Senior Network Engineer
Resume:
Prathap
Sr. Network Engineer
ad4euo@r.postjobfree.com
Professional Summary:
Certified Network Engineer with 6+ years of experience in Network Security engineering, performing Analysis, Implementing, and Troubleshooting with focus on performance tuning and support of large Enterprise Networks.
Proficiently deployed, operated, and integrated Meraki Platform and Cisco Switches on-site, ensuring smooth transition for production workload while troubleshooting to maintain operational efficiency.
Designed and implemented LAN and WAN infrastructure, including IP address planning, Next-Gen Firewalls, IPS/IDS sensors, and routing protocols for primary and redundant data centers.
Demonstrated expertise in designing, deploying, and maintaining F5 BIG-IP load balancers to ensure high availability and scalability of network infrastructure.
Managed Juniper EX Series switches for data center and enterprise networks, optimizing Junos OS for reliable switching operations.
Engineered secure remote access using Cisco AnyConnect VPN solutions and managed core data center networking with Cisco Nexus 7K series switches.
Deployed and configured FTD devices, ensuring robust network security across various environments.
Configured and managed F5 LTM and GTM for optimizing application delivery and global traffic distribution.
Implemented Cisco Multisite ACI, Cisco AnyConnect client settings customization, and Cisco Nexus 9K switches deployment for data center networking.
Upgraded firmware and deployed Meraki SD-WAN solutions for zero-touch cloud provisioning.
Expertise in network security policies implementation, including migration from ASA firewalls to Meraki next-gen firewalls and configuration of security features.
Implemented and maintained campus wireless environments with 1000+ access points, authentication policies, and integration with RADIUS servers.
Experience in integrating endpoint security features into Cisco AnyConnect and deploying cloud-based WLAN solutions.
Proficient in network documentation using Visio and migration projects from legacy to modern network devices.
Proficiently managed F5 configuration and troubleshooting, deploying virtual servers for new applications, and optimizing SSL offload/termination with custom iRules and health monitor scripts.
Skilled in configuring and overseeing a diverse range of Network & Security Devices, encompassing Cisco Routers & Switches, Nexus Switches, Palo Alto Firewalls, VMWARE NSX, and F5 BIGP, LTM, GTM.
Demonstrated expertise in network segmentation using VMWARE NSX and Palo Alto firewalls, ensuring effective traffic filtering and policy enforcement.
Applied extensive experience in configuring Virtual Server, Pools, Nodes, iRules, Profiles, Persistence, and monitoring on F5 LTM to align with application configurations.
Leveraged AWS DevOps tools like AWS CodePipeline, CodeDeploy, and CodeCommit to automate software delivery processes, enhancing deployment efficiency.
Proactively stayed abreast of the latest AWS services, features, and best practices, continuously seeking opportunities to optimize cloud infrastructure and workflows.
Utilized Inflobox IPAM to dynamically assign reusable IP addresses and resolve IP address conflicts, ensuring efficient IP address management.
Provided hands-on security and network engineering support, including Cisco Identity Services Engine configuration and Cisco AAA Servers management, strengthening network security posture.
Proficiently configured and troubleshooted F5 LTM GTM, providing level 2 and level 3 support, creating custom profiles, health monitors, and configuring SNAT pools, syslog, and SNMP.
Managed routing, switching, VPN, network security, and server load balancing responsibilities, ensuring optimal network performance and security.
Installed and configured F5 Load balancers and firewalls with LAN/WAN configuration, optimizing network connectivity and security.
Designed, deployed and supported Zscaler Cloud based Infrastructure across various Data Centers and Disaster Recovery environments
Manage and configure Bluecoat, ZScalar proxy devices
Migrating the policies from on premise Bluecoat to Cloud Based Zscaler Proxy service in tandem with various application owners.
Experienced in Versa SD WAN for remote site connectivity over MPLS network, configuring routing, and application policies to enhance network performance.
Worked with various teams to handle Trouble Tickets on F5 Load balancers on LTM and GTM module, ensuring prompt issue resolution and minimal downtime.
Proficiently handled various load balancing methods on F5 LTM & GTM, configuring different load balancing options & features to optimize application performance.
Demonstrated expertise in Azure cloud connectivity using express routes, configuring NSG for cloud security, and authenticating cloud apps using SAML via Azure AD.
Skilled in implementing Zscaler cloud proxies ZIA and ZPA, configuring tunnels to Zscaler Zens zero trust network access, enhancing network security and performance.
Experienced in data center technologies including spine leaf, Cisco ACI, Arista cloud vision, and Nexus family switches, ensuring efficient network infrastructure management.
Managed NX-OS operation system configuration, upgrading, and verification, ensuring network stability and performance.
Proficiently worked on layer 2 features like STP, VLAN, and VTP, troubleshooting issues and optimizing network performance.
Collaborated with Dimension Data, Cisco, and Citrix for network troubleshooting, ensuring efficient issue resolution and network optimization.
Utilized Bluecoat Proxy SG Appliances for securing web communications and accelerating business application delivery, enhancing network security and performance.
Demonstrated expertise in implementing load-balancing solutions using CSS & F5 load balancers, optimizing application performance and availability.
Reconfigured Cisco ACS 5.3 TACACS for AAA access, renewed local certificates for WLC using EAP-TLS, and provided ASA 5505 Firewall support, ensuring robust network security.
Handled Content Distribution Network (CDN) implementation to maximize bandwidth in a wide area network, ensuring optimal network performance.
Implemented network monitoring tools like MRTG, PRTG, and SolarWinds, ensuring network performance and availability.
Provided application-level redundancy and availability by deploying F5 load balancers LTM, ensuring continuous application availability.
Configured Client VPN technologies including Cisco's VPN client via IPSEC on ASA, ensuring secure remote access to network resources.
Designed and configured QoS and Access Lists for Nexus 9K, 7K, and 5K, optimizing network performance and security.
Designed and Implemented DMZ for web servers, mail servers & FTP servers using Cisco ASA Firewalls, ensuring secure and efficient network segmentation.
Extensive experience with TACACS/RADIUS servers, migration to ISE, and Fortinet firewall administration.
Successfully migrated on-premises workloads to AWS cloud and optimized AWS environments for performance and security.
Implemented Quality of Service (QoS) on Nexus 9K switches and assisted in migration from Cisco ASA Firepower to Checkpoint firewall.
Configured and managed LDAP User management with Checkpoint Smart Direct and created/managed VPNs on Checkpoint R80.
Integrated Palo Alto firewalls with VMware Virtual Desktop infrastructure and implemented various authentication mechanisms within Cisco AnyConnect.
Technical Skills:
Router and VoIP Platforms
Cisco Routers series 7300, 4000, 3800, 2000, 1900; Juniper T4000, MX10, MX40, ACX2200, ACX5000;
Routing Fundamentals and Protocols
Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, IPv4 and IPv6 addressing, subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, 802.11, Policy Based Routing, Redistribution, Port forwarding, Arista.
Switch Platforms
Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000, 9000; Nexus series 7K, Netgear switches,5K, 7K; Nortel/Avaya 5510, 5520; Juniper EX3300, EX4600, EX4300, EX3400
Switching Fundamentals and Protocols
Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast,
RSTP, Multi-Layer Switching, 802.1Q, EtherChannel
Firewall Platforms
Juniper Net screen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Netgear Firewall, Fortinet, Palo Alto Networks (PA series 2K, 3K and 5K), WAF, ACI.
Security Protocols
Standard and Extended ACLs, IPsec, VPN, Port-Security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, Blue Coat URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap
Network Management and Monitoring
Wireshark, Infoblox, Cisco Prime, Security Device Manager (SDM), Cisco Works; TCP Dump and Sniffer; SolarWinds NetFlow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SevOne, SiteScope.
Load Balancers
F5 (BIG-IP) LTM, GTM/DNS, WAF, ASM, APM, Citrix NetScaler
WAN technologies
Frame-Relay, ISDN, ATM, MPLS, PPP, DS1, DS3, OC3, T1 /T3 lines, SONET OC3-OC192, SDH, POS, PDH
Cloud Computing and Automation
AWS, Microsoft Azure, Cisco Meraki, C, Python scripting, Shell, Cloud Migration
Other Networking Protocols and Fundamentals
DHCP and DNS server, Shell, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, BitTorrent, SMTP, RADIUS and TACAS+, PBX servers, SDN, SAN
Operating Systems
MAC OS, Windows Server, Nexus OS, Cisco IOS-XR, Linux, UNIX
Work Experience
Tango Analytics, TX Mar 2023 – Till date
Senior Network Engineer
Responsibilities:
On-Site Deployment, Operation and integration, Installation, Configuration using Meraki Platform and Cisco Switches. Troubleshoot to bring the site up and running for the production workload and smooth Transition of overall cut.
Involved in LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.). Design of in primary and redundant data centers with Next Gen Firewalls, IPS/IDS sensors, Switching and routing.
Proficient in designing, deploying, and maintaining F5 BIG-IP load balancers to ensure high availability and scalability of network infrastructure.
Designed, configured, and maintained Juniper EX Series switches for data center and enterprise network environments.
Implemented and optimized Junos OS on EX Series switches for reliable and high-performance switching operations.
Designed, implemented, and maintained Cisco AnyConnect VPN solutions for secure remote access to corporate networks.
Engineered and managed Cisco Nexus 7K series switches for core data center networking.
Deployed and configured FTD devices in various network environments.
Extensive experience in configuring and managing F5 LTM (Local Traffic Manager) and GTM (Global Traffic Manager) for optimizing application delivery and global traffic distribution.
Worked on Cisco Multisite ACI configuring BDs and EPGs to migrate VMs and provisioned vPCs.
Upgrade the Firmware of Meraki Security Appliance and Cisco Catalyst 9000 line of product switches to its recommended versions. Cisco Meraki SD-WAN Solutions, for zero-touch cloud provisioning.
Implemented and maintained Virtual Device Contexts (VDCs) for logical partitioning and resource allocation.
Dynamic Routing Protocols (OSPF, EIGRP, BGP) Configuration and troubleshooting.
Migration of ASA firewalls to Meraki next gen Firewalls. Migration IPSEC tunnels, ACL’s, NAT rules and policies to SD-WAN Solution.
Configured and customized Cisco AnyConnect client settings to meet specific organizational security and connectivity requirements.
Helping customers to configure IPsec and GRE from their on-premise firewalls or routers towards Zscaler
Take wireshark captures on Zscaler data center nodes to analyse issues
Worked on Campus Wireless environments with 1000+ access points, Wireless LAN controllers, Anchor Controllers, Authentication policies, BYOD policies, Integration with RADIUS. Experience with Aruba and Cisco WLAN.
Auto-VPN of Meraki SD-WAN Security Appliance for reachability AWS Hosted Domain Controllers, services hosted on AWS, Partners Network.
Implemented multi-protocol support within Cisco AnyConnect, including support for SSL, IPsec, and other VPN protocols..
Designed and deployed high-availability configurations using Virtual PortChannels (vPC) for redundancy.
Integrated separate DCs ACI via Multisite ACI and migrated/extended L2 traffic between them.
Meraki Security Appliance MX450, 250, 100, 84 – Unboxing, Firmware Upgrade, Pre-configuration and Deploying and troubleshooting.
Subnetting, Routing, Radius servers, NTP Servers, STP, Ether Channel Configuration on Switches (C2960X, C2960S, C9300, C9200, C4500X). IP addressing and Subnetting schemas necessary to build local area networks.
Implementation, Testing & Commissioning for LAN, WAN and WLAN systems based on Cisco and Fortinet.
Implemented security policies to control traffic and mitigate threats effectively.
Deploying Zscaler Product during Implementation phase
Experience with TACACS/RADIUS severs, migration from ACS and Aruba ClearPass to ISE. Experience with windows and Infoblox DNS and DHCP servers, IPAM, internal and external grids.
Install the Access Points, Troubleshooting and configuration Static IP address, DNS Servers, Gateways, Vlans, Licenses and etc.
Demonstrated ability to optimize AWS environments for performance, cost-efficiency, and security through thorough resource provisioning, auto-scaling configurations, and IAM policies.
Integrated endpoint security features into Cisco AnyConnect, enhancing the overall security posture of remote devices.
Cloud-Based WLAN Solution and the features that can be delivered including Layer 7 traffic shaping and various guest access authentication methods.
Deployed and configured Cisco Nexus 9K switches for data center networking.
Created ‘Contracts’ in Cisco ACI between migrated EPGs and existing VMs in new DC.
Cisco 9K switches installation, Licensing, Configuration, Deployment and Troubleshooting.
Ether channel Configuration between Stacks of switches to increase the Bandwidth and link failover. Staking 9200 series of switches.
Network Design Documentation using Visio.
Migration Project from Legacy network devices (HP, Cisco, Dell, Netgear, and Juniper) to Cisco Nexus 9000 series and firewall (SonicWALL, Fortinet, ASA, Palo Alto, Meraki) to Cisco Meraki SD-WAN Solution.
Experience with TACACS/RADIUS severs, migration from ACS and Aruba ClearPass to ISE.
Fortinet Firewall administration, configuration of FortiGate 3000, 3815 series as per network diagram.
Proven track record of successfully migrating on-premises workloads to AWS cloud, leveraging services like AWS Migration Hub, Server Migration Service, and Database Migration Service.
Implemented and optimized Quality of Service (QoS) on Nexus 9K switches for prioritizing critical traffic.
Worked extensively and responsible for the migration from Cisco ASA Firepower to Checkpoint firewall
Checkpoint ClusterXL for HA and fail-over for network reliability.
Configure and manage LDAP User management with Checkpoint Smart Direct.
Created and Managed Site VPN (IPSEC) and Client VPN (IPSEC, SSL) on Checkpoint R80.
Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications
Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
Experience with palo alto and checkpoint firewalls with next generation firewall features that includes app id, threat id, URL filtering, user id, SSL decryption.
Palo Alto integration with VMware Virtual Desktop infrastructure.
Implemented various authentication mechanisms within Cisco AnyConnect, including two-factor authentication, certificate-based authentication, and Single Sign-On (SSO).
Helped in creating BDs in Cisco ACI that are mapped to Vlans in ‘Network’ centric migrations.
Act as single point of contact for client wireless infrastructure for Cisco, Arista, Meraki, and Aruba
Provided Level-3 Network support for Cisco Switches and Cisco ASA 5500 Series Security.
Implementation of Cisco Meraki wireless solutions and the deployment of wireless access points.
Worked on the implementation of Cisco Meraki Enterprise Cloud Wireless Bridge/Repeater to extend the LAN for multiple buildings.
Investigate files in FireEye AX and Kali Linux Sandbox tested and evaluated include Sentinel One Endpoint Protection, Fortinet Forti Sandbox, Fortinet Forti Mail, Dark Trace Antigena
Worked on Cisco ISE deployment which was a replacement for the ACS and provided long new term and short-term guest wireless services for the Port Authority.
Executed intrusion prevention measures to safeguard the network from malicious activities.
Supporting and maintaining WAN & LAN managed network services, Load Balancer (F5), SD WAN Viptela Wireless.
Environment: Nexus 9k, 7k Cisco 6800, 6500, 4500, 3800 and 3600 switches, Juniper MX 960, MX 480, Juniper EX 4600, 9200, QFX 10008, SRX 3600, 5800, 240, F5 BIG-IP, Palo Alto 7080, PAN M-600, VRRP, iBGP, eBGP, OSPF, DMVPN, MPLS WAN, QoS, Route Maps, VTP, Proxy ARP’s, Route based Forwarding, PBF, Route Filtering, Route Reflectors, Route Re-distribution, Port Forwarding
Jefferies, NY Apr 2022 – Feb 2023
Network Engineer (F5 Consultant)
Responsibilities:
Managed ongoing F5 configuration, troubleshooting, deployed additional virtual servers for newly implemented applications and services, leveraging SSL offload/termination when possible, writing custom Irules and health monitor scripts.
Configuring & managing Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches, Palo Alto Firewalls VMWARE NSX, F5 BIGP, LTM,GTM.
Experience with network segmentation using VMWARE NSX and palo alto firewalls for traffic filtering and applying policies.
configuring Virtual Server, Pools, Nodes, iRules, Profiles, Persistence, and monitor on F5 LTM to match the configuration the Application.
Experience in leveraging AWS DevOps tools such as AWS CodePipeline, CodeDeploy, and CodeCommit to automate software delivery pipelines and streamline deployment processes.
Having good hands on traffic management solutions, including the design, low level engineering, and application load balancing solutions for client applications across the pre-provisioned ADC infrastructure.
Used Confidential to dynamically assign reusable IP addresses to Confidential clients using Inflobox IPAM and resolved IP address conflicts.
hands-on security and network engineering experience with experience focused on Cisco Identity Services Engine or experience managing a complex enterprise network that includes TACACS or Cisco AAA Servers; configuring and maintaining routers and switches with an understanding of 802.1x configuration protocol; and hands-on experience configuring firewalls
Configuration and troubleshooting F5 LTM GTM and providing level 2 and level 3 support for the customers. Creating custom profiles, health monitors, and also configuring SNAT pools, syslog and SNMP.
Proactive in staying updated with the latest AWS services, features, and best practices, continuously exploring opportunities to leverage new technologies for optimizing cloud infrastructure and workflows.
Monitoring and capturing the traffic using network management tools like solar winds and InfloBox.
Responsible for all routing, switching, VPN, network security, and server load balancing.
Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
Experience with Versa SD WAN for remote site connectivity over MPLS network, configuration of routing and application policies in SD-WAN.
Setup routing policies and ACL for SSL VPN traffic on perimeter firewalls and using Vmware NSX palo alto.
Worked with the Trouble Tickets on F5 Load balancers on LTM and GTM module.
Worked with F5 products & technology including GTM, LTM and SSL offloading.
Experience with f5 and AVI networks for application load balancing.
Global Traffic Manager (GTM) designs providing multi-side load balancing and global availability of generic hosts and/or LTM virtual servers, iQuery-based monitoring of LTM virtual servers.
experience regarding F5 BIG-IP LTM VIP configuration with health check, hosting SSL certificates on F5 platforms.
Worked on application acceleration service on pulse and deploying pulse secure agent on client machines.
Worked on inside leg and DMZ leg for client traffic and outbound traffic respectively.
Configured different load balancing options & features One Connect, persistence, SSL offload functions.
Handling various trouble tickets, firewall rule changes, assisting other teams to bring the device to production, making DNS changes in InfloBox and routing changes.
Configured different load balancing methods on F5 LTM & GTM and worked on one-connect profiles and HTTP compression and several persistence profiles.
Experience with Azure cloud connectivity using express routes. Configured express routes and NSG in could security.
Experience with azure AD for authentication to cloud apps using SAML.
Experience with Zscaler cloud proxies ZIA and ZPA. Worked on setting up tunnels to Zscaler Zens zero trust network access.
Experience with data center technologies that include spine leaf, cisco ACI, Arista cloud vision. Well versed with Nexus family switches to implement VPC and VDC.
Hackensack Meridian Health, NJ Jan 2021 – Mar 2022
Network Engineer
Responsibilities:
Configuring, upgrading, and verifying the NX-OS operation system.
Extensively worked on layer 2 features like STP, VLAN, and VTP and implemented them on new switches and used to troubleshoot any issues.
Work with Dimension data, Cisco, and Citrix for further network troubleshooting.
Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
Experience in implementing load-balancing solutions using CSS & F5 load balancers.
Reconfigured Cisco ACS 5.3 TACACS for AAA access on local and external AD users, renewing local certificates for WLC using EAP-TLS, and providing ASA 5505 Firewall support.
Handled Content Distribution Network (CDN), to maximize the band width to various users in a wide area network.
Implemented Network monitoring tools like MRTG, PRTG, and SolarWinds.
Provided application-level redundancy and availability by deploying F5 load balancers LTM.
Configured Client VPN technologies including Cisco's VPN client via IPSEC on ASA
Designed and configured the commands for QoS and Access Lists for Nexus 9K, 7K and 5K.
Designed and Implemented DMZ for web servers, mail servers & FTP servers using Cisco ASA Firewalls.
SAP Labs- India Mar 2018 – Nov 2020
Network Engineer:
Responsibilities:
Managed DPS, Procurement, architecture, design & and development of network and infrastructure Security technology assets as part of HP’s US Network Security Engineering/Consulting team, working in leverage customer environment of US
IP Address Allocation: Allocate and manage IP address assignments to devices and systems within the network, ensuring efficient utilization of available IP address ranges.
DNS Configuration: Configure and maintain DNS servers, including the creation and management of DNS zones, records, and resolving domain names to IP addresses.
DHCP Configuration: Configure and maintain DHCP servers to automatically assign IP addresses, subnet masks, and other network configuration parameters to devices requesting network access.
IP Address Tracking: Keep track of IP address assignments, maintain accurate IP address documentation, and update records as needed to avoid conflicts and overlaps.
Troubleshooting: Diagnose and resolve DNS and DHCP-related issues such as network connectivity problems, IP address conflicts, and DNS resolution failures.
Security: Implement and enforce security measures to protect DNS and DHCP servers from unauthorized access, DDoS attacks, and other security threats.
Scalability: Plan and implement strategies to accommodate the growth of the network, ensuring that DNS and DHCP services remain scalable and responsive to changing demands.
Monitoring and Logging: Continuously monitor DNS and DHCP server performance, utilization, and logs to identify potential issues and proactively address them.
Backup and Recovery: Implement backup and recovery procedures to safeguard DNS and DHCP configurations and data in case of server failures or data loss.
Documentation: Maintain detailed documentation of configurations, changes, and best practices related to DNS and DHCP services for future reference and compliance purposes.
Compliance and Standards: Ensure that DNS and DHCP configurations comply with industry standards and best practices, such as RFCs (Request for Comments) and organizational policies.
Collaboration: Collaborate with other IT teams and departments to ensure seamless integration of DNS and DHCP services with other network components and services.
Training and Knowledge Sharing: Stay updated on DNS and DHCP technologies and share knowledge with team members to enhance overall network management capabilities.
Contact this candidate