaris OS
  • RSA SecurID authentication
Published two papers in SysAdmin magazine (now defunct) related to DNS Security : DNS Security Protocols I: Dynamic Updates and DNS Security Protocols II: DNSSEC
  • ISC BIND Server
  • DNS
  • DNS Dynamic updates and TSIG signatures
  • DNSSEC ( DNS Security protocol )