Mihai Tanasescu

Technical Lead / Consultant

About

Solutions-driven technical leader with 10+ years of success designing and transforming network and IT infrastructures to drive productivity, efficiency, and customer satisfaction.
Well-qualified with extensive background and advanced technical skills spanning a full range of network/systems/server engineering, administration, and security.

Successful in partnering with clients, stakeholders, management, and teams to evaluate and transform needs into state-of-the-art technical and data management solutions with a compelling ROI.

Organised, take-charge professional with exceptional follow-through abilities, able to plan and oversee projects from conception to successful conclusions.

Cross-functional leadership and technical skills: talent for inspiring superior team performance whilst coordinating initiatives in deadline-driven environments.

Technical background

Operating systems

Linux, FreeBSD, NetBSD, OpenBSD

Programming/scripting languages

Bash, Python, C (periodic work mostly reverse engineering, adding functionality to existing scripts on request)

Software

Openstack (Newton, Ocata, Queens), Openshift (3.11), Kubernetes, Ansible,Contrail/SDN/NFV, DPDK, SR-IOV, Linux software ranging from Web Servers (Apache, Nginx) to Databases (Mysql/PostgreSQL, Oracle), FTP (Pure-FTPd, ProFTPD, VSFTPD), Quagga/Zebra/OpenBGPd/Bird/exaBGP, Email servers (Postfix, Qmail, Sendmail, Exim), QOS ( ALTQ, HTB), DNS (Bind), Monitoring (Cacti, Zabbix, Nagios/Icinga), SIP (Asterisk), Configuration archiving (Rancid/Chora), Virtualization (RHV, VMWare, KVM), Linux hardening/security (Grlinux/ Pax, Selinux, Tripwire)

Vendors

Cisco, Juniper (PS role experience), F5, AVI (reverse engineering clustering and API mechanisms), Huawei MA5600, VMWare, Redhat

Firewalls

iptables, ipfw, pf, fwbuilder, Phion, Cisco ASA, Juniper SRX, Palo Alto (basic)

VPNs

OpenVPN, IPSEC, IPIP, GRE, DMVPN (with GRE + IPSEC)

Networking/data centre

MPLS/VPLS/EVPN technologies, Telemetry, TR-069, IPTV/multicast, Solaris zones, Linux jails, Linux containers/namespaces isolation, OpenvSwitch (tunnelling, debugging), Redhat Openstack Director/TripleO, SAN & NAS (started in the past with ZFS from Sun, played with EMC Isilon and with VNX as LUNs for Vsphere VMs), Openstack, Openshift

Security

Offensive Security OSCP certified, pursuing OSCE combined with a passion for digging under the hood of a solution to find its weak points and how it ticks

Certifications

CCIE R&S #43060, RHCE (RHEL7 + Openstack), OSCP (Offensive Security / Penetration testing, started now also the OSCE), CCNP-SP, JNCIS-ER, VMWARE VCP, Solaris, ITILv3

Professional experience

Cisco systems
(2019 – present)

World's largest manufacturer of networking equipment designed to handle remote access networks, security services, storage networks, routing and switching

Technical Solutions Architect – Sales - Enterprise Multicloud

Consulting Systems Engineer with focus on Datacenter technologies, educating customers into how our solutions work and integrate into their environment. ...

Cisco systems
(2019 – present)

World's largest manufacturer of networking equipment designed to handle remote access networks, security services, storage networks, routing and switching

Technical Solutions Architect – Sales - Enterprise Multicloud

Consulting Systems Engineer with focus on Datacenter technologies, educating customers into how our solutions work and integrate into their environment.

Also, building up PoCs as a follow-up based on following technologies:

  • Cisco Container Platform (Kubernetes on-premises, AWS integration, CSR1000v IPSEC router as connectivity solution between on-prem and public cloud)
  • Cisco ACI + CNI integration into Openshift11 for a bank running on HP Synergy which I helped configure.
    For providing permanent storage to the containers together with HP I integrated 3PAR via FlexVolume plugin (HP has such an implementation where FlexVolume == a container that in turn then converts requests to legacy Docker Volume plugin and thus allows any vendor or older plugin to work; 3PAR supplies an iSCSI and/or FC driver to be used as docker volume plugin; we chose the latter as it is implemented transparently inside the HP Synergy chassis via Storage Interface profiles between the blades and the 3PAR system.
    CSI for 3PAR is not available at this moment.
  • Documented all the steps for all vendors involved and delivered to the end-customer a comprehensive guide that goes end to end through the architecture, possibilities, troubleshooting, deep-dive into OpenvSwitch and how to trace a flow through all the components
    Formats used: markdown, HTML, PDF, Confluence wiki XML export via WebDav
  • Openshift troubleshooting, solving undeletable objects errors, step by step guide per specific case
    https://into.synaptics.ro/2019/openshift-troubleshooting-and-operations/

Juniper networks
(2016 – 2019)

Juniper Networks offers high-performance network/cloud/automation/SDN solutions to help service providers and enterprises to create value and accelerate success.

PS (Professional Services) Consultant

Recruited to design, test (proof-of-concept), present, validate solutions for Swisscom in parallel to supporting my Resident Engineer colleague with the ...

Juniper networks
(2016 – 2019)

Juniper Networks offers high-performance network/cloud/automation/SDN solutions to help service providers and enterprises to create value and accelerate success.

PS (Professional Services) Consultant

Recruited to design, test (proof-of-concept), present, validate solutions for Swisscom in parallel to supporting my Resident Engineer colleague with the ongoing work for the existing deployed Juniper elements. Helped with expanding current projects and gaining new ones.

Main tasks include but are not limited to:

  • Workshops with the customer on various topics/solutions that Juniper has to offer, going from basic info and then down to demoes, specific use cases, showcasing exactly how something works and how it could fit their needs (I am a pragmatic person and my presentations always have more hands-on rather than slides with focus in mind being that people have to feel engaged into what is happening and avoid getting bored)
  • Workshops/PoCs for IPTV Mediacloud included the following:
    • Openstack 10 / Newton deployment with Contrail vRouter as Neutron plugin (it sits as the same level as ML2)
    • Openstack 11 / Ocata deployment with Contrail vRouter as Neutron plugin
    • Openstack 10/11 deployment with Cisco ACI ML2 plugin and Neutron GBP framework
    • Openstack 13 deployment with Contrail vRouter
    • Openstack 13 standalone deployment with provider networks based on VLAN (then transported by ACI fabric as VXLAN between the Nodes; Openstack Router concept in this case not used and all functionality relied upon the network fabric)
    • AVI Load Balancer – reverse engineering of how clustering works over SSH tunnels, troubleshooting python scripts meant to provision VIPs into Contrail and BGPaaS
      https://into.synaptics.ro/2019/avi-load-balancer-scaling-vip-with-contrail/
    • 1 week training (1 day theory, 4 days practice – Design, Implementation, APIs/automation) on Contrail together with another colleague from PS:
    • Demo Ansible module (albeit primitive) for showcasing that if desired this can also be written and if not, then customer can use Ansible REST API module already natively present in Contrail
      https://into.synaptics.ro/2018/newbie-contrail-vn-ansible-module/
    • Revealing how Contrail works deep-dive, how to trace the API calls done by the GUI (log level for the daemon, trying then in Postman, Chrome Inspect and how to read the more programming oriented and cryptic documentation of the vnc api
      http://www.opencontrail.org/documentation/api/r3.2/contrail_openapi.html#virtual-network-label
    • Explaining how Contrail vRouter implements security based on extended route-target values placed on /32 prefixes of VMs and API/automation: https://into.synaptics.ro/2018/contrail-security-with-vnc-api/
  • Lab testing and implementation of concepts for various departments inside Swisscom (BNG, Backbone Core Network – WARP/RAMP/RAMP+ = B2B networks/VPLS/L3VPN/VPWS, Security) regarding routing, subscriber management and automation possibilities (Service Now platform, Security Director for managing the Juniper SRX Firewalls, scripting – off-box, python on-box, Conntrail – SDN Orchestrator, Openstack, docker, lately a bit Kubernetes)
  • Deep Dive debugging of issues in the Live Net (offloading our JTAC and doing tasks such as: looking inside the JunOS C source code for potential issues, internal diagnostics using commands provided by developers, coming up with workarounds to bring back functionality)
  • Meeting with key people inside Swisscom to discuss technical solutions and assist our Sales personnel in understanding the exact customer needs and presenting an appropriate solution later on
  • Daily work includes Network Design/Testing/Validation, Automation, Systems Engineering (FreeBSD/Linux), DevOps, debugging failure causes or functional behavior (also in the source code of JunOS when needed, reverse Engineering), OS hardening, working with virtualisation and container solutions (Vagrant/KVM/VMWare, Jenkins, Robot Framework, Ansible, Docker/Kubernetes and recently OpenStack)

Finecom Еelecommunications AG
(2012 – 2016)

Regional telecommunications provider; provides cable and fiber internet connectivity, analog, digital, IPTV services, B2B services, VOIP solutions.

Senior Network/Systems Engineer

Recruited to manage, develop and expand the network infrastructure of Finecom Telecommunications, design business projects for our customers, administer the ...

Finecom Еelecommunications AG
(2012 – 2016)

Regional telecommunications provider; provides cable and fiber internet connectivity, analog, digital, IPTV services, B2B services, VOIP solutions.

Senior Network/Systems Engineer

Recruited to manage, develop and expand the network infrastructure of Finecom Telecommunications, design business projects for our customers, administer the TV & Voip solutions, provide coaching to 2nd level (Operations) department.

Main tasks involve: Leading the design and implementation of a new IPTV project (datacentre technologies, networking, security, load balancing, virtualization – Cisco UCS / VMWare), B2B projects (VPNs, MPLS VPN configuration – CE, PE), System Engineering (Linux installation and configuration of various services, Windows), Security (Juniper Netscreen, Cisco ASA), DTV / IPTV (operating current IPTV platform, spearheading our new IPTV Project in concern with the technical elements), Voip (SBC, Softswitch), FTTH (Ericsson BLM 1500, Huawei MA 5600), Docsis troubleshooting (Cisco UBR 10k CMTS), training our 2nd Level Operations Team.

Key Successes:

  • Led implementation of new IPTV project which included: Cisco UCS 5108, Cisco UCS 6200, Nexus 5672UP, VMWare, Cisco CSR1000V, ASAv, EMC Storage ISILON and VNX, Envivio IPTV Encoders, Verimatrix, Broadpeak content caching (BkS100, BkS300) for Live and OTT traffic, Agama monitoring, F5 Virtual Load Balancer, Windows 2012 R2 Active Directory, Oracle Database Dataguard cluster.

SWISSCOM GROUP: WINGO / ACCELERIS / AIRBITES
(2007 – 2012)

Major telecommunications provider; provides fixedline and mobile telephony, Internet, digital television, IT services and networking solutions.

Senior Network Engineer / Wingo, Fribourg, Switzerland (2011-2012)

Recruited to customise and expand network infrastructure of Swisscom-owned start-up providing Internet, voice, and IPTV services. Simultaneously perform systems administration, ...

SWISSCOM GROUP: WINGO / ACCELERIS / AIRBITES
(2007 – 2012)

Major telecommunications provider; provides fixedline and mobile telephony, Internet, digital television, IT services and networking solutions.

Senior Network Engineer / Wingo, Fribourg, Switzerland (2011-2012)

Recruited to customise and expand network infrastructure of Swisscom-owned start-up providing Internet, voice, and IPTV services.

Simultaneously perform systems administration, VoIP troubleshooting, and IPTV development, maximising functionality and security.  Provide high level administration and support of Linux server environment encompassing DNS (Bind), DHCP (standalone, failover), Firewalls (Shorewall, FWBuilder), VPNs (OpenVPN), Cacti, Smokeping, Nagios, and Puppet. Mentored and evaluated team members.

Key Successes:

  • Spearheaded large-scale project to expand data centre to accommodate business growth into IPTV market; completed project on time and with zero service/business disruption.
  • Led successful architecture and implementation of Wingo network including dual-homing, BGP, VRRP enabled routers, NAT444 and lawful intercept.
  • Customised and enhanced of CPE Firmware for ADSL/FXS-enabled gateways, significantly improving functionality and customer satisfaction.
  • Debugged and tested FXS / telephone interface in user equipment, troubleshooting and resolving critical performance issues such interference from poor grounding or incompatible telephone brands/filters.
  • Configured and deployed ZTE ZXA10-C300M DSLAMs and Vyatta-based routers.
  • Conducted in-depth analysis and testing, and built business case for integrating TR-069 into setup for CPEs and STBs.
  • Developed new CPE firmware and utilities for debugging, significantly accelerating troubleshooting and resolution of VoIP/Internet issues.

Technical Consultant & Team Leader, Acceleris / Airbites (2007 – 2010)

Stepped into role of company’s 1st employee, charged with hiring staff and launching technical operations for Romanian branch of Swisscom partner, Acceleris. Provided IT consultation and technical support for systems/network operations and security under Linux, Solaris, and Windows environments. Migrated and continued Swisscom investment project previously started with Airbites, including design, configuration, and maintenance of local data centre including firewalls and VPNs. Planned and coordinated all Airbites Data Centre projects, aggressively meeting project milestones whilst managing budget, resources, and time constraints. Recruited, trained, and coordinated 4 team members. Provided pre-sales support and delivered technical presentations at industry events.

Key Successes:

  • Credited with successfully building new data centre from ground up despite limited prior experience with the primary operating system, Sun Solaris.
  • Orchestrated seamless relocation of data centre equipment, hardware and software 2 times; achieved implementation deliverables with minimal service or business disruption.
  • Key contributor to architecture of entire international/metropolitan/access network from the ground up in less than 1 month. Coordinated all technical teams, vendor negotiations, and implementation of lawful intercept.
  • Delivered highly scalable bandwidth limiting solutions with traffic differentiation (local/metropolitan vs extern/international) by using HTB machines, VRFs, and route leaking.
  • Completed both low and high-level configuration of Cisco equipment (Cisco 2950, 2960, Cisco 3845, Cisco 3750 / Cisco 3560, Cisco 7200, Cisco 7600): BGP, OSPF, QOS, MPLS, EoMPLS, MPLS VPNs, PVSTP, MST.
  • Designed and configured Inter-Office DMVPN project, linking multiple locations across Europe with local Datacenter in Bucharest, Romania.
  • Deployed Sun servers X86 and SPARC with Solaris OS, ZFS and zones and IPF filtering (Sun T1000, T2000, X4100, X4150, X2100, T5120).
  • Configured and maintained state-of-the-art storage and backup solutions including Tape Library SL-500, SAN Switches (Brocade), Storage arrays (Storate Tek 6140/6130), NAS (5320 appliance) and Sun StorEdge Enterprise Backup.
  • Virtualised machines for 3rd party clients utilizing Xen, VirtualBox and VMWare.
  • Installed, configured, and managted Windows 2003/2008 AD, Web servers (Apache, Apache Tomcat), Proxy (Squid, web filtering), DNS (Bind), Firewalls (PFSense, Phion Netfence), FTP server (Pure-FTPD, ProFTPD), and Mail server (Postfix).

ERICSSON GLOBAL SUPPORT CENTRE (GSC), Bucharest, Romania
(2010-2011)

Largest GSC in Romania, supporting global telecom operators such as Vodafone-NL, Mobistar Belgium, Base Belgium, Yoigo Spain, etc; 1000 employees.

Team Leader, Back Office IP

Provided decisive leadership and direction for 19 team members across 4 different projects. Resolved escalated issues involving Cisco (ASR, 7600, ...

ERICSSON GLOBAL SUPPORT CENTRE (GSC), Bucharest, Romania
(2010-2011)

Largest GSC in Romania, supporting global telecom operators such as Vodafone-NL, Mobistar Belgium, Base Belgium, Yoigo Spain, etc; 1000 employees.

Team Leader, Back Office IP

Provided decisive leadership and direction for 19 team members across 4 different projects. Resolved escalated issues involving Cisco (ASR, 7600, ASA), F5, Bluecoat, FortiNet, Juniper, and Redback network equipment, Linux and Solaris operating systems, SGSN and GGSN telecom technologies. Organised internal, governance, and change management meetings to ensure compliance with ITIL standards.

Key Successes:

  • Conducted root cause incident investigations and performance/trend analyses of managed networks to accelerate problem resolution whilst increasing uptime, reliability, and security.
  • Mentored staff and colleagues, employing conflict resolution strategies to maximise team productivity.
  • Identified and cost-effectively met employee training needs within established budget parameters.

ROMSYS, Bucharest, Romania
(2006 - 2008)

Provides security & networking solutions, SAP & custom software for large corporations and government entities. Project implementation. Analysed business, system, and security requirements, and customised implementations based upon Linux OS. Analysed and recommended modifications to maximise capacity and ensure a scalable environment while minimising cost. Provided post-implementation training and support. Forged and managed productive client relationships.

Technical Solutions Engineer

Planned and executed all phases of complex projects focused on design and implementation of Cisco-based networking solutions for key clients ...

ROMSYS, Bucharest, Romania
(2006 - 2008)

Provides security & networking solutions, SAP & custom software for large corporations and government entities. Project implementation. Analysed business, system, and security requirements, and customised implementations based upon Linux OS. Analysed and recommended modifications to maximise capacity and ensure a scalable environment while minimising cost. Provided post-implementation training and support. Forged and managed productive client relationships.

Technical Solutions Engineer

Planned and executed all phases of complex projects focused on design and implementation of Cisco-based networking solutions for key clients such as Dacia – Renault Pitesti, Arcelor Mittal (Sidex), and Mechel. Partnered with stakeholders, managers, and teams to define business requirements and specifications for

Key Successes:

  • Customised and deployed ISDN-based failover system for National Ambulance of Romania; created custom scripts (bash, expect) for optimising and accelerating software upgrades, network changes, and redundancy switchovers.
  • Implemented network-wide QOS in 2 days for Mittal Steel.
  • Provided 1st level support for Call Manager and VoIP solution at Dacia-Renault, a car manufacturer.
  • Praised for customer service mentality and the ability to clarify issues and set user expectations.
  • Built productive relationships with both colleagues and customers, earning reputation as ‘go-to’ resource for high-risk projects and technical issues.

Additional experience

UPC Liberty global
(2006 – 2006)

Technical Solutions Engineer

Media SAT
(2005 – 2006)

Network & System Administrator

Duras
(2003 – 2005)

Co-founded successful start-up; positioned for profitable sale in 2005 after reaching 2000 client margin.

Network & System Administrator

Faculty of Mathematics & Computer Science at University of Bucharest
(2003 – 2004)

Network & System Administrator / Volunteer Position

Education & credentials

Master of Science, Computer Aided Business & Project Management (2007 - 2009)

University of Economical Studies, Faculty of Cybernetics, Statistics & Computer Science, Romania

Bachelor of Arts, Computer Science / Networking & Programming (2002 - 2007)

University of Bucharest, Faculty of Mathematics & Computer Science, Romania

Oracle Courses

Database Administration I & II, Oracle RAC - Real Application Clusters)

Six Sigma Course

Ericsson · Project Management Course, Project Management Institute

Certifications

Cisco Certified Internetworking Expert (CCIE R&S #43060)

Sun Certified Network Administrator, Solaris 10 • Sun Certified System Administrator, Solaris 10

Cisco Certified Internetwork Professional (CCIP) • Cisco Certified Network Professional (CCNP)

Juniper JNCIS-ER / Juniper JNCIA-ER • IELTS English Language Accreditation

Redhat Certified Engineer • ITIL v3 Foundation

VCE (Verimatrix Certified Engineer)

VMWARE VCP 5

OSCP (Offensive Security for Pen Testing)

Redhat Openstack

Language skills

Romanian (Native)

English (TOEFL/IELTS certified)

French (Fluent)

German (B1-B2)

Blog

Come visit my blog to see a few of the things I work on.

Contact me