Network Engineer Palo Alto
Resume:
Srujana Kasoju
Senior Network Engineer (AWS, SDWAN, Security, Palo Alto, F5)
Phone: 737-***-****
E-mail: ***************@*****.***
PROFESSIONAL SUMMARY:
Around 8 years Experienced as a Telecommunications and Network Professional working in medium to large scale environments, enterprise, and Data center networks. Expert in Routing & Switching, SDWAN Viptela, Network Security, Palo Alto, pfSense, Fortinet, Check Point, SonicWall Firewalls, Application Delivery, Wireless, Virtualization, SDN and Automation.
CAREER HIGHLIGHTS:
Experience working in large-scale environments on high priority troubleshooting issues, several Proof of concepts for installations and Migrations to different vendor Equipment or implementing a new technology. Network Design, IDF and MDF architecture, Datacenter Architecture, and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.
Experience in Application Security Manager (ASM) which is a layer 7 web application firewall (WAF) available on F5's BIG-IP platforms.
Experience with Project documentation tools & implementing and maintaining Network Monitoring systems (Cisco works & NetInfo, Virtual Change) and experience with developing network design documentation and presentations using VISIO.
Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5/NetScaler. Experience with Aruba Wireless LAN Controllers (WLC).
Working on products for Wi-Fi alliance and WLAN testing & pre and post deployment Wireless security WEP, WPA, EAP. Design, implement, and manage Checkpoint firewall solutions, focusing on high availability, redundancy, and scalability.
Expertise in troubleshooting and optimizing Access Point performance, ensuring secure and reliable wireless access for large-scale deployments.
Working with Akamai Kona WAF and implemented http and https inspect rules for SQL injections, malicious file execution, cross site scripting.
Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
Demonstrate an in-depth understanding of 802.11 Wi-Fi standards, including a/b/g/n/ac/ax, and Wi-Fi security modes, leveraging this knowledge to conduct comprehensive testing.
Expertise in installing, configuring, and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series). Conducted query performance analysis in Snowflake to identify bottlenecks and optimize query execution times.
Experience in working on Automation for Ciena 39xx series, ACX Routers devices.
Provide consultation regarding segmentation, security, and policy of the SDN network.
Experience in Design & Deployment of Cisco ISE and Provided comprehensive guest access management for Cisco ISE administrators.
Experience with F5 ASM on application security policies to block any http response codes, SQL injections into virtual servers traffic. Worked on OpenConfig Platform.
Collaboration tools within the Extranet environment, such as shared workspaces, messaging, and file sharing, to enhance partnership communication and productivity.
Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
Working with Ansible and Python Scripting to automate configurations and Processes.
Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
Configure and maintain CISCO switch configurations along with Cisco ISE.
Configure and manage LDAP User management with Checkpoint Smart Directory. Implemented the policy rules and DMZ for multiple clients of the state on the Checkpoint firewall.
Expertise in installing, configuring, and troubleshooting Juniper Routers (E, J, M, and T-series).
Experience with cisco ACI and Arista Cloud Vision on a POC Spine leaf Architecture in Datacenter. Worked on EVPN, VXLAN, VTEPS, Bridge Domains, MP-BGP etc.
Exposure to Routing, switching, Firewalls, proxies, Load balancers, Radius, DNS, DHCP, Monitoring, Log Collectors, Wireless and Network Automation.
Virtualized and migrated 60+ legacy v10 appliances with over 5000 VIPs and 12000 pools t0 F5 TMOS v11 vCMP across 2 global data centers, including substantial iRules updates to support the new architecture.
Testing and validation of various Wi-Fi hardware products to ensure their quality and reliability.
Experience on NSX VMware, AWS, Azure Etc. Participated in troubleshooting SDN/SD-WAN Viptela deployments.
Managed the installation, maintenance, and troubleshooting of fiber optic cables and networking tunnels, ensuring minimal downtime during network cutovers and transitions.
Expertise in cutover planning and execution, ensuring smooth transitions during upgrades or migrations of network infrastructure, minimizing service disruption.
Work with Microsoft support and Deployed HUB and Spoke topology in Azure Cloud.
Proficient and high-level expertise using the F5 based profiles, monitors, VIP’s, pools, SNAT, SSL offload, iRules, virtual Servers, iAPPs. Migration experience from ACE to F5/ old F5 to New F5. Expert in TMSH.
Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Extensively worked on virtual F5 LTM module on VMware for application testing.
Exposure to wildfire is a feature of Palo Alto.
Experience with Panorama M100 series and maintaining up to 23 firewalls in large networks.
Worked on Automation tools like TUFFIN.
Working with VSYS, Security policies, App tags, U-turn NAT, Virtual routers, Zones, URL filtering using Domains, SSL decryption, NAT policies, monitoring, Panorama, APP ID on Palo Alto firewalls.
Experience on Amazon AWS Virtual private cloud services.
EDUCATION:
Master in Computer Science University of Bridgeport, Connecticut December 2023
Bachelor of Computer Science Osmania University, India June 2016
CERTIFICATION:
Cisco Certified Network Associate (CCNA)
Palo Alto Certified Network Security Engineer (PCNSE)
TECHNICAL SKILLS:
Networking Technologies
LAN/WAN Architecture, TCP/IP, SD-WAN, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP, CISCO ACI
Networking Hardware
Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls.
Routing Protocols
OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting
Security Technologies
PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint
Network Monitoring & Management tools
Snowflake, SolarWinds, Wireshark, HRping, WhatsupGold, Infoblox, Splunk, Nagios, Extra Hop Networks, FortiNDR, IronDefense, Obkio, CISCO ThousandEyes, NetBeez Network Monitoring, HPOV, ORION.
Operating Systems
Windows 10, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS
Routers
Cisco ASR 9000 Series, ISR 800 Series, ISR 1900 Series, ISR 2900 Series, ISR 3900 Series, and ISR 4000 Series, CISCO 1800, 2611, 2800, 3600, 3845, 3900,4300, 4400, 4500, ASR 1000X, 7206VXR, Juniper M & T Series.
Load Balancers
F5 Networks (BIG-IP), NetScaler (Citrix), CISCO ADC
Capacity & performance
Cascade Riverbed (Flow Monitor), WAN Killer
Switches
CISCO 2960,3750,3850, CAT 9300, CAT9400, CAT 9500, 4500, 6500, 6800 Nexus 9K,7K,5K,2K, Arista cloud Switches
Programming Languages
C, C++, Perl, Power Shell, Python, Yang, XML, Ansible
Simulation Tools
GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence
Firewalls
Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto Firewalls.
AAA Architecture
TACACS+, RADIUS, Cisco ACS
Features & Services
IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics
PROFESSIONAL EXPERIENCE:
Client: CHOC January ‘23 – Till Date
Role: Senior Network Engineer
Location: Orange, CA
Project Description: Assisting product teams by gathering and analyzing data pertaining to Wi-Fi network performance, providing actionable insights for data-informed decision-making. Assisting in the migration from DMVPN to Cisco Viptela SDWAN, consisting of V-SMART controllers, V-BOND edge routers. Working on the SDWAN implementations at all Greenfield and Brownfield medical facilities by deploying Viptela hardware.
Responsibilities:
Work on Google Cloud Platform (GCP) services like computer engine, cloud load balancing, cloud storage, cloud SQL, stack driver monitoring and cloud deployment manager.
Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
Administrating Viptela SDWAN enterprise deployment and implementations of Network and Devices for SDWAN environment.
Configuring forwarding profiles, app profiles for ZPA and ZIA in ZAPP. Worked on setting up ISS and NSS servers for log streaming and feed to local SIEM servers.
Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.
Responsible for the secure development of lifecycle environment from NX-OS to Application Centric Infrastructure (ACI) in Data center, implemented in the lab environment.
Automation frameworks (Terraform, Ansible, Chef, Puppet) and automation scripts to support the Azure environment tools (Azure Resource Manager Templates).
Configured and deployed PoE-enabled network devices including Cisco and other vendor Access Points (APs) across enterprise environments to ensure seamless wireless connectivity and optimal coverage.
Troubleshooting and optimizing Access Point performance, ensuring secure and reliable wireless access for large-scale deployments.
Proficient in configuring and managing VoIP systems, including Cisco CallManager, Cisco Unity, and SIP trunking. Experience with QoS and multicast routing to ensure voice quality.
Worked on configuration of Tenants, Bridge Domains, EPG groups, Application templates, VRF configuration of various traffic flows. Configuration includes Arista 7135 Series core routers, Border Leaf, Palo Altos for perimeter security, F5 LTM and GTM for application load balancing.
Working on cloud security, configuring interface VPC end points, resilience, data protection, identity access mgmt., key pairs.
Designed and implemented high-performance Wi-Fi networks for enterprise environments, ensuring optimal coverage, capacity, and reliability for thousands of users across multiple locations.
Working with broadband technologies, including DOCSIS and DSL, as well as wireless technologies such as LTE, 5G, 802.11ax (Wi-Fi 6), and WPA3.
Participated in DOCSIS planning/deployment operations, network architecture design and engineering.
AWS data backup (snapshot, AMI creation) techniques, along with data-at-rest security within AWS.
Configured Ansible to support several sources like environment variables, command-line options, playbook keywords, and variables.
Configured and administered CA Spectrum to monitor and manage a large-scale enterprise network, ensuring real-time visibility of network devices and proactive identification of performance issues.
Conducted comprehensive site surveys, analyzed point maps, and collaborated on the identification of key infrastructure components such as breakers for effective network planning and expansion.
Utilized site survey tools and software to map out coverage, ensuring that access points and network equipment were installed in optimal locations for maximum efficiency.
Leveraged CA Spectrum's root cause analysis (RCA) capabilities to rapidly identify network faults, reducing mean time to resolution (MTTR) for critical incidents by 30%.
Monitored SNMP-enabled devices (routers, switches, firewalls, etc.) and created custom network models to visualize the network topology and identify potential bottlenecks.
Set up and fine-tuned alarms, event policies, and thresholds within CA Spectrum to trigger alerts for performance degradation, device failures, and service outages, improving overall network uptime.
Developed an executable application that securely transfers files and creates folders in AWS S3.
Used S3 and RDS to store Data, EC2 and AWS lambda for computation and Cloud watch to monitor.
Designing and Deployment of Access, Distribution and Core layers in Data Center environment using Juniper QFX and MX series switches. Worked on OSPF and BGP configuration.
Assist in redesigning the campus LAN, routing protocol, IP telephony, enterprise edge, IP addressing scheme for client.
Working with Global F5 Load Balancing using GTM Wide-IP delegations from Infoblox.
Configured and performed software upgrades on Cisco Wireless LAN Controllers (WLC) 5508 for Wireless Network Access Control (NAC) integration with Cisco ISE.
Developed and implemented security policy around the Cisco ACS (Authentication Control System), with RADIUS and TACACS authentication support against an Active Directory database, including device management, wireless and VPN applications.
Configure and manage Cisco routers and switches, including Catalyst, Nexus, or Arista EOS platforms, to facilitate efficient data transmission and network connectivity.
Working experience in FortiGate firewall, Network, Local Servers, Link balancer/Load balancer, LAN, Switching, VLAN, Access controller.
Created comprehensive technical design documents detailing Snowflake architecture, configurations, and integrations.
Implemented Virtual Private Snowflake (VPS) to isolate and secure Snowflake resources within a private network.
Supported and executed migration to F5 BIG-IP LTM/GTM ADC Appliances from Citrix NetScaler.
Deployed and Managed SDWAN network (Cisco Viptela Solution) for WAN connectivity.
Designed and implemented VPC-to-VPC connections using AWS Transit Gateways, enhancing interconnectivity and resource sharing within cloud infrastructures.
Managed AWS Direct Connect and Azure ExpressRoute to provide reliable and secure cloud connectivity, reducing latency and improving bandwidth efficiency.
Implemented and managed data center technologies and failover strategies to ensure high availability and robust disaster recovery plans.
Automation using iControl and Python v3 for configuration and backups in F5.
Configured F5 LTM, series 5000 series for the corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix.
Working with Aruba and Cisco Wireless LAN controllers (WLC), Configuring and Provisioning AP’s, Virtual AP’s, RTLS, Wireless SSID’s, remote and campus AP’s, upgrading WLC, worked in Active/Active local Controllers and Master controller. Worked on RAP3 for remote access.
Configuring, implementing, and troubleshooting F5 and Citrix Load Balancer in a large environment with sensitive applications.
Versioning of the configuration files and allows teams with the support of Terraform to collaborate effectively by using version control systems like Git.
Quality Inspections and Operational Test (OT) events related to the 2GWLAN Aruba Networks Controllers, and Access Points (Aruba 6000 controller, Aruba AP65,70,124,85,125) system.
Engineering traffic management solutions, including the design, low level engineering, and application load balancing solutions for client applications across the pre-provisioned ADC infrastructure.
Worked on Kona cloud platform (Kona Web Application Firewall) to inspect traffic for all applications before reaching the actual server.
Configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018
Network security including NAT/PAT, ACL, and ASA/SRX/Palo Alto/Fortinet Firewalls.
Work on AWS and Azure Cloud connectivity, Cloud Networking and Cloud security. Worked on Equinix cloud Exchange provider.
Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer.
Configuring and managing F5 LTM (Local Traffic manager) in large scale environment.
Integrated Snowflake into CI/CD pipelines using Jenkins to automate deployment and testing processes.
Working with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
Working on Wireless LAN Technology 802.11 a/b/g/n.
Working on Palo Alto Firewalls, implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
Managed all web content functions for a 10 node, 300 VIP LTM environment, including SSL offload, URL/URI redirection, Application Security, and Authentication Policy.
Working with Bash and Python scripting with focus on DevOps tools, CI/CD and AWS Cloud Architecture and hands-on Engineering.
Working with Ethernet and IP Service like EPL, EVPL, EP-LAN, IPVPN/MPLS products.
Working on the implementation of Cisco Meraki Enterprise Cloud Wireless Bridge/Repeater to extend the LAN for multiple buildings.
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
Work with Zscaler Internet security and Zscaler private access. Worked on ZIA for internet web traffic security. Migrated from Ironports to Zscaler ZIA. Worked on setting up tunnels from F5 devices to Zscaler cloud.
Manage firewall-related components using Terraform, such as Google Cloud Firewall Rules or AWS Network Access Control Lists (NACLs).
Implemented System for Cross-domain Identity Management (SCIM) integration to automate user provisioning and de-provisioning processes within Snowflake.
Implemented and Installed NSX-T controller and cluster.
Maintain accurate PDU/UPS inventory in our asset tracking and monitoring tools.
Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud.
Configured SDWAN Viptela to connect remote sites over the Internet.
Developed an executable application that securely transfers files and creates folders in AWS S3.
Created Server-less Architecture for on-premises Application Migration to AWS cloud.
Configure and Maintain Authentication Services such as Alight Cisco ACS and Aruba ClearPass around the environment with troubleshooting AAA (TACACS+ & RADIS) services for users.
Utilized advanced threat detection and response tools within a Zero Trust framework, leading to a 40% reduction in incident response times and improved overall security posture.
Monitored and analyzed user behavior and access patterns to enforce least-privilege principles, enhancing the organization’s ability to thwart insider threats and unauthorized access.
Implement secure cloud-based technologies and services in AWS and Azure.
Deploy and Maintain SDWAN solution, routers and Switches, Cisco ASR, Juniper SRX and Fortinet firewalls. Working with NetBrain tool for Dynamic and automated Network Diagrams, Path Analysis, Inventory reports.
Deployed CBRE WAF standardized rulesets, enhancing security measures and compliance across the organization while adhering to project timelines.
Maintain and monitor VMWare based virtualization environments.
Developed Splunk infrastructure and related solutions as per automation toolsets.
Environment: AWS, Cisco, Juniper, Palo Alto, NSX, BSD firewalls, Terraform, TUFIN, Darktrace, SD-WAN, Meraki Access-points, ILLUMIO, SolarWinds, Aruba Wireless, WLC (Wireless LAN Controllers), NPM, NCM, IPAM, Cisco-Umbrella, Nexus switches, F5 load balancers, ACI Fabric extenders.
Client: UHG November ‘22 – January ‘23
Role: Network Security Engineer / NOC Engineer
Location: Atlanta, GA
Project Description: Troubleshooting L2 and L3 Network Environments, performing installation, configuration, and deployment of WAN and LAN networking hardware, including the configuration and implementation of Routers, Switches and Firewalls. Customized ELK stack to centralize log management, reducing incident response time by 25% and enhancing security monitoring.
Responsibilities:
Integrating Terraform with Ansible, Packer to create and Version the AWS Infrastructure.
Collaborated with cross-functional teams to define test plans and strategies for different Wi-Fi hardware products. Configured WAN connections with Meraki and FortiGate SD-WAN.
Managed and administered Unix (AIX) and Linux servers in a production environment, ensuring high availability and reliability.
Developed and implemented Zero Trust architecture, effectively enhancing security protocols across the organization and minimizing risk of data breaches.
Collaborated with cross-functional teams to integrate Zero Trust principles into existing systems, resulting in improved compliance with industry standards.
Trained staff on Zero Trust methodologies and best practices, fostering a security-first culture within the organization.
Work with SCIM provisioning from Azure AD to Zscaler ZIA for users and groups sync.
Assessed the security features of Wi-Fi devices, including encryption methods, authentication protocols, and security modes.
Configured and managed VoIP systems and integrated network components for optimal voice quality and reliability.
Configured Cisco CallManager and integrated VoIP with existing network infrastructure
Used Extrahop for the detection of any abnormalities in the network, tracking file access in databases and storage for data security, and locating bottlenecks over the network.
Conducted in-depth root cause analysis using CA Spectrum's fault isolation and impact analysis features, enabling the quick identification and isolation of faulty devices or links.
Resolved complex network issues such as routing loops, flapping links, and hardware failures by leveraging CA Spectrum’s event correlation and topological mapping features.
Worked with configuring, monitoring, and troubleshooting Arista 7010X Series Cloud Switches.
Manage and maintain Fortinet Firewalls through IPv4 policies, traffic shaping, IPS, web filtering, interfaces, and routing.
Optimized Wi-Fi channel selection and transmit power settings to minimize co-channel interference (CCI) and ensure balanced load distribution across APs.
Configured Quality of Service (QoS) policies to prioritize mission-critical applications like voice, video, and real-time data traffic over Wi-Fi, ensuring a high level of service quality.
Work with AWS network configuration with various virtual networks, direct connect, regions and zones, network interfaces, VPC and EC2.
Troubleshooting of Linux and Unix servers for application delivery servers. Install Dockers, Cisco and HP servers.
Designed and deployed Aruba wireless solutions, achieving over 99% uptime and improved user experience in high-density environments such as campuses and large venues.
Utilized Aruba's wireless analytics tools to optimize performance and troubleshoot connectivity issues, resulting in a 30% decrease in support tickets.
Conducted wireless site surveys and RF planning, ensuring optimal placement of access points and meeting client requirements for coverage and capacity.
Configured Citrix NetScaler, ADC for load balancing and assigned virtual server IP address to virtual servers.
Deploy new hardware, Upgrade IOS, troubleshoot any ongoing issues with Routing, Security, SDWAN and coordinate with support and professional services.
Worked on Zscaler policies, cloud app control policies, advanced threat, malware, sand box-based policies.
Work on Virtual servers, irules, Profiles, Monitors, Persistence, Wide-IP, Upgrade procedures, SNAT, Network configuration, VLANS, SELF IP, Route Domains on F5 LTM and GTM.
Configure IPSEC VPN (Site-Site to Remove Access) and Maintain external Client Connectivity.
Configuration and Administration of Alight Network Firewall to manage large scale firewall deployments, Palo alto, Cisco ASA-X Firepower, Juniper SRX, and Open-source BSD Firewalls.
Provisioning (IP assignment, core network configuration, DNS setup, monitoring and graphing for colocation, leased lines, customer backup and other customer network services).
Configure and implement production and operations management in various Network projects which enhances the performance of the network.
Implemented auditing controls within Snowflake to track and monitor user activities, queries, and data access. Worked on SCIM provisioning from Azure AD to Zscaler ZIA for users and groups sync.
Configured NSX-T Distributed Switch Policies for NSX support and Load Distribution.
Worked on upgrading Aruba controllers and Access points in troubleshooting the onboarding devices with the networks.
Omni Center to perform network monitoring, analysis as well as troubleshooting network problems.
Performs system administration functions such as traffic monitoring, performance tuning, log management, disk space monitoring, and application troubleshooting in Linux and Windows platforms. In addition, installation, configuration, log analysis and tuning of DHCP, DNS, FTP Web, and proxy servers.
Perform incident capture, verification, and diagnostics including Support with the TAC (Cisco, Juniper, Tufin, Palo alto) cases associated with the technical issues through the problem resolution in finding the root cause analysis of the Network failure there by curbing it using tools of operational research and methods. Integrate Microsoft Active Directory (LDAP) into checkpoint for identity awareness and user authentication.
Installed and configured Cisco Meraki (MR66, MR18) wireless Access points in the warehouses from scratch. Monitoring the Firewalls which are configured to be monitored by Statseeker Tool through SNMP.
Create High level diagrams, templates documentation for existing platform and the new deployments.
Work on Cisco DCNM, Spine leaf Architecture, and VXLAN tunneling. Migrated from Legacy networks to Cisco ACI and Arista Cloud Vision.
Fine tune and maintain alert rules for PDU/UPS/sensor monitoring.
Deploying, Scaling, and troubleshooting many Datacenters across all of AWS network fabrics.
Deploy the code to AWS instances and spin new instances when and where required.
Worked with Cisco Channel partners to build practices around Cisco ACI
Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS). Designed, implemented, and maintained AWS backend infrastructure.
Responsible for troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex Connect
Configured and performed software upgrades on Cisco Wireless LAN Controllers (WLC)2504, 4404,5508 for Wireless Network Access Control integration with Cisco ISE.
Upgrading Cisco ISE appliances company wide. Recently rolled out OpenDNS including onsite VM appliances. Automation practice and coding in Terraform and Ansible.
Experienced in Cisco Catalyst and Nexus network switches and routers and Cisco ASA firewalls and Wireless controllers (WLC) and access points.
Implemented VDC, VPC, and OTV on the CISCO Nexus 5K and 7K switches.
Performed sizing calculations of VMware environments based on current systems and future growth.
Environment: Cisco, Juniper, Palo Alto, ACI, NSX, Azure, Zscaler, SNMP, Meraki Access-points, ILLUMIO, Solar winds NPM NCM IPAM, Cisco-Umbrella, Cisco Catalyst Switches, Nexus switches, Riverbed, F5 load balancers, ACI Fabric extenders, QRADAR.
Wipro, Hyderabad, India July ‘16 - August ‘22
Role: Network Support Engineer / Network Engineer (Firewall, WI-FI, Wireless, WLAN)
Responsibilities:
Demonstrated unparalleled expertise in 802.11 standards, including a/b/g/n/ac/ax, Wi-Fi security modes, Wi-Fi Mesh network, Wi-Fi 6e, and Wi-Fi performance parameters.
Working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches.
Working on Cisco ISE and advanced technologies like QOS, Multicasting, MPLS and MPLS-VPN and Bluecoat proxy server SG.
Worked on Zscaler Internet Access and Zscaler Private Access. Worked on Migrating from Cisco IronPort’s and Bluecoat to ZIA.
Installing and configuring Splunk forwarders on Linux, UNIX and Windows.
Configuring user's roles and policies for authentication using Cisco NAC and monitoring the status of logged users in network using Cisco ISE.
Worked on Cisco ISE deployment which was a replacement for the ACS and provided new long term and short-term guest wireless services for the Port Authority.
Experience in Application Security Manager (ASM) which is a layer 7 web application firewall (WAF) available on F5's BIG-IP platforms.
Performed upgrade process for Cisco ISE software from version 1.0.4 to 1.1 ADE-OS, patch management and data backup management.
Hands on experience installing and configuring Cisco ISE 1.3 and later upgrading to 1.4.
Successfully onboarded new B2B partners onto the Extranet, including setting up accounts, access permissions, and training to ensure smooth collaboration.
Implemented Cisco ISE 2.0 for Wireless 802.1x Authentication and Authorization with Flex connect.
Configure and troubleshoot Juniper EX/SRX series switches.
Install, manage and monitor large scale Palo Alto Firewalls through Panorama.
Performing network monitoring, analysis using various tools like Wireshark, &
Contact this candidate