Sai Reddy

Detroit, Michigan H: 908-***-**** ac53un@r.postjobfree.com

Accomplishments

Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.

Knowledge and experience with F5 ADC, Palo Alto, Dell Force10, Brocade, Meru/Aruba WLAN, Splunk, TACACS.

Experience with design and implementation of Virtual Switching System (VSS).

In-depth knowledge of Linux Kernel Programming (Module Programming).

Network security including NAT/PAT, ACL, VPN Concentrator.

Experience in configuring, implementing and troubleshooting F5 load balancer in the enterprise network.

Involved in Data center migration including subnet migration, VPNs migration, network and security device configurations Experience with Bluecoat Proxy and VPN Technologies including B2B and Remote.

Configuring and managing Blue Coat Proxy Servers.

Black listing and White listing of web URL on Blue Coat Proxy Servers.

Experience with handling DNS and DHCP servers.

Experience in configuring protocols like TCP/IP, Routing Protocols (RIP, OSPF, BGP, IGRP and EIGRP), PPP, PPTP and L2TP.

In depth knowledge of IPv4 & IPv6 addressing and Subnetting.

Extensive experience in layer-3 Routing and layer-2 Switching.

Dealt with Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series, Cisco catalyst 6500, 4500, 3750, 3500 and 2900 series switches.

Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540/5560) Series.

Hands on experience working with Cisco Nexus 7K, 5K & 2K Switches.

Hands on experience in Cisco IOS/IOS-XR/NX-OS, Juniper JUNOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4, MPLS, NAT, VLAN, STP, VTP, HSRP & GLBP.

Hands on Knowledge/experience on F5 load balancers, its methods, implementation and Troubleshooting on LTMs and GTMs.

Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.

Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.

Effective inter-personal skills, adaptive to any environment, keep abreast with the latest technologies and delivering solutions as an individual and as part of a team.

Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.

Managed inventory of all network hardware, management and monitoring by use of SSH, Syslog, SNMP, NTP.

Working with Riverbed for WAN optimization.

Experienced with Windows 2008/2012 active directory design installation and migration.

Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy and troubleshooting.

Facilitating the automated collection, analyzing, alerting, auditing, reporting and secure storage processing of all the logs using RSA envision solution.

Professional Summary

Having 8 years of experience in Network Security, Firewalls and Communication Network design. Extensive experience in Networking and Security, widely in Network Security Products and Firewalls. Security system technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point/Nokia Firewall VPN-1FW-1 NGX R65, R70&R75 Provider-1/SiteManager-1 R65, R70.30 & R75.40 Smart Domain Manager command line & GUI. Advanced knowledge, design, installation, configuration, maintenance and administration Checkpoint Firewall R55 up to R77 version. Implemented and Configured Palo Alto Networks Firewall models and centralized management system Panorama to manage large scale firewall deployments. Implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall. Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.

Skills

Firewalls

Controllers

Operating system

Windows, Linux Servers

LAN and Administration

TCP/IP

Active Directory

Cisco IOS, Routers, Switches

Designing and debugging

MS-Outlook, Outlook Express

Proxy

Routing

RIP, OSPF, DNS, DHCP, VoIP, IDS, IDP

BGP, EIGRP

Simulation, SNMP, SSL

Troubleshooting, Upgrading

Load Balancer

WAN Optimization

Routing Protocols

Juniper EX Switches

Juniper Routers

Palo Alto

Cisco ASA

LAN

WAN

Simulation Tools

Security/ Firewalls

AAA Architecture

Features & Services

Ticketing Tool

Migration, Managing

Frame Relay

Traffic Inspection

FTP, HDLC, IVR, ISDN, FDDI

Work History

Sr. Firewall Engineer, 11/2016 to Current

DTE ENERGY – DETROIT, MI

Strong hands on and exposure to PaloAlto on a regular basis.

Successfully installed PaloAlto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.

Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.

Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.

Created virtual systems (firewalls) in the Palo Alto Environment.

Created security system rules and opened ports as per the user request.

Has experience working on the migration from Juniper Net screen (SSG 140) to PaloAlto 3020 Upgraded the RSA Authentication Manager, helped colleague on upgrading the SEPM client servers from SEPM 12.1.2 MP5 to SEPM 12.1.6 MP5.

Created external and internal DNS records as per the user request for a domain.

Whitelisted IP's as per the user request on bluecoat proxy servers.

Created firewall policies and NAT rules to provide access for websites internal and externally on PaloAlto and Juniper firewalls.

Configured VPN tunnels on Juniper security system clusters and tested tunnel negotiations.

Experience working with Network security manager (NSM) to access the Juniper firewalls.

Worked on Juniper Net screen firewalls such as SSG5, ISG1000.

Created new certificates to replace the one expiring and as per requests from user using the Comodo Certificate Authority.

Strong hands on and exposure to Checkpoint & PaloAlto on a regular basis.

Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation PaloAlto appliances serving as firewalls and URL and Application inspection.

Configuration, deployment and Administration of Checkpoint, PaloAlto Firewalls to manage large scale firewall deployments.

Configuring rules and Maintaining Checkpoint, PaloAlto & Analysis of firewall logs using various tools.

Migration from Cisco firewalls to PaloAlto firewalls platforms PA 4000and PA 500 and PA- 200 firewalls.

Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.

Maintained and Configured Check Point VSX with firewall virtualization.

Configured and maintained IPSEC and SSL VPN's on PaloAlto Firewalls.

Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.

In depth knowledge of multi-vender platforms such as Cisco, Checkpoint, Fortinet, F5, Blue Coat (web/socks proxy), MacAfee web gateway.

Design solutions and proof of concepts (POC) and troubleshooting Support for Fortinet UTM/Firewalls.

Maintained and Configured Check Point VSX with firewall virtualization.

Converted Checkpoint VPN rules over to the Cisco ASA solution and worked on RSA secure IDs to providing VPN Token to Company USERS, Migration with Cisco ASA VPN experience.

Configured Client VPN and RSA Token ID technologies including Cisco's VPN client via IPSEC.

Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA Secure ID, Proxy Radius Services to Cisco ACS.

Implementing F5 load balancer using Cisco UCS director.

Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual server.

Implementation of OSPF with BGP during migrations and new connectivity.

CSU/DSU loop testing in examining WAN link issues by implementing hardware and software loops.

Extensive Packet level debugging and troubleshooting on PaloAlto Firewalls to resolve numerous network issues.

Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the PaloAlto Firewalls placed in the Data Center with MS Visio.

Configure and maintain security policies on Fortinet firewall and managing Fortinet Analyzer.

Hands-on experience in configuration of firewalls - PaloAlto, Cisco, Fortinet, and Firefly.

Expertise in configuring and troubleshooting of PaloAlto, Fortinet, Juniper Net screen & SRX Firewalls and their implementation.

Configure and maintain security policies on Fortinet firewall and manage Forti Manager/ Forti-Analyzer.

Provisioned various Cisco Meraki & Fortinet firewalls.

Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.

Offered authentication accounting authorization to all network devices using Cisco Secure Access Control Server (ACS).

Design, Configuring and troubleshoot F5 LTM load balancing.

In depth understanding of implementing and configuring F5 Big-IP LTM, GTM (11.x, 10.x).

Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.

Knowledge on configuration of iApps (BIG-IP) application service in implementing F5 load balancer.

Linux Kernel configuration changes (Device Tree, make file, Brocade platform specific changes) for the platform.

Developed Brocade Firmware packaging, distribution, defect resolution, debug board level issues and work closely with the Hardware Engineers.

Worked with Brocade counter parts (SQA/FVT) on test case design and reviews to increase code coverage and improve quality of the product.

Firewall Engineer, 02/2015 to 10/2016

L.L. BEAN – FREEPORT, ME

Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.

Adding and removing Checkpoint firewall policies based on the requirements of various project requirements.

Administer Checkpoint firewalls with cluster gateways including pushing policies and processing user requests to allow access through the firewall using Smart Dashboard and identify unused rules and schedule change to mark it for permanent deletion at later point of time.

Checkpoint Firewall Log review and analysis and troubleshoot connectivity issues.

Configuring HA on Checkpoint security gateways using cluster XL and VRRP.

Upgrading Checkpoint security gateways in cluster with minimal downtime.

Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign certificates.

Also, renewing certificates to ensure the security of websites.

Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN1 NGX R55/R65/R70.Performed upgradation from old platforms to new platforms R65 to R75.45 Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.

Setup Cisco ACI Fabric (Spine/Leaf/APIC) Configure ACI APIC controller.

Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewalls.

Provided proactive threat defense with ASA that stops attacks before they spread through the network.

Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.

Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.

Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP IPv4/IPv6 and configured IP access filter policies.

Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.

Worked with PaloAlto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.

Migration from Cisco firewalls to PaloAlto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls.

Configured IPSec tunnels with PaloAlto to enable secure transport and cloud based/site-site VPN to both Azure and AWS.

Configured High availability, User ID on PaloAlto firewall.

Configured, Deployed & performed Maintaining PaloAlto Firewalls & Analysis of firewall logs using various tools.

Editing and Changing PaloAlto Polices and Monitoring threats on firewalls.

Analyzed traffic pattern and implemented URL filtering, using the PaloAlto Firewall.

Troubleshooting and configuring PaloAlto FW's 3060 & 5060.

Designed security policies on PaloAlto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.

Configured and maintained IPSEC and SSL VPN's on PaloAlto Firewalls.

Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.

Troubleshoot on security related issues on Cisco ASA/PIX, Checkpoint and IDS/IPS.

Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer's stage.

Worked and performed troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, and BGP ability to interpret and resolve complex route table problems.

Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.

Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP Worked with ITIL (Information and technology information library) for managing our services.

Working with ITS networking teams to install an Avaya VoIP phone system and test phone system connectivity and functionality.

Knowledge of with API's for troubleshooting Network issues using Wireshark and NTOP.

Configured static NAT, dynamic NAT, dynamic NAT overloading.

Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.

Configured and perform trouble shooting on Dell Power Connect Switch 5548 used to connect VM Servers and Flex Systems.

Network Engineer, 04/2013 to 12/2014

ST. JOSEPH HOSPITAL, CALIFORNIA

Troubleshooting of CISCO routers like ping, trace route and basic issues.

Ensure connectivity and communication among networks, servers and clients inside and outside department.

IOS upgrade for Cisco routers & switches.

Created and maintained topological changes for Test Labs, Data Center and Switch port assignment in Visio.

Backup, restoring and upgrading the Router and switch IOS.

Document all changes, upgrades, maintenance, procedures.

Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc Worked with F5, CISCO ACE 4710 Load balancers, GSS and Wireless networks.

Deployed Cisco Catalyst 6500, 4500, 4000, 3750, 3850, 3560 switches Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls Worked with Juno OS and Juniper M&T series switches.

Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.

In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.

Experience working with Nexus 7010, 5020, 2148, 2248 switches.

Implementation and configuration of F5 Big-IP LTM-6400 load balancers Created virtual systems (firewalls) in the PaloAlto Environment.

Experienced in facing the Bluecoat and PaloAlto product lines, up to pre-sales type of function.

Demonstrated experience with Check Point, Cisco, and PaloAlto Networks Solutions Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.

Migration with Cisco ASA VPN experience Load balancing using F5 products.

Checkpoint Firewall Log review and analysis and troubleshoot connectivity issues.

Configuring HA on Checkpoint security gateways using cluster XL and VRRP.

Experience in different VPN platforms, IPSec, SSL & Web VPN.

Mobile VPNs solutions from Cisco and Checkpoint.

Converted Checkpoint VPN rules over to the Cisco ASA solution.

Migration with both Checkpoint and Cisco ASA VPN experience.

Configured ASA 5510 appliance and VPN.

To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.

Network Admin, 07/2010 to 03/2013

AGS HEALTH PRIVATE LIMITED – CHENNAI, INDIA

Planning and Designing of Network infrastructure, Servers, Link, and bandwidth monitoring (Network tool), analyze incidents and troubleshooting of network related issue.

Configuration and Troubleshooting on site-to-site VPN and Remote VPN on CiscoASA 5540 security system.

Work on CiscoACS (TACACS+) Server for Providing Access on Network and Security Device's.

Troubleshooting various LAN and WAN issues related to STP, VLAN, VTP, HSRP, VRRP, GLBP, ACL and routing protocols Installation, configuration & troubleshooting of CISCO Routers (1751, 2600, 3600).

Configuration and Testing of Cisco switches (2950,1900 series).

Managing WAN&LAN and Administration of TCP/IP based network.

Negotiate VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.

Regular basis Implementing Network Changes on Schedule time within Window.

Participation in various conference call, meeting related to Project work, interaction with clients for resolving issues or for their old or new concerns.

Schedule changes and work through maintenance requests over weekends.

Perform daily maintenance, troubleshooting, configuration, and installation of all network components.

Responsible for evaluating impact and performance on the network server Managing Layer 2 switches of Cisco, VLan configuration and assigning ports to specific VLan as per requirement.

Involved in designing GRE tunnels for encryption of data flow from source to destination.

Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.

Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).

Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.

Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.

Hands on experience with Cisco ACS 4.x servers.

Monitor and tune network to ensure acceptable levels of performance.

Evaluate applications connectivity requirements Configuring various clients like Outlook Express, MS-Outlook 2003 & 2007 Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.

Implemented various OSPF scenarios on networks consisting of 7600 routers.

Configured policy-based routing for BGP for complex network systems.

Negotiate VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.

Skills

Cisco CSS, F5 Networks, Cisco WAAS, PPP Multilink, IGRP, EIGRP, OSPF, BGPv4, MP-BGP, WAN Protocols K, 5K, 2K, EX8200, EX4500, EX4200, EX3200, EX2500, EX2200 Series

(E, J, M and T- Series) Routers, Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation, Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing, Qualnet Developer, OPNET IT GURU, OPNET Modeler, Cadence

Cisco ASA, Palo Alto, Checkpoint, ACL, IOS Firewall Features Firewalls 55XX, IPSEC & SSL VPNs, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, IOS Setup & Security Features, TACACS+, RADIUS, Cisco ACS, IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, NetFlow, Open Stack, IVR's, HLD and LLD documents, BMC Remedy, Microsoft ticketing, Service Desk, ServiceNow

Certifications

CCNA CERTIFIED CSCO13272228

PALOALTO ACE

Contact this candidate