Network Engineer Palo Alto
Resume:
KEERTHANA MEKA
Senior Network Engineer (SDWAN, Palo Alto, Azure)
Email Id: *****************@*****.***
Phone: 512-***-****
PROFESSIONAL SUMMARY:
Comprehensive experience in Network Engineering, deploying and managing complex network infrastructures in data centers and enterprise environments
Proficient in routing protocols (BGP, OSPF, EIGRP, RIP) and advanced traffic management techniques, enhancing network scalability and flexibility
Proficient in network automation using Python, Ansible, Chef, Terraform, and CloudFormation to streamline network tasks and ensure consistency
Deployed and managed of Cisco ACI (Application Centric Infrastructure), automating network provisioning and enforcing application-centric policies for enhanced agility and operational efficiency
Deployed SD-WAN solutions using Cisco Viptela, Versa, and Silver Peak to optimize WAN connectivity and performance
Integrated Cisco SD-WAN with existing MPLS networks to create hybrid WAN architecture, optimizing cost, performance, and reliability for enterprise applications
Configured and managed high-speed connectivity and failover mechanisms on Cisco Nexus platforms using VXLAN, EVPN, and Multicast routing, ensuring scalability and fault tolerance
Administered Zscaler Private Access (ZPA) and Zscaler Internet Access (ZIA) to secure user access and protect against internet-based threats, supporting secure remote work and mitigating risks
Deployed and managed F5 LTM and GTM for advanced traffic management and application delivery, ensuring high availability and performance tuning in critical environments
Configured Citrix NetScaler SD-WAN for optimized and resilient WAN connectivity, improving application performance across distributed network locations
Designed and implemented secure, scalable VPN architectures with Cisco ASA firewalls and ISR routers, employing AES-256 encryption to ensure data confidentiality and network integrity
Automated routine network tasks and configuration changes using scripting tools like Python and Ansible, significantly reducing manual effort and improving operational consistency
Built and managed a reliable VoIP infrastructure, configuring Cisco gateways and optimizing protocols to ensure high-quality, secure voice communications and seamless call continuity
Integrated Juniper Contrail SDN with OpenStack to enable network virtualization, increasing agility and automating network management in cloud and data center environments
Managed and optimized Aruba WLAN solutions, ensuring robust wireless network performance and seamless user experiences across multiple locations
Administered and configured Fortinet Firewalls (FortiGate 3000, 3815 series) per network specifications, troubleshooting issues, editing policies, and creating rules as needed
Extensive experience with firewall management and monitoring using tools like AlgoSec, Palo Alto Networks, and Splunk, enhancing security policy enforcement and visibility
Conducted WLAN testing, Cisco ISE deployment for secure access, and network troubleshooting with AWS CloudWatch and VPC Flow Logs
Hands-on experience with designing cloud network architectures, including AWS VPCs and Azure ExpressRoute, to secure and scale enterprise cloud resources
EDUCATION:
Master in computer science, Texas State University
Bachelors in computer science and engineering, CMR College of Engineering and Technology
CERTIFICATION:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Palo Alto Networks Certified Network Security Administrator (PCNSA)
TECHNICAL SKILLS:
Cisco Router platforms
Cisco ASR 1000 Series, ASR 1013, ASR 9000 Series, ISR 4000 Series, ISR 1000 Series, Catalyst 8300, 8200 Edge Platforms; Juniper MX304, MX10004, SDN-enabled MX10003, MX2020
Network Protocols
MPLS, VRF, VRRP, Policy-Based Routing (PBR), Route Redistribution, Static Routing, WCCP, VDC, MPLS (LDP), ISDN, PPP, VoIP, SIP, VTP, STP, VLANs, 802.1q/, CDP, LACP, OSPF, BGPv4, EIGRP, HSRP, RIPv2, VPC, VDC
Cisco Switch Platforms
Catalyst 9k series; Nexus 9300, 9500, 9600; Arista 7280R, 7500R, 7800; EX4650, EX4300, Nexus 7000 Series with models like Nexus 7000 and 7000-X, and the Nexus 5000 Series with models including Nexus 5000 and 5000-X
Firewalls
Juniper SRX series (SRX4600, SRX5600, SRX5800), Cisco ASA 5500-X Series and Firepower Series (1000, 2100, 4100, and 9300), Check Point Quantum Security Gateways (16000, 26000, and 56000 Series), and Palo Alto Networks firewalls (PA-3200, PA-5200, and PA-700 Series)
LAN Technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, Port Channel, TCP/IP, EtherChannel, VLSM, Cisco Catalyst 9000 Series (L2/L3 Switches), Wireless (802.11a/b/g/n/ac/ax), Cisco Firewalls (Firepower), Check Point (Quantum Security Gateways), Juniper Networks (SRX Series)
Network Management Tools
Infoblox DDI –8.x, SolarWinds Network Performance Monitor (NPM) –2024.2, AlgoSec Firewall Analyzer –7.21, Silver Peak Unity EdgeConnect –11.4, RSA NetWitness Platform – 11.x, VMware vSphere –8.0, SolarWinds TFTP Server –12.4.2, FileZilla Server –1.9.0, OpenS– 9.4, Arista CloudVision – 2024.1, Nagios XI –5.11, and WhatsUp Gold –2024.1
Network Operating Systems
Cisco IOS: 17.10.x (IOS XE), Cisco NX-OS: 9.3(3), ArubaOS: 10.4.x, Cumulus Linux: 5.0.x, JUNOS: 21.4R1
Load Balancing
F5 BIG-IP iSeries, Citrix ADC MPX/SDX Series, and alternatives to Cisco ACE 4700 Series
IP Telephony
H.323: (CUCM) 14.x, MGCP: Supported in CUCM 14.x, SCCP: Supported in CUCM 14.x, Cisc SRST: Supported in IOS XE 17.x
Cloud
Contrail Networking 6.0, AWS services as of August 2024, Azure services as of August 2024 OpenStack Yoga (latest stable release)
Scripting Languages
C++, Python 3.12, Ansible 8.x, Latest versions of Shell, Bash 5.2
Virtual devices
vSRX 20.4R1, vMX 22.4R1, BIG-IP VE 17.1.0
PROFESSIONAL EXPERIENCE:
Client- T-Mobile Oct 2023-Till Date
Senior Network Engineer
United States of America
Responsibilities:
Implementing and managing Cisco DNA (Digital Network Architecture) to automate network provisioning, policy application, and assurance, resulting in streamlined operations and enhanced network visibility
Configuring and maintaining Cisco NDFC (Network Data Center Fabric Controller) to efficiently manage data center network infrastructure, enabling dynamic provisioning and improved resource utilization
Deployed Palo Alto Prisma Cloud security solutions to protect cloud environments, ensuring compliance with industry regulations and defending against cloud-based threats
Deploying and supporting Cisco ACI (Application Centric Infrastructure) for a scalable and programmable data center network, enhancing application performance and enabling rapid deployment of network services
Managing Juniper Mist wireless solutions, including AI-driven WLAN management and analytics, to ensure robust, high-performance Wi-Fi connectivity and improving user experiences across multiple sites
Configured and managed Cisco voice gateways, including SRST, to ensure seamless call continuity and high-quality voice services across the organization
Designed and implemented LAN/WAN architectures to support scalable and resilient network connectivity, utilizing MPLS, Ethernet, and broadband technologies to ensure high performance and reliability
Deployed and maintained VoIP infrastructure, including SIP, H.323, and RTP protocols, optimizing call quality and reducing latency for end users
Integrated VoIP solutions with existing network infrastructure, coordinating with networking teams to prioritize voice traffic and ensure robust Quality of Service (QoS)
Administering Zscaler Private Access (ZPA) and Zscaler Internet Access (ZIA) to secure user access to internal applications and protect against internet-based threats, effectively mitigating risks associated with remote work and internet browsing
Automating network tasks and configurations using Python and Ansible, developing scripts to automate routine operations, streamline workflows and ensure consistency across network devices and environments
Designing and maintaining network infrastructure on AWS and Azure cloud platforms, implementing best practices for cloud network architecture, security, and scalability, and integrating cloud resources with on-premises systems
Configuring and managing Cisco Meraki devices, including security appliances, switches, and access points, leveraging cloud-based management for simplified network administration and enhanced visibility
Implementing and configuring VoIP solutions, including Cisco voice gateways, to ensure reliable communication and optimize call quality
Collaborate with network teams to prioritize VoIP traffic and troubleshooting issues, utilizing tools like Wireshark for effective analysis and resolution
Administering F5 iSeries and R Series load balancers, optimizing application delivery through advanced traffic management, high availability configurations, and performance tuning
Deploying and managing SD-WAN solutions using Versa and Viptela, enabling secure, optimized WAN connectivity with advanced features such as traffic shaping, application-aware routing, and centralized management
Implementing Palo Alto Prisma Cloud security solutions to protect cloud environments from threats, enforce security policies, and ensure compliance with industry regulations
Managing Cisco Nexus switches in data center environments, configuring high-speed connectivity, optimizing performance, and ensuring high availability to support mission-critical applications
Deploying and configuring LTE and 5G network components, including eNodeBs, gNodeBs, and MME, to ensure optimal coverage and performance for mobile users
Monitoring and analyzing network performance metrics using tools like Wireshark, SolarWinds, and NetFlow to enhance LTE and 5G service quality, including latency and throughput
Troubleshooting and resolving connectivity issues in LTE and 5G networks with tools like TEMS Investigation and Actix Analyzer, ensuring seamless user experiences
Client - Abacus Federal Saving Bank Jan 2023 - Oct 2023
Network Engineer
Location: New York City, NY
Responsibilities:
Deployed Cisco SD-WAN using Viptela on ISR 1000 Series routers, establishing centralized policies and templates for streamlined network management and optimized traffic routing, improving overall network efficiency and performance
Configured Silver Peak Unity EdgeConnect for SD-WAN, utilizing dynamic path control and WAN optimization techniques to enhance application performance, reduce latency, and improve user experience across distributed network locations
Integrated SD-WAN technologies with existing MPLS networks to enhance a hybrid WAN architecture, optimizing cost efficiency and performance for enterprise applications while maintaining reliable connectivity
Implemented Cisco ACI (Application Centric Infrastructure), setting up APIC controllers and fabric switches to automate network provisioning, enforce policies, and streamline management, achieving greater agility and operational efficiency
Integrated Juniper Contrail with OpenStack to enable network virtualization and software-defined networking (SDN), increasing network agility, scalability, and automation capabilities within cloud and data center environments
Leveraged VMware NSX-T for network virtualization and micro-segmentation, providing secure and flexible network connectivity for virtualized workloads and enhancing overall security through advanced network segmentation techniques
Integrated SDN solutions with security tools such as Palo Alto Networks and Fortinet, enabling dynamic and context-aware security policies to improve threat detection, mitigation, and overall network security posture
Designed and implemented advanced network architectures using VXLAN (Virtual Extensible LAN), EVPN (Ethernet Virtual Private Network), and Multicast routing on Cisco Nexus platforms to optimize network scalability, flexibility, and performance
Configured Citrix NetScaler SD-WAN to deliver optimized and resilient WAN connectivity, enhancing application performance through advanced traffic management and acceleration techniques across geographically dispersed locations
Defined and executed the migration from a network-centric model to an application policy-driven infrastructure, creating plans that included Cisco ACI, hybrid cloud solutions, and container orchestration tools to improve network flexibility and operational efficiency
Utilized automation tools such as Chef, Terraform, and CloudFormation for provisioning and managing network resources, streamlining deployment processes, and ensuring consistent and scalable infrastructure management
Deployed AlgoSec, Palo Alto Networks technologies, and Splunk for comprehensive firewall management, configuration, and monitoring, enhancing network security, policy enforcement, and operational visibility
Implemented network monitoring solutions using New Relic, Site24x7, and Kibana to proactively monitor AWS infrastructure, server performance, and API uptime, facilitating early issue detection and ensuring optimal network and application performance
Configured IPsec VPN tunnels on Cisco ASA 5500-X Series firewalls and ISR 4000 Series routers to establish secure site-to-site and remote access connections, ensuring data confidentiality and network integrity with strong encryption protocols (AES-256)
Designed and deployed AWS VPCs (Virtual Private Clouds) and Azure ExpressRoute connections to create isolated network environments and establish dedicated, high-bandwidth connections between on-premises data centers and cloud platforms, enhancing network security and performance
Client – Syntel Mar 2018 – Aug 2022
Network Engineer
Responsibilities:
Worked on juniper SRX, installed F5 LTM, GTM and Aruba WLAN from scratch
Configured and managed Cisco PIX 535 firewalls, including remote access IPSEC VPNs, and enabled STP enhancements for fast network convergence.
Worked with application and security teams on ACL renewals and aging, ensuring secure and updated access controls
Configured and maintained Palo Alto firewalls (PA2020, PA3050, PA5050) with Zone-Based Firewalling, IPSEC, and SSL VPNs for robust network security
Monitored network health and firewall status using IPAM tools for IP availability and the Palo Alto dashboard
Supported data center migration and MPLS VPN expansion, and configured DHCP, DNS, and IPAM for efficient IP address management
Managed WLAN testing, deployment, and security protocols (WEP, WPA, EAP) with the Wi-Fi Alliance, ensuring robust wireless security
Implemented and maintained Cisco ISE for 802.1x wireless authentication, device policy enforcement, and network access control integration
Collaborated on network troubleshooting using AWS CloudWatch, VPC Flow Logs, and upgraded Cisco Wireless LAN Controllers for seamless ISE integration
Technical Support Engineer
Site to site VPN tunnels on ASA, SRX
Cabling that includes Copper and Fiber
Involved in implementation of trunking using Dot1Q on Cisco Catalyst Switches
Worked on Nexus 7000, Cisco 6800, and Cisco ASR, Cisco 9400 Routers, Cisco 9300, 9500, 9600 & Arista 7500R switches
Configured and deployment of routing protocols RIP, OSPF, EIGRP & BGP over Cisco Routers in Production environment and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure
Worked on design, configuring and managing Blue Coat Proxy Servers
Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS)
Configured Cisco Access Control Server (ACS) to enforce security policy in User Groups
Installed and maintained Cisco ASR 1000 and Cisco 4451-X backbone routers with HSRP and various IGP routing protocols such as RIP, EIGRP, and OSPF
Performed/Upgraded configuration of Cisco switches, routers, terminal servers, CSU/DSUs, WAPs, VPN, Remote Access and network management tools
Participated in TCP/IP networks planning, Implementation and Management with subnets
Involved in implementation of overall security system including access-list and NAT design for various Cisco access lists, a RADIUS/TACACS+ AAA server, a Linux syslog server and network monitoring using SNMP
Designed, Configured and implemented VPN tunnel with IPsec and GRE and Cisco ASA based security infrastructure
Designed and configured LAN networks with Access layer switches such as Cisco 9400, distribution layer switches such as 6513 and a routed core
Configured HSRP, Spanning tree Root guard, BPDU guard, and STP/RSTP features
Administration of network devices holding various servers of Windows, Linux/Unix platforms (physical & virtual servers)
Supported major access to all firewalls and protocols through AAA by using Cisco Secure Access Control Server (ACS)
Design, Configuring and troubleshoot F5 LTM load balancing
Contact this candidate