Projects
AWS CloudWatch Logging and Alerts Implementation
The goal of this project is to make troubleshooting easier for the API gateway that runs in an EC2 instance. The server uses Tomcat to process requests and the logs only gets written inside the server itself. I leveraged the CloudWatch log streaming solution and installed the agent to the instance to listen to the Tomcat logs. With this setup, we don’t have to SSH to the instance just to review the logs. AWS console provides filtering, analysis, and exporting these logs that made our troubleshooting faster and efficient. Aside from the logs being streamed to CloudWatch, I also configured metric filters and created alerts whenever an error occurs for proactive monitoring.
Database Backup and Restore Solution
This is to implement a backup solution on top of the AWS RDS database instance backup. The goal is to have a better and effective way of restoring data with minimal downtime. Since the database is limited to a VPC, I created a Python script that runs from AWS Lambda function which leverages CloudWatch cron job to trigger it every 4 hours. The function will instruct an EC2 instance to start and within that instance, I created a bash script that runs on startup. In that script, once the backup is finished, it sends the backup to an S3 bucket then instructs the instance to shut down. For the restore part, I created a PowerShell script with a WPF GUI that leverages the MySQL module to easily restore granular data without downtime and minimal impact.
Network Design and Configuration
The goal of this project is to create an internal network infrastructure that consists of production and testing environments. The internal network is designed to have a dynamic setup which is capable of mirroring different clients’ network infrastructure. Using the parallel adoption approach, I designed the network from firewall to user access that involves logical topology design, routing, subnetting, and physical setup. I used pfSense as the firewall that also serves as the DHCP and OpenVPN server. Using Cisco Catalyst 2960g switches, I configured VLANs to separate the production and testing environments as well as different departments within the organization. User access will then be connected via wireless using Linksys wireless routers. In addition to the network infrastructure, I created a virtual machine, installed Ubuntu server and Apache that serves as the reverse proxy for the on-premise hosted services that are accessible from the external networks, thus, configuring AWS Route 53 to redirect requests to our public IP.
Active Directory Deployment
This project is for a client that was using workgroups in their organization. The target of this project is to implement and deploy an on-premise server with Active Directory Domain Services (ADDS). The server hardware is a custom-made, built from scratch, and installed with a Windows Server 2016 Standard Edition as its OS. Other running services are File Server Resource Management (FSRM), and Domain Name System (DNS) that were configured based on the business needs. The infrastructure is integrated with Azure using Azure AD Connect to synchronize their directory to the cloud.
Cloud Backup Implementation
This project is for a client that only uses a local backup for their organization. The project uses a backup client software for the backup process that is configured to perform a full and incremental backups of their corporate files from their local file server to Amazon S3 bucket which can be accessed anytime anywhere so the users can continue with their work even after office hours or overseas.
GSuite to Office365 Migration
This project is for a client that uses GSuite in their organization for their email systems. The migration process starts from setting up Gmail on Outlook as IMAP to retrieve all folders from Gmail and also serves as a backup. That brings us to the next phase where the IMAP folders will be converted to into a PST file. In the last phase, Office365 account will be configured on a new profile in Outlook and the Gmail PST file will be merged with the newly created Office365 profile that will be synced to the cloud. This process also includes migration of calendars and contacts.
Active Directory Certificate Services Implementation
The implementation is an initiative to address the issues pertaining to the company’s web applications and improve certification management. It is installed on a Windows Server 2012 machine and configured as an Enterprise Root CA and an Online Certificate Status Protocol Responder (OCSP).
Work Folders Deployment
The deployment of Work Folders was initially a proposal to improve data integrity and availability. By the use of Work Folders, users are able to sync and retrieve lost or corrupt files. It also uses shadow copies that is also associated with our disaster recovery solution for data redundancy.
Windows Server Update Services Implementation
The goal of this project is to implement a working Windows Server Update Services (WSUS) infrastructure on the company’s head office. It is installed on a Hyper-V machine running Windows Server 2012 R2 and configured to get the latest required updates from Windows Updates site. This project is implemented to maintain a secure and updated working environment for the employees of the company. It also serves as the update source for different drivers of our client PCs.
Disaster Recovery Solution
The project was introduced to avoid data loss within the company. It will follow the data farming and data warehouse concept which is supported with custom-built NAS with the latest FreeNAS OS installed. This solution is capable of backing up all enterprise user and application data into a data warehouse that is secured in a remote site in case of a disaster. The project also integrates Windows Server 2012 R2 through ADDS and ISCSI for security and management such as disk quotas, access based enumerations, ACLs, file limitations, and user accessibility.
Training: Cyber Security
Training employees on how to secure their office workstations and to prevent from cyber attacks. Teaches them on how to avoid phishing attacks and click-baits. The training also covers hardware security and determining hacks through the use of social engineering.
Windows Server Migration
This project focuses on migration from Windows Server 2003 to Windows Server 2012 R2. The server will be used is an HP ProLiant DL360 Gen8 Server. It includes converting physical servers into a virtual machines using Hyper-V. The project covers the creation of new Active Directory structure along with Group Policies for each user and computers within the domain. Added features/roles such as File and Storage Services, VPN, and Windows Server Update Services.
Asset Program
Software development for company use. Created using Visual Studio Express 2015 platform with C#.NET programming language and used WPF GUI Framework with MVVM architectural pattern. Used SQL Server Express 2014 for the database and SAP Crystal Reports 13.0 for reporting.
Training: Microsoft Excel Basic to Intermediate
Trained employees on how to use Microsoft Excel 2013 at a basic to intermediate level. Scope includes Excel basic formulas (SUM, SUMIF, SUMIFS, COUNT, COUNTA, COUNTIFS), Find and Replace functionality, and intermediate functions like VLOOKUP and Pivot Table.
pfSense Firewall Implementation
Project objective is to replace existing software based firewall, Endian. Installed and configured pfSense firewall for company-wide network management and maintenance. Still used by the company and maintained for best performance and security assurance. Configuration includes captive portal, load balancing and fail over, squid proxy server, DHCP, Snort, ClamAV integration, DNS, MAC address filtering, and NAT.
Process Automation
Created scripts for automation:
- VBScript: Auto-eject USB drive, External HDD, and/or External ODD
- VBScript/Batch: Automatic backup of PST files
- Excel VBA: Employee Timesheet Generator
- Excel VBA/VBScript: Multiple server health check
- VBScript: Remote PStools
- VBScript: Multiple NTFS permission editor
- Powershell/Winforms: Leaver Process Automation
- Powershell: HP ILO reporting
- Powershell: Cisco and HP switch configuration backup
- Powershell: WinScp SFTP automatic backups
- Powershell: Office365 license reporting
- Powershell: Terminal Server user profile clean-up tool
- Powershell/Winforms: End user custom drive mapping tool
- Powershell: Dell warranty reporting
- Powershell: Exchange mailbox feature access reporting
- Powershell/WPF: Azure Resource Creation with custom configurations
- Powershell/WPF: ShareFile uploader/downloader
- Bash: Dell IoT Edge Gateway hardening script