I am a network engineer with nine years of experience and a deep-seated passion for continuous learning. Throughout my career, I have navigated various technologies to meet evolving business needs, embracing agility in a never-ending evolved technology. My strong foundational skills in networking, computer systems, and programming have enabled me to quickly acquire and master new technologies.
My experience includes working extensively with networking systems, developing monitoring solutions, and building software and automation tools using Python, JavaScript, Node.js, and React.js. I have a solid understanding of microservices architecture, containerization with Docker, and Kubernetes clusters. I dedicate significant time to exploring and developing projects with cloud technologies, particularly AWS, GCP, and Microsoft Azure. I thrive on self-directed research and development, constantly seeking to enhance my skills and apply my knowledge to improve my day-to-day work.
I work with a wide range of technologies and need a way to document and recall this information as needed. I also hope this resource will serve as a reference for others, allowing them to share their insights and corrections. Please refer to the "Knowledge Base" button below for more details.
Experience:
Current - Premier Delivery Services at Extreme Networks
2023-2024 - Network Engineer Manager at SeaBank Indonesia (Sea Group)
2022-2023 - Network Engineer Assistant Manager at Smartfren Telecom Indonesia
2019-2022 - Network Engineer Lead at Multipolar Technology
2015-2019 - Network Engineer at Biznet Networks.com
Education:
2022-2024 - Computer Science Master's Degree at Binus University
2014 - Computer Science Bachelor's Degree at Binus University
Projects
SD-WAN Project: Enhancing Network Resilience and Efficiency
Summary: This project focuses on deploying FortiGate SD-WAN to connect multiple branches, ensuring a robust and resilient network with multiple redundancy options. By integrating various network types such as 4G, leased lines, and broadband, this setup enhances reliability. Secure IPsec tunnels are used for broadband and 4G connections, while traffic is effectively managed using SD-WAN rules to optimize network utilization.
Project Details: SD-WAN is implemented to interconnect multiple branch offices, offering intelligent traffic steering and automated failover mechanisms. The deployment of FortiGate SD-WAN ensures optimal performance by dynamically selecting the best transport method based on link performance metrics. The combination of 4G, leased lines, and broadband ensures high availability and seamless connectivity. To enhance security, IPsec encryption secures data transmission over broadband and 4G links. Additionally, SD-WAN policies and traffic segmentation ensure business-critical applications receive prioritized bandwidth, while less critical applications utilize alternate links.
User Identity-Based Firewall Rules on FortiGate
Summary: This project enhances network security by implementing user identity-based firewall rules on FortiGate appliances. The aim is to provide granular control over network access based on user identity rather than just IP addresses, improving security and policy enforcement.
Project Details: Traditional firewall policies often rely on IP-based access control, which lacks flexibility in dynamic environments. By integrating FortiGate with identity management solutions, policies can be applied based on users, groups, and roles. Authentication methods such as Active Directory integration, RADIUS, and two-factor authentication (2FA) ensure only authorized users gain access to specific network resources. This approach significantly improves security posture by preventing unauthorized access and enforcing compliance policies effectively.
Wireless and Wired Security NAC with Cisco ISE
Summary: This project leverages Cisco Identity Services Engine (ISE) to enforce network access control (NAC) policies for both wired and wireless users. By using identity-based authentication, it ensures secure and compliant access across the enterprise network.
Project Details: Cisco ISE enables organizations to implement zero-trust security principles by validating and profiling connected devices before granting network access. Dynamic policy enforcement ensures that only compliant and authorized users or devices can access corporate resources. Integration with Active Directory, MDM solutions, and threat intelligence feeds further enhances security. The deployment covers 802.1X authentication for wired and wireless users, guest access control, and posturing mechanisms to ensure endpoint compliance.
Process Automation with Budibase, Metabase, and n8n
Summary: This project aims to streamline business workflows and data visualization using Budibase, Metabase, and n8n for low-code/no-code automation, enabling rapid application development and efficient process management.
Project Details: Budibase is used for building custom web applications with minimal coding, Metabase provides interactive dashboards and business intelligence insights, while n8n handles workflow automation. By integrating these tools, organizations can automate repetitive tasks, visualize operational data, and enhance decision-making processes. Use cases include automated report generation, approval workflows, and API-driven data synchronization between various business systems.
Network Configuration Management and IP Address Management Automation
Summary: This project focuses on automating network configuration management and IP address management (IPAM) to enhance operational efficiency and reduce human errors in large-scale networks.
Project Details: By deploying network automation tools such as Ansible and NetBox, administrators can streamline device configuration, automate backups, and ensure consistent configurations across all network devices. Integration with IPAM solutions allows dynamic tracking of IP allocations, preventing conflicts and ensuring proper resource utilization. Automated provisioning, compliance enforcement, and scheduled audits further improve network stability and security.
Cisco ACI Automation Using Python
Summary: This project enhances data center network automation by utilizing Python scripts to manage and configure Cisco Application Centric Infrastructure (ACI), reducing manual intervention and improving agility.
Project Details: By leveraging Python APIs for Cisco ACI, administrators can automate tenant configurations, policy enforcement, and fabric management tasks. Automation scripts enable dynamic workload provisioning, ensuring scalability and optimized resource utilization. Integration with CI/CD pipelines further accelerates network deployment and enhances operational consistency.
Cisco Nexus Dashboard Automation
Summary: This project focuses on automating network operations using Cisco Nexus Dashboard, enhancing visibility, control, and management across data center networks.
Project Details: Cisco Nexus Dashboard provides a centralized platform for monitoring and automating Cisco Nexus-based infrastructures. By implementing automation scripts and integrations, organizations can streamline configuration tasks, enforce security policies, and gain predictive analytics for proactive network optimization. The solution also enables intent-based networking, reducing downtime and ensuring policy consistency.
Zabbix Advanced Network Monitoring
Summary: This project deploys Zabbix for advanced network monitoring, offering real-time insights into network performance, fault detection, and capacity planning.
Project Details: Zabbix provides end-to-end monitoring for network devices, servers, and applications. Customizable dashboards and alerting mechanisms ensure proactive issue resolution. Advanced features like SNMP polling, script-based monitoring, and anomaly detection improve network visibility and reliability.
ISP Nationwide Project Automation and Monitoring
Summary: This project automates and monitors large-scale ISP networks, ensuring efficient operations and enhanced service delivery.
Project Details: Using network automation frameworks and monitoring tools like Ansible, NetBox, and Zabbix, ISP operations can be optimized. Automated provisioning, fault detection, and capacity forecasting help maintain high service availability. This ensures seamless connectivity and a superior customer experience across a nationwide ISP infrastructure.
Advanced Ansible: Creating Custom Modules
Summary: This project involves developing custom Ansible modules to extend automation capabilities beyond built-in functionalities, enhancing infrastructure automation.
Project Details: By writing custom Python-based Ansible modules, organizations can automate specialized tasks, integrate with proprietary systems, and enforce custom policies. This improves efficiency, reduces manual workload, and ensures consistent configurations across IT environments.
Nutanix HCI Deployment
Summary: This project focuses on deploying Nutanix Hyper-Converged Infrastructure (HCI) to simplify data center management and improve resource utilization.
Project Details: Nutanix HCI consolidates compute, storage, and networking into a single, software-defined platform. By leveraging Nutanix Prism for centralized management, organizations can scale resources dynamically, improve performance, and enhance disaster recovery capabilities.
HPE Alletra Storage Implementation
Summary: This project deploys HPE Alletra storage solutions to modernize enterprise storage infrastructure, ensuring high performance and scalability.
Project Details: HPE Alletra provides cloud-native, AI-driven storage management, reducing operational complexities. By integrating with virtualization platforms and data protection solutions, this implementation ensures data availability, resilience, and cost-effective scalability.