top of page
Search

Azure & Fortinet Architect Story: How I Solve Cloud Mysteries, Slash Costs & Secure Enterprises

You were promised a cloud solution, but instead you got a cloud mystery. Your firewall was supposed to protect your network, yet today no one can explain what is being blocked. You invested in Microsoft Defender, Intune, or AVD and now your dashboards are filled with red warnings. Remote users complain of slow performance, and your Azure bills continue to climb.

That is not the future your organization envisioned. That is exactly the gap I help close.

About Me

I’m Kudakwashe (Jack) — an Enterprise Cloud & Security Architect. I design, secure, and optimize Azure, Fortinet, Microsoft 365, Intune, and hybrid-cloud environments for organizations that cannot afford downtime. I also train IT teams and MSPs to master these platforms and build resilient, production-grade infrastructures.

What Others Say

“Kudakwashe blends deep technical expertise with a sharp eye for client needs. Whether he’s teaching a bootcamp, configuring VPNs or deploying firewalls, he designs secure infrastructures and relieves headaches.”

Core Capabilities & Services

  • Cloud Security & Governance: Azure architecture, identity (Entra ID), Microsoft Defender, Intune, ISO 27001 / SOC 2 compliance

  • Network & Perimeter Defense: Fortinet NGFW, IPS/IDS, VPN, SD-WAN, FortiAnalyzer

  • Remote & Endpoint Security: Azure Virtual Desktop (AVD), Windows 365, FSLogix, Intune MDM/MAM, Conditional Access, MFA, DLP

  • Hybrid Cloud & Virtualization: VMware vSphere & vSAN, Azure VMware, hybrid AD, Veeam Disaster Recovery

  • Training & Mentorship: Hands-on bootcamps for AVD, Intune, Fortinet, Azure security best practices

Recent Outcomes & Impact

  • Reduced clients’ Azure costs by up to 40% through governance, rightsizing, and automation

  • Deployed FortiGate clusters across regions with zero downtime

  • Migrated legacy applications to AVD with full compliance and security

  • Designed DR & audit-ready strategies that meet third-party assessments

Project Highlights

  • AVD & FortiGate Training: Led an MSP team in deploying pooled AVD desktops, FSLogix profiles, enforcing Intune policies, and hardening FortiGate firewalls

  • Legacy App Migration: Migrated a Microsoft Access app into Azure, enabling multiuser browser access via AVD

  • Secure Remote Infrastructure: Integrated AVD with Azure AD, enforced Conditional Access, locked down endpoints, and optimized performance

  • Multi-Cloud Fortinet Deployment: Deployed NGFWs in AWS and Azure with HA, VPN failover, IPS/IDS, and analytics via FortiAnalyzer

  • Hybrid AD & Secure RDP Gateway: Built fault-tolerant Active Directory with hybrid connectivity and secured remote access

Certifications & Philosophy

Certifications

  • Microsoft Certified: Azure Solutions Architect & Administrator

  • Fortinet NSE4

  • VMware VCP-DCV

  • BSc Applied Science

Technical Philosophy

  • Security must be built in at every layer

  • Identity is the new perimeter — enforce least privilege, MFA, conditional access

  • Visibility and analytics (Sentinel, FortiAnalyzer, Defender) are essential

  • Compliance is strategy, not checkbox

  • Cost and security must be aligned

  • Resilience is nonnegotiable — build HA, backups, DR from day one

Client Testimonials & Case Studies

“Kudakwashe delivered on time and improved our network performance and security…” — Yasser

Azure Cost Governance & Security HardeningA client’s Azure spend spiraled, and alerts went ignored. I implemented policy-based automation, segmented networks, integrated Sentinel and Defender, and enforced Intune compliance. Within six weeks, costs dropped 37%, alerts were consolidated, and compliance posture improved.

Fortinet Firewall & Multi-Cloud IntegrationOne client lacked perimeter security in AWS and suffered frequent VPN failures. I deployed FortiGate NGFWs in high availability, set up SSL/IPSec VPNs, IPS/IDS, SD-WAN failover, and integrated FortiAnalyzer. The solution rolled out with zero downtime, 42% latency reduction, and audit-level visibility.

Remote Work Infrastructure via AVDA client was using on-prem RDP servers with performance issues, no scale, and weak security. I migrated the workload into Azure Virtual Desktop, configured FSLogix, enforced MFA and Conditional Access, and locked down endpoints. Over 400 remote users were supported with 80% fewer downtime incidents.

Microsoft 365 Security ModernizationAn organization had M365 licenses but lacked configuration, meaning endpoints were vulnerable and sensitive data was unmanaged. I configured Defender, Identity & Cloud Apps, enforced Intune compliance on all devices, and implemented DLP and Conditional Access. 95% of misconfigurations were resolved, audits passed cleanly, and phishing incidents dropped 60%.

Why Work With Me

If your cloud feels like a puzzle, your dashboards terrify rather than inform, or your tools are underutilized, I can help. You’ve invested in the technology — now invest in someone who knows how to make it work.

Let’s talk. Let’s build infrastructure that is secure, efficient, and future-proof.

 
 
 

Comments

bottom of page