Data Center Palo Alto
Resume:
Archana Attili
Sr. Network Engineer
*******.*******@*****.***
(312) 838 - 5293
Professional summary:
Around 8+ years of Experienced Telecommunications and Network Professional worked on medium to large scale environments, enterprise and Data center networks.
Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional, Experience in Networking and Security domain which includes designing, Deployment and providing network support, installation, and Operation for a broad range of LAN / WAN Environment.
Configured and managed Palo Alto Networks firewalls, including Palo Alto Networks Next-Generation Firewalls (NGFW), to enforce security policies, control network traffic, and protect against cyber threats.
Experience working in large-scale environments on high priority troubleshooting issues, several Proof of concepts for installations and Migrations to different vendor Equipment or implementing a new technology. Network Design, IDF and MDF architecture, Data center Architecture and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.
Hands on experience in configuring Pre-rules, Post-rules, object groups and templates in Panorama.
Supported massive DDI (DNS, DHCP, IPAM) network environment.
Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5/NetScaler. Experience with Aruba Wireless LAN Controllers.
Profound working knowledge of administration and management of Palo Alto firewalls using centralized Panorama M-100 and M-500 devices.
VOIP experience with Avaya/Cisco Programming, Engineering, and Call Manager and Unity
Strong knowledge on leveraging advanced firewalls features like APP-ID, User-ID, Global Protect, Wildfire, NAT policies and Security Profiles.
Maintain functional and technical knowledge of the VeloCloud SD-WAN product line.
Statoil Communication Security Team member, providing operation support on Firewalls, Bluecoat Proxy, F5 Load Balancers, Confidential ACS, Algo-sec, Open gear, RSA & IDS technologies.
Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, 6500 and 7300) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data center Environment.
Network design consolidation, virtualization and automation of complex data center functions. Cloud computing based storage services, application, Security filtering and Mission critical needs, LAN/WAN design using SDN/NFV, OPENSTACK/VNF and Cisco Tail-F controllers.
Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
Configure and maintain Cisco switch configurations along with Cisco ISE.
Experience in VSS, VPC, and VDC technologies. Experience working on Gateway redundant protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution and Core Layer Architecture in Data center. Experience in Spine Leaf Architecture.
Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k).
Experience working with Aruba, Mist, Meraki LAN and Cisco Wireless LAN controllers and WAP’s Configuring and Provisioning WAP’s, Virtual AP’s, RTLS, Wireless SSID’s, remote and campus WAP’s, upgrading WLC,.
Technical Skills:
Networking Technologies
LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP
Networking Hardware
Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls.
Routing Protocols
OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting
Security Technologies
PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint
Network Monitoring
SolarWinds, Wireshark, HRping, Whatsupgold, Infoblox
Operating Systems
Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS
Routers
1800, 2611, 2800, 3600, 3845, 3900,4300, 4400, 4500, ASR 1000X, 7206VXR, Juniper M & T Series.
Load Balancers
F5 Networks (BIG-IP), NetScaler (Citrix)
Capacity & performance
Cascade Riverbed (Flow Monitor), WAN Killer
Switches
CISCO 2960,3750,3850, CAT 9300, CAT9400, CAT 9500,4500,6500,6800 Nexus 7k,5k,2k
Programming Languages
C, C++, Perl, Power Shell, Python, Yang, XML
Simulation Tools
GNS3, VMware, Cadence
Firewalls
Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.
AAA Architecture
TACACS+, RADIUS, Cisco ACS
Features & Services
IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics
Professional Experience:
Pokémon International, Remote Sep 2023 – Till Date
Network Engineer
Responsibilities:
Provided escalated technical support for firewall and network issues, troubleshooting effectively to maintain uninterrupted operations.
Responsible for meeting all the devices (including Cisco catalyst, nexus and firewalls) with the CIS security Level 1 standards. Collaborated with team for testing with Qualys.
Utilized Ansible automation to streamline and automate network infrastructure configuration tasks, such as firewall rule deployments and switchport VLAN updates
Developed and maintained rule bases on Palo Alto Networks firewalls to control traffic flows based on application, user, and content, ensuring secure and efficient network operations.
Managed and maintained Palo Alto Networks Panorama to centrally configure and monitor firewall policies across distributed network environments
Implemented Global Protect VPN, IPsec VPNs, and SSL VPNs on Palo Alto firewalls for secure site-to-site connectivity.
Implemented automated security testing pipelines using tools such as OWASP ZAP, Burp Suite, and Selenium, significantly reducing the time taken to identify and remediate security issues.
Developed Ansible playbooks to standardize and expedite the provisioning and configuration of network devices across on-premise and cloud environments
Implemented and optimized firewall rules and security policies on Palo Alto Networks firewalls through Panorama to enhance network security and compliance
Deployed and managed Mist wireless access points to provide reliable and high-performance wireless connectivity for local and remote users
Configured and maintained Cisco Nexus and catalyst switches to ensure optimal network performance and reliability
Collaborated with a team of Network Engineers to track IP addresses assigned to network elements, ensuring accurate documentation and management.
Implemented Ansible roles and templates to simplify the management of network infrastructure components, including switches, routers, and firewalls
Conducted regular audits and assessments of firewall configurations using Palo Alto Networks Panorama to ensure adherence to security best practices and regulatory requirements
Implemented and optimized VLANs, trunking, and link aggregation on Cisco Catalyst switches to enhance network performance and scalability.
Led threat modeling sessions with cross-functional teams to identify potential attack vectors and security risks, resulting in the implementation of effective security controls and mitigations.
Implemented VLANs, port channels, and spanning tree protocols on Cisco Nexus devices to segment network traffic and enhance network efficiency
Conducted regular monitoring and maintenance of Mist wireless infrastructure to identify and address performance bottlenecks and potential security vulnerabilities
Conducted regular maintenance and monitoring of Cisco Catalyst switches to ensure network availability and reliability
Troubleshot network issues on Cisco Nexus switches, including interface errors, routing problems, and performance bottlenecks
Configured Checkpoint with OSPF for Layer 3 routing, optimizing network performance and efficiency.
Leveraged Palo Alto Networks’ Wildfire inspection engine to prevent Zero-Day attacks, ensuring robust security measures.
Managed firewall configurations, conducted rule analysis, and implemented modifications for ASA and Palo Alto systems.
Provisioned IP assignment, core network configuration, DNS setup, and monitoring for colocation and customer network services.
Created comprehensive reports on network performance, security, and usage based on IP traffic analysis, providing actionable insights to stakeholders.
Provided daily support for a nationwide WAN consisting of VPN and point-to-point connections, ensuring network stability and reliability.
Expertise in deploying, configuring, and managing Prima Access for enhanced identity and access management (IAM). Proficient in access control, identity management, and implementing security policies to safeguard enterprise resources.
Proven experience in deploying, configuring, and troubleshooting network security solutions and related tools, including L2/L3 devices, 802.1x, WLC and VPN deployment strategies
Assisted in the design and implementation of network security policies and access controls on Cisco Catalyst switches to safeguard against unauthorized access and potential threats
Designed, configured, and implemented network infrastructure for new buildings, utilizing Cisco Nexus switches and VPCs to enhance connectivity.
Successfully implemented and managed SONET networks to provide high-speed, reliable data transmission across [specific locations or networks].
Implemented robust security protocols, including WPA3, 802.11 authentication, and network segmentation, to protect wireless networks from unauthorized access and threats.
Collaborated with cross-functional teams to design and deploy network solutions utilizing Cisco Nexus switches in both on-premise and cloud environments
Utilized Palo Alto Global Protect for user authentication and configured APP-ID features for effective traffic control.
Environment: Cisco Catalyst Switches 7300, nexus switches, panorama, Cisco, Juniper, Palo Alto, Nexus devices 9k, Meraki Access-points, Solar winds, Mist wireless.
T-Mobile, Remote April 2021 – Sep 2023
Senior Network Engineer
Responsibilities:
Support, Maintain and Troubleshooting various Network Infrastructure devices and services in Data centers.
Manage and Support Cisco Firewalls (ASA), Smart dashboards across data centers. Monitoring logs, Traffic and Checkpoint in ASA and Palo-Alto.
Utilized Palo Alto Networks Panorama centralized management platform to manage multiple firewalls from a single pane of glass, streamlining configuration, monitoring, and reporting tasks across distributed network environments.
Implemented Security policies, AAA features and Adding routes, troubleshooting Cisco ASA Firewalls.
Responsible for Firewall Administration, Rule Analysis, Rule Modification on ASA and Palo Alto.
For Firewall rule change, apply the necessary changes to the rule as per request and confirm it.
Configuration and Maintenance of Splunk, Gigamon Network Visibility. Designed, configured, and implemented distribution and access layers’ network infrastructure for a new building using Cisco Nexus 7010s and Nexus 9508 using VPCs to floor switches (Catalyst 9606s)
Configured and maintained VPCs with 7010 and 5548 in the network. Also configured and maintained VDCs in 7010 switches, maintained VRFs in those separate VDCs.
Worked with Nexus 9k (standalone and ACI) ASRs, N5K/2k, N7K, ASAs, UCS, ACS, ACI, VMware
Providing daily network support for national wide area network consisting of VPN and point-to point site.
Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN)
Perform technical problem resolution including analysis, trouble isolation, and repair on SDWAN devices.
Implement the Global Protect VPN, IPsec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity.
Checkpoint management (MDS) R7 .20 migration (Both VSX and Physical Server).
Checkpoint R80 to Palo alto PANOS 9 migration.
Fortinet Firewall administration, configuration of FortiGate 3000, 3815 series as per network diagram.
Worked on Arista Cloud Vision (CVP) & Cloud Vision Exchange (CVX) Deployed on VMs.
DCI implementation between datacenters with BGP-EVPN/VXLAN cross site connectivity.
Protocols frequently used: - BGP for transit - BGP-EVPN - VXLAN - MPLS/VPLS.
Leveraged Palo Alto Networks’ Wildfire inspection engine to prevent Zero-Day attacks. Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance.
Responsible for all Juniper SRX firewalls consisting of SRX 3560, 1400, 550. Using CLI and/or Junos Space Security Director for management. Install, upgrade, troubleshoot, design, etc.
Gathering application information which are using Splunk tool and analyze their bandwidth traffic. Side work includes, updating circuit ID’s, SPF, DKIM and DMARC information in master circuit documentation. Checking 100 decommissioned 2800 series routers to confirm they were wiped and clean up flash memory for final remediation.
Deployment of Prisma Access, Prisma Cloud.
Built and dashboard Check Point UTMs - Firewall, Advanced Routing (OSPF), Identity Awareness, and Application Control.
Configured windows USER-ID agent to collect host information using Palo Alto Global Protect. Configured APP-ID feature in Palo Alto firewalls to reduce attack surface, regain visibility and control over traffic.
Enforce policy checks on north-south and east-west data center traffic through Panorama M-500.Provided escalated technical support in troubleshooting firewall and network issues.
Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber.
Managed firewall using FortiGate to allow or block IPs, created policies added different interfaces and VLANs. installations, design, and implementation of Cisco solutions, VPN, Fortinet, VOIP.
Installation and Configuration of Cisco Catalyst switches 6500, 3850 & 2960, 9300 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy it also includes the configuration of port channel between core switches and server distribution switches
Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
APN-DNS, SGW, PGW, PCRF, SGSN/GGSN and IP stacks AWS security group implementation via Terraform to create infrastructure as code. Helping the cloud architecture with next steps on proof of concept with AWS, Open stack, MS Azure, CISCO ACI, Juniper Contrail SDN/NFV. Selecting the appropriate AWS stack
Configuration and Administration of Alight Network Firewall to manage large scale firewall deployments, Palo alto, Cisco ASA-X Firepower, Juniper SRX, and Open-source BSD Firewalls.
Configurations of Check Point, Palo Alto, Cisco, Juniper, Fortinet FortiGate and SonicWall UTMs.
Configure and Maintain Authentication Services such as Alight Cisco ACS and Aruba ClearPass around the Environment with Troubleshooting AAA (TACACS+ & RADIS) services for users.
Provisioning (IP assignment, core network configuration, DNS setup, monitoring and graphing for colocation, leased lines, customer backup and other customer network services).
Configure and implement production and operations management in various Network projects which enhances the performance of the network.
Configured Checkpoint with OSPF for Layer 3 routing.
Work with a team of Network Engineers to track down IP addresses assigned to network elements.
Configured FortiGate, Forti Manager, Forti Analyzer, Juniper, and Cisco enterprise products.
Environment: Cisco-Umbrella, Cisco Catalyst Switches, nexus switches, riverbed’s, F5 load balancers, ACI Fabric extenders, QRADAR, Cisco, Juniper, Palo Alto, BSD firewalls, TUFIN, Darktrace, Extra hop, Meraki Access-points, ILLUMIO, Solar winds NPM NCM IPAM. Cisco ASA Firewalls, F5 ADC, Cisco 3900,4300,4400,4500 Routers, Cisco Catalyst switches 6500, 3750, 3550, 2960,4500,6500,6800,9300,9400 Switches, Nexus 9k, 7k, 5k, ASR
Freescale Semiconductor, India Apr ’13 – Sep ‘18
Network Engineer
Responsibilities:
Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
Involved in configuring and implementing of Composite Network models consists of Cisco 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
Installed and maintained Cisco 7500 and 7200, 12000 backbone routers with HSRP and various IGP routing protocols such as RIP, EIGRP, and OSPF.
Performed/Upgraded configuration of Cisco switches, routers, terminal servers, CSU/DSUs, WAPs, VPN, Remote Access and network management tools.
Participated in TCP/IP networks planning, Implementation and Management with subnets.
Involved in implementation of overall security system including access-list and NAT design for various Cisco access lists, a RADIUS/TACACS+ AAA server, a Linux syslog server and network monitoring using SNMP.
Designed, Configured and implemented VPN tunnel with IPsec and GRE and Cisco ASA based security infrastructure.
Configured and deployment of routing protocols RIP, OSPF, EIGRP & BGP over Cisco Routers in Production environment and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
Designed and configured LAN networks with Access layer switches such as Cisco 4510, distribution layer switches such as 6513 and a routed core.
Configured HSRP, Spanning tree Root guard, BPDU guard, and STP/RSTP features.
Administration of network devices holding various servers of Windows, Linux/Unix platforms (physical & virtual servers).
Supported major access to all firewalls and protocols through AAA by using Cisco Secure Access Control Server (ACS). Design, Configuring and troubleshoot F5 LTM load balancing.
Implemented various Switch Port Security features as per the company’s policy
Configured RIP, and EIGRP on 2901 and 3925 Cisco routers.
Provided technical support for expansion of the existing network architecture to incorporate new users.
Creating the Security policy in ASM for Detect and Prevent the various application base attacks based on anomaly and apply those security policies in the HTTP/HTTPS VIP in LTM.
Worked with enterprise level Wi-Fi configuration, troubleshooting, IP routing, network design, architecture and protocols and topologies.
Designed and implemented WAN IP infrastructure using frame relay, T1/T3, DSL technologies.
Configured OSPF redistribution and authentication with T3 LSA filtering to prevent LSA flooding.
Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
Troubleshooting issues related to Cisco Routers, Switches, and ASR, Nexus 5K, 2K, ASA5595, ACE 4710, MPLS and critical network links by coordinating with the vendor.
Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
Used network analyzers like Wireshark, ethereal and sniffer for packet analysis.
Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
Involved in Local Area Network (LAN) design, troubleshooting, and maintenance as per company’s requirements.
Worked with sniffing tools like Ethereal to analyze the network problems.
Performed replacements of failed hardware and upgraded software.
Configured VLANS to isolate different departments.
Configured IPSEC VPN on SRX series firewalls.
Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company.
Performed scheduled Virus Checks & Updates on all Servers & Desktops.
Implementing Routing using the following protocols; IS-IS, OSPF, BGP on Juniper M series routers.
Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
Environment: Cisco 3925, 2620, 1900 routers, Cisco 3750, 2950 Switches, Routing protocols: EIGRP, RIP, OSPF, BGP, FHRP: HSRP, Sniffing Tools: Ethereal, Wireshark, Port Security, SRX Firewall,, Juniper, VLAN, 802.1Q Cisco ASA 5500.
Education Details:
Masters in Cybersecurity, DePaul University 2022
Bachelor's degree, Electrical and Electronics Engineering, 2010
Contact this candidate