MOGILI VENKATA
******.********@*****.***
Summary
8+ years of Experience in Network Security, routing, switching, firewall technologies, systems design, and administration and troubleshooting. Expertise in Network Support, VPN, Device upgradation, installing network devices.
Strong Hands experience on design, deployment and troubleshooting of Cisco ASA 5000,5450 firewalls and Palo Alto 3060,4000,5060 Firewalls and checkpoint R75 and R76 firewalls.
Experience in migration from Check point firewalls to Palo Alto firewalls.
Performed advanced troubleshooting using WIRESHARK and TCPDUMP on firewalls.
Configured firewall filters, routing instances, policy options on Juniper SRX 550,220.
Knowledge on security attacks like DOS, DDOS, Spoofing, Kill chain.
Worked on Authentication mechanisms like AAA, TACACS+ and RADIUS.
Experience in designing and deploying enterprise-wide network security and high availability solutions for ASA firewall.
Extensively worked on Algosec for firewall rule analysis and firewall rules cleanup.
Expertise knowledge on Siem tools like Qradar to get real time analysis of security alerts generated by network hardware and applications.
Network security including NAT/PAT, ACL, VPN Concentrator.
Planning and designing to incorporate McAfee's IDS/IPS devices into Lowes network at optimized network locations.
Experience with F5 load balancers and Cisco load balancers (ACE and GSS).
Worked on load balancers using F5(BIG IP), security Device Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer.
Worked on Cisco 2900,3800,3900,4500 &7200 series Juniper routers MX 104,240,480 series.
Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP, ability to interpret and resolve complex route table problems.
Experience working with BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic.
Experience in the setup of Access-lists on Cisco devices.
Worked Cisco 2800,2900,3500,3700,4500, 5500, 6500 series switch, Cisco ISE (Identity Service Engine) and Juniper Switches EX 3300, 3400, 4200.
Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches.
Experience working with Nexus 7010, 5020 series switches.
Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
Knowledge of implementing and troubleshooting complex technologies such as VLAN Trunks,Ether channel, Inter Vlan Routing, STP, RSTP, PVST, RPVST, LAN Security and MST.
Strong understanding of VMware Networking concepts like creation of Switches, different types of port groups, NIC Teaming and VLAN Problem management on VMware and Virtual Center and V Motion.
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Working experience on network topologies and configurations.
Hands-on experience with ACLs, Syslog.
Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC.
Black listing and White listing of web URL on Blue Coat Proxy servers.
Involved in Disaster Recovery activity, like diverting all the traffic from production data center to Disaster Recovery data center.
Experience with different Network Management Tools like HP-Open view, RSA envision, and Cisco works to support 24 x 7 Network Operation Center.
Configured Client VPN Technologies such as Cisco's VPN Client via IPSEC and Globalprotect from Palo Alto Networks.
In-depth knowledge and experience in WAN technologies including OC3, E3/T3, E1/T1, Point to Point, MPLS, Fiber optic circuits and Frame Relay.
Worked on Checkpoint's client software Smart Log & SmartView Tracker to troubleshoot the FW issues.
Excellent qualities such as Teamwork, Negotiation, Analysis and Communication.
Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
Knowledge on PKI(Public and Private Key) Encryption,Decryption.
Excellent in documentation and updating client's network documentation using VISIO.
Excellent leadership with good written and oral communication.
Great team player and able to work under pressure 24x7 duty rotation.
Technical Skills:
Routing
OSPF, EIGRP, BGP, PBR, Redistribution, Static Routing, dynamic routing
Switching
VLAN, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Ether channels.
Network security
Cisco (ASA, PIX) 5510, ACL, IPSEC, VPN, Security context
Load Balancer
Cisco ACE load balancer, F5 Networks (Big-IP)
LAN
Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet
WAN
Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), MPLS, Fiber Optic Circuits, Frame Relay, ISDN
Operating Systems
Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7), Basic Linux
Routers
Cisco 29XX, 38XX, 39XX,45XX, &72XX series Juniper MX104, 240, 480 series.
Switches
Cisco 28XX,29XX,35XX,37XX,45XX,49XX,55XX,65XX series, Nexus 5000, 7000 series Juniper Switches EX 33XX, 34XX, 42XX.
Firewalls
Cisco ASA 5000 series, Juniper SRX220, SRX550 Checkpoint R75, R76, Palo Alto 3k,4k,5k series.
Various Features & Services
IOS and Features, HSRP, GLBP, VRRP, ICMP, IGMP, HDLC, SYSLOG, NTP, DHCP, TFTP and FTP Management
AAA Architecture
TACACS+, RADIUS, Cisco ACS, IP SEC.
Network Management
Cisco works LMS, HP open view, Etherenal, MRTG/PRTG server, Zenoss, Ionix and Opalis
Reports
Microsoft (Visio pro.), Checkpoint (Eventia reporter, Smart view)
Work Experience:
Client: PNC financial services, Pittsburgh, PA May’15 – Till Date
Role: Sr. Network Security Engineer
Responsibilities:
Installed and Configured Palo Alto PA-3060,4000,5060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
Implemented many number of security policy rules and monitored the logs on Palo Alto, created Zones, Implemented Palo Alto Firewall interface.
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Handled Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering).
Implemented firewall rules in Palo Alto firewalls using Panorama for one of the environment.
Configured and maintained SSL VPN's on Palo Alto Firewalls.
Configuring, Administering and troubleshooting Palo Alto Firewalls.
Implemented antivirus and web filtering on Palo Alto 5060 at the web server.
Serve as the customer's go-to resource for all matters related to the Palo Alto next-generation firewall.
Worked on Migration from check point firewalls to Palo Alto firewalls.
Worked on S2S VPNs Implementations; Providing support for Checkpoint R75 and R76.
Monitoring Traffic and Connections in Checkpoint and network operations.
User authentication and resource allocation using Cisco ACS server using TACACS+ and RADIUS for administrative control.
Worked on Checkpoint VSX platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
Experience with Remote access management to help with troubleshooting for remote direct access clients and Check Point VPN.
Troubleshooter some of the security attacks like dos, ddos, Spoofing,kill chain.
Deploying the policies on firewall using the Checkpoint's Smart Console Manager and Smart Dashboard.
Well Experienced in Static Natting and Dynamic Natting.
Strong Experience on configuring Virtual Device Context in Nexus 7010.
Troubleshoot the FW related issues by using the Checkpoint's client software Smart Log & SmartView Tracker.
Troubleshooting by packet capture analysis using TCP Dump, Wireshark and analyzing the PCAP server.
Hands on experience on working with Service Now ticket management tool by providing support Service to client by implementing and working on change request, Incident request and troubleshooting
Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers
Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
24x7 on-call escalation support as part of the security operations team.
Configured some of the cisco routers like 3400,3700,3800,6500,7200.
Configuring static and dynamic routing and redistribution of routing protocols like EIGRP, OSPF, RIP.
Configured cisco switches like 3500,3750,4500,5500,6500 series and some of the nexus switches like 7010, 5020, series.
Performed switching technology administration including V lans, inter-V lan routing, trunking, Port Security, Trunking, STP, RSTP, PVST, RPVST, LAN Security etc.
Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
Creating dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA.
Managing and providing support to various project teams with regards to the addition of new equipment such as routers switches and firewalls to the DMZs.
Planning and designing to incorporate McAfee's IDS/IPS devices into Lowes network at optimized network locations.
Experience in deploying dot1Q infrastructure using Cisco ISE as the AAA platform.
Working with local IT personnel on troubleshooting, problem determination, diagnosis of performance issues, bandwidth issues, throughput traffic prioritization to improve overall application response time across WAN
Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
Implemented MPLS circuits between different sites.
Expertized on authentication protocols like plain text, Md5.
Worked on HSRP and GLBP for first hop redundancy and load balancing.
Setup simplified and traditional VPN communities, and Cisco Any connect.
Expertise in Security identity management platform such as ACS 5.x, RSA Secure ID 8.x
Extensively used TCP/IP tool like SSH for secure login.
Black listing and White listing of web URL on Blue Coat Proxy servers.
Enabling the TCP, UDP, SMTP ports to allow the traffic between the servers.
Participated in design and configuration of Wireless Network using IEEE 802.11, multicast architecture with Cisco multilayer switches for HD-4 video client’s ISPs.
Knowledge on PKI(Public and Private Key) Encryption,Decryption.
Responsible for the installation, configuration, maintenance and troubleshooting of the company network.
Troubleshoot and hands on experience on security related issues on Checkpoint IDS/IPS.
Client: Anthem BlueCross, Indianapolis, IN Jan’14 – April’15
Role: Network Security Engineer
Responsibilities:
Involved and implemented several corporate refresh projects to replace the legacy network products that includes but not limited to Cisco Routers, Cisco Switches, Cisco ASA Firewalls, and Juniper Firewalls etc.
Configured Cisco ASA 5000,5450 series Firewalls and Juniper SRX220.
Configuring and Maintaining of the Juniper SRX 550 Firewall and other security products
Configuring Static NAT and Dynamic NAT and NAT Pools also.
Installed, configured and set security policies on cisco ASA firewalls and Juniper Fire walls.
Worked on Juniper SRX220 to configure SSL VPN clients.
Perform firewall rule audit and optimization using Algosec.
Managed VPN, IPsec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Cisco ASA Firewalls.
Expertise knowledge on Siem tools like Qradar to get real time analysis of security alerts generated by network hardware and applications
Strong networking capability and knowledge of different firewall platforms to help in random identification and isolation of issues during outages and incidents.
Worked with Load balancing device like F5 Big-IP local traffic manager (LTM) 1600.
Hands on experience in F5 LTM, GTM series like 6400, 6800 for the corporate applications and their availability
Configuring various advanced features (Profiles, monitors, I Rules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
Worked with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
Worked on some cisco 3825 3640,4500, 7200 series routers and Juniper routers MX 104, 240, 480 series
Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding and Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
Configured some of the routing protocols like EIGRP,BGP.
Network consists of Heavy Cisco equipment such as: Cisco 3700,4500,4900,5500,6500 Cisco switches and Juniper EX 3300,3400,4200 series switches.
Expertized knowledge and configured Switching protocols like vlan trunking, STP, PVST, RPVST, INTER VLAN, ETHER CHANNEL.
Participated in the installation, configuration, post installation daily operational tasks and configuration and deployment of Cisco Nexus equipment.
Monitored using NSM like collection, analysis, and escalation of indications and warnings to detect and respond to intrusions of incoming or outgoing data.
Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
Worked with Cisco ACE GSS 4400 Series global site selector Appliances.
Good working knowledge of common end user operating systems and internal/external DMARC identification.
Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
Performed the maintenance of Active Directory and replication scheme, DNS/DHCP services and time services; wrote step-by-step procedures for implementing upgrades.
Expert level knowledge on implementing VSS on cisco catalyst switch.
Used Net Flow Data statistics from Net Flow engine and export it to a Net Flow Collector for storage.
Supported a user base of more than 30000+ active accounts across multiple domains.
Administered Windows server 2003 active directory and like creation and deletion of user accounts, managing access controls and domain structure configurations.
Worked with Processes like RFI, RFE and RFP.
Deployed, configured and implemented cisco 6800 catalyst switch.
Experience working in DMZ environments with good understanding of load-balancing, firewalls, multi-tiered architectures.
Experience working with Exchange 2010 SP3 for planning and deployment.
Worked with Management tools like CSM and Cisco ACS.
Switching related tasks included implementing VLANs and configuring ISL trunk and 802.1Q on Fast-Ethernet channel between switches
Configured HSRP, VRRP, GLBP.
Configuring PAGP and LACP protocol along with BFD link detection pro
Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
Worked with Nagios for monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP,FTP, SSH).
Installation of vBlock products for the virtualization.
Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP
Provided full visibility and notification of authorized and unauthorized access with integration of CISCO ASA/FWSM and NAC solution.
Experience with some of the Monitoring tools and sniffers tools like Wire shark tool.
Client: IDIRECT Herndon, VA Jan’13 – Dec’13
Role: Sr. Network Engineer:
Responsibilities:
Responsible for, maintaining, supporting, implementing and 24x7 network services.
Coordinated efforts with Engineer's to ensure all network devices conformed to defined network standards.
Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
Configured HSRP and VLAN trunking using 802.1Q, Spanning Tree, Inter-VLAN Routing on Catalyst 6500 switches.
Worked on multiple instance of routing table using VRF.
Configured STP and Port Security on Catalyst 4500, 3500 series switches.
Worked on the nexus 5000 series switches.
Configure the Cisco CRS-1 Routing System, back out of configuration changes, and restore older versions of a configuration.
Troubleshooting of Cisco 2900, 3900, 4500 Series routers.
Configure the Cisco IOS XR security features in both owner SDR and non-owner SDRs.
Configure legacy route map configurations using the new Cisco IOS XR Routing Protocol Language (RPL).
Troubleshooting of Juniper Net Screen 500/5200 and juniper SRX 650/3600.
Configured Fiber channel over Ethernet (FCOE) for connecting 10gigabit Ethernet network.
Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
Worked extensively on troubleshooting 2900 series routers.
Hands on experience with Enterprise Intrusion Detection / IPS (Snort, Source fire, Juniper IDP, IBM ISS.
Configured OSPF for Stub area, Totally Stubby Area and NSSA.
Strong Working Knowledge F5 Big-IP LTM-6400 load balancers.
Configured layer 2 and layer 3 switches Executed spanning tree, BPDU Guard, port-fast, uplink fast.
Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
Negotiate VPN tunnels using IPsec encryption standards and configured and implemented site-to-site VPN, Remote VPN.
Worked on static NAT, dynamic NAT, dynamic NAT overloading.
Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
Participating in all the aspects of LAN/WAN networking systems.
Route configuration and point code checks for System Technician and Network Technician.
Strong knowledge on monitoring tools like solar winds
Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
Responsible for Handling Networking escalations, troubleshooting variety of network problems.
Client: United Health Group, Hyderabad, India Nov’11 – Dec’12
Role: Network Engineer
Responsibilities:
Installation and Configuration of LAN (Ethernet)/ WAN set up for Clients. Design, configuration and Installation of Cisco routers and catalyst switches.
Configured the Cisco 3500,3700 series catalyst switches and 3900 series routers.
Configured and managed OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding and configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
Implementing and managing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay.
Excellent Troubleshooting Skills and Customer Centric approach.
Routed related tasks included providing Cisco router configuration, providing technical support for Cisco Router configurations and installation for Customer.
Configuring routing protocols like EIGRP, and OSPF.
Configured IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Network.
Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
Configured VPN for the remote and site-to-site access.
Management and Deployment on Checkpoint Firewall.
Use Checkpoint to establish Point-to-Point tunnels.
Ability to use NAT and Firewall security policies in Checkpoint
Defined and maintained security policies on all Internet-facing edge routers and Cisco GSRs (12416, 12418) used for delivery of streaming media content.
Involved in configuration and functional testing of Wireless Access Points WAP, Wireless Protocol like: 802.11b/a/g and Wireless Controllers.
Implemented TCP/IP and related services like DHCP/DNS/WINS.
Made modifications in the system according to the change in the process flow/additions.
Worked on routing protocol related issues such as static, RIP, EIGRP (Variance and un- equal cost load balancing).
Used network sniffer, Cisco works, Optical power meters and other devices in the lab.
Configured and troubleshooting on hotstandby routing protocol, Spanning tree Root guard, BPDU guard, UDLD and Loop guard STP features.
Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
Completed service requests (i.e. – IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
Responsible for documentation of entire site layout, updating and managing the asset registers and network or server documentations.
Client: Tata Teleservices, Hyderabad, India Jun’08 – Sep’11
Role: Network Support Engineer
Responsibilities:
configured Cisco catalyst switches such as 2800,2950,3500 series and configured Cisco 2960,3800 series routers
Configured VLANs, Private VLANs and Trunking on switches.
Worked on layer 2 protocols such as STP, RSTP, PVSTP+, MST.
Worked on L3 security features on Network devices.
Provided Network Infrastructure Support to routing and switching equipment.
Responsible for procurement and installation of H/W, network drives and other IT infrastructure.
Network Administrator responsible for the full Planning, designing, installation and administration of the Corporate WAN (wide area network).
Configure corporate, wireless and Lab devices which including bandwidth upgrade, adding new devices, decommissioning the devices.
Performed administrative Support for RIP routing protocol.
Maintained redundancy on Cisco 2960 and 3800 routers with HSRP.
Real time monitoring and Network management using Cisco Works LMS.
Responsible for LAN and internet connection file and print server.
Maintained and installed new internet connections for customers.
Handled installation of Windows NT Server and Windows NT Workstations.
Handled Tech Support as it relates to LAN & WAN systems.
Create, Design and troubleshoot VRF needs and environments
Troubleshoot wiring problems and serial communication lines.
Develop, plan and maintain documentation necessary for operation in support of LAN to WAN connectivity.
Maintain excellent communication with the IT Manager on all tasks and projects