Government Data Center — National Tier
Network Security Architect
Iran · National
3-Tier DMZ
Network Zones
24/7 SOC
Monitoring
VLAN Micro
Segmentation
Overview
Established foundational network security architecture for tier-1 government data centers — defining the perimeter, segmentation, and monitoring standards later adopted across multiple public-sector hosting environments.
Role Summary
Architected security for government data-center workloads including DMZ topology, perimeter firewalls, intrusion detection, VLAN micro-segmentation, and 24/7 SOC monitoring with automated incident response.
Responsibilities
- Designed three-zone DMZ topology isolating citizen-facing from internal workloads
- Deployed Cisco ASA and pfSense perimeter firewall stacks
- Implemented VLAN micro-segmentation for classified government systems
- Configured WireGuard secure admin access replacing legacy remote access
- Built 24/7 SOC monitoring with Zabbix, ELK, and automated incident playbooks
Key Achievements
- Reduced security incident response time from 4 hours to under 45 minutes
- Blocked 99.7% of unauthorized access attempts at perimeter layer
- Standardized network security blueprint adopted by 3 additional government DCs
- Passed national cybersecurity assessment with zero critical infrastructure gaps