Network Engineer Data Center
Resume:
BHAVISHYA A
SR NETWORK ENGINEER
https://www.linkedin.com/in/bhavishya-angadi-3a04532a6/
*************@*****.***
PROFESSIONAL SUMMARY:
Network Engineer with 8+ years of experience designing and implementing IT network architecture, Cisco Application Centric Infrastructure (ACI), including configuration, optimization and supporting network management systems in Data Center which includes Network Load balancers.
Experience in Networking, including hands-on experience in IP network design providing network
Support, installation and analysis.
Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and Dynamic routing protocols such as EIGRP, OSPF, BGP; ability to interpret and resolve complex route table problems.
Implementation of traffic filters on Cisco routes using Standard, extended Access list.
Expert Level Knowledge about TCP/IP and OSI models.
In-depth expertise in analysis, implementation, troubleshooting & documentation of LAN/WAN
Architecture and good experience on IP services.
Extensively worked on Juniper models EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210 and SRX240.
Configured and maintained complex network infrastructure including Cisco enterprise routers, switches, ASA firewalls, Palo Alto firewalls, wireless controllers, and Cisco Nexus switches to ensure robust network performance.
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network.
Successfully deployed Cisco SD-Access solutions to streamline network management, automate network segmentation, and enforce consistent security policies across the enterprise.
Leveraged enterprise-level monitoring tools such as OpenNMS, Cisco Prime Infrastructure, and NetScout nGenius to monitor network health, troubleshoot issues, and optimize performance.
Experienced in installation, configuration and maintenance of Cisco ASR 9K, 7200, 3900, 2800, 2600, 2500 and 1800 series Router / Cisco Nexus 9010,7010, 5548, 2148 Catalyst Cisco 9200,9400,9300, 6500 (sup 720), 4500 (SUP 6), 3750, 2950 series Switches.
Utilized advanced analytics and AI-driven insights from Cisco DNA to proactively troubleshoot and improve network health.
Configured and managed policy-based automation using Cisco DNA Center, providing simplified network access and consistent security controls.
Integrated Cisco DNA architecture with security solutions like Cisco ISE and Firepower to deliver enhanced network visibility and threat mitigation.
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF,
Skilled in installing, implementing, and configuring Checkpoint, Fortinet, and Palo Alto Firewalls.
Experienced in managing firewall rules and policies, including the management of URL whitelists.
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Environment
Technical Knowledge on Cisco DMZ, ASA 5500 series firewalls.
Proficient in deploying F5 load balancers and developing "iRules" for optimized traffic management and security.
Strong understanding of current and future technologies including TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, Frame Relay, ACL, VPN, Wireless LAN, and configuration of VLANs.
Experienced in managing Wireless LAN Controllers, ensuring reliable and secure wireless network performance.
Knowledgeable in the implementation and management of Aruba LAN controllers, enhancing network efficiency and security.
Expertise in Configuration of VLANs, using Cisco Multilayer switches and supporting STP, RSTP, PVST, RPVST along with troubleshooting of Inter-VLAN routing and VLAN Trunking using 802.1Q.
Proficiently implemented traffic filters using Standard and Extended Access-lists, Distribution lists, Route-maps and Route Manipulation using offset-list.
Adept in handling network monitoring tools such as Wireshark, NetFlow, SNMP and SYSLOG.
TECHINCAL SKILLS:
Routers
Cisco (2900, 3600, 4300, 4400, 7200, 7300, 7600) series, ISR (1800,2800,3800,4000), ASR (1000,5000,9000) series routers
Routing Protocols
OSPF, BGP, EIGRP, RIP, IS-IS, MPLS, Static Routing, Route Filtering and Redistribution
Nexus Switches
9396, 9572, 7702, 7600, 7010, 5020, 5548, 5596T, 2148, 2348
Switches
Cisco Catalyst (2900, 3550, 3750, 3850, 4500, 9400, 6500, 6880, 9300 and 9500), Aruba 3810 switches
Juniper
EX- series switches (2200, 4200, 4500, 8200), SRX-series firewall (210, 220, 240, 3600/650, 5800), Juniper MX- 480 series routers
Switching Protocols
LAN, VTP, STP, PVST+, SMTP, Inter VLAN routing & multi-layer switch, Ether Channels
Network Security
Cisco ASA, Palo Alto, Juniper SRX, Checkpoint, Cisco FTD
Load Balancers
F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Citrix NetScaler
Multicast Protocols
IGMP v2/v3, CGMP, PIM-Sparse and Dense Mode, DHCP, FTP, TFTP
Wireless LAN Controllers
Cisco 5508 WLC devices, Cisco 2602 and 2702 access points, Cisco VoIP 794x, 796x, 7937
LAN Technologies
Ethernet, Fast & Gigabit Ethernet
WAN Technologies
Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, DSL, ISDN
Various Features / Services
IOS and Features, NAT, SNMP, AWS, Cisco ACI NTP, Microsoft Office Suite
Network Management
SolarWinds, Wireshark, SNMP, Putty, GNS3, Cisco Packet Tracer, Cisco Prime, Bluecoat Proxy, NTOP
Language Skills
C, Python, Linux
Operating Systems
Windows XP/7/8, Windows Server 2003/2008, Mac OC X and Linux
PROFESSIONAL EXPERIENCE:
Nintendo of America, Los Angeles, CA Jul 2023 - Present
Network Engineer
Responsibilities:
Hosting Internal Network security services. Includes Build and Support and maintenance.
Tracked and monitored incoming security complaints by using Service now ticketing tool, resulting in 70% resolution rate.
Implemented Cisco SD-Access to create a zero-trust security framework, ensuring secure, user-based access control and enhanced network visibility.
Designed and implemented end-to-end network segmentation with SD-Access to isolate user groups and IoT devices, improving both security and performance.
Integrated SD-Access with Cisco Identity Services Engine (ISE) to dynamically enforce policies based on user identity, device type, and network conditions.
Leveraged Cisco SD-Access fabric technology for simplified and scalable network architectures, improving both network performance and operational efficiency.
Extensive experience using the Nipper analytical tool for comprehensive security analysis and reporting.
Cisco ASA and Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network.
Skilled in configuring and managing wireless LAN controllers to optimize network performance and coverage.
Proficient in using Explicit Route Objects (ERO) within MPLS networks to design and enforce specific traffic paths, optimizing network performance and reliability.
Proficient in creating VoIP dial plans, installing VoIP phones, and ensuring seamless integration of VoIP systems into existing network infrastructures.
Check and take action on network latency, CPU utilization, load balances, Bandwidth utilization.
Manage Palo Alto and Checkpoint configuration (Review & modification of FW rules, daily compilation)
Configuring Network Address Translation (NAT) according to the connectivity
Check flow opening effectiveness and correct rules when relevant in F5 AFM.
To prepare Root Cause analysis for major incidents/outages related to network and server operations.
Taking the Configuration Backups of all the PaloAlto, Cisco ASA, Routers and Switches on weekly basis.
Experience with Cisco ASA and Cisco FTD for creation of ACL`s for multiple clients and troubleshooting.
Configuring ASAs/FTD’s for failover with Active/Standby setup.
Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
Leveraged Cisco DNA's automation and assurance features to enhance operational efficiency, reduce network downtime, and optimize performance.
Implemented and managed Cisco DNA Center for automated network provisioning, policy-based management, and real-time analytics.
Participation on Various troubleshooting calls related to firewall issues like Failover, Nat, Acl and connectivity issues.
Palo Alto Architecture, Packet flow and extensive exposure in managing policies, user-id, High Availability, Panorama and troubleshooting.
Capable of preparing clear, concise technical reports and documentation, articulating ideas effectively both in writing and orally, and setting priorities to complete tasks efficiently and on schedule.
Implementing of Site-to-Site and Remote access VPN and troubleshooting the VPN Connection issues on CISCO ASA firewall.
Implemented and fine-tuned configurations for Juniper routers and switches, focusing on MPLS, BGP, and IPsec. This involved setting up MPLS labels for traffic management, configuring BGP for dynamic routing, and establishing IPsec VPNs for secure communications.
Participation with customer call for VPN connectivity establishment and for joint troubleshooting.
Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS).
Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture
Configuring and upgrading multiple Palo Alto firewalls and integrating them to Panorama.
Configure on F5 LTM, AFM like creation of VIP, Pool and Nodes. And joining troubleshooting calls related to application issues installed on F5 lb.
Perform SSL Offloading on F5 LTMs. Also, renewing certificates to ensure the security of websites.
Worked on Cisco ISE 802.1X, ISE wired/wireless guest and ISE trust sec implementations.
Experience with creating profiles for end devices such as printer, cameras, phones etc.in Cisco ISE NAC deployment.
OG&E Energy Corp, Oklahoma City, Ok Feb 2022 – Jul 2023
Network Engineer
Responsibilities:
Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Experience with design and implementation of Data center migration.
Extensive hands-on experience in designing, implementing, and managing network architecture solutions, with a particular emphasis on Cisco Identity Services Engine (ISE) for identity and access management.
Experienced in configuring and managing EROs in RSVP-Traffic Engineering (RSVP-TE) to ensure precise control over data routing and resource allocation.
Configured and deployed Cisco SD-Access for secure, policy-based access control and simplified network segmentation.
Worked with intent-based networking models to automate and align network operations with business objectives.
Deploying and decommissioning of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
Design, Implement & troubleshooting of Juniper switches, routers and Firewalls EX 2200, EX 4200, EX 4500, MX-480, M Series, SRX210, SRX240, SRX 3600/650.
Configuring Static routing, BGP, OSPF on Juniper M and MX series routers.
Experience working with Juniper Routers (MX960, MX480, M320) and Switches (EX2400, QFXVirtual Chassis Switches) with BGP, OSPF, VSTP, MST layer 2 and layer 3 Technologies
Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
Added centralized management using Cisco Prime Infrastructure.
Configure VLAN’s on Juniper EX Serties EX4200, EX4300, EX4500, EX4600 Switches.
Worked on the Cisco ACS TO Cisco ISE Migration project by replacing existing ACS configuration with ISE configuration in network devices.
Responsible for troubleshooting devices while migrating them from ACS to ISE.
Configured Cisco ISE for Domain Integration and Active Directory Integration.
Configuring and installing Cisco Cat 9200,9300, 6500, 9400, 4500 in Campus networks.
Switches Replace branch hardware with new 2851 routers and 2960 switches.
Led the hands-on migration of network infrastructure from Brocade to Arista, including the deployment, configuration, and optimization of Arista switches. Ensured minimal downtime and disruption by meticulously planning and executing cutover strategies.
Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
Demonstrated expertise in Cisco ISE, local area network (LAN) management, security protocols, and routing technologies, providing comprehensive solutions and support in network operations.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
Currently designing global Cisco SD-WAN rollout for enterprise customer.
Working on evaluating SDWAN for implementation across branches.
Expert in troubleshooting production issues and resolving incidents and change tickets related to ACI.
Working experience with routing and network service protocols (e.g. OSPF, MPLS, Multicast, SNMP, IPv6)
Configure & troubleshoot IPSec VPN issues, Trouble shooting of VOIP network elements
Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4
Configuring HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalysts.
Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
Performed switching technology administration including VLAN’s, inter-Vlan routing, trucking, port aggregation and link negotiation.
Configuration, Troubleshooting and Maintenance of Palo Alto firewalls PA200, PA2000 series, PA3000 series, PA4000 series, PA 5000.
Configured and modified firewall security policies and created rules on PA5000 series Palo Alto firewall
Configured and managed policies on Palo Alto firewalls using Panorama GUI.
Experience in installation and troubleshooting Fortinet Firewall. Worked extensively in Fortinet firewall.
Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
Significant experience in documentation and updating client's network documentation using VISIO.
Citi Bank, New York, NY Jan 2020 – Jan 2022
Network Engineer
Responsibilities:
Responsible for supporting and implement complex end-to-end solutions on a global scale.
Worked extensively on Cisco Catalyst Switch 6800s, 6500s, 4500s, 3750, Nexus 7000s, and HPE switches 8400, 8320, 5400, 3810, 2930M/F, 2920 and 2540.
Successfully implemented ERO-based traffic engineering solutions to enhance network efficiency, load balancing, and adherence to service level agreements (SLAs).
Provided comprehensive guest access management for Aruba Clear Pass administrators, sanctioned sponsor administrators using BYOD & Guest Management Portal Configuration.
Configure new ports and EPG and contracts on Cisco ACI leaf fabric for user request.
Install the certificates on APIC for cisco ACI management.
Created automation scripts for provisioning OLTs and ONTs, significantly reducing setup time and ensuring consistent QoS configurations. Contributed to documentation efforts by preparing detailed reports and guides during the Field Trial phase, facilitating smooth transitions and providing clear records for ongoing support and troubleshooting.
Endpoint compliance by providing comprehensive client provisioning measures and assessing the device posture for all endpoints that access the network, including 802.1X environments.
Provided expert troubleshooting and performance tuning for the newly implemented Arista environment, addressing and resolving issues related to network connectivity, traffic flow, and configuration mismatches. Successfully optimized network operations to meet and exceed performance benchmarks.
Collaborate with senior engineers and customers on the design, configuration and deployment of WAN and site-to-site connection.
Implemented the policy rules and DMZ for multiple clients of the state on the FortiGate firewall.
Firewall policy provisioning on Fortinet FortiGate appliances using Forti Manager.
Security policy review and configuration in Palo Alto and Firewall in US offices and Datacenter.
Contributing in troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF and BGP.
Configured routing protocols such as OSPF, EIGRP, and BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy. It also includes the configuration of the port channel between core switches and server distribution switches.
Provided 24/7 network support for troubleshooting and resolving network related incidents.
Designed, tested, and implemented global Next Generation MPLS network (150 sites) using Cisco 4300, 3800, 2800, 2600, and 1721 Cisco routers and 800 Series VPN routers using BGP and EIGRP protocols.
Configured AWS Identity and Access Management (IAM) Groups and Users for improved login authentication. Also handled federated identity access using IAM to enable access to our AWS account.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco ASA's 5585.
Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification.
Implementation of Access Lists for allowing/blocking desired traffic.
Designed and deployed EIGRP/OSPF configurations, including route distributions and summarizations
Designed and implemented redundant internet access using BGP4 with multiple ISPs to provide full fault-tolerant internet access services for the company.
Developed a VLSM (Variable Length Subnet Mask) scheme, using it along with OSPF to create the most efficient flat switch domains.
Analyzed network traffic pattern and developed a VLAN (Virtual LAN) infrastructure among all switched networks for optimal performance.
Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application. Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 75 firewalls
Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices and also configure 2k, 3k,7k series Routers
Experience configuring Virtual Device Context in Nexus 7k series switch.
Strong knowledge on networking concepts like TCP/IP, Routing and Switching.
Designed, configured, implemented site-site VPN on cisco ASA 5500 firewall.
Experience with configuring Load Balancing methods in F5 LTM and configured the virtual server.
Working with Checkpoints, ASA’s (Other Remote sites), Palo Alto’s FW’s
Worked in projects converting P2P circuits into MPLS circuits, commissioning and decommissioning of the MPLS circuits.
Performing network monitoring, providing analysis using various tools like Wire shark, Solar winds etc.
Provided proactive threat defense with ASA that stops attacks before they spread through the network.
Designed, Validated, and implemented LAN, WLAN & WAN solution to suite client’s needs.
Configured and designed LAN networks with Access layer switches such as Cisco catalyst 6500, 4510, 4948, 4507 switches.
Accenture, Hyderabad, India Dec 2017 – Dec 2019
Network Engineer
Responsibilities:
Installation, configuration and maintenance of Cisco Routers like 2600, 2800 and 3600 series.
Developing and maintaining the baseline Cisco IOS. Provide upgrade instruction to the Network O&M team on new Cisco IOS.
Designing Networks for voice and data networks over LAN and WAN. Designing, Implementing and Managing WLAN Distribution Network.
Installing and configuration and troubleshooting of various Cisco switches like 2900 series, 2950 series, 3550 series, Nexus 5000 and Nexus 7000 series and Juniper EX series.
Experience working with implementing and configuring checkpoint VSX for security gateways.
Configuration of checkpoint firewalls in MDS and VSX environment. Worked with creating firewall policies.
Installed and configured Cisco Meraki (MR66, MR18) wireless Access points in the warehouse.
Troubleshooting Cisco routers, APs, Switches, Fortinet Devices and Meraki appliances.
Working with carrier Ethernet technologies like L2vpn, VPLS, VPWS. Operating, administrating, managing & testing of carrier Ethernets.
Used F-5Load balancers to increase capacity (concurrent users) and reliability of applications.
Configuring, troubleshooting and managing Networks of over 1000 devices by monitoring health of routers, switches and load balancers and working with team to fix any configuration or hardware issue.
Configuring and monitored different monitor modules F5 BIG-IP LTM F5 and DNS traffic Management.
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
Experience on managing Network-based Intrusion Detection/Prevention Systems (IDS/IPS).
Working on Wi-Fi Portfolio by Configuring and Troubleshooting Wireless Access Points (WAP) and Wireless Controllers (WLC) for limited connections issue In Wireless Local Area Network (WLAN.
Sonata Software, Hyderabad, India Jun 2016 –Dec 2017
Network Admin
Responsibilities:
Worked on Cisco 2500, 2600, 2800 series routers and 1900, 2900 series switches
Designed the IP addressing scheme using VLSM and configured IP addressing Performed activities such as initial user account creation, established LAN connectivity, file and resource sharing management, internet connectivity, FAX and email service setup
Expanded LAN to accommodate 200 plus users. Coordinated installation and repair work. Diagnosed and corrected client’s network related issues
Installed and configured LAN/WAN as per organizational / client requirements, governed by communication protocols
Performed tasks that include Configuring and constant administration of Static routing, Default Routing & dynamic Routing Protocols like RIPv2, OSPF & EIGRP.
Implemented dedicated VLAN ID for all trunk ports, set user ports to non-trunking, and deployed port security, when possible, for user ports for layer 2 security
Worked to set up the TFTP server for backing up the IOS images and configuration files of Cisco Routers and Switches and troubleshooting the file servers.
Migration from Cisco firewalls to Palo Alto firewalls platforms PA -5000, series (5060/5050/5020), PA 4000 (4060/4050/4020) and PA 500 and PA- 200 firewalls
Configuring rules and maintaining Cisco ASA and Palo Alto Firewalls & Analysis of Firewall logs.
Writing SOPs Work Instructions for Level-1 and Level-2 support teams regarding different Network Element installations, configurations and quick resolution procedures during outages. Drafted, installed, and provisioned ASA and Checkpoint firewall rules and policies.
Designing and Configuring of the LAN & WAN networks for different airports, enterprise locations and data center locations.
Contact this candidate