Home
Kadek Sena Perdiana
Cancel

Network Security

  • Check Point: ClusterXL, VSX, VSNext, MDS, IPS, Remote/IPSec VPN, SandBlast, Harmony, Identity Awareness, Infinity Portal, CoreXL, SecureXL.
  • Fortinet: FortiGate Firewalls, Clustering, SD-WAN, FortiManager, FortiAuthenticator, FortiWeb WAF, FortiAnalyzer, Security Fabric.
  • Palo Alto Networks: Site-to-Site & Remote Access VPNs, Security Policies, NAT, Decryption, User-ID, Panorama, Palo Alto SD-WAN, IPS, Panorama-ISE integration, LDAP mappings.
  • Cisco Secure: ASA, FTD, FMC, IPsec VPNs with certificates/Duo, Cisco Umbrella SIG, Cisco Stealthwatch, Security Cloud Control.

Identity & App Delivery

  • Cisco ISE: 802.1X Wired/Wireless, MAB, TACACS+ Device Administration, Profiling & Posture Assessment, Active Directory integration, Guest Portals, TrustSec tag-based segmentation.
  • F5 BIG-IP: Local Traffic Manager (LTM), Global Traffic Manager (GTM/DNS) server load balancing, SSL Offloading, custom iRules scripting.
  • Duo Security: Multi-Factor Authentication (MFA) proxy-level integration with Cisco ASA, ISE, Check Point, Fortinet, and Palo Alto.
  • Entra ID & ADFS: Azure AD IDP configurations, identity protection, Active Directory Federation Services (ADFS) single-sign-on integration.

Enterprise Collaboration

  • Cisco UCM & Unity: CUCM administration, EM/Extension Mobility, Unity Connection voicemail, CUCM Single-Sign-On (SSO), Cloud Connected UC (CCUC).
  • Contact Center: Packaged CCE (PCCE), UCCX scripting, CVP (Customer Voice Portal), ECE (Enterprise Chat and Email) interactions.
  • Expressway & CMS: Expressway-C/E Mobile Remote Access (MRA) and B2B federation, Cisco Meeting Server (CMS) conferencing and CMS Recorder.
  • Voice Gateways: Cisco VG analog gateways, voice translation rules, Cisco Secure Common Client (SCC).
  • Compliance Recording: NICE and Calabrio Call Recording integrations.

Routing & Core

  • Cisco SD-WAN: cEdge/vEdge onboarding, templates, DIA (Direct Internet Access), traffic routing policies.
  • Cisco SD-Access: SDA design, fabric routing, IP Transit, LISP & VXLAN overlay control.
  • Routing Protocols: OSPF advanced topologies (LSA/network types), eBGP/iBGP scalable designs, MPLS WAN routing, Policy-Based Routing (PBR), IP SLA path tracking, EEM scripting.
  • L2/L3 Infrastructure: PVLANs (Private VLANs), DHCP Snooping, VXLAN overlay networks, high-availability switching.

Multi-Cloud

  • Microsoft Azure: vWAN hubs, ExpressRoute, HA VPN, Application Gateway, Azure Load Balancers, Entra ID hybrid mesh.
  • Amazon Web Services: Transit Gateway (TGW) orchestration, Gateway Load Balancer (GWLB) security insertion, ALB application load balancers, VGW VPN virtual gateways.
  • Google Cloud: Network Connectivity Center (NCC) routing, HA VPN, Classic VPN, Load Balancing, Firewall Endpoints, FortiGate security integration.
  • Alibaba Cloud: Cloud Enterprise Network (CEN) inter-region mesh, ALB (Application Load Balancer), VPN Gateways, cross-border routing.

Systems & Infra

  • VMware Virtualization: vCenter, Cisco UCS Manager, ESXi.
  • Microsoft Stack: Active Directory Domain Services, Enterprise Certificate Authority (CA), AD Group Policy Objects (GPO), ADFS identity, Hyper-V virtualization.
  • Storage Systems: TrueNAS Core/SCALE configurations, StarWind Virtual SAN, TrueNAS replication topologies, Distributed File System (DFS), DRBD high-availability storage.
  • Database Systems: SQL Server Always On, SQL Server Agent Jobs, Replication, Linked Servers.
  • Reverse Proxy & Filtering: Nginx web services, Squid proxy caching, Artica secure proxy.

Automation & AI

  • Network Automation: Python scripting via Netmiko SSH libraries, automated configuration parsing, custom Flask web microframework.
  • Telemetry & Monitoring: InfluxDB, Prometheus, Grafana visualization dashboards, SNMP Node Exporter telemetry, RSyslog central parsing, Grok filters, alert notifications via Telegram.
  • Systems Operations: Linux server administration, Linux LVM storage sizing, Docker container hosting, Nessus vulnerability scanning, Zabbix & PRTG & SolarWinds enterprise monitoring.
  • AI Orchestration: Local AI models via Ollama and LM Studio, DeepSeek integration, LangChain agent frameworks, Instructor structured output validation.

Blog Posts

F5 ASM & AFM

In our previous load balancing labs (LTM and GTM), we successfully routed traffic across our network. However, high-availability routing alone does not protect our services from web exploits or una...

May 28, 2026 Security, F5

F5 BIG-IQ Management

As our infrastructure grows with multiple LTM and GTM nodes running across DC Jakarta and DC Surabaya, managing each device individually becomes highly inefficient. In this lab, we will deploy F5 B...

May 24, 2026 Security, F5

F5 DNS (GTM)

Following from our previous LTM lab, we will now configure GTM. GTM is an intelligent, DNS-based traffic manager that routes users globally before a network connection is ever established. In this ...

May 20, 2026 Security, F5

F5 LTM

F5 LTM (Local Traffic Manager) is a load balancer that distributes client traffic across multiple backend servers to improve availability and performance. In this lab, we configure the F5 BIG-IP wi...

May 4, 2026 Security, F5

Cisco ThousandEyes

Cisco ThousandEyes is a synthetic monitoring platform that acts as a fleet of automated users, giving us hop-by-hop visibility into local network routing, global internet paths, and application per...

Apr 28, 2026 Monitoring Tools, ThousandEyes

Cisco Security Cloud Control

Cisco Security Cloud Control (SCC), formerly Cisco Defense Orchestrator (CDO) is a centralized, cloud-based SaaS platform designed to unify the policy management and monitoring of various Cisco sec...

Apr 26, 2026 Security, Firepower Threat Defense (FTD)

LM Studio with Gemma 4

LM Studio enables local execution of large language models with a simple and efficient runtime environment. In this lab, we deploy Gemma 4 on a headless Linux server to provide high-performance, se...

Apr 5, 2026 Other, Artificial Intelligence

Alibaba Application Load Balancer with WAF

Alibaba Cloud ALB distributes incoming internet traffic across multiple backend servers to ensure high availability. When integrated with WAF, it filters and protects traffic (e.g., rate limiting, ...

Apr 4, 2026 Cloud, Alibaba Cloud

Alibaba VPN with Check Point

Alibaba Cloud VPN Gateway is a managed service that enables secure, encrypted connections between our VPC and on-premises environments using the IPsec protocol. In this lab, we established a Route-...

Mar 10, 2026 Cloud, Alibaba Cloud

Alibaba Cloud Enterprise Network (CEN)

Cloud Enterprise Network (CEN) is a high-performance networking service that provides scale-out connectivity to Alibaba Cloud’s global backbone. At the heart of this architecture is the Transit Rou...

Mar 5, 2026 Cloud, Alibaba Cloud