Network Engineer Security
Resume:
Hruthik Reddy
Senior Network Security Engineer
402-***-**** ad5eih@r.postjobfree.com
Professional Summary:
Around 9 years of hands-on experience in Network Engineering, Designing, Integrating, Deploying, Maintaining and Supporting a broad range of Communication Systems. Very good exposure to various networking tools, topologies, multi-vendor equipment and various work environments.
Strong Exposure to Routing, switching, Firewalls, proxies, Load balancers, Radius, DNS, DHCP, Monitoring, Log Collectors, Wireless and Network Automation.
Strong hands on experience in Installing, Troubleshooting, Configuring of Cisco cat 9300, ASR1k, 7200vxr, 3900, 3800, 2900, 2800 series routers and Cisco Catalyst 6500, 4500, 3850T, 3750, 2950 and 3500XL series Switches.
Hands on experience working with Cisco Nexus 7K, 5K & 2K Switches. Configuration of VPC, VDC, Peer Gateway, HSRP and FEX on Nexus family.
Hands on experience in Cisco IOS/IOS-XR/NX-OS, Juniper JUNOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4, MPLS, NAT, VLAN, STP, VTP, HSRP & GLBP.
Hands on experience working with Cisco CSR1000v. Experience in fiber channel infrastructure.
Experience with capacity planning, Fiber Channel and mirroring, backup/archive and recovery solutions, high availability, storage consolidation/migration, performance and tuning.
Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
Design and configure various Azure Networking resources like Azure Virtual Network (VNET), IP addressing scheme, DDoS protection, Subnets, Address Spaces, BGP.
Experience in working with Cisco Identity Services Engine (ISE) and ACS. Worked on Security groups, tags, AAA profiles on ISE.
Experience on WAN Optimization Technology, Riverbed.
Worked on Zscaler Internet Access and Zscaler Private Access. Worked on Migrating from Cisco IronPort’s and Bluecoat to ZIA. Experience with Zero Trust Network Access.
Worked on Network Segmentation using Palo Alto Firewalls and Illumio. Worked on implementing policies in Illumio for various segments in the network.
Worked on AWS and Azure Cloud connectivity, Cloud Networking and Cloud security. Worked on Equinix cloud Exchange provider.
Worked on Cisco DCNM, Spine leaf Architecture, and VXLAN tunneling. Migrated from Legacy networks to Cisco ACI and Arista Cloud Vision.
Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series. Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Worked on Next Gen Firewall features like URL filtering, SSL Forward Proxy, SSL Decryption, APP ID and ThreatID, Panorama in PA firewalls.
Experience in F5 BIG IP and Cisco ACE Load balancers for load balancing and traffic management of business applications. Migration Experience from ACE to F5.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. Experience with Virtual servers, Pools, Monitors, SNAT, proficient in iRule scripting, Persistence, Profiles, WideIP’s, Zones, Listener IP, Static and Dynamic Load balancing techniques on LTM and GTM.
Configured F5 Viprion load balancers for MS Exchange, Skype for Business, Citrix ICA, Airwatch SEG as well as other business applications. Worked on LTM guest Operating Systems and created multiple Route Domains to separate the traffic between different tenants.
Experience with Layer 2 and Layer 3 protocols like, FRR CEF, MLS, Ether Channel VLAN, VTP, VMPS, ISL, dot1q, DTP, Spanning-tree, PVSTF, HSRP, VRRP and GLBP.
Extensive knowledge in all Wi-Fi Standards including 802.11a,b,g,n,ac. Worked on installing of Cisco and Aruba Wireless Controllers. Worked on Cisco CWAP, LAWP, Aruba 225, 325, AP groups, SSID’s, Authentication rules, 802.1X for Wireless etc.
Technical Skills:
Routers
Cisco 1800, 2600, 2800, 3700, 3800, 3900, 7200, 7600 series, ASR 9k, juniper ACX series routers.
Switches
Cisco Catalyst 3550, 3750, 4500, 6500 series & nexus 7k, 5k, 2k, 1000v, juniper Ex4200, Ex9208, ACX 1000
Load Balancer
Cisco CSS, F5 Networks (BIG-IP)
WAN Optimization
Cisco WAAS, PPP Multilink, Riverbed
Routing
OSPF, EIGRP, BGP, PBR, Route Filtering, Redistribution, Summarization, Static Routing
Switching
VLAN, VTP, STP, RPVST+, Inter VLAN routing & Multi-Layer Switching Layer 3 Switches, EtherChannels, Transparent Bridging
LAN
Fast Ethernet & Gigabit Ethernet.
WAN
Leased lines 64k - 155Mb (PPP / HDLC), Fiber Optic Circuits, Frame Relay, MPLS, DMVPN
Wireless
Cisco 4400, 5500 Wireless Controller (WLC) and 3500, 3700 series Access Points
Firewalls
Cisco ASA, Juniper SRX, Palo Alto, Checkpoint FW’s
Features & Services
IOS and Features, HSRP, GLBP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, FTP and FTP Management
Network Monitor Tool
MRTG, NetBrain & SolarWinds & Cisco Prime Infrastructure
Protocol Analyzer
Wireshark, NetFlow
Operating System:
Windows, Cisco IOS/XR/XE, JunOS, Pan-OS
Professional Experience:
City of NY-DOE Aug’21 – Till Now
Role: Senior Network Security Engineer (SDWAN, Firewall and Cloud)
Description: Working as Network/Network Security team to support firewall deployment and migration consultant. Next generation Data center Architecture deployment using cisco ACI, Palo Alto firewalls, F5 LTM and GTM. Involved in L3 operations on Routing, switching, Network Security and Application Delivery controllers, WAN connectivity using MPLS, Citrix VDI and supported RADIUS, DNS, DHCP and other documentation tools.
Responsibilities:
Worked on Deploying Cisco ACI using Nexus 9k switches in Spine and Leaf. Worked on BGP Underlay and VXLAN overlay technology using cisco ACI.
Worked on Cisco Viptela, Versa SD-WAN solutions. Migrated from DM-VPN and MPLS circuits to SD-WAN solutions.
Worked on configuration of Tenants, Bridge Domains, EPG groups, Application templates, VRF configuration of various traffic flows. Configuration includes Arista 7000 series core routers, Border Leaf, Palo Altos for perimeter security, F5 LTM and GTM for application load balancing.
Worked on Cisco ISE for end point security, deployed 802.1x for wired and wireless end points.
Worked on migration from ASA to Palo alto firewalls. Experience with URL Filtering, APP ID, SSL decryption, SSL forward proxy for internet traffic flows.
Firewall policy provisioning on Fortinet FortiGate appliances using Forti Manager.
Worked on google cloud platform (GCP) services like computer engine, cloud load balancing, cloud storage, cloud SQL, stack driver monitoring and cloud deployment manager.
Experience with AWS network configuration with various virtual networks, direct connect, regions and zones, network interfaces, VPC and EC2.
Configured LACP, OSPF protocols & VxLAN on Arista 7250qx-64 switches.
Network Automation using Ansible and Python, and REST APIs.
Deployed and Manage SDWAN network (Cisco Viptela Solution) for WAN connectivity.
Experience working on cloud security, configuring interface vPC end points, resilience, data protection, identity access mgmt., key pairs.
Working with Ansible and Python Scripting to automate configurations and Processes.
Worked with Microsoft support and Deployed HUB and Spoke topology in Azure Cloud.
Worked on security groups- default and custom for web server, data base, elastic load balancing rules, vpc peering rules, connection tracking.
Working on products for Wi-Fi alliance and WLAN testing & pre and post deployment Wireless security WEP, WPA, EAP.
Experience with Zscaler Internet security and Zscaler private access. Worked on ZIA for internet web traffic security. Migrated from IronPort’s to Zscaler ZIA. Worked on setting up tunnels from f5 devices to Zscaler cloud.
Worked on configuration of pac file. Worked on setting up PZENS locally for source IP anchoring.
Designing a Terraform and deploying it in cloud deployment manager to spin up resources like cloud virtual networks, Compute Engines in public and private subnets along with AutoScaler in Google Cloud Platform.
Working as Cloud Administrator on Microsoft Azure, involved in configuring virtual machines, storage accounts, resource groups.
Fortinet Firewall administration configuration of FortiGate 500D,3000, 3815 series as per network diagram.
Worked on Zscaler policies, cloud app control policies, advanced threat, malware, sand box-based policies.
Worked on ZPA for replacing traditional SSL VPN.
Worked on setting up connectors on prem, communication outbound from Connectors to ZEN nodes.
Worked on configuration of access policies in ZPA for various applications. Worked on ZPA browser based and zap/ZCC based access.
Experience configuring forwarding profiles, app profiles for ZPA and ZIA in ZAPP. Worked on setting up ISS and NSS servers for log streaming and feed to local SIEM servers.
Part of project team to deploy Zscaler Cloud proxies using GRE tunnels to ZCloud from Edge routers, Azure AD SSO authentication, user group policies on Cloud based proxies for Internet traffic.
Working with Infoblox DNS, DHCP and IPAM configuration with Internal, External and Cache grids. Worked on Delegations, DNS forwarding.
Worked on Azure AD SAML authentication for Zscaler authentication and AD group-based policies.
Worked on SCIM provisioning from Azure AD to Zscaler ZIA for users and groups sync.
Working with Global Load Balancing using GTM Wide-IP delegations from Infoblox.
Working with NetBrain tool for Dynamic and automated Network Diagrams, Path Analysis, Inventory reports.
Experience with configuration and troubleshooting in routing protocols that include OSPF and BGP.
Experience with OSPF configuration in Data Centers and WAN. BGP attributes in ISP side on Edge and Internet core routers.
Working with VSYS, Security policies, App tags, U-turn NAT, Virtual routers, Zones, URL filtering using Domains, SSL decryption, NAT policies, monitoring, Panorama, APP ID on Palo Alto firewalls.
Worked on Virtual servers, irules, Profiles, Monitors, Persistence, Wide-IP, Upgrade procedures, SNAT, Network configuration, VLANS, SELF IP, Route Domains on F5 LTM and GTM.
Assisted in the migration from DMVPN to Cisco Viptela SDWAN, consisting of V-SMART controllers, V-BOND edge routers.
Worked on Citrix NetScaler to deploy VDI, load balancing store front servers and Authentication.
Worked on Network Automation with Configuration templates, Integrating tools like Infoblox with F5, Automatic PAC file updates etc.
Designing the change plan based on security requirements, site utilization and remote dependencies, coordinate network changes with various teams and implement site migration in multiple stages.
Working with Juniper SRX 3600, 5800 Firewalls, Palo Alto 2K, 5K and 7K series Firewalls.
Monitoring network performance and implementing performance tuning when necessary.
Firewall expertise and Firewall Zone's Segmentation for PCI compliance.
Creating new interfaces on Firewalls and connecting to Spine Switches and ESR Routers.
Technical support in finding the root cause analysis of the Network failure there by curbing it using tools of operational research and methods.
Manage and maintain Fortinet Firewalls through IPv4 policies, traffic shaping, IPS, web filtering, interfaces, and routing.
Involving in the troubleshooting sessions and finding the root cause of the issue using the Splunk, Firewall logs and fixing the issues.
Troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP, MPLS.
Different Network tools like Splunk, Wire-shark, TCP-dump etc. are used to see the root cause and fix them.
Configuring threat prevention profiles, URL filtering, File Blocking, Wildfire profiles, security rules to the Palo Alto devices which are used as IPS.
Upgrading the OS and creating Antivirus and Anti-Spyware Profiles for all the Palo Alto Devices.
Monitoring the Firewalls which are configured to be monitored by Statseeker Tool through SNMP.
Environment: Nexus 9k, Cisco 3550/4500/6500 switches, Arista 7000 series core routers, Juniper SRX 3k, 5k Firewalls, Palo Alto 2k, 5k and 7k Next Gen Firewalls, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Splunk, Wire-shark, TCP-dump, DC migration, F5 LTM and GTM, NetBrain, Statseeker.
Wipro/Novartis Feb’20 – July’21
Senior Network Engineer
Description: Maintain, Operate, Design and Troubleshoot Layer 1, 2 and 3 issues. Maintain connectivity from Enterprise to remote sites and to Data centers. Support and Design F5 LTM and GTM for internal and public facing applications. Migration from ASA to PA 5000 series for Perimeter Firewall and Installation of multiple PA firewalls. Network support for Storage and Virtualization teams. On call rotation for any network issues.
Responsibilities:
Converting Checkpoint VPN rules over to the Cisco ASA solution.
Designing and Deployment of Access, Distribution and Core layers in Data Center environment using Juniper QFX and MX series switches. Worked on OSPF and BGP configuration.
Migration with Cisco ASA VPN experience.
Working on the SDWAN implementations at all Greenfield and Brownfield medical facilities by deploying Viptela hardware.
Provided Level-3 Network support for Cisco Switches and Cisco ASA 5500 Series Security.
Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
Experience in converting PIX rules over to the Cisco ASA solution.
Configure and maintain all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
Hands on experience on all software blades of Check Point Firewall. 24x7 on-call step-up support as a part of the safety operations team.
Deploy and Maintain SDWAN solution, routers and Switches, Cisco ASR, Juniper SRX and Fortinet firewalls.
Working closely with knowledge center management to investigate the information center sites for cabling necessities of assorted network instrumentation.
Migration from Checkpoint firewall cluster to Cisco ASA 5580 firewalls in a failover pair configuration.
Provided application level redundancy and accessibility by deploying F5 load balancers. LTM and GTM Installation and operation.
Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
Worked extensively in Configuring, observation and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover demilitarized zone socialization & configuring VLANs/routing/NAT.
Managing a TACACS server for VPN user authentication and network devices authentication.
Performed Imperva Secure Sphere DAM on WAF Health Checks.
Managing and providing support to numerous project groups with regards to the addition of recent instrumentation like routers switches and firewalls to the DMZs.
Implementing traffic engineering on existing Multiprotocol Label Switching (MPLS) network and Open Shortest Path First (OSPF).
Provided redundancy in a very multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
Configured and troubleshooting River bed WAN optimization software to improve the network acceleration at the user end.
Earlier efforts included verification of DOCSIS upstream logical channels, proprietary RF spectrum
management algorithms, system high-availability, etc.
Support vendors with product and service requirements based on Charter business needs and internal customer requests.
Troubleshoot any ongoing issues with Routing, Security, SDWAN and coordinate with support and professional services. Worked in multi-Datacenter environment for LAN and WAN connectivity.
Deploy, scale and automate network across multiple global datacenters supporting Amazon Web Services (AWS).
Knowledge and skill of 802.11 a/b/g/n LAN normal for wireless Technology.
Used Cisco ACI Fabric which is based on Cisco Nexus 9000 Series Switches and the Cisco Application Virtual Switch (AVS).
Configure best route map configurations in the new Cisco IOS XR Routing Protocol Language (RPL).
Supporting EIGRP and BGP supported network by partitioning level two & three issues of internal groups & external customers of all locations.
Extensive active expertise with complicated routed local area network and WAN networks, routers and switches.
Design and Building Software-Defined Data Center environment, including VMware, VCenter, NSX and Cisco ACI.
Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
Configured Windows Clusters, Windows NLB, H/W Load Balancers (F5, Netscaler). Deployed, configured and troubleshooting runtime errors related to .Net applications on 7.0/7.5 Web Servers and Windows Server 2008/2008 R2 in Dev, QA & Pre-prod environments.
Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, Juniper SRX100, Fortinet Next Generation Fire Walls, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Checkpoint, Cisco ASA, AWS, TCL, Riverbed, Clustered SQL server 2014/2012/2008R2/2008/2005, DC migration, Active-Active& Active-Passive Clustering, Windows 2012/2008R2/2008/2003
Cetera, CA Nov’18 – Feb’20
Senior Network Engineer
Description: Migrate from ASA to PA firewalls for Perimeter and Internal Firewalls. Worked on Checkpoint firewalls and Juniper SRX firewalls. Worked on configuring Site to Site VPN tunnels, security measures and traffic flow analysis from DMZ to Inside and outside zones.
Responsibilities:
Hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
Update customer networks by configuring routers, switches, and incorporate the SDWAN into the network design.
Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
Demonstrated understanding of network security concepts and systems including F5, WSA, Palo Alto, ASA
Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
Managing & administering Cisco WSA.
Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
Active/Standby and Active/Active HA configuration on Cisco ASA and Palo Alto Firewalls.
Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
Expert in Next Gen Firewall Techniques for traffic filtering such as URL Filtering, SSL decryption, Forward proxy, Security policies, Zones, NAT/PAT, ACL, policy-maps etc.
Configured and deployed VPC, VSS, OTV, FABRIC PATH between Nexus 7010 and Nexus5596, 5548 switches along with FEX2248
Performing network monitoring, providing analysis using various tools like Wireshark, Riverbed and Solar winds.
Deep understanding of IDS/IPS such as Sourcefire and Foresight.
Assisted with the transition from the current Cisco ASA FW platform to the Cisco Firepower FPR 4150 NGFW
Implementing Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
Juniper Firewall Policy management using NSM and Screen OS CLI.
Working on the network team to re-route BGP routes during maintenance and FW upgrades.
Cisco ASA security appliances including Sourcefire, Fire POWER services and Fire Sight Management Console.
Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including Crypto map, Encryption Domain, PSK etc.
Implemented configuration back-ups using WinSCP, Cyberfusion to automate the back-up systems with the help of public and private keys.
Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
Environment: Cisco ASA5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, SolarWinds, Nexus switches, TCP/IP, VPN, Cisco Sourcefire, Splunk, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.
Dell EMC, India July 2017 - Oct 2018
Network Engineer
Description: Design and implementation of Nexus 7K devices as part of Data Center migration. Worked on Nexus family and ASA in setting up from scratch, upgrades. Worked on tickets and NOC team in layer 1, 2 and 3 issues in DC.
Responsibilities:
Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
Configure the layer 2 and layer 3 on Cisco Nexus 7K, 5K, 6509, 9710, 5596 UP, 4500, 3850, 3950, ASR and 2960
Worked with Checkpoint, Cisco ASA, and Palo Alto Networks solutions
Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
Have sound knowledge of Firewall architecture, routing and VPN.
Have experience working on HP Open view Network Node Manager.
Upgrade firewalls in accordance with change management & Document changes to firewalls.
Monitor traffic and access logs in order to troubleshoot network access issues.
Have experience with Cisco Works LAN Management Solution.
Implemented Positive Enforcement Model with the help of Palo Alto Networks
Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
Testing VPC, BGP, OSPF, EIGTP, RIP, SPAN, Sflow, VlanTrunking, SVI and power supplies on Nexus and ASR devices
Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment.
Involved in configuring IP Quality of service (QoS).
Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
Experience in designing, installing & configuring of Cisco PIX, ASA & FWSM (Firewall service module).
Evaluate, Analyze & Implement firewall policies to meet business requirements
Experience in creating and maintaining firewall configurations, updating documentation and log analysis.
Worked extensively in configuring, monitoring and troubleshooting Cisco's ASR 5500
Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
Involved in designing and applying QOS and policy map to 2800 series routers for all the branches.
Involved in designing GRE tunnels for encryption of data flow from source to destination.
Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products.
Implemented and deployed VoIP using ASR 1k series SBC (Session Border Controller).
Experience in configuring VLAN’s STP (Spanning tree Protocol) & RTSP (Rapid Spanning Tree Protocol).
Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Netinfo, Virtual Change) and experience with developing network design documentation and presentations using VISIO.
Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.
Environment: Router 2800, 3800, 7200, 7600; Cisco Catalyst Switch 6500, 6509, 3550
TCS, India May’14 – Jun’17
Role: Network Engineer
Key Responsibilities:
Scripting for automation of processes for Windows Servers. Familiarity with main script languages like Power Shell, PHP, Shell, Perl, and Python.
Proficient in Palo Alto Next-Generation Bluecoat web proxy, HP ArcSight, Splunk Enterprise, Wireshark, FireEye, and various internet tools to assist in analysis.
Responsible for troubleshooting on Cisco ISE and added new devices on the network based on policies on ISE.
Performed site refreshes on Cisco switching and Aruba infrastructure.
Assisted with the migration of applications/VMs into cloud environments (AWS, Azure, GCP).
Hands-on experience in Aruba S2500 switches, Aruba 7200, and 3600 series controllers.
Migrated from Cisco 3650 switches to Aruba 3810 series switches.
Good knowledge of the OSI Model and TCP/IP networking standards with protocols such as SNMP, FTP, ICMP, and IPv6.
Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewalls using Panorama.
Worked with Enterprise Intrusion Detection / IPS (Snort, Source fire, Juniper IDP, IBM ISS).
Building automation scripts in Python for network discovery and mass deployment.
Implementation of L3 MPLS-VPN and Migration of branches to the new MPLS cloud4.
Setting up Palo Alto firewalls as Cloud exchange firewalls between on-prem and cloud environments which include AWS, Azure, and GCP
Expert in configuring, implementing, and troubleshooting A10 load balancer in the enterprise network
Test and implement cisco ACI based network infrastructure as an open stack underlay network
Update customer networks by configuring routers, and switches, and incorporating the SD-WAN into the network design.
Configured Site-to-Site IPsec VPN tunnels to peer with different clients and each client has different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
Optimized IPS signatures on the Cisco Fire Power management center to reduce false positives by disabling unnecessary rules and using the threshold, suppression, and pass rules features.
Experience CSM, and F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic.
Implemented many numbers of security policy rules and NAT policy rules in Palo Alto, created Zones and Implemented Palo Alto Firewall interface, Palo Alto IDS, and VLAN.
Using VLAN and VRF Segmentation on edge routers to segregate traffic between AWS, Azure, and Google Cloud.
Experience with working on firewalls like CISCO ASA 5500 series (5510,5540), JUNIPER SRX series, and also PALO ALTO (pa-3060, pa-5060), etc.,
Design, and configure OSPF, and BGP on Juniper Routers and SRX Firewalls.
Configured VLAN, Spanning tree, VSTP, and SNMP on Juniper EX series switches.
Worked on Checkpoint Firewall to create new rules and allow connectivity for various Applications. The checkpoint is used as an internal firewall for application security in the Kodiak network.
Implemented Firewall rules and NAT rules by generating precise methods of procedure (MOPs). Responsible for packet capture analysis, Syslog, and firewall log analysis.
Experience in F5, Cisco ACE 4710 Load balancers. Migration Experience from ACE to F5 and NetScalers to F5. Worked on critical applications on Layer 4 and layer 7 load balancing. Experience with Virtual server, Pool, Node, Profiles – TCP, HTTP, HTTPS, FTP, fastl4, Persistence – Source IP, SSL, Cookie, SNAT, iRules, iAPP, SSL offloading.
Designed and implemented remote dial-up solutions for clients. Blue Coat Admin Experience.
Increasing business speed, agility, and efficiency by taking charge of core network and security using Infoblox.
Installing, Maintaining, and Troubleshooting Cisco ASR 1K, 7200, 3925E, and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X, and 2960S Switches for deployment on production.
Deployed Viptela SD-WAN, worked with the team in implementing and designing SD-WAN infrastructure and providing WAN connectivity across the enterprise.
Responsibilities include software upgrade, license activation, configuring/installing new GSR routers 7000,12000, Nexus switch 9000, 5000,3000, 9504, 9300, 3200, 2308, F5-5050, and maintaining network documentation.
Worked on Cisco ISE deployment which was a replacement for the ACS and provided new long-term and short-term guest wireless services for the Port Authority.
Experience working with High-performance data center switches like nexus 9000, and 7000 series.
Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k.
Designed and implemented Aruba wireless infrastructure to ensure full connectivity and continuous service.
Configured and managed with Aruba/cisco
Contact this candidate