Major
Projects.
Engineering at scale. From global upgrades to custom AI agents, here is what we've built.
Webex & Ansible AI Automation Bot
The Challenge
Organization needed a frictionless way for NetOps to execute playbook actions without context switching. Manual playbook execution was slow and required SSH/CLI access.
Stack: Cisco Webex API, Ansible Automation Platform, Python, OpenAI API, Docker
Our Solution
- Developed a custom Webex Bot integrated with Ansible Tower/AWX
- Natural Language Processing (AI) interprets engineer requests in chat
- Bot executes approved playbooks (vlan changes, port resets, status checks)
- AI agent can generate new playbook scaffolds based on intent description
Quantified Impact
Multi-Site Data Center Migration to VXLAN
The Challenge
Enterprise required migration from legacy traditional STP-based architecture to a modern VXLAN EVPN Fabric across multiple geographic sites using Cisco Nexus and Catalyst platforms.
Stack: Cisco Nexus 9000, Cisco Catalyst, VXLAN EVPN, Nexus Dashboard (NDFC)
Our Solution
- Designed L2/L3 overlay architecture with VXLAN BGP EVPN
- Deployed Cisco Nexus Dashboard for centralized fabric management
- Automated configuration generation for Underlay (IS-IS) and Overlay (BGP)
- Seamless migration of workloads preserving gateway redundancy
Quantified Impact
Massive Cisco to Palo Alto Migration
The Challenge
Migration of legacy Cisco firewalls to Palo Alto Panorama for a global entity. Involved transitioning 10,000+ complex rules while optimizing for application-ID and ensuring zero downtime.
Stack: Palo Alto Panorama, Cisco ASA/Firepower, Python, Custom Migration Tools, REST API
Our Solution
- Custom automation logic to parse and translate Cisco config to PAN-OS
- Intelligent rule optimization to merge redundant ACLs
- Automated policy push to Panorama device groups
- Pre-migration validation scripts to ensure traffic flow parity
Quantified Impact
Global Cisco ISE & Zero Trust Deployment
The Challenge
Worldwide implementation of Cisco Identity Services Engine (ISE) to enforce NAC and Micro-segmentation across a hybrid environment of Cisco Catalyst switching and Meraki wireless.
Stack: Cisco ISE, Cisco Catalyst, Cisco Meraki, TrustSec, Active Directory/Azure AD
Our Solution
- Architected distributed ISE deployment for global redundancy
- Implemented 802.1X and MAB for all wired/wireless endpoints
- Designed TrustSec/SGT policies for micro-segmentation
- Cloud integration for identity storage and policy context
Quantified Impact
RAG AI System for Compliance (NIST/CIS)
The Challenge
Company needed a 'Source of Truth' system to verify network configurations against strict external compliance standards (NIST, CIS, PCI-DSS) without manual audting.
Stack: Vector Database (Supabase), LangChain, OpenAI, Python, Network RAG
Our Solution
- Built a RAG (Retrieval-Augmented Generation) system ingesting PDF standards
- AI Agents query live network state and compare vs compliance vector database
- Automated report generation highlighting non-compliant configurations
- Natural language interface for auditors to ask compliance questions
Quantified Impact
FedGov Agency IoT Security & Isolation
The Challenge
Federal Agency required a secure architectural isolation for unclassified IoT devices (Building Automation, Environmental Sensors) sharing the same physical switching infrastructure as secure workloads.
Stack: Aruba Wireless, Aruba ClearPass, Cisco Catalyst 9300, MPSK, Tunneled Node
Our Solution
- Designed a Zero-Trust architecture using Aruba ClearPass for granular profiling
- Deployed Aruba Wireless with Tunneled Node to terminate IoT traffic in DMZ
- Configured Cisco Catalyst switches with Downloadable ACLs (dACLs) for edge enforcement
- Implemented 802.1X for wired and MPSK for wireless devices