Post Job Free
Sign in

Software Engineer Management

Location:
San Ramon, CA, 94582
Posted:
August 11, 2010

Contact this candidate

Resume:

SUBBANAIDU KESINENI

Email : **********@*****.***

Mobile : 408-***-****

• Over 10 years of professional experience in designing and developing software for networks processors, real

time networking SMP processors for enterprise solutions.

• Worked on fast-path architecture for layer 3 and layer 4 data path modules including Stateful Firewalls and

NAT, Application Level Gateways, WAN protocols and Differentiated Services.

• “Worked on layer 3 and layer 4 attack detection, scanning of attacks and implementation of prevention

mechanism for Flood attacks (TCP SYN, UDP, ICMP), smurf attacks (UDP, ICMP), Scans (TCP FIN,

NULL, XMAS, PORT), Invalid combination of TCP Flags, LAND Attack Prevention, IP Spoofing,

Teardrop, Ping of Death.

• Development experience on TCP/IP Stack on VxWorks and Linux Platforms.

• Worked on Application level gateway framework for applications like FTP, SIP, Real Audio, CuSeeme,

MSN Messenger, Instant Messenger, H.323, Net Meeting, DHCP Relay, and DNS Relay.

• Development experience on IP over ATM and Routed Bridge modules for ADI’s network processors.

• Worked on Linux based SNORT module integration with Netdevices SMP proocessor and also developing

CLI and CMI for this module.

• Designed of VOIP Security features for Linux based Net Devices enterprise solutions

• Working experience on creating Virtual Machines using QEMU for different operating systems to run

simultaneously to replay the pcaps for analyzing the captured traffic. Runtime snapshots for these Virtual

Machines are used for quick start to analyze the data.

• Self motivated team player with excellent communication and interpersonal skills.

• Excellent troubleshooting, debugging and problem solving skills.

• Making performance oriented design changes for L3 data path modules, Worked closely with the customers

to get the requirements and making them implemented.

• Experienced working with business team, Field Application Engineers and Customers. Very adept at utilizing

and integrating best practices and leading edge technologies while being aware of business requirements.

Skill Set

Programming: C, Shell Scripting, Multithreading, Socket API and IPCs

RTOS: VxWorks, Linux

Domain specific: TCP/IP, Firewalls, NAT, ALG’S, Http Proxy, DOS Attack Preventions, Differentiated

Services, SNMP Agent, Event/message Logger, WAN Protocols, ARP, DNS, FTP,

Netfilters, Connection tracking.

Knowledge in: VOIP applications SIP, IDS

Tools: CVS, SmartBits 2000, RedBack Server, Majic Debugger and EPI tools, Chariot Tool,

Ethereal, Tornado, Nmap, Tcpdump, Iptest, IP phones.

Working Environments: UNIX, Linux, Solaris and Win 2000/NT

Third Party Software: embedded Mind, tallmaple

PROFESSIONAL EXPERIENCE

Posedge Inc. March, 2010-tilldate

Senior Software Engineer

The WSP architecture is a fast-path/slow-path state full architecture. The hardware blocks and the Processing Elements

(PEs) in the Classifier block implement the fast path and the Host processor performs the slow-path.

Responsible for developing fast path code, the adaptation of the Linux kernel using net filters etc and the drivers to

configure the hardware. The firmware and the software support Linux IP Contracts and ALGs implementing firewall

functions etc. The API for the low level blocks is provided such that the integration is facile with any operating

system. The software organization is as below and it is color coded to indicate the modules that are modified from

standard Linux and the modules that are developed by Posedge.

FireEye Inc. Feb, 2008-Feb, 2010

Senior Software Engineer.

Fire Eye appliances use a multi-stage analysis engine called the FireEye Analysis and Control Technology or FACT.

FACT detects Web malware and botnets by analyzing real-time Web and network traffic flows. Analysis of dynamic,

polymorphic Web malware can be reliably automated to create new signatures, dynamic malware blacklist URLs,

extract C&C locations, capture callback coordinates, and confirm Web malware.

Responsible for Malware Input process, User submits URL’s or list of URL’s for downloading the content, analyzing

the content. Analysis engine will start the virtual machine and auto mount to the cdrom and auto plays the ISO file

created by the malware input process. Event logger will notify, if any changes on the OS or any application will be

notified to the analysis engine.

Responsible for creating Virtual Machines using QEMU for different operating systems to run simultaneously to

replay the pcaps for analyzing the content. Runtime snapshots for these Virtual Machines are used for analyzing the

content. Different types of runtimes are saved for running VM’s in different modes of the appliance.

Responsible for Managing Configuration daemon and management database. The management backplane consists of a

daemon process responsible for managing the system’s configuration and monitoring state and facilitating

communication between different components in the system.

Responsible for implementing SNMP agent handler for FireEye MIB to support configuring the appliance and reading

the statistics and other variables from the appliance.

Redshift Networks Inc. March,2007- Jan,2008

Senior Software Engineer

RedShift Networks formed specifically with the purpose to enable and protect Unified Communications applications

converged voice and data networks. RedShift UCTM is a hardened security solution with highly tuned kernel and SIP

stack with an enterprise-grade transparent proxy solution to ensure that all IP-PBX and UC server SIP communications

comply with security and regulatory policies.

Responsible for understanding the embeddedMIND product and integrating with the redshift internetworking product

software. Generating Mind Objects using embeddedMIND tool for User interface agents for all the modules supported

by the redshift product.

Responsible for implementing the south bound interfaces for all the modules supported by the product. Developing

Common management interface APIs and shell scripts for all the modules to manage the configuration information

from embedded MIND.

Net Devices Inc. Jan 2005 -Feb 2007

Senior Software Engineer

The NetDevices SG Family delivers guaranteed performance and scalability for multiple services through its unique

OnePassTM approach for common packet classification and inspection across different services.

Responsible for feature development for NAT port overlapping between Source NAT and Destination NAT and SIP

Application Level Gateway.

Responsible for porting Linux based SNORT module integration of IDS module with the reference platforms. And

also developing CLI and CMI and datapath changes for this module.

.

Responsible for designing of VOIP Security features for Linux based Net Devices enterprise solutions.

Analog Devices Inc. Jan 2000 – Dec 2004

Senior Software Engineer

The ADI network processors provides an integrated solution for the emerging next generation Broadband applications

by providing Wire Speed Security/VPN (IPSec Framework), Packet Forwarding, Control Functions and WAN

Processing including Traffic Management, scaleable, fast path QoS engines, policy-driven bandwidth management,

scaleable pipelined flows of security under the control of policy management including stateful firewalls.

Involved in Design, Responsible for Development and Testing of Software for stateless firewall (Firewall filters) and

Stateful firewall (Stateful Inspection engine).

Responsible for design, development and Testing of NAT features Basic NAT, Static Source NAT, Static Destination

NAT, and Policy Based NAT.

Responsible for design, development and Testing ALG framework and NAT ALG’S for some applications like FTP,

SIP, Real Audio, CuSeeme, MSN Messenger, Instant Messenger, H.323, Net Meeting, DHCP Relay, and DNS Relay.

Involved in design and Responsible for Implementation and testing of attack detection, scanning of attacks and

implementation of prevention mechanism for Flood attacks (TCP SYN UDP, ICMP), smurf attacks (UDP, ICMP),

Scans (TCP FIN, NULL, XMAS, PORT), Invalid combination of TCP Flags, LAND Attack Prevention, IP Spoofing,

Teardrop, Ping of Death.

Responsible for design and development of IP over ATM and Routed Bridge modules and integration and testing of

IP over ATM, Routed Bridge with the DSL router product.

Worked on developing a solution for Modem failures by restoring the Modem to a saved configuration.

Responsible for design and development of the software for classifying the traffic by marking, metering the traffic to

manage and utilize the bandwidth per flow.

Responsible for Designing, implementation and Testing of software for logging device events and generating reports

sending to external Log Servers.

Responsible for Design, development and unit testing of authentication module which supports maintaining the user

database for different services running on DUT like CLI, HTTP, FTP, HTTP Proxy.

Responsible for developing SNMP MIBS and MIB Handlers for SNMP Agent for Firewall, NAT, QOS, IP over ATM

and PPP over ATM modules.

Education:

Master of Computer Applications Osmania University, Hyderabad, India.

Bachelor of Sciences, Sri Venkateswara University, Hyderabad, India.



Contact this candidate