Rizki Roihan. Soeharto
Docs Site arrow_outward

Technical Handbook & Notes

schedule Jakarta // GMT+7
--
/// Section 03

SELECTED WORKS

[ CASE_STUDIES_LOADED ]
2023 Project 01

Network Security Virtualization (NSX) Platform

Client Context

Enterprise Banking - Micro-segmentation Security

Role

Technical Product Specialist

Technological Stack

VMware NSX / vRNI / vRLI

Network Security Network Virtualization Micro-Segmentation Zero Trust

error_outline The Challenge

The client faced challenges with limited visibility of East-West traffic within the data center, making it difficult to detect lateral movement threats and ransomware. The existing legacy infrastructure was unable to perform micro-segmentation efficiently.

psychology The Solution

Implement VMware NSX Security for Distributed Firewall and Micro-segmentation. Integrate vRealize Network Insight (vRNI) for real-time traffic flow visualization and vRealize Log Insight (vRLI) for centralized security log analytics. Perform real malware attack simulations to validate protection.

trending_up Impact & Results

"100% East-West traffic visibility achieved"

"Threat detection time reduced from days to minutes"

"Micro-segmentation successfully isolated critical workloads without downtime"

2023 Project 02

Next-Gen Data Center Firewall

Client Context

Logistic Company - Firewall Refreshment

Role

Technical Product Specialist

Technological Stack

Check Point Quantum / Check Point Smart-1

NGFW Zero-day Sandboxing Threat Prevention

error_outline The Challenge

The existing firewall (MikroTik) lacks modern security features such as Threat Prevention and Zero-day protection, causing security risks to the system.

psychology The Solution

Migrated to Check Point Quantum Security Gateway. Activated Threat Extraction and Emulation for zero-day attack protection without compromising throughput.

trending_up Impact & Results

"300% increase in network throughput"

"Zero downtime during migration"

"Automatic prevention of 99.9% of known malware"

2023 Project 03

Enterprise Private Cloud

Client Context

State-owned Oil Company - Private Cloud

Role

Technical Product Specialist

Technological Stack

Check Point / F5 WAF / CyberArk PAM / Kaspersky SIEM

Private Cloud NGFW WAF PAM Sandboxing

error_outline The Challenge

The company requires a private cloud that can meet its clients' needs related to virtual desktop infrastructure (VDI) that needs to be created in a single private cloud, including components such as data centers, servers, networking, storage, and security.

psychology The Solution

I focus on security by designing firewall solutions, endpoint protection, and on-premise sandboxing appliances with Check Point. Then I conduct proof-of-concepts for Check Point and other technologies, namely F5 WAF for application protection, CyberArk PAM for super-admin privileged access management, and Kaspersky SIEM for system monitoring and logging. Since only a limited number of people are allowed to enter the test room, I also have to conduct proof-of-concepts for other products.

trending_up Impact & Results

"Full compliance with national data security regulations"

"Private Cloud with end-to-end system providing VDI, high availability & durability storage, and the best security"

"No single point of failure"

PRESENT Project 04

HomeLab

Client Context

Personal Simulation Environment

Role

as Roihan my self

Technological Stack

VMware Workstation / Windows Server / Linux / OpenWRT

Homelab Nested Virtualization Secure Environment Malware Testing

error_outline The Challenge

I need personal computer (PC) with HUGE RAM for my VMware labs.

psychology The Solution

Buy and using PC that comes with AMD Ryzen 5500 CPU, 96 GB of RAMs, 2 TB of NVMe Storage, and AMD RX 6600 8GB GPU and with 144hz 1ms gtg FULL HD IPS monitor.

trending_up Impact & Results

"Can deploy 3 ESXi, 1 vCenter, and 1 NSX Manager, just that"

"Smooth computer no lagging whatsoever and also smooth gaming"

"Sit all day infront of my PC"