Back to Experience
Data Center & Security 2013 - 2017

Government Data Center — National Tier

Network Security Architect

Iran · National

3-Tier DMZ Network Zones
24/7 SOC Monitoring
VLAN Micro Segmentation

Overview

Established foundational network security architecture for tier-1 government data centers — defining the perimeter, segmentation, and monitoring standards later adopted across multiple public-sector hosting environments.

Role Summary

Architected security for government data-center workloads including DMZ topology, perimeter firewalls, intrusion detection, VLAN micro-segmentation, and 24/7 SOC monitoring with automated incident response.

Responsibilities

  • Designed three-zone DMZ topology isolating citizen-facing from internal workloads
  • Deployed Cisco ASA and pfSense perimeter firewall stacks
  • Implemented VLAN micro-segmentation for classified government systems
  • Configured WireGuard secure admin access replacing legacy remote access
  • Built 24/7 SOC monitoring with Zabbix, ELK, and automated incident playbooks

Key Achievements

  • Reduced security incident response time from 4 hours to under 45 minutes
  • Blocked 99.7% of unauthorized access attempts at perimeter layer
  • Standardized network security blueprint adopted by 3 additional government DCs
  • Passed national cybersecurity assessment with zero critical infrastructure gaps

Technologies & Tools

Cisco ASA pfSense WireGuard Zabbix ELK IDS/IPS VLAN SOC