Deutsch

Dr. Petr Zimak

 

Personal Information

Employment and Education

Key Activities

Projects

Skills

Teaching and Presentations

Languages

 

Selection of Projects

 

Organizational projects

Information Security Management System (ISMS)

Design and implement an Information Security Management System (ISMS) in compliance with the norm ISO/IEC 27001, regulatory and legal requirements and guidelines, security organization and roles, design and implement an asset and risk management process, training the involved, documentation and evidence, exception management.

 

Customer projects

IP address management and IP addressing

Concepts for IPv4 and IPv6 addressing for various organisations and enterprises, readdressing of world wide networks after company acquisitions, trainings for global support centers.

 

DDI / IPAM, VitalQIP

Concepts, implementations, documentation, training, patches and upgrades, failover, backup, disaster recovery, trouble shooting, support, runIP appliances, Alcatel-Lucent appliances, collaboration with partners, suppliers and manufacturers.

 

Threat and Risk Management

Concepts, implementations, documentation, training, patches and upgrades, failover, backup, disaster recovery, trouble shooting, support, analysis of log sources, development and implementation of ArcSight FlexConnectors, scripting for data pre- and postprocessing (e.g. XDAS), reporting and forensics, ArcSight appliances, nCircle appliances, collaboration with partners, suppliers and manufacturers.

 

General projects

Central Authentication and Authorization

Setup and operation of a failsafe LDAP infrastructure, integration with central services (mail, file server, VPN server, SWITCHaai Shibboleth/IdP, students grading system) and other systems (departmental web servers, authentication on publicly accessible computers, etc.).

 

Network Access

Secure and controlled access (wired and wireless) to the intranet of the University of Basel and to the Internet for students and staff, teachers in lecture halls, participants of meetings and conferences. Protection against non-authorized users, viruses and other malware. Temporary accounts, VPN (http://www.mobile.unibas.ch/vpn), NAC etc.

 

Wireless

A growing number of access points distributed over multiple wireless areas (http://www.mobile.unibas.ch/wlan). Evaluation of central management systems.

 

SWITCHmobil

Roaming access to home networks and the Internet for swiss students and staff of swiss universities and members of the german DFN. (http://www.switch.ch/mobile/).
 

 

Software projects

URZadmin

Development and operation of the central identity management of the University of Basel.
Example Doc (PDF 89 KB)

  • Managed objects: persons (students, staff, faculty, guests), organizations (university and external institutions), roles, accounts (UNIX, LDAP, RADIUS), mail addresses, mail lists, mail services (auto reply, spam filter, etc.).

  • Integration (provisioning) of UNIX / Linux servers, LDAP servers (OpenLDAP), Livingston and Radiator RADIUS servers, sendmail and PMDF mail servers, mailman and PMDF mail list servers, procmail and maildropfilter mail processors.

  • Data exchange with SAP Campus, data exports to SAP HR and to other systems.

  • Various interfaces:

    • URZadmin: full administrative web interface

    • viaWEB: self services for user specific settings and services.

    • perssearch: white pages of the University of Basel

    • SMILE: mail address selection and activation for new students.

    • periodic jobs (control of mail services, suspending, activating and aging accounts and mail addresses, data exchange with SAP, UNIX serves, LDAP etc.) and UNIX command line tools.

  • Implementation in Perl: easy portability to various platforms.

 

NOC: Network Operations Center

Development and operation of a Perl application for network monitoring, reporting and configuration changes over telnet and SNMP.

  • Inventory of active IP addresses, report structured by subnet.

  • Discovery of new IP addresses and of clients with incorrect IP settings.

  • Periodic scans of network devices (routers, switches, firewalls, access points, etc.) device configuration backup, alerts on configuration changes and when the active configuration was not saved on device.

  • Discovery of new network devices using routing tables and CDP (for Cisco devices).

  • Real time device monitor (display of uptime and number of active interfaces).

  • Execute Cisco IOS commands on selected network devices.

  • Display bandwidth usage (MRTG/RRD Tool).

The first version of NOC was released 1994 as one of the first applications using a web interface (NCSA Mosaic).

 

Media/Press Releases of the Government of the Canton of Basel-Stadt

Management of the press releases/articles, departments and users, assignment of access rights, electronic mailing of news letters to press and other media and interested parties (see http://www.medienmitteilungen.bs.ch).

 

2007-2014, info@zimak.ch

Deutsch