From August 2024 to January 2025, I completed an Erasmus semester at Halmstad University in Sweden. The primary objective of this international learning experience was to broaden my technical expertise, develop intercultural competencies, and strengthen personal independence. I deliberately chose Sweden because of the strong reputation of the Scandinavian education system in the field of technology and innovation, as well as positive feedback from previous students.

Courses
The course Advanced Computer Networks and Security formed the technical core of my study program and built on my existing interest in network security. This intensive master's course allowed me to develop specialized theoretical and practical knowledge of various computer network protocols, security risks, and threats. The focus was not only on understanding weaknesses in communication systems and computer networks but also on learning corresponding methods for protection and detection of attacks. The practical labs and the use of advanced equipment from the Cisco Networking Academy and Palo Alto Networks Academy gave me experience with enterprise-level technologies.

Complementing network security, Computer System Administration provided a fundamental basis in system administration. This course aimed to let students develop deeper knowledge of the hardware and software used during the training, and to provide insight into the daily work of a system administrator. I learned essential skills here such as the functionality of common hardware units in a workstation, installing hardware components, installing an operating system, and performing basic administrative tasks.

The third and final course was Ethical and Human Contexts, a course that highlights the human and ethical dimensions of technology. In a time when digitization and technology increasingly influence society, this course was crucial for developing an awareness of the ethical principles and analysis needed in the implementation of technology. The course covered the complex relationship between technology and society, paying attention to conflicts between different interests and values that arise with the introduction of new technologies. The approach combining technology and social sciences gave me the tools to systematically perform ethical analyses. This included evaluating the impact of technological implementations on different stakeholders and identifying underlying values underpinning concepts such as well-being and autonomy. This course and the teacher also focused heavily on the input of the different students and tried to engage in discussion as much as possible. As a result, very varied topics were discussed, ranging from ethical dilemmas surrounding AI to societal norms and beyond. A very interesting and educational course that is indispensable in today's online society.

Extracurricular experience
The Erasmus experience was of course not only about school, but also about dealing with strangers of all different nationalities and for me also living alone for the first time. I am not the most social person myself, but in Sweden there is a tradition to do all kinds of crazy activities with great guidance together with classmates - or for me with other international students - before the start of the school year.
The activities encourage students to talk to each other and work together to bring assignments to a good end. This way you quickly make friends among the other international students, but also with Swedish students because there are often mixed activities. Because I was in a dorm from the school, I was constantly in contact with people from other countries and it was always interesting to see in which contexts there were differences and in which almost everyone agreed with each other.

When in Scandinavia, you can't miss Lapland, of course. A 20-hour bus ride through beautiful rural Sweden to arrive in the middle of a snowstorm at our cozy ski cabins. Various activities including cross-country skiing, swimming in ice-cold water and much more together with friends is an unforgettable experience.

Reflection
My Erasmus semester in Sweden has significantly strengthened both my technical expertise and personal competencies. The combination of high-quality academic programs, intercultural experiences, and personal challenges has prepared me for a successful international career in the technology sector. This experience forms a solid foundation for my further professional development and has taught me that adaptability and openness to new experiences are essential for personal growth.

Between February 24 and May 23, I completed a 13-week internship at VanRoey Automation. VanRoey is a leading Belgian IT service provider with more than 25 years of experience in supporting companies and organizations in their digital transformation. The company is based in Turnhout and has developed into a reliable partner in the field of IT infrastructure, cybersecurity, cloud solutions, networking, and managed services.

Project Description and Objectives
The modern IT landscape has fundamentally shifted the boundaries of traditional corporate networks. With the rise of cloud applications, working from home, and distributed teams, classic security methods were no longer sufficient. VanRoey faced the challenge of modernizing their network security and that of their customers and making it future-proof. In this context, I was tasked with performing a thorough analysis of SASE and SSE solutions that could guarantee both technical and functional requirements.

My main objectives consisted of mapping relevant SASE and SSE solutions on the market, establishing and applying objective comparison criteria on technical, functional, and financial levels, performing a practical test of the most promising solution, and formulating a substantiated recommendation for implementation. The end result had to yield a solution that was not only secure and scalable but also fit within the available budget, existing environment, and would be easy to manage.

Methodological Approach
The research followed a twofold methodology that guaranteed objectivity and comparability. The first phase consisted of an extensive documentation study in which I analyzed official product documentation, technical whitepapers, implementation guides, and architectural overviews from vendors. In addition, I consulted independent sources such as analytical reports from Gartner and Forrester, user reviews on platforms such as Gartner Peer Insights and G2, and articles from industry experts. This thoroughly conducted source analysis formed the basis for the selection of four prominent solutions: FortiSASE, Netskope One, HPE Aruba Networking SSE, and Microsoft Global Secure Access.

In the second phase, I performed a detailed technical and functional analysis in which I systematically assessed each solution on architecture and implementation, core functionalities such as Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), and Firewall-as-a-Service (FWaaS), operational aspects, security effectiveness, and user experience. To minimize subjectivity and ensure transparency, I implemented a Weighted Ranking Method Model that weighed predefined criteria against each other via a weighting system that reflected organizational priorities.

Practical Implementation and Testing
After the theoretical comparison, Netskope was selected as the most suitable solution for extensive practical testing. I based this choice on the superior score in the weighted ranking model, where Netskope excelled due to its cloud-native architecture, extensive functionalities, and strong integration capabilities with existing Microsoft environments.

For the Proof of Concept, I developed a simple but realistic test environment in Microsoft Azure, consisting of several virtual machines with Windows Server for DFS and SQL Server, Ubuntu Server for Apache web services, and Windows 11 clients for end-user testing. The test setup was specifically designed to simulate realistic business scenarios without disrupting VanRoey's production environment. All virtual servers were located in the same network and subnet with limited external access, where internal access went via the Netskope Publisher. External access to the internal applications was tested on a physical device as well as multiple VMs in another network.

The four-week PoC involved systematic testing of critical functionalities. I implemented and validated VPN replacement via Zero Trust Network Access with SAML integration for seamless authentication with Microsoft Entra ID, Data Loss Prevention linked to Microsoft Purview for advanced data protection, Cloud Access Security Broker functionalities for Microsoft 365 applications such as SharePoint, Teams, and OneDrive, access control for external parties to internal resources, and extensive web filtering with threat detection. During the test period, I validated not only the technical operation of each functionality but also the user experience, manageability, and performance impact of the solution.

Results and Findings
The practical tests confirmed the theoretical findings and showed that Netskope offered a robust and versatile SSE solution that integrated well with existing Microsoft environments. The synchronization of users and groups with Microsoft Entra ID proceeded without problems, where users could be directly managed and authenticated via the existing identity provider. The Netskope client was successfully installed via various methods and worked properly without noticeable impact on system performance.

Particularly successful was the implementation of Zero Trust Network Access, where I established a connection between devices with the Netskope Client and internal applications via Netskope Private Access (NPA). These connections showed no noticeable difference in speed or stability compared to devices on the internal network. The control of internet traffic functioned as expected, where various actions such as blocking websites and web applications, as well as sending warning notifications, were easy to implement and clearly understandable for users.

The Data Loss Prevention functionality effectively detected and blocked uploads of sensitive documents based on set policies and DLP rules. Profanity control within Microsoft Teams environments successfully checked messages for inappropriate language and sent notifications to users. The Advanced Analytics module offered extensive possibilities for data visualization through pre-made dashboards and the flexibility to compile own dashboards with hundreds of parameters and dozens of different chart types.

Below you will find the documents created as part of my internship assignment.

Project Plan: Internship Project Plan

Realization: Internship Realization Document

Analysis: Internship Analysis Report

Reflection: Internship Reflection Document