ENAGAS - Communications and Security team responsible

  • April 2010 - Present (4 years)

Enagas is the Technical Manager of the Spanish Gas System and the main carrier of natural gas in Spain. The work of the company focuses on the transportation of Natural Gas around the Iberian Peninsula, although in recent months the company has launched its horizontal expansion overlooking Latin America. The work environment is critical and we must ensure communication at all times. The company has approximately 1500 employees throughout Spain, in more than forty different locations. And now we have an office in Mexico.

My work in this company ranges from the coordination of the team that keeps the communication network systems and information security, to the launching and implementation of complex and innovative technical projects.

I coordinate a team of ten people, five of them are in charge of maintaining the network, and five of providing infrastructure to the two data centers of the company located in different geographical locations. These data centers are composed of advanced technologies and multi-vendor, but our work is mainly developed with equipment of the leading company in the sector, Cisco Systems. Also, I manage equipment from leading manufacturers in the market such as F5, PaloAlto, CheckPoint, HP, Juniper, BlueCoat, McAfee, etc.

Our primary responsibility and goal is to maintain the network stable and to facilitate the communication between all the employees of Enagas. That permits the normal course of their duties and contributes to them giving additional services to make their work easier. All of this from a point of view completely oriented to the Enagas business. Under our responsibility are critical services such as Email, Internet browsing, the network connection of the remote offices, the information security of the company, phone and video conferencing services, wireless network, etc.

Some of the projects I have done:

  • Implementation of new CPD in Zaragoza
  • Enagas is a company in constant expansion. In 2012, the company decided to build a new data center in Zaragoza to provide redundancy to their most critical services. This project involved the design and interconnection of the network infrastructure required to host services in both active-active data centers. Operated primarily with Cisco technology, implementing innovative protocols like OTV, although using other technologies and manufacturers such as F5, BlueCoat, Juniper, CheckPoint...

  • Core network renewal
  • In 2011 Enagás conducted a technology renewal of all of their network infrastructure in the data center of Madrid. In this project all the old infrastructure was migrated to new Cisco equipment including equipment such as the Cisco Catalyst 6509, Nexus 5548, Nexus 2232PP, 2248 and 2224, FWSM, ACE, WiSM. During the project the necessary migration plans were made to minimize the impact on services.

  • Production environment virtualization
  • Enagas has virtualized their production servers to VMWare technology. We deployed the project usign HP c7000 chassis with Virtual Connect technology, inside of these servers we installed VMware ESX. The connectivity to the VMWare ESX was provided using these Virtual Connect. Subsequently connectivity for virtual environment was provided installing Cisco Nexus 1000v devices.

    ENAGAS - Communications and Security technician

    • March 2006 - April 2010 (4 years 1 month)

    Working as part of a group of seven people. Five technicians managing Networking and Security, and two more responsible for the Data-Center and Telephony services.

    We are responsible 24x7 of the correct operation of Enagas network. The network is developed with Cisco Catalyst 3750 and 3550 devices mainly. We have several Catalyst 6509 devices, Firewall modules, MSFC's and Load Balancers. In addition we manage the implementation of new services, wireless environments, SSL VPN, etc. We also manage the security environment (Cisco PIX / ASA) and the Internet connection. We manage Proxy, Radius, DNS, DHCP, antivirus, antispam, remote access and other network elements. We also perform procedures for the operation group and attend help desk requests. The team is responsible of the following areas: computer networking, security, telephony and data center.

    In addition to the work described above, I actively participate in the development of commissioning new projects, implementation, monitoring, validation, etc. I work directly with other areas of the company and I collaborate with suppliers. We perform engineering tasks and we offer solutions and viability to the new projects of the company.

    Some of the projects I have done:

  • Migration of WAN Network to 100Mbps
  • Deploying OSPF protocol across the Enagas network. Installation of nine Cisco 3750E switches with routing capabilities and forty Cisco 1841 routers. Technological renovation and expansion of the network bandwidth and capabilities for all centers of the company.

  • Deploying SSL-VPN solution
  • Within the project of implementing VPN solution in Enagás, we installed SA2000 and IDP400 Juniper devices. The implementation project was developed to provide external connectivity to all employees, guaranteeing the information security of the company. Additionally, profiles for partner companies were created to give access to provide certain collaborative services.

  • BlueCoat Proxies deployment
  • Migrating from Microsoft ISA 2000 proxy servers to new BlueCoat SG-810 servers. Implementation of the solution, testing, integration with Active Directory, user rules, web filter, etc.

  • Commissioning McAfee solution - AntiSPAM
  • Active participation in the deployment of new McAfee EWS 3300 devices to provide the AntiSPAM functionality to the email service of the company. Changes in public DNS, load balancing for service, records SPF (Sender Policy Framework) and final commissioning.

  • McAfee EPO platform update
  • Update McAfee EPO platform server to latest versions. Update more than 1200 workstations and more than 300 servers to the latests versions of EPO agent and McAfee VirusScan. Migration and conversion of the policies of previous antivirus versions to the latest one.

    ONO - Network supervision technician

    • March 2005 - March 2006 (1 year)

    I perform supervision and maintenance tasks of the entire network of one of the largest carriers in the national field. Management, monitoring, provision and maintenance of the installed devices in the network. The network is formed mostly by equipment from leading manufacturers such as Cisco, Nortel, Motorola, Alcatel, etc. We work on a cable network, we manage the smooth operation and transport-level data for all ONO services (TV, voice and data), always maintaining connectivity and active flow, in order not to produce impact on end users. We do scheduled works at night to achieve improvements and extensions on the network. Implementation of new services, reconfiguration of equipment. Implementation of new technologies. We prepare the network for services such as VoIP, MPLS VPN, prepare the backbone for future grow, etc. We work with technologies such as ATM, POS, GigabitEthernet, TenGigabitEthernet. We also have Frame Relay lines and even X -25. We usually work in WAN environments. But we have a LAN environment too in our management LAN, consisting of two Cisco Catalyst 6509 switches in each demarcation with connection to different servers and network devices. The network consists of over 1,000 devices from different ranges and manufacturers, mainly Cisco and Nortel. Resolving issues with suppliers, both local and international ones.

    CEPSA - Communications and Security technician

    • October 2004 - March 2005 (6 months)

    I perform management functions and maintenance of the existing network of CEPSA and I implement new devices and technologies on the network (Wireless, Voice over IP, etc). I am in charge of managing all the CEPSA network, that mainly consists of Cisco routers and switches, also taking charge of the management and maintenance of other network elements such as:

  • Firewalls Nokia Checkpoint IP530, IP440, managed by SSH or with IPSO client.
  • HP Openview y CiscoWorks: For network monitoring.
  • MRTG. Graphics of the network. Bandwidht consumption.
  • Packeteer: Network Monitoring device. Gets statistics from devices through SNMP.
  • DNS y DHCP.
  • Web and Ftp servers.
  • VPN Access: Cisco VPN 3000. Shiva, Perle. Contivity Extranet Switch.

  • I perform Level 2 technical availabilities for other groups in the company. Consisting in attending 24 hours to level 1 technicians, and troubleshooting in case of fault or technical problem at the network level.

    We mainly deal in LAN environment but CEPSA has its own VPN WAN environment and one that is provided by Telefónica to provide connectivity between all locations and office branches.

    TELEFÓNICA DATA - Communications technicians on NCC

    • September 2001 - October 2004 (3 years and 1 month)

    Our work consists in configuring Cisco routers (series 800, 1700, 2500, 3640, 7000, ...) and troubleshooting incidents from customers. Provision of new contracts and service configuration. I am responsible for the maintenance and management of a network with more than 3000 devices. Within the network, we have devices from different manufacturers. Most of them are from Cisco range from 837 to 7500RSP, passing through all ranges. We provide Internet services, switched access (PSTN, ISDN or ADSL) and MPLS VPN.

    In addition, I manage services with tunnels terminators such 3COM, Cisco VPN3000 and Nortel Contivity Extranet Switch using IPSEC. We manage other devices such as Juniper ERX 14xx and Cisco 75XXRSP. We provide all types of WAN access, Frame-Relay, ATM, ISDN, X25 and ADSL.

    In addition to the services listed above, I have carried out the study of technical projects to strategic customers, to give viability to these projects and enable their implementation. I manage the coordination with clients to implement solutions within their network. Integration with customer firewalls, switches, load balancers, etc.