Network Engineer Hands-On
Resume:
Name: Bhavana Katapally
Network Engineer
Contact: 508-***-****
Email: ****************@*****.***
PROFESSIONAL SUMMARY:
Network Professional hands-on experience on the implementation, administration, and troubleshooting of complex routing and switching technologies, Network Security-Next-Gen Firewalls and Load Balancers.
Seeking a challenging position as a seasoned network professional in a progressive organization where can implement my technical skills and coursework while further expanding my eight years of expertise.
Expertise with Installation of Arista 7250QX series switches on Spine Platform.
Working of OpenFlow protocol and SDN controllers (Open Daylight, Ryu, Open Contrail).
Detailed hands-on experience in configuring and troubleshooting Layer 3 Interior Gateway Routing protocols such as Link-State routing protocols (OSPF and IS-IS), Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP), and Exterior/Path-vector routing protocol (BGP).
Hands-on expertise with routers Cisco 2900, 3600, 3900, ISR 4K series (4221, 4321, 4351, 4451), ISR 1002-X, and Juniper ACX, E, M, MX960 series in Core, Distribution and Edge in Data centres.
Experience in installing Okta’s Lightweight agent to integrate with Active Directory.
Hands on Experience on Cisco 2960, 3650, 3750, 3850, Cat 4500X, Cat 6500, Cat 6880, Cat 9k series switches in Enterprise environment. Experience Installing, configuring and troubleshooting CISO Nexus 2k, 3K, 5K, 7K, 9K in Datacentre. Thorough with VPC, VDC and FEX.
Broad experience of IT market and trends and working on Cloud providers (AWS, GCP, Azure, OCI)
Provided full visibility and notification of authorized and unauthorized network access with integration of FortiGate and NAC solutions.
Experience with 1100, 1200, 3700and 3800 series cisco Wireless Access Points
Hands on experience in configuring and supporting site-to-site and remote access Cisco IPsec, VPN solutions using ASA firewalls, Cisco AnyConnect, and VPN client.
DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design.
Experience with Palo Alto 5K series firewalls. Worked on URL Filtering, SSL Forward Proxy, SSL Decryption, APP ID, Threat ID on Palo Alto Firewalls.
As a Security Consultant involved in enhancing the security stature of the project by initiatives like Threat Modelling, Security awareness sessions, Dormant & Never Logged IDs clean - up.
Prepared sequence of Operation for BMS Systems (AHU, FCU, VAV, HRW, EF’S etc.)
Working and demonstrated experience on the PAN-OS 6, 7.1, and 8.0 versions: PA 220, PA 820, PA-2K, PA-3K and PA-5K firewalls.
Experience with the Citrix infrastructure components such as Web interfaces, PNA Server, NetScaler setup and administration, License Server management, Edge Sight.
Experienced in checkpoint, Palo alto, Illumio and FortiGate firewalls Migration and Panorama Network Security Management Box .
Configured FortiNAC to Detect and identify headless devices as they connect to the network.
Implemented the policy rules and DMZ for multiple clients of the state on the Checkpoint firewall tory.
Experienced on Load Balancers (Citrix NetScaler, Cisco ACE, F5 BIG-IP LTM/GTM ADC), IDS/IPS (HIDS, NIDS, NIPS, HIPS), Fire eye, Splunk, Palo Alto Networks Firewalls (PA-820, series PA-3K, 5K), Checkpoint IP Appliances (NXG R60, R70, 3100, 5900), Fortinet Firewalls.
Experienced on Implement various network monitoring and security tools like NetBrain.
Experience working with Palo Alto GUI Panorama. Experience in migrating Checkpoint to the Cisco ASA Devices. Also migrating from Cisco to Palo Alto.
Data Centre consisted of Cisco APIC, ASA/FMC, multiple VPNs & Silver Peak orchestrator.
Experience in Threat Modelling during Requirement gathering and Design phases.
Created and Managed Site VPN (IPSEC) and Client VPN (IPSEC, SSL) on Checkpoint R77.
Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications
Done operations & Maintenance of BMS and EMS systems
Experience Arista Cloud Vision on a POC. Working on Spine leaf Architecture in Data center. Worked on EVPN, VXLAN, VTEPS, Bridge Domains, MP-BGP etc.
Worked on Application load balancing with Cisco ACE, F5 LTM, GTM, APM, Citrix NetScaler’s and A10. Worked on software and Hardware load balancers. Well versed with TCP, UDP, Http/Https, SSL, TCP dump, cur and TCL scripting for iRules.
Experience in design, installation, configuration, maintenance, migration and administration of CheckPoint Firewall R55 up to R77. Experience in Policy based filtering using Palo Alto Firewalls.
Experience with TACACS+ /RADIUS servers, migration from ACS and Aruba ClearPass to ISE.
Experienced in constructing fabric-based networking topologies involving Whitebox switches with SDN controllers.
Hands-on experience on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. Experience on Virtual Servers, Pools, Persistence, I Rules, Listener IP’s, WideIP’s, SSL, HTTP and TCP headers.
Developed comprehensive Standard Operating Procedures (SOPs) for various business processes, including but not limited to, IT operations, quality control, compliance, and customer service.
Worked on Abacus 5000 to Simplifies the testing of converged IP Telephony and PSTN networks and services.
Configured juniper MIST for Proactive optimization of wireless Device’s performance.
Have Built and grown strong collaborative relationships with key stakeholders to effectively get their application on boarded into OKTA.
Created and configured LTM and GTM guests on F5 VIPRION 7250 appliances.
Hands-on experience with Wi-Fi deployments and survey software including Air Magnet and Ekahau.
Designing, deploying, and troubleshooting IP and wireless networks, which includes enterprise IP networking, Aruba ClearPass, Aruba Airwave, and RF analysis.
Experience implementing large Data Center infrastructures with Cisco ACI, Cisco N9K, N7K, N5K, N3K, Cisco Cat 9500/9300, 6500, 4500/4900, Cisco ISR 4451, Cisco ASR1001.
Hands on experience and demonstrated on Software-Defined Networking (SDN), SD-WAN.
Experience with Cisco ACI on Creating VXLAN’s, VTEPS, VNID’s, EVPN, Bridge Domains, Tenants, Application profiles, Contracts etc. on ACI. Thorough understanding of Spine-Leaf Architecture.
Experience won configuration of CISCO ISE for integration of with various devices.
Experience in Open stack, MANO, OPNFV, Open Daylight, TMF, ETSI and similar industry forums and standardization orgs and projects
NFV/SDN, Subject matter and Architectural configured QOS and NETSCOUT for Monitor Network Traffic.
Helped design and build out a very large 100G Layer3 Leaf & Spine architecture (eBGP) using Arista switches to support the network consolidation in the new data center.
Analysed Packet captures using Wireshark and NetScout.
Worked on Abacus 5000 to Performs synchronized and complex test scenarios to help ISPs, ITSPs, IP-PBX, IP gateway, server migrate or converge into IP Telephony.
Configuring, designing and troubleshooting INFOBLOX DNS and DHCP servers.
Worked on the implementation of Domain Name Service and BIND.
Working on Python scripting.
Exposure to multiple ticketing tools, workflows, monitoring tools that include ServiceNow, Jira.
Hands on experience on the documentation and updating client’s network documentation using Microsoft Visio.
Technical Skills:
Routers
Catalyst 8300 Series, 8200 Series, ISR 4000 Series, 1000 Series, 900 Series, 800 Series, Catalyst 8300 Series Edge Platforms, ASR 1000 Series, Asr 1013 Router, ASR 901 Series, ASR 9000 Series, 1013 Router. Juniper MX304, MX10004 and MX10008, SDN-enabled MX10003, SDN-enabled MX2020
Routing Fundamentals and Protocols
Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, IPv4, and IPv6 addressing, subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, 802.11, Policy-Based Routing, Redistribution, Port forwarding.
Switch Platforms
Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; CISCO Nexus series 2K, 5K, 7K and 9K
Switching Fundamentals and Protocols
Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP.
Firewall Platforms
Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K) with panorama 8.0, WAF
Security Protocols
Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap .
Network Management and Monitoring
Wireshark, Infoblox, HP NView, Cisco Prime, Splunk, Security Device Manager (SDM), Cisco Works, TCP Dump and Sniffer, SolarWinds Net Flow Traffic Analyzer, NetScout, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SAM, IP Address Manager, Additional Polling Engine.
Load Balancers
F5 (BIG-IP) LTM 2000, 3900Viprion, Cisco ACE, Citrix NetScaler
Other Networking Protocols and Fundamentals
DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACAS+, PBX servers, SDN, SAN.
Operating Systems
Windows 10/7/XP, MAC OS, Windows Server, Nexus OS, Cisco IOS XR, Linux, UNIX, Cumulus.
Wireless Technologies
Canopy Wireless Devices, D-Link Point-to-point Wireless, D-Link APs, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers, Prime Infrastructure, Ekahau, Air Magnet, AirWatch and WLC’s (8510, 5508, 5706), Cisco AironetAP’s (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE, Clear Pass 6.0,6.2,6.5
Scripting
Shall, Python and Ansible
EDUCATION:
Bachelor’s in Electronics and Communication Engineering in Bharat Institute of Engineering and Technology in 2018
Masters of Informational Technology in Central Queensland University, Melbourne, Victoria, Australia in 2019
Masters of Cybersecurity in Saint Peter’s University, Jersey City, New Jersey, USA in 2023
CERTIFICATIONS:
AWS Certified – Advance Networking Speciality
CCNA – Certified Cisco Network Associate
CCNP – Certified Cisco Network Professional
PCNSE- Pala Alto Certified Network Security Engineer
Build an IoT Blockchain Network for a Supply Chain
PROFESSIONAL EXPERIENCE:
Client: Novartis April’ 2024 - Present
Location: Cambridge, MA
Role: Wireless Network Engineer
Project Description: The scope of services includes network design and implementation, with a focus on Routing and Switching and responsible for participating in design meetings, collaborating with architect teams, leading the building for new network devices. Involve in network automation, with proficiency in Ansible, Python, and a deep understanding of the OSI model.
Responsibilities:
Utilized tools like Cisco Prime Infrastructure and Ekahau Site Survey (ESS) to plan and optimize wireless network performance, focusing on coverage, capacity, and interference.
Automated network configuration and updates using Ansible and Python scripting, streamlining tasks such as device provisioning, firewall rule management, and firmware upgrades across the enterprise.
Installed, configured, and maintained Cisco Wireless LAN Controllers (WLC) and Cisco Access Points (APs), including models such as the 1262, 3500, 3600, 3700, and 9800 series to ensure seamless connectivity and optimal coverage.
Installed and configured Meraki wireless access points (APs) and devices for centralized management and monitoring via the Cisco Meraki Cloud System.
Handled complex wireless incidents across multiple sites, ensuring timely resolution and performance optimization.
Collaborated on designing multi-cloud architectures involving AWS and Azure Virtual Networks, securing connectivity through Zscaler ZIA and ZPA for internet and private access in a cloud-first environment.
Deployed Cisco ISE for RADIUS, TACACS+, and secure guest management, enhancing wireless network security and user authentication.
Utilized Cisco Prime Infrastructure and Cisco DNA Center (DNAC) to monitor, troubleshoot, and optimize controllers and access points in real-time.
Deployed Cisco Wireless Controllers: Configured and managed Catalyst 9800 Wireless Controllers to centralize control and management of wireless access points across the network.
Set up dynamic VLAN assignments on wireless controllers to optimize network segmentation based on user roles and policies.
Configured 802.1x on Cisco wireless access points to enforce user authentication before granting network access.
Conducted deep packet analysis using Wireshark and TCPDUMP, troubleshooting issues such as high latency, packet loss, and jitter, optimizing network performance and identifying root causes.
Implemented RADIUS and TACACS protocols for role-based access control (RBAC) and network security, ensuring secure authentication and authorization processes.
Integrated 802.1x authentication with Cisco switches, routers, and firewalls for consistent security policies across the network.
Gained expertise in deploying, configuring, and troubleshooting various Cisco wireless technologies, including WLAN controllers, DNAC, Cisco DNA Spaces, and Cisco ISE.
Used Cisco Prime Infrastructure and Cisco DNA Center (DNAC) for real-time network visualization, design, and planning, ensuring optimal wireless network performance.
Configured and managed Cisco ISE for enforcing security policies, including the use of ACLs to monitor and control user access to the network.
Analyzed and optimized Cisco wireless networks using Wi-Fi analytics tools from Cisco DNAC, ensuring robust coverage and performance across enterprise environments.
Tested and validated Wireless controllers to ensure compatibility and optimal performance in various network environments before deployment.
Configured Cisco wireless access points for secure remote access, enabling users to connect seamlessly to corporate networks from remote locations.
Configured wireless network infrastructure using Cisco wireless controllers and DNAC to monitor and optimize wireless network health and performance.
Participated in wireless network engineering projects, collaborating with third-party vendors for seamless installations, upgrades, and troubleshooting.
Contributed to documenting troubleshooting processes and known issues in the wireless network support knowledge database for continuous improvement.
Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on CISCO Nexus 9K, 7K, 5K, Juniper MX-960 routers and cisco ASR routers.
Proficient in designing, implementing, and managing InfiniBand-based networks, understanding the architecture, topology, and protocols involved.
Assisted Network team in the installation of Spine (Nexus 9500 series) switches and leaf (CISCO Nexus 9300 series) switches to create ACI environment.
Upgrading WLC’s accordingly recommendations. Wireless network installation and configuration of Aruba wireless access points, and controllers & configuring network parameters, security settings, and authentication mechanisms using Aruba ClearPass.
Experience on working with Silver Peak SD-WAN circuit.
Managed classified and unclassified voice and data on Confidential VoIP telephone systems to include C2950 and C3560 PoE switches along with C2691 and C3745 routers, Fiber optics and copper installations on strategic and tactical networks.
Implement and maintain monitoring solutions to ensure the health and performance of automated processes.
Working on SD-WAN technologies Such as Meraki, OpenStack, and Silver Peak.
Configured LACP, OSPF protocols on Arista 7250qx-64 switches.
Worked with the team on the creation of policies on Cisco ISE for Endpoint profiling.
Currently work with network engineering to build and support SDWAN.
Monitored and Created traffic Pattern on Arista 7250 switches using Open flow.
Configured FortiNAC to interact with and configured devices like switches, WAP, Firewalls and clients from different vendors.
Worked on the configuration of vPC (Virtual Port Channel), VDC (Virtual Device Context), FCOE in CISCO Nexus 9k and 7k series switches.
Upgraded the current ISE version 2.4 to ISE 3.1 or installing 3.1 server and moving the data from ISE 2.4 server to ISE 3.1 server.
Deployment of NetScaler, rolling out the applications, and their integration.
Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
Went through a 2-step upgrade process from 2.4 to 2.6 and followed by 2.6 to 3.1 for both primary and backup servers located in Las Vegas and Louisville.
Worked on issues with IPS/IDS servers, Zscaler and Bluecoat Proxies.
Configuring Guest access using Aruba ClearPass and Web Authentication.
Worked on creating NFV or SDN transformational solutions, provide architectural design, plan customers future NFV or SDN transformation, plans and strategies.
Involved in Creating, Deleting and modifying Security policies and troubleshooting traffic flows in Illumio firewall.
Configured FortiAPs providing coverage for devices on the 2.4 GHz band can be configured to offer dedicated scanning.
Develop and maintain automation scripts using Ansible and Python to streamline network configuration processes.
Working with Versa SD WAN for remote site connectivity over MPLS network, configuration of routing and application policies in SD-WAN.
As a part of pre upgrade tasks, stored all the backup, downloaded the RADIUS live logs, existing network users and devices that use ISE, exported all the certificates, policy sets.
Re-joined AD credentials after post upgradation.
Dealt with ISE smart licensing.
Troubleshooting, Installation of CISCO, and Aruba WLAN controllers. IAP setup, SSID’S, BYOD policies, Integration with cisco ISE and Aruba ClearPass. 802.1X Authentication, EAP/PEAP, Certificate based, and MAC based Authentication rules. AP groups, ARM profiles, Anchor controllers, AP provisioning, RF, 2.4 and 5 GHz, 802.11 a, b, g, n, ac Exposure to Cisco Meraki cloud.
Provided tier 3 support for Checkpoint and Cisco ASA Firewalls to support customers, Backup and restore of checkpoint and Cisco ASA Firewall policies.
Administering, managing, maintaining, and troubleshooting Cisco Firewall, Palo alto firewall, F5 Load balancer, SDWAN devices and network switches related issues.
Configured Radius authentication to the ISE server.
Configured VPC+ on these switches along with Nexus 2200 Fabric extenders.
Tested the Dot1x authentication on cisco catalyst lab user access switches.
Pointed all the network devices to the new ISE 3.1 server for authentication.
Integrated Palo Alto authentication to Cisco ISE.
Installed, configured, and maintained with vendors Cisco, Juniper, Alcatel-Lucent, Arista, Brocade, Riverbed, Enterasys, Fortinet networking and wireless technologies and protocols.
Environment: Cisco 9k and 7k series; Catalyst 2960, 3650, 3850 series switches; ISR 800/1000 series, ASR 1000 series, 3600/2800 routers, Riverbed, SolarWinds, VxLAN, Alcatel-lucent, NSX, FortiNAC, FortiADC, FortiAPs, Red Hat Enterprise Linux, BMS, SDN, SD-WAN, SSO, EIGRP, BGP, DMVPN, SSL VPN, Cisco Meraki, Cisco ACI, Cisco ISE, EtherChannel, VMware ESXi.
Client: State Street / Infosys September 2022 – April 2024
Location: Boston, MA
Role: Wireless Engineer/ Network Engineer
Project Description: Participated actively in proof-of-concept projects implementation which included storage and backup solutions from private cloud providers Amazon AWS and Microsoft Azure. URL filtering and upgradation of Palo Alto firewall from PAN-OS 7.1 to PAN-OS 8.0 using Ansible automation scripting connect servers and storage devices.
Responsibilities:
Worked on the configuration and installation of Cisco Nexus 9K and 7K series switches.
Working with ASR 9000 series switches with IOS-XR.
Working on Security groups in AWS in vPC for traffic flowing between various virtual nets for dev, prod and UAT instances.
Formulated group policies for Citrix and NetScaler apps, and NetScaler review for load balancing high value web system.
Implemented Azure Automation for task scheduling, runbook automation, and configuration management, enabling efficient resource provisioning and management in Azure environments.
Designed and implemented Azure virtual networks (VNets), subnets, and network security groups (NSGs) to segment and secure cloud-based resources, following best practices for network isolation and access control.
Led the deployment and migration of on-premises workloads and applications to Microsoft Azure cloud infrastructure, using services such as Azure Virtual Machines (VMs) and Azure App Services.
Experienced working in Azure Security including RBAC, Azure Security Canter and Azure Monitor.
Experienced working Azure Automation including Runbooks and Terraform scripts.
SD-WAN and routing trends and technologies.
Experience with the configuration of Nexus 2000 Fabric Extender (FEX) for the Nexus 5k to for managing VPN systems for site-to-site and remote access.
Worked on the security levels with RADIUS, TACACS+.
Collaborated with cross-functional teams to streamline processes, optimize workflows, and implement standardized procedures through SOP documentation.
Worked on the installation and configuration of Cisco ISR 800, 1000 series and ASR 1000 series routers.
Communications room updates and maintenance which included switch installations.
Also experienced with Active Directory and lightweight directory services Uniquely skilled at resolving complex problems and setting clear action plans.
Configured FortiNAC for narrowly restrict network access to only necessary network assets.
Experienced working with Azure Web Apps, Service Bus and Azure Functions.
Configured Juniper MIST for Simple and secure access to resources and Proactive root-cause identification.
Implemented security solutions such as Micro segmentation in both NSX-t and NSX-v Deployments.
Policy Reviewing, Audit and clean-up of the un-used rule on the firewall using Tufin and Splunk.
Worked on the configuration of Cisco 6500 VSS in Distribution layer of the Data center network.
Used Python scripting for network sniffing and managed parameters for pool of servers and updated, automated, and migrated different services and software by means of Ansible.
Configured RIP, OSPF and Static routing on Juniper M and MX series Routers.
Configured NSX-T Distributed Switch Policies for NSX support and Load Distribution.
Produced logical, functional, and physical/virtual designs for the Cyber components.
Configured FortiNAC for security posture assessment and policy enforcement.
Performed Switching Technology Administration including VLANs, inter-VLAN Routing, Trunking, STP, RSTP and Port Aggregation on Cisco catalyst devices and Arista 9K & 7K.
Worked on the Infoblox DNS Traffic control, DHCP, and IPAM for the Network control; Worked on the implementation of Domain Name Service.
Experience in deploying SD-WAN module (CloudGenix) in the production network environment.
Working with setting up AWS direct connect to amazon S3, Amazon EC2, Amazon VPC.
Network tasks like Command Line Automation, Enhanced Incident Collaboration, Streamlined Sharing Conducting Web Application Vulnerability Assessment & Threat Modelling, Gap Analysis, secure code review on the applications.
Upgrading 3x data canters’ network and Optical fiber infrastructures with an Arista spine-leaf.
Worked on NSX VMware, AWS, Azure Etc.
Worked on setting up tunnels from f5 devices to Zscaler cloud.
Worked on Infoblox to update the DNS host and A records to assist the part of the migration.
Worked on upgrading Palo Alto Firewalls, Cisco Routers, Nexus Switches, and Bluecoat proxy devices.
Function as part of a Firewall and Security team in support of Checkpoint Firewalls, Zscaler Proxy, Juniper Portals, SecAuth, Open LDAP, and Active Directory.
Managed DHCP, DNS and IP address thru Infoblox, and Admin for Internet sites access thru Zscaler.
Replacing Checkpoint VPN and Bluecoat proxy with Zscaler and worked on implementing Zscaler in Production.
Trouble shooting of BMS components (Like DDC, Actuators, DPT, AFMS etc)
Security configuration on Wireless LAN using protocols PEAP, EAP-FAST.
Extensive design, implementation, and operational experience with Cisco Wireless LAN Controllers, wireless access points, and management systems
Created policies, realms, rules, and responses to protect the applications and configure them to work under the SSO environment.
Assigning RADIUS and TACAS for new deployments in production environment AAA for users to implement changes on production devices.
Configured Net Brain for Event-triggered automation helps isolate and mitigate threats before they become a disaster.
Worked, configured, and troubleshoot Cisco ACI, Layer 2/Layer 3-out, BGP and OSFP.
Great exposure to SDN and network virtualization technologies like Cisco ACI.
Environment: Cisco 2k, 3k, 5k, 7k series; Catalyst 2960, 3650, 3850 series switches; ISR 800/1000 series, ASR 1000 series, 3600/2800 routers, VxLAN, Alcatel-lucent, NSX, FortiNAC, FortiADC, FortiAPs, Red Hat Enterprise Linux, BMS, SDN, SD-WAN, SSO, EIGRP, BGP, DMVPN, SSL VPN, Cisco Meraki, Cisco ACI, Cisco ISE, EtherChannel, VMware ESXi.
Client: DHL Express Feb’ 2019 – August 2022
Location: Melbourne / Australia
Role: Network Engineer / Wireless Engineer Responsibilities:
Design, Deployment, Installation, Configuration, and Upgrading the Cisco ISR routers, Catalyst and CISCO Nexus switches.
Implementation of the routing protocols OSPF, BGP (EBGP, IBGP) and EIGRP to enable MPLS on the sites.
Worked extensively on the Cisco ISR 4K series routers.
Worked extensively on the Catalyst 9300, and Catalyst 9500 series.
Designed and Implemented NSX-T and NSX-V in Data Centres.
Led the deployment and migration of on-premises workloads and applications to Microsoft Azure cloud infrastructure, using services such as Azure Virtual Machines (VMs) and Azure App Services.
Configured SD-Access policies, virtual networks (VN), and Scalable Group Tags (SGT) in Cisco DNA Center to enable dynamic network segmentation and secure access control.
Engaged in continuous improvement initiatives to enhance SOP effectiveness, efficiency, and usability.
Leveraged Cisco DNA Center's assurance and analytics capabilities to monitor network health, performance metrics, and user experience across the entire network infrastructure.
Utilized Cisco DNA Center's automation features to streamline network provisioning, configuration deployment, and policy enforcement across wired and wireless network domains.
Integrated Abacus 5000 series device with Avaya call manager to manage the incoming and outgoing calls.
Deploying and decommissioning Cisco switches/Firewalls and their respective software upgrades. Hands on experience in Installing and Configuring Palo Alto PA-3060 Firewalls to protect Data Centre.
Configured Net Brain in Project management and implement route analytic solution.
Network monitoring and data acquisition with TCP Dump, NetScout and Wireshark.
Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches. Configured Cisco ASR routers such as ASR 1013, 1009-X, 1006, 1006-X, 1004, 1002-HX, 1002-X, 1001-X routers.
Worked on the migration from Cisco PIX and ASA to the Palo Alto firewall and the configuration of User-ID’s, App-ID’s, SSL Decryption, URL Filtering, Policies, Zone Protection, High Availability, and Certification Management.
Responsible for managing the security tools such as Checkpoint Firewall, RSA Security. Designing and establishment of the VPN environment for partner connectivity.
Responsible for replacing the End-of-Life support routers such as Cisco2821, 2921, 3925 routers with the Cisco ASR 4K series routers, Cisco ASR routers.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
Maintained logs, following up with vendors, raising tickets for systems if any problems arise.
Configured Juniper MIST for Network automation with APIs.
Produced logical, functional and physical/virtual designs for the Cyber components.
Implemented Security Policies using ACL, IPSEC, SSL, VPN, IPS/IDS. Network monitoring and debugging tools SevOne, NetScout, and Wireshark.
Configured NetBrain via API to create a map of the problem area which can perform complex.
Performed Cisco CSR (Cell Site Router) Support accessing LTE, BSM, LSMR, CDMA.
Responsible for preparing the test scripts to evaluate the MPLS circuits on GNS3.
Worked on the design of BGP features such as Route-filtering, AS-Path filtering to manipulate the traffic path in the MPLS-BGP. Migrated the sites from OSPF to MPLS-BGP.
Worked on OSPF and implemented successful migration from OSPF to EIGRP for internal routing.
Responsible for License upgrading on the devices and maintained network performance.
Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers and Cisco ASR 9K routers. Provided application-level redundancy and availability by deploying F5 load balancers LTM.
Implemented Palo Alto solution for remote and mobile users and for analysing files for malware in a separate (cloud-based) process that does not impact stream processing.
Experience
Contact this candidate