Palo Alto Network Security
Resume:
NIKHIL BODEMPUDI
PROFESSIONAL SUMMARY
●CCNA, CCNP and PCNSE CERTIFIED professional with over around 10+ years of experience in routing, switching, SD WAN, firewall technologies, systems design, administration and troubleshooting.
●Experience in LAN/WAN setup, installation, configuration, and troubleshooting.
●Experience of routing protocols like EIGRP, OSPF, RIP, BGP, IS - IS, MPLS and IP addressing.
●Expertise in configuring switching protocols such as ARP, VTP, PPP, VLAN, STP, RSTP, PVST+, HSRP, GLBP, VRRP.
●Worked extensively on Palo Alto, Juniper Net screen, Fortinet and SRX Firewalls.
●Strong experience in Network security using ASA Firewall, Checkpoint, Palo Alto, IDS/IPS and IPSEC/SSL VPN and implementing security rules.
●Configured authentication access for Cisco and Microsoft products using TACACS and RADIUS servers.
●Experience with setting up AWS direct connect to Amazon S3, Amazon EC2, Amazon VPC.
●Expert in using Terraform to define, provision, and manage network infrastructure as code, enabling consistent and repeatable network deployments across multiple environments.
●Proficient in monitoring and managing networks using Solar Winds NetFlow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM), Security Device Manager (SDM), Cisco Works, Infoblox, HP Open View, Wireshark and Cisco Prime.
●Strong hands-on experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 9K, 7K, 5K, 2K series, Cisco router models like ASR 9K, ASR 1K, 7200, 3900, 2900, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3850, 3750, 3500, 2900,9000 series switches
●Advance Experience and knowledge with Cisco SDN ACI solution, Cisco Tetration, Enterprise SDW Meraki, F5, ASA/Fire Power/Palo Alto firewall and support daily operation
●Experience on MWG, Bluecoat and Zscaler proxies.
●Proficient in developing Python scripts to automate network configuration and management tasks, utilizing libraries such as Netmiko, Paramiko, and NAPALM to interact with various network devices.
●Experienced in automating the provisioning of network resources, such as VLANs, subnets, and firewalls, using Terraform and Python, reducing manual intervention and speeding up deployment times.
●Network Design, HLD, LLD, ASA, SRX & Checkpoint, Open-Flow/ACI, Riverbed, SDN/Open-Stack, Confidential Switching, Banking Core Apps, Load Balancing, Net Brain, Visio, DC Interconnect, Voice, Cisco Wireless, Tele-presence, Solar winds, Cacti, Zenoss, HP Open view.
●Expertise in checkpoint, Palo alto, Illumio and FortiGate firewalls Migration and Panorama Network Security Management Box.
●Experience on Palo Alto Next Generation Firewall features including URL filtering, Threat prevention, Data filtering, IPsec Tunnels, SSL-VPN, App Id, Security Profiles and Zone Protection.
●Experienced in Troubleshooting for connectivity and hardware problems on Cisco devices.
●Hands on experience in configuring Cisco Nexus 2232, 2248, 5548, 6001 and 7018(Sup 2E) and worked on nexus protocols VPC, VRF, VDC and FEX Links.
●Troubleshooting SD WAN queries through Router based SD WAN technologies.
●Implementing, maintaining, and troubleshooting switching tasks such as VLANs, VTP, VLAN Trunking using 802.1Q, STP, RSTP, PVST+, Ether channel using LACP and PAGP, Inter-Vlan routing, and CEF.
●Experience in L2/L3 protocols like VLAN, STP, VTP, MPLS, 802.1Q protocols.
●Enhanced level of knowledge with PPP, ATM, T1 /T3 Frame-Relay, MPLS.
●Worked with PAN migration tool to migrate from Cisco ASA to Palo-Alto. Initially started with Like-to-like migration and then manually configured polices like used id, app id, URL filtering etc. to take complete advantages of PAN devices.
●Implemented security policies using ACL, Firewall, IPSec, SSL, VPN, AAA security (TACACS + Radius) on different series of routers.
●In-Depth Knowledge and experience of various wireless 802.11 standards, controllers, Access Points, Wi-Fi analytics from various vendors (Cisco Meraki, HPE /Aruba, D-Link and Netgear), SD WAN (MX 65,MX 85, MX100, MX400).
●Expertise with Installation of Arista 7250QX series switches on Spine Platform
●Configured LACP, OSPF protocols on Arista 7250qx-64 switches.
●Participate in HLD and LLD meeting.
●Expertise in implementation and troubleshooting of FHRP protocols such HSRP, VRRP, GLBP, ACL.
●Prepared, arranged, and tested Splunk core search strings and operational strings.
●Extensive experience with Cisco IOS, IOS-XR, NX-OS on the ASR9000 devices for MPLS deployments and windows client/server operating systems, Linux, Networking technologies, Firewalls.
●VMware ESX/ESXi, VMware vCenter, VMware vCSA and Windows 2008 R2 Hyper-V.
●Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
●Experience in design, implementation, and support of F5’s Big-IP Access Policy Manager (APM) software component in a complex enterprise environment
●Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS, QoS and ITIL.
●Worked on traffic flows from on-premises to AWS, AWS to internet via virtual palo alto firewalls for service that include PAAS and IAAS.
●Extensive experience with various wireless tools such as Spectrum Analyzer, Protocol Analyzer, and Site Survey Tools.
●Design and Implementation Cisco/Meraki Enterprise Wireless solutions for corporate infrastructures
●Hands on experience on cisco cloud-based devices MX84, MX 85, MX100 routers, MS210, MS250 switches & MR42, MR 46 MR52 wireless Access points
●Experience with Aruba WLAN infrastructure in large scale global deployments
●Scripting experience in PowerShell, Python, Java, VBScript, Perl, Ruby,
●Demonstrated success record in managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
TECHNICAL SKILLS
Networking Technologies
LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP, Direct Connect, micro segmentation, SDN, SDWAN
Networking Hardware
Cisco Switches, Cisco Routers, ASA/Pix firewalls, IronPort
Routing Protocols
OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting
Security Technologies
PAP, CHAP, Cisco PIX, Blue Coat
Network Monitoring
Cisco Works 2000, Wireshark, NetFlow, hrPING
Operating Systems
Windows all platforms, LINUX, Cisco IOS, IOS XR
Routers
CISCO 2600, 2800,3600,3800,7200, Juniper M & T Series, Cisco CRS-1, CRS -3, GSR
Load Balancers
Cisco CSM, F5 Networks (BIG-IP), Zscaler Proxies.
Capacity & performance
Cisco works
Switches
Cisco Catalyst 2960, 3500, 3750, 3850, 4500, 4900, 6500, Nexus 2k, 5k, 7k, 9k series
Wireless Technologies
WLC’s (4100,5508,5706), Cisco AP’s (1552,1260, 2600, 3600, 3700, 3800), ISE, TACACS+/RADIUS, Aruba 225, 303 Aruba 3000, 7210, 620, 650, 6000 controller & Airwave.
Firewalls
Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), Illumio, Zscaler VPN, McAfee Web Gateway, Checkpoint, Palo Alto firewalls.
AAA Architecture
TACACS+, RADIUS, Cisco ACS
SD WAN
Versa 16 -1R2, R2-S2.2 - 20.1.0
Features & Services
IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics
CERTIFICATIONS
●Cisco Certified Network Associate (CCNA)
●Cisco Certified Network Professional (CCNP)
●Palo Alto Networks Certified Network Security Engineer (PCNSE)
EXPERIENCE
METROPOLITAN COMMERICIAL BANK, NY Sep 2023 - Present
Senior Network and Security Engineer
●Conducted annual firewall reviews in palo alto and cisco firewalls to ensure security compliance, identify vulnerabilities, and recommend necessary upgrades or changes to maintain robust security posture.
●Configured network switches and firewalls to enhance network performance and security, ensuring smooth and secure data flow across the organization.
●Migrated from legacy network switches to advanced Layer 3 Catalyst 9k series switches, improving network efficiency, scalability, and reliability.
●Designed and implemented panorama configuration for palo alto firewall management.
●Implemented and managed Cisco Meraki solutions like MX and MR devices, providing comprehensive network visibility, control, and security features.
●Designed and implemented IPSec VPN Tunnels between the Prod site and branches.
●Developed and maintained disaster recovery plans to ensure business continuity and minimize downtime in case of network or system failures.
●Supported and maintained core financial applications, ensuring their availability, performance, and security to support critical business operations.
●Conducted annual inventory audits to accurately track and manage network and system assets, ensuring up-to-date records and efficient resource utilization.
●Worked on integrating Terraform with configuration management tools like Ansible, Chef, and Puppet to ensure consistent and automated configuration of network devices and services.
●Configured and managed networking devices from Cisco, Fortinet, Meraki, Velcloud, and Cradlepoint, ensuring robust and reliable customer networks.
●Implemented new networking features and system improvements to enhance network performance and reliability across diverse environments.
●Configured and managed Fortinet firewalls (such as FortiGate) to provide robust network security and intrusion prevention across enterprise environments.
●Implemented and optimized VPN solutions (IPSec and SSL VPN) using Fortinet devices to ensure secure remote access for employees and partners.
●Managed Fortinet FortiManager and FortiAnalyzer platforms for centralized management and monitoring of Fortinet devices and security policies.
●Conducted regular security assessments and audits using Fortinet FortiGate to identify vulnerabilities and ensure compliance with industry standards (e.g., PCI-DSS, GDPR).
●Implemented advanced threat protection features (such as FortiSandbox) to detect and mitigate sophisticated cyber threats and malware attacks.
●Configured Fortinet FortiAP wireless access points to provide secure and reliable wireless connectivity for internal and guest networks.
●Configured and supported routers and switches for Enterprise Customers, ensuring seamless communication using networking protocols like TCP/IP, VLANs, and routing protocols (e.g., OSPF, BGP).
●Collaborated with teams to troubleshoot network issues on Windows and Linux servers, analyzing network performance metrics to optimize efficiency and resolve connectivity problems.
●Managed and maintained network security measures across multi-vendor environments, ensuring compliance with industry standards and customer requirements.
●Implemented and optimized WAN technologies such as SD-WAN (Software-Defined Wide Area Network) solutions to improve network efficiency and reduce costs.
●Monitored and managed network infrastructure using monitoring tools to proactively identify and resolve potential issues before they impact operations.
●Implemented network segmentation strategies to enhance security and improve network performance and manageability.
●Planned and implemented controls and procedures to enhance network security, operational efficiency, and compliance with industry standards.
●Played a key role in the Phoenix Project, designing and implementing two new data centers to support business growth and enhance redundancy.
●Led the DNAC project and also Hardening of network devices.
●Created a 10 Gbps connection between the new data centers and the production site, ensuring high-speed, reliable data transfer and communication.
●Identified and remediated network and system vulnerabilities, reducing the risk of security breaches and ensuring compliance with security policies.
●Conducted network performance assessments and optimizations to enhance efficiency, reduce latency, and improve user experience.
●Monitored network security and implemented necessary enhancements to protect against emerging threats and vulnerabilities.
●Collaborated with cross-functional teams to ensure seamless integration of new systems, aligning with business objectives and technical requirements.
●Developed documentation and training materials for network operations and procedures, ensuring consistency and knowledge sharing across the team.
●Conducted training sessions for team members on new technologies and processes, fostering skill development and operational excellence.
●Implemented network segmentation to improve security and performance, isolating sensitive data and applications from potential threats.
●Configured and maintained VPN solutions like Palo alto global protect and Cisco Any connect for secure remote access, supporting business continuity and flexible working arrangements.
●Assisted in the planning and execution of IT audits and compliance checks, ensuring adherence to regulatory requirements and industry best practices.
●Enhanced network monitoring and alerting systems to provide real-time visibility and proactive issue resolution.
●Supported major network infrastructure projects, providing technical expertise and ensuring successful delivery within scope and timeline.
●Evaluated and implemented new technologies and solutions to continually improve network performance, security, and efficiency.
●Established and maintained strong vendor relationships to ensure timely support and access to the latest technological advancements.
●Provided technical guidance and mentorship to junior team members, fostering a collaborative and high-performing team environment.
VERIZON, NY Aug 2021–Sep 2023
Senior Network Engineer
●Deployed Arista network equipment's like 7508,7304, spine switches 7280, VXLAN, LANZ
●Monitored and Created traffic Pattern on Arista 7250 switches using Open flow.
●Experience with Palo alto and checkpoint firewalls with next gen firewall features that includes app id, threat id, URL filtering, user Id, SSL decryption.
●Migrated L3VPN Traffic from Juniper M320's to Cisco CRS-1 with minimum disruption
●Experience with data center technologies that include spine leaf, cisco ACI, Arista cloud vision. Well versed with Nexus family switches to implement VPC and VDC
●Knowledge and operational experience with SDN, Cisco ACI, VXLAN, VTEPS, VNI, Bridge Domain, Arista Cloud Vision, EVPN
●Monitoring and Maintaining Cisco TACACS Network Management Systems.
●Designing, Managing & playing a vital role in IT projects and taking lead to review for technical documentation (RFP, HLD, LLD, NIP, NMP and NRFU) & generate network configuration for highly complex enterprise networks.
●Involved in design, implementation, and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network.
●Proficient in Cisco IOS for configuration troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4, MPLS.
●Designing and working in a heterogeneous TCP/IP environment Experience using the CiscoWorks, TACACS, WLSE management software, Cisco UCE, Cisco UC, and Microsoft's UC Platform.
●Configured site to site VPN connection and Direct Connect for high rate data transfer
●Trace frames or packets to analyse network-related issues with protocol analysers such as Wireshark, NI observer, Network General Sniffer or Cisco NAM.
●Support for Zscaler Web Security Service.
●Experience with Versa SD WAN for remote site connectives over MPLS network, configuration of routing and application policies in SD WAN.
●Configured and deployed Cradlepoint networking solutions to establish secure and reliable wireless connectivity for remote and branch office locations.
●Managed Cradlepoint routers and devices to ensure seamless integration with existing network infrastructure, optimizing performance and reliability.
●Implemented SD-WAN capabilities using Cradlepoint devices to enhance network agility and reduce operational costs for distributed enterprises.
●Provided technical support and troubleshooting for Cradlepoint devices, resolving connectivity issues and optimizing network throughput.
●Collaborated with Cradlepoint support teams to escalate and resolve complex technical issues, ensuring minimal disruption to customer operations.
●Experience working with Layer 3 Routing Protocols OSPF and BGP.
●Created ‘Contracts’ in Cisco ACI between migrated EPGs and existing VMs in new DC
●Improved Infrastructure Security and Agility using Cisco Tetration
●Installed and configured Cisco Meraki Switch (MS-225/350), Meraki Router/Firewall (MX-64/84), Meraki Wireless (MR-42/52) in branch locations
●Use Wireshark on a consistent basis to resolve connectivity problems between hosts.
●Worked on protocol testing on cisco high end routers like Nexus 9K. Worked on protocols like EVPN, MP-BGP, BGP, OSPF, MST etc., on cisco devices using the Spirent simulation devices.
●Deployed and configured devices using Meraki dashboard.
●Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4
●Designed and Deployed Cisco/Meraki Enterprise Cloud for Corporate HQ, Co-Locations, and 100+ branches with distinct SSIDs.
●Worked on automating the configuration and deployment of cloud-based network resources on platforms like AWS, Azure, and GCP using Terraform, enhancing scalability and flexibility.
●Utilized monitoring tools like Prometheus, Grafana, and Nagios to ensure network performance and compliance with defined policies, and automates the generation of compliance reports using Python scripts.
●Handle Service-Now tickets related to Cisco ASA & Zscaler, & VPN along with the connectivity issues and provide support when any issue is raised.
●Build the Customer Infrastructure with the help of Redundant 6509 switches with L2/L3 Redundancy (HSRP and LACP).
●Configured Direct connect and VPN with AWS VPC
●Evaluating new release of SD WAN solution on cloud platform for various products.
●Authored several scripts leveraging VMware’s Power CLI and Windows PowerShell to aid with capacity planning and monitoring of the virtualization infrastructure.
●Worked on Palo Alto Firewall using centralized management feature called PANORAMA for logging, creating reports, and managing different firewall devices.
●Configured Palo Alto to connect with the Wildfire inspection engine cloud to prevent Zero-day and Malware Attacks.
●Used Illumio to stop lateral movement and securely migrate applications to the cloud and overcome data center and cloud security challenges.
●Micro Segmentation in Network Virtualization and Cloud Security using Palo Alto, Fortinet in VMware Environment.
●Worked on the designing of the network for the client Managed LAN, WAN, IPT & Firewall on cisco ASR 9K, ASA 5500/5508, Juniper SRX200 Firewall, L2VPN, IP-SEC over GRE Tunnel, IP Aware Natting. Designing Low Level & High Level Design (LLD & HLD) for Managed services.
●Installing and configuring new Cisco equipment catalyst including Cisco switches 6500, Nexus 93128TX, 9296PX, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company.
●Implemented and configured Cisco tetration and Cisco Email security from scratch
●Determined and recommended methods to address improvement opportunities within a migration from Asterisk to Avaya SIP
●Established and maintained productive working relationships with staff to resolve operational difficulties and to promote interdisciplinary, collaborative approach to customer service provision.
●Avaya Session Manager/System Manager 7.0, AES connectivity with Salesforce, CTI, and NICE Engage 6.5 for call recording, Avaya One-X.
●Worked on implementation of major project like Juniper SRX firewall migrations in core mobility networks for multiple sites and zones (CORE-DMZ, EXN, ECB, CAZ, ISPAN, DST).
●Experience with Firewall administration, Rule analysis, Rule modification.
●Agent testing and implementation, Avaya CMS training for reporting, and disaster recovery testing for high availability.
●Build the Customer Infrastructure with the help of Redundant 6509 switches with L2/L3 Redundancy (HSRP and LACP).
●Utilize Wireshark, FireEye Web MPS and Nitro SEIM tools to investigate, respond to, and generate reports for GNOSC and CyberComm security incident tickets.
●Securing the cloud and Virtual Network using Micro Segmentation with Fortinet and Palo Alto Firewall
●Experience in Provisioning tool (Chef provisioning, Terraform, CloudFormation)
●Design and Implementation Cisco/Meraki Enterprise Wireless solutions for corporate infrastructures
●Worked on automating the JUNOSPACE and some other basic deployments by using ANSIBLE, PYCHARM, JINJA2 templates which is called End to End Automation.
●Experienced in troubleshooting both connectivity issues and hardware problems on vSRX, Contrail cloud.
●Addition/ Deletion of Firewall Rules, Reviewing and Processing the ticket, Firewall Clean up, Virtual Servers, Certificate Creation/Renewals, Troubleshooting
●Deployed Web Security Appliance like Cisco WSA S170 and Bluecoat Proxy SG S200/400 for Web Filtering, data loss prevention, and inspection.
●Deep technical troubleshooting on customer SD WAN Edge connect device, Firewall Fortigate and Palo Alto.
●Working in high availability Nexus Environment and provide Level 3 Network Support.
●Implemented l4/l7 services and network Micro segmentation using ASA, Palo alto virtual firewalls and integration with ACI fabric and Arista VXLAN fabric
●Configured AAA server with TACACS protocol to assign and control over user logins and their privileges.
●Worked on F5 GTM, AFM, ASM and other F5 components to protect against advanced DDoS attacks.
●Designed, built, and deployed F5 Big IP load balancers (8900’s, Viprions, Blades), F5 Big IP TCL, F5 Big IP TMOS, F5 Big IP LTM Local Traffic Manager, F5 DNS Domain Name Services
●Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
●Provided TierII Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
●Experience in creating and monitoring high availability, scalable, networks in AWS using EC2, Lambda, VPC and other AWS services
●Utilize Cisco Tetration hardware and software sensors to understand application flows and to build ACI contracts along with documenting application mappings.
STATE OF UTAH, UT Dec 2019 - July 2021
Senior Network Engineer
●My daily tasks are used to be providing security between the data centers based on tiers and giving access to two the servers which are in two different zones and monitoring the traffic.
●Handled Enterprise Network firewalls and involved in a part of migration from juniper to Palo Alto firewalls.
●Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
●Involved in designing Low Level & High-Level design (LLD & HLD).
●Monitor performance of network and servers to identify potential problems like Solar winds and NetFlow.
●Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls.
●Created firewall policies and NAT rules to provide access for websites internal and externally on Palo Alto and Juniper firewalls.
●Used Illumio firewalls to segment their applications and reduce the risk of data breaches.
●Involved in the configuration troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
●Implemented automated security measures, such as firewall rules and access controls, using Terraform and Python, ensuring network security policies are consistently enforced and reducing the risk of human error.
●Troubleshoot IPSEC overlay connectivity from SD WAN appliance to Versa SD WAN controllers via Internet, MPLS and WBS transports.
●Troubleshoots LAN/WAN connectivity using NetFlow, Solar winds.
●Installation of Nexus 2K and 5K in FEX mode in Access Layer. Nexus 7K in distribution and Core layers using VDC and VPC.
●Formulate Networking Projects documentation HLD, LLD, NMP/NIP, NRFU
●Replacing Checkpoint VPN and Bluecoat proxy with Zscaler and worked on implementing Zscaler in Production.
●Monitor tickets through HPSM to either trouble shoot or open TACACS case with Cisco for assistance
●Helped in creating BDs in Cisco ACI that are mapped to Vlans in ‘Network’ centric migrations.
●Also push Firewall rules staged during the day to respective cmas at night. Push includes the juniper and Palo Alto firewalls.
●Hands on updating signature of IPS & IDS and other network defence, Building HLD, LLD Design, resolving Escalated issue with ISP or L2 engineers. Following process of ITL and six sigma for Change Mgmt. and Process Mgmt.
●Cisco ACS 5.4, 5.5 Radius, TACACS, ports access.
●Worked on Firewall tickets to deal with low, medium, and high priority issues.
●Addition/ Deletion of Firewall Rules, Reviewing and Processing the ticket, Firewall Clean up, Virtual Servers, Certificate Creation/Renewals, Troubleshooting.
●Continuous industry knowledge upgrade per the SD WAN products, Cloud resources and firewall for enterprise and service provider to ensure SD WAN clients/ISP expectations are met.
●Involved in L2 Technical approver for any changes made to the network which involved changes to the Switches, routers, firewall, Load balancers and DNS.
●Hands-on experience Installing & configuring firewalls - Checkpoint NG & NGX, Cisco ASA (5500), Cisco Pix, ISA, and IP tables.
●Configured policies in Illumio for east west and north bound traffic flows using tags.
●Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
●Responsible for maintaining multi-vendor network environment including Cisco ASA, Juniper JUNOS, Fortinet firewalls, Palo Alto PA-200 and configuring different policies to provide connectivity.
●Created ‘Contracts’ in Cisco ACI between migrated EPGs and existing VMs in new DC.
●Implementing security Solutions using Palo Alto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20.
●Configure and administer network devices consisting of F5 load balancers, Bluecoat proxies, Juniper SRX's, Palo Alto Network Firewalls.
●Troubleshoot escalated client proxy issues to include Blue Coats and Zscaler
●Provide design solutions to the users based on the requirement and work on the changes that lead to work on the implementation.
●Worked on configuring BDs and EPGs to migrate VMs and troubleshoot Cisco ACI GUI slowness.
●Experienced with microservices, dynamic management, container packaged technologies (such as Docker and Kubernetes)
●Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols and providing secure sessions over internet using IPSec and SSL encryption.
●Configured syslog-ng for Splunk implementation, Familiar with monitoring tools such as Nagios and Splunk.
●Installed, configured Cisco Meraki equipment and web-based monitoring platform for MR32 wireless access points.
●Perform Periodic HLD, LLD, and NIP for the Client’s Projects.
●Worked on emerging trends like SD WAN and implementation of the in-house SD WAN product working closely with development and testing team.
●Installation, Configuration policy creation and troubleshooting of Symantec Antivirus Server 12.x and 14.x
●Fortinet firewall deployment for multiple locations
●Experience in JUNO Space, NSM (Network and Security Manager) and Pulse secure, Panorama, Algosec (Firewall analyzer), Splunk tools.
●Worked on ClearPass Access Management for Whitelisting of Aruba devices.
●Contributed to the major charter projects like Spectrum mobile, Tec mobile and Unified buy flow, telemetry and BHN to ICOMS migration.
●Designed, implemented, and managed network security countermeasures including firewalls and intrusion detection/prevention systems such as: Palo Alto, Pfsense, and Cisco's SourceFire.
●Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN1 NGX R55/R65/R70.Performed upgradation from old platforms to new platforms R65 to R75.45 Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.
●Installed and configured NetFlow Analyzer and Radius server.
●Setup Cisco ACI Fabric (Spine/Leaf/APIC) Configure ACI APIC controller.
●Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewalls.
●Familiar with setting up network connections with multiple cloud providers such as AWS, Azure, Oracle etc.
●Build and maintain network security infrastructure using Cisco ASA, IPS,
●Firepower, ISE, ACS, and RSA SecurID.
●Provided proactive threat defense with ASA that stops attacks before they spread through the network.
●Working with level-2 team in deploying and installing Palo Alto firewalls.
●Configured various Cisco Business 200 Series Access Points and varies WLC models like Cisco 8500 Series, Cisco 5500 Series, Cisco 3500 Series, Cisco Catalyst 9800 Series and Cisco Virtual Wireless Controller.
●Experience operating high-density AP and client deployments and designing mission critical wireless infrastructure.
●Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs
●Work with our Business Unit partners to better understand their wireless needs and deliver products to meet those needs in a timely and cost-effective manner.
●Configured Aruba access points 300 series, 310 series and Wi-Fi 6 supported APs like 500 series and 510 series.
●Worked on Aruba wireless controllers 7000 series and 7100 series and
Contact this candidate