Michael Ndowora
Network Engineer
I build networks, document how they work, and share what I learn along the way. Always learning — currently working toward my CCNA.
Tech Stack
Credentials
Certifications
Click any certification to view details and credential.
Background
Work Experience
Professional history and the real-world problems I've solved.
Network Engineer
Vumacam
Designing and maintaining network infrastructure, configuring and troubleshooting routing, switching, and firewall policies. Responsible for network security, VLAN segmentation, and ongoing infrastructure improvements.
Support Technician
Vumacam
Provided technical support and troubleshooting for end users. Handled network connectivity issues, hardware diagnostics, software installation, and ticket escalations across the organisation.
Academia
Education
Formal qualifications across networking, IT, and information systems management.
University of Cape Town
Postgraduate Diploma in Management in Information Systems
Specialisation: Cyber Security
Tshwane University of Technology
Advanced Diploma in Information Technology
Specialisation: Communication Networks
Nelson Mandela University
National Diploma in Information Technology
Specialisation: Communication Networks
Lab Work
HomeLab
Real configs, diagrams, and lab scenarios from my home network.
Diagram
Core Network Topology
Animated network topology — FortiGate 40F edge firewall, Arista 7010T L3 core, MikroTik & Ubiquiti access switches, 3× IPsec site-to-site tunnels, and Linode VPS.
No configurations published yet.
Check back soon — sample configs are coming.
Spotlight
Tool of the Day
One tool. What it is, why it matters, and how to actually use it.
nmap
The Swiss Army knife that tells you exactly what your firewall is (and isn't) blocking.
What it does
nmap (Network Mapper) is an open-source port scanner and network discovery tool that has been the go-to for network engineers and security pros since 1997. It maps open ports, identifies running services and their versions, fingerprints operating systems, and can run complex scripted checks using the Nmap Scripting Engine (NSE). It shows you what's actually exposed on your network — not what you assume is.
Why you need it
Every time you add a firewall rule or spin up a new service, nmap gives you the outside-in view to verify it worked. On a homelab with FortiGate policies, Arista ACLs, and MikroTik firewall rules spread across multiple VLANs, a quick nmap sweep from a different segment tells you instantly whether your segmentation is doing its job — before an attacker finds out it isn't.
How to use it
- 011. Basic scan of a single host: nmap 192.168.1.1 2. Discover all hosts on a subnet: nmap -sn 192.168.1.0/24 3. Detect open ports with service and version info: nmap -sV 192.168.1.0/24 4. Add OS fingerprinting: nmap -sV -O 192.168.1.1 5. Stealth SYN scan (quieter on the wire): nmap -sS 192.168.1.0/24 6. Scan specific ports only: nmap -p 22,80,443,8443 192.168.1.1 7. Verify a FortiGate WAN port is NOT reachable from outside — run from a VPS: nmap -p 443,8443,541 <your-WAN-IP> 8. Run vulnerability scripts with NSE: nmap --script vuln 192.168.1.1 9. Save output to a file for comparison later: nmap -oN baseline-scan.txt 192.168.1.0/24 10. Compare two scans to spot what changed: diff baseline-scan.txt new-scan.txt
Get in Touch
Contact
Have a question, opportunity, or just want to connect? Send a message and I'll get back to you.
michael@michaelndowora.tech
linkedin.com/in/michaelndowora
GitHub
github.com/mndowora
Response time
Usually within 24–48 hours