Rizki Roihan. Soeharto
Docs Site

Technical Handbook & Notes

Jakarta // GMT+7
--
/// Section 03

SELECTED WORKS

[ CASE_STUDIES_LOADED ]
2023 Project 01

Network Security Virtualization (NSX) Platform

Client Context

Enterprise Banking - Micro-segmentation Security

Role

Technical Product Specialist

Technological Stack

VMware NSX / vRNI / vRLI

Network Security Network Virtualization Micro-Segmentation Zero Trust

The Challenge

The client needed clearer visibility into East-West data center traffic to detect lateral movement and ransomware activity. Their legacy infrastructure could not support practical micro-segmentation at scale.

The Solution

Implemented VMware NSX Security for Distributed Firewall and micro-segmentation, integrated vRealize Network Insight for traffic-flow visibility, and used vRealize Log Insight for centralized security analytics. Validated the design with controlled malware-attack simulations.

Impact & Results

"100% East-West traffic visibility achieved"

"Threat detection time reduced from days to minutes"

"Micro-segmentation successfully isolated critical workloads without downtime"

2023 Project 02

Next-Gen Data Center Firewall

Client Context

Logistic Company - Firewall Refreshment

Role

Technical Product Specialist

Technological Stack

Check Point Quantum / Check Point Smart-1

NGFW Zero-day Sandboxing Threat Prevention

The Challenge

The existing MikroTik firewall lacked modern threat prevention and zero-day protection, increasing security risk across the environment.

The Solution

Migrated to Check Point Quantum Security Gateway and enabled Threat Extraction and Threat Emulation for stronger zero-day protection without compromising throughput.

Impact & Results

"300% increase in network throughput"

"Zero downtime during migration"

"Automatic prevention of 99.9% of known malware"

2023 Project 03

Enterprise Private Cloud

Client Context

State-owned Oil Company - Private Cloud

Role

Technical Product Specialist

Technological Stack

Check Point / F5 WAF / CyberArk PAM / Kaspersky SIEM

Private Cloud NGFW WAF PAM Sandboxing

The Challenge

The client required a private cloud platform that could support VDI and core infrastructure services across compute, networking, storage, and security.

The Solution

Focused on security architecture by designing firewall, endpoint protection, and on-premise sandboxing solutions with Check Point. Also supported proof-of-concepts for F5 WAF, CyberArk PAM, and Kaspersky SIEM under restricted lab-access conditions.

Impact & Results

"Full compliance with national data security regulations"

"Private Cloud with end-to-end system providing VDI, high availability & durability storage, and the best security"

"No single point of failure"

PRESENT Project 04

HomeLab

Client Context

Personal Simulation Environment

Role

Personal R&D

Technological Stack

VMware Workstation / Windows Server / Linux / OpenWRT

Homelab Nested Virtualization Secure Environment Malware Testing

The Challenge

I needed a personal workstation with enough RAM and storage to run nested VMware labs reliably.

The Solution

Built a lab PC with an AMD Ryzen 5 5500, 96 GB RAM, 2 TB NVMe storage, AMD RX 6600 8 GB GPU, and a 144 Hz Full HD IPS monitor.

Impact & Results

"Runs nested ESXi, vCenter, and NSX lab scenarios"

"Supports smooth daily work, lab testing, and gaming"

"Provides a reusable environment for infrastructure and security experiments"