Client Background
Case Study: Building and Managing a High-Availability Campus Network Infrastructure for a University
Role: Computer Network and Systems Engineer (ANZSCO 263111)
Client Location: Sri Lanka
Target: ACS RPL for Skilled Migration – ANZSCO 263111
The client is a highly experienced Computer Network and Systems Engineer with over 9 years of practical experience in designing, deploying, and maintaining large-scale, multi-building campus networks. Employed by a prominent private university in Colombo, Sri Lanka, the client led the complete implementation of wired, wireless, and data center networks that supported over 8,000 students, faculty, and administrative staff.
Having earned a Bachelor’s degree in Mathematics, the client moved into networking through Cisco certifications and hands-on experience. As the degree was non-ICT, the client opted to submit an ACS RPL application under ANZSCO 263111 – Computer Network and Systems Engineer. We collaborated to complete the full RPL, including the Key Areas of Knowledge and two Project Reports carefully aligned with ACS assessment requirements.
Step 1: Roles, Responsibilities, and Technologies
From the client’s CV and project documentation, key professional strengths were identified:
- Enterprise routing/switching deployments
- VLAN configuration for student, faculty, labs, library, and admin zones
- Layer-3 design with redundancy, failover, and load balancing
- 802.1X authentication and RADIUS-based access control
- High-density Wi-Fi design using controller-based architecture
- Firewall setup and dual-WAN redundancy
- IP camera, VoIP, and access control integrations
- Deploying and maintaining hyper-converged infrastructure
Tools, Platforms and Protocols:
- Networking: Cisco Catalyst, HP Aruba, Ubiquiti EdgeSwitch
- Routing Protocols: OSPF, EIGRP, HSRP, VRRP
- Wireless: Cisco WLC, Aruba Mobility Controller, WPA3 Enterprise
- Security: pfSense, FortiGate, VLAN ACLs, 802.1X, RADIUS, MAC-based Filtering
- Monitoring: PRTG, Zabbix, SolarWinds, SNMPv3
- Server & DC: VMware vSphere, Proxmox, Hyper-V, Windows Server
- Automation & Backup: Ansible, Syslog, Putty/SSH scripts
- Voice & IP Devices: Grandstream VoIP, Cisco CallManager, IP cameras, biometric access
- Fiber Uplink: 10G SFP+, ODN (Optical Distribution Network) backbones
Step 2: Key Areas of Knowledge
In the Key Areas of Knowledge, we structured the client’s work around four core ACS categories:
a) Network Architecture & Infrastructure Design
Created a Layer 3 campus backbone with VLANs for different user groups. Each building had one or more distribution switches connected to the core via redundant 10Gbps uplinks. Used HSRP for gateway failover and load balancing.
“We designed VLANs for administrative operations, student browsing, examination systems, VoIP, labs, and surveillance — all isolated with firewall controls and traffic policies.”
b) Secure Identity and Access Management
Deployed 802.1X authentication on wired and wireless LANs. Tied RADIUS to student management system, ensuring enrolled students could connect securely with usage limits and login logs. Implemented captive portal and per-device quotas using MAC-based authentication.
c) VoIP, Surveillance & Smart Infrastructure Integration
Built a converged IP network that served VoIP lines (using Cisco CallManager + SIP phones), 120+ IP CCTV cameras, staff biometric readers, and IP-based classroom projectors.
d) Redundancy, Disaster Recovery & Monitoring
Deployed dual-WAN ISP failover for critical services like LMS, exam servers, and IP telephony. Setup Zabbix and SNMPv3 monitoring, configured with real-time alerting to on-call engineers. Automated configuration backups and switch firmware version control.
Step 3: Project Report 1
Project Title: Campus-Wide Wired/Wireless Network Rollout with Segmentation and Redundancy
Role: Computer Network and Systems Engineer Duration: March 2020 – August 2021
Objective: Design a unified wired and wireless networking infrastructure across 6 academic buildings, 2 dormitories, and 1 central data center to support multi-tenant operations with high availability and secure access policies.
Responsibilities:
- Performed site surveys and determined optimal switch locations and AP placements
- Configured 24 VLANs across all switches using hierarchical design (core, distribution, access layers)
- Implemented HSRP at core switches with fast failover, loop prevention via STP
- Installed 130+ Cisco APs controlled by WLC 5520, dividing SSIDs by academic/staff/visitor
- Tied RADIUS authentication to Microsoft Active Directory for passwordless SSO
- Built firewall ACLs on FortiGate units to block inter-VLAN traffic except where explicitly allowed
- Developed documentation and trained system admins for day-to-day switch/AP management
Technologies Used:
- Cisco Catalyst Switches, WLC 5520, pfSense, HSRP, STP
- VLANs, DHCP Snooping, RADIUS, SNMP, Zabbix
- Cisco Prime & GNS3 (simulation/testing)
Key Outcomes:
- Delivered fully operational network within 6 months covering over 1200 endpoints
- <1% downtime reported during first academic year post-deployment
- User-onboarding time reduced by 60% with RADIUS-linked self-registration
- Network latency dropped by 45% following link aggregation and direct uplink tuning
Step 4: Project Report 2
Project Title: Deployment of a Data Center Network Backbone with Redundant Edge and Virtualization
Role: Computer Network and Systems Engineer Duration: September 2021 – February 2023
Objective: Create a robust, scalable data center environment supporting student login services, exam platforms, academic ERP, CCTV storage, VoIP PBX, and secure remote access, all tied to the campus-wide backbone.
Responsibilities:
- Designed scalable core network backbone with switch stack and bonded 10G fiber uplinks
- Deployed private cloud using VMware vSphere with layer-2 virtual switch linking to physical VLAN zones
- Hosted institution-wide services: student portal, LMS, DNS, AD, VoIP PBX, LDAP, file/API servers
- Used pfSense-firewalled DMZs for protecting exam servers with IDS/IPS modules
- Ran full-scale failover testing by simulating power loss and link failure scenarios
- Generated logs to secure Syslog collectors, integrating firewall, DHCP logs, and login attempts
- Created VPN tunnels for remote learning support via OpenVPN and secured RDP access
Technologies Used:
- Huawei Core Stacking Switch, VMware ESXi, vCenter, pfSense, Ubiquiti EdgeRouter
- DMZs, IDS/IPS modules, RDP over VPN, TACACS+
- Zabbix, SSH automation scripts, Syslog
Results Delivered:
- 24/7 availability of learning management systems and ERP
- Boot time of remote services decreased by 50% due to virtual resource pooling
- Zero reported intrusion attempts blocked by IDS/IPS in test simulations
- Exam delivery success rate reached 99.96% with load balancing active
Step 5: Final Review and Submission
After drafting Key Areas of Knowledge and both detailed Project Reports, we made two client-requested edits:
- Added clarification to VLAN mapping logic in Project 1
- Expanded on syslog integration and automation scripting in Project 2
Final documents were formatted per ACS standards, checked for originality, and delivered ready for online submission. The client submitted the application and received a positive ACS skills assessment under ANZSCO 263111 within five weeks.
Conclusion
In this case, the client demonstrated outstanding real-world abilities as a Computer Network and Systems Engineer by implementing and maintaining a highly reliable, secure, and segmented network for education infrastructure. With clear contributions across routing, switching, wireless deployment, access control, data center design, and network security, the client proved every core skill required for ACS recognition.
