David LaPorte, CISSP
david@davidlaporte.org
http://www.davidlaporte.org
PGP Key ID: 0x4DC3E508
INDUSTRY EXPERIENCE
|
HARVARD UNIVERSITY – NETWORK AND SERVER SYSTEMS |
Cambridge, MA |
|
|
Security Manager |
February 2005 to Present |
|
á Facilitated creation of NOC Customer Portal – a unified, role-based interface to NOC services, statistics, and data.
á Deployed network access control (NAC) across student networks.
á Coordinated incident response and forensics within NSS.
á Co-chair of ABCD Security Working Group.
á Recipient of three Harvard Hero awards (2003 to Present).
á Architected PCI DSS compliant infrastructures to facilitate e-commerce and point-of-sale transactions.
á Integrated two-factor authentication into existing business processes
á Implemented 802.1x authentication against varied authentication sources across wired and wireless networks
|
HARVARD UNIVERSITY – NETWORK OPERATIONS CENTER |
Cambridge, MA |
|
|
Senior Network Security Engineer / Network Engineer |
September 2001 to February 2005 |
|
Responsibilities included those detailed below in addition to:
á Provided security audits and vulnerability scans to University community.
á Evaluated and deployed 802.11 wireless networking.
á Implemented change management system for all network element configurations.
á High-bandwidth, asymmetric anomaly and signature-based IDS deployment.
|
HARVARD UNIVERSITY – NETWORK OPERATIONS CENTER |
Cambridge, MA |
|
|
Network Engineer |
November 2000 to September 2001 |
|
á Designed and implemented H.323 conferencing zone for use by Harvard and affiliated institutions.
á Implemented and administered Harvard IPv6 demonstration network.
á Technical contact on University VoIP pilot program.
á Chair of Harvard University ABCD Video Conferencing Working Group.
á Assisted in the maintenance and administration of the Northern Crossroads (NoX), an Internet2 gigaPOP.
|
TAOS |
Cambridge, MA |
|
|
Systems Administrator |
August 2000 to November 2000 |
|
á Audited and secured client UNIX systems.
á Defined and implemented initial system build procedures for Sun Enterprise-class hardware.
á Mentored junior consultants and created training materials to enhance knowledge transfer.
|
HARVARD UNIVERSITY – NETWORK OPERATIONS CENTER |
Cambridge, MA |
|
|
Senior Network Security Engineer |
August 1999 to August 2000 |
|
á Created security policies and procedures for Network Operations Center.
á Advised Harvard community on security issues and effective preventative measures.
á Designed, implemented, and maintained university-wide IDS infrastructure.
á Rolled out Cisco VPN solution to Harvard community.
á Built RedHat kickstartion and Sun Jumpstart build environments
|
HARVARD UNIVERSITY – NETWORK OPERATIONS CENTER |
Cambridge, MA |
|
|
Systems Engineer |
November 1997 to August 1999 |
|
á Wrote and maintained software to administer e-mail aliases for all Harvard employees
á Migrated and maintained the Harvard NNTP (news) server and web hosting service.
á Developed DNS zone management system for Harvard namespace.
á Designed and implemented security policy for internal Network Operations subnets.
TEACHING EXPERIENCE
|
HARVARD UNIVERSITY – EXTENSION SCHOOL |
Cambridge, MA |
|
Teaching Fellow |
|
|
CSCI E-170: Security, Privacy, and Usability |
September 2006 to Present |
|
CSCI E-132: Advanced Topics in Data Networking |
January 2003 to Present |
|
CSCI E-135: Computer Networks and Network Programming |
September 2002 to January 2003 |
|
CSCI E-131b: Communication Protocols and Internet Architectures |
June 2002 to January 2003 |
EDUCATION
|
NORTHEASTERN UNIVERSITY |
Boston, MA |
|
College of Computer Science |
September 2006 to May 2009 |
Masters in Information Assurance
|
NORTHEASTERN UNIVERSITY |
Boston, MA |
|
College of Computer Science |
September 1995 to June 2000 |
Bachelor of Science in Computer Science, 2000
TECHNOLOGIES
|
Languages: |
Perl, UNIX shell scripting, HTML, PHP, SQL, C |
|
Operating Systems: |
Solaris, RedHat Enterprise Linux, OS X, IOS, Windows 2000/2003/XP |
|
Software: |
ISC DHCP/BIND, Apache, Postfix, MySQL, Cisco Network Registrar, MRTG/RRD, RANCID, VMware Server/ESX, Infoblox DNS/DHCP |
|
Security Devices/Software: |
Snort, Q1 Labs qRadar, LogLogic, Cisco WLC, Bluesocket, Cisco 30x0 VPN, Cisco ASA 55x0-series, Cisco PIX/FSWM, RADIUS (Cisco ACS, Radiator), OpenLDAP, TACACS+, Arbor Peakflow, Nessus, RSA Authentication Manager, ModSecurity |
|
Networking: |
OSPF, BGP4, MPLS, voice and video over IP, high-performance network monitoring, PCI DSS-compliant architectures, network access control (NAC), wired/wireless 802.1x |
PROJECTS
|
PacketFence |
Open-source network access control (NAC) solution |
|
http://www.packetfence.org |
Co-creator and lead architect |
|
|
Acquired by Inverse Inc., May 2008 |
|
FingerBank |
Open-source repository of DHCP fingerprints |
|
http://www.fingerbank.org |
Presented at Black Hat Japan 2007 |
|
|
Assumed by Inverse Inc., February 2008 |
CERTIFICATIONS
Certified Information Systems Security Professional
Red Hat Certified Engineer
PROFESSIONAL AFFILIATIONS
|
ISSA |
(Information Systems Security Association) |
|
InfraGard |
|