Palo Alto Architect (SC Cleared)

Certes Computing Ltd

Posted on Jan 20, 2025 by Certes Computing Ltd
England, United Kingdom
IT
Immediate Start
Annual Salary
Contract/Project - Remote

Palo Alto Architect (SC Cleared)

Duration: 3 Weeks

Start: ASAP

Rate: Negotiable

Location: Remote working

IR35 Status: Outside

Project Overview:

We require a Palo Alto Architect (SC Cleared) to advise our public sector client on web proxying.

The Client has two data centres and an express route connection with Microsoft and has previously used Microsoft TMG to manage their URL routing.

They would now like to move forward web proxying to the pair of Palo Alto Firewalls located in bot data centres to allow decommissioning of the TMG Proxy Servers; a pair of Cisco ASA Firewalls and an additional Sidewinder Firewall. They would also like to explore options for removing a Legacy forward lookup zone currently configured in their internal DNS.

The client wants a future proof design that continues to work when they move to a WAN model where each office breaks out to the Internet without traversing the network for most web traffic.

As the Palo Alto Architect you will be required to advise the Client on how they can implement forward web proxying on their Palo Altos or alternative end user device routing options. The client has users working on two different connections, remotely from home locations and via the clients network in their offices.

The design challenge is to go "direct" for nearly all traffic but allow for exceptions that are routed out through the Palo Altos, either to specific VPN connections or to the Internet for websites/applications that use IP whitelisting as a security control. The configuration is further complicated by users operating in two distinct connection configurations when working remotely (using Microsoft Always On VPN) and in the office on the LAN. The solution must work consistently in both modes.

As the Palo Alto Architect you will consider their routing through PAs to produce a design which moves us away from their current design of a WPAD file directing this traffic to a Microsoft TMG Proxy to the solution

We require a Palo Alto architect who can produce a design centred on forward Proxy routing or via the Clients existing network design to remove additional unnecessary hops from outbound internal and external URLs to provide an efficient and secure new solution for such sites.

Key outcomes/deliverables will include:

Discovery - A workshop to establish the design.
Design - A new LLD for all URLs which must traverse from the client's network out via VPN destinations or express route to their ultimate destinations.
Handover - A workshop on the LLD to walk through the Tech Ops team so they are able to implement

To apply for this role please call Joanne Stanley - Tel or email: (see below)

Certes IT Service Solutions welcome applications from all sections of the community and from people with diverse experience and backgrounds

Certes Computing (and all of its subsidiary companies) is committed to promoting equality and diversity in its business operations.


Reference: 2884061499

https://jobs.careeraddict.com/post/98959667

This Job Vacancy has Expired!

Certes Computing Ltd

Palo Alto Architect (SC Cleared)

Certes Computing Ltd

Posted on Jan 20, 2025 by Certes Computing Ltd

England, United Kingdom
IT
Immediate Start
Annual Salary
Contract/Project - Remote

Palo Alto Architect (SC Cleared)

Duration: 3 Weeks

Start: ASAP

Rate: Negotiable

Location: Remote working

IR35 Status: Outside

Project Overview:

We require a Palo Alto Architect (SC Cleared) to advise our public sector client on web proxying.

The Client has two data centres and an express route connection with Microsoft and has previously used Microsoft TMG to manage their URL routing.

They would now like to move forward web proxying to the pair of Palo Alto Firewalls located in bot data centres to allow decommissioning of the TMG Proxy Servers; a pair of Cisco ASA Firewalls and an additional Sidewinder Firewall. They would also like to explore options for removing a Legacy forward lookup zone currently configured in their internal DNS.

The client wants a future proof design that continues to work when they move to a WAN model where each office breaks out to the Internet without traversing the network for most web traffic.

As the Palo Alto Architect you will be required to advise the Client on how they can implement forward web proxying on their Palo Altos or alternative end user device routing options. The client has users working on two different connections, remotely from home locations and via the clients network in their offices.

The design challenge is to go "direct" for nearly all traffic but allow for exceptions that are routed out through the Palo Altos, either to specific VPN connections or to the Internet for websites/applications that use IP whitelisting as a security control. The configuration is further complicated by users operating in two distinct connection configurations when working remotely (using Microsoft Always On VPN) and in the office on the LAN. The solution must work consistently in both modes.

As the Palo Alto Architect you will consider their routing through PAs to produce a design which moves us away from their current design of a WPAD file directing this traffic to a Microsoft TMG Proxy to the solution

We require a Palo Alto architect who can produce a design centred on forward Proxy routing or via the Clients existing network design to remove additional unnecessary hops from outbound internal and external URLs to provide an efficient and secure new solution for such sites.

Key outcomes/deliverables will include:

Discovery - A workshop to establish the design.
Design - A new LLD for all URLs which must traverse from the client's network out via VPN destinations or express route to their ultimate destinations.
Handover - A workshop on the LLD to walk through the Tech Ops team so they are able to implement

To apply for this role please call Joanne Stanley - Tel or email: (see below)

Certes IT Service Solutions welcome applications from all sections of the community and from people with diverse experience and backgrounds

Certes Computing (and all of its subsidiary companies) is committed to promoting equality and diversity in its business operations.

Reference: 2884061499

CareerAddict

Alert me to jobs like this:

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test