Data Center Network Engineer
Resume:
PRAVALLIKA RAMADUGU
NETWORK ENGINEER
512-***-****• *********************@*****.*** • LinkedIn: www.linkedin.com/in/pravallikaram
PROFESSIONAL SUMMARY
Around 6+years of Experienced Telecommunications and Network Professional worked on medium to large scale environments, enterprise, and Data center networks. Expert in Switching, routing, Network Security, Application Delivery, Wireless, VOIP, Virtualization and SDN.
Cloud & Virtualization: Skilled in integrating AWS (Transit Gateway, Direct Connect, Cloud WAN) and Azure (Traffic Manager, Firewall Premium, Virtual WAN) for secure, high-performance cloud networking. Experienced in VMware NSX-T for multi-tenant micro-segmentation and distributed firewalling.
AWS & Azure Integration: Configured AWS Transit Gateway, Direct Connect, Cloud WAN, and Azure ExpressRoute for hybrid cloud connectivity and optimized application performance with Azure Traffic Manager and AWS Network Firewall.
Data Center Technologies: Proficient in implementing VXLAN, EVPN, and BGP underlay/overlay on Cisco Nexus 9000, Arista 7500R, and Juniper MX204. Automated Cisco ACI Multi-Pod deployments with Terraform and Ansible for seamless workload mobility and inter-fabric communication.
Automation Expertise: Automated network configuration, compliance, and software upgrades using Ansible, Terraform, and Python, reducing manual overhead and ensuring operational efficiency across Cisco, Juniper, and Arista platforms.
SD-WAN Deployment: Skilled in deploying Cisco SD-WAN (Viptela), Meraki MX, Versa Networks, and Silver Peak Unity EdgeConnect, integrating DIA, cloud offload, and AI-driven application steering for optimized branch connectivity.
Experience with Cisco ACI: Deployed Cisco ACI Multi-Pod using Nexus 9000 series switches with BGP EVPN underlay and VXLAN overlay, enabling automated provisioning and secure, scalable data center networking.
Security & Proxy Solutions: Configured Zscaler ZIA/ZPA, Cisco Umbrella, and Infoblox DNS security for web filtering, zero-trust remote access, and malware prevention, securing enterprise-wide traffic flows.
Firewall Management: Extensive experience managing Palo Alto PA-7000, Fortinet FortiGate 6000F, Cisco Firepower, and AWS Network Firewall, implementing advanced threat prevention, deep packet inspection, SSL decryption, and NGFW security policies.
VPN Solutions: Expert in designing and managing site-to-site and remote access VPNs using IPsec, SSL VPN, Palo Alto GlobalProtect, and Cisco ASA, securing enterprise communication across global environments.
Routing & Switching Expertise:
Proficient in BGP (route filtering, eBGP peering, and route dampening), OSPF, and MPLS L3 VPN configurations on Cisco ASR 9901, Juniper MX204, and Arista 7280R3. Expertise in VXLAN EVPN, VLANs, STP optimizations (BPDU Guard, Root Guard, Loop Guard), and high-speed Ethernet (100G/400G).
Wireless Networking: Deployed Aruba 500/600 Series Wi-Fi 6E access points, integrating Aruba ClearPass for network access control and Cisco ISE for 802.1x authentication with EAP-TLS to ensure secure, seamless wireless access.
Load Balancing & Traffic Management: Expertise in configuring F5 BIG-IP LTM/APM, Citrix NetScaler ADC, and Azure Traffic Manager for SSL offloading, SAML authentication, global load balancing, and application acceleration.
Multi-Vendor Environment: Proficient in managing Cisco, Juniper, Arista, Palo Alto, Fortinet, and F5 solutions, ensuring seamless integration, interoperability, and high availability across heterogeneous networks.
High Availability Solutions: Designed and deployed high-availability hybrid cloud interconnects using Azure ExpressRoute, AWS Direct Connect, and SD-WAN tunnels, ensuring failover resiliency and minimal downtime.
Comprehensive Network Monitoring: Leveraged SolarWinds NPM/NTA, Cisco DNAC, Splunk, and Cisco Nexus Insights for real-time network visibility, performance analytics, NetFlow traffic monitoring, and anomaly detection across multi-vendor enterprise networks.
Network Management and Automation: Automated firewall rule audits and compliance reporting using Python scripts and Palo Alto APIs. Integrated ServiceNow ITSM workflows with network monitoring alerts for proactive incident response and troubleshooting.
CERTIFICATIONS
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Palo Alto Certified Network Security Engineer (PCNSE)
EDUCATION
Bachelor's: Computer Science
Teegala Krishna Reddy Engineering College
Master's: Computer Science
Montclair State University
SKILLS
Cloud & Virtualization Technologies
AWS (Transit Gateway, Direct Connect, Network Load Balancer), Microsoft Azure (Traffic Manager, DDoS Protection, Load Balancer), Zscaler (ZIA, ZPA), VMware (vSphere, NSX, ESXi), Citrix ADC, Cisco ACI, and Cisco Nexus Cloud.
Switches
Cisco Catalyst Series (9400, 9300, 9200, 8500, 8300, 8200), Cisco Nexus Series (9500, 9300, 3000, 5000, 7700 [7706, 7710, 7718]), Cisco Meraki Series (MS390, MS250-48P), Arista 7000 Series (Cloud-grade switches).
Routers
Catalyst 8300 and 8200 Series Edge Platforms, ASR 9000 Series (9006, 9010,920), Juniper MX960, Arista 7800R Series, Cisco ISR 4000 Series, IR 809 and IR 1101.
Wireless
Cisco WLC, 802.11 a/b/g/n/ac/ax, 802.1X Authentication, EAP/PEAP, Aruba ClearPass, Ekahau, Cisco ISE, Air Magnet, AirWatch (VMware Workspace ONE), Aruba Central, Cisco DNA Spaces.
Firewalls
Palo Alto Networks (PA-2K, PA-3K, PA-5K, PA-7K Series), Cisco (Firepower, ASA 5500 Series), Fortinet (FortiGate 6000 Series), Symantec Blue Coat (ProxySG), Check Point Firewalls.
Load Balancers
F5 Networks (BIG-IP LTM, BIG-IP GTM), Citrix NetScaler ADC, Cisco (CSM, ACE), A10 Networks ADC, Azure Load Balancer (Cloud-native).
WAN technologies
MPLS, SD-WAN, PPP, OC3, SONET, L2VPN, L3VPN, VPLS.
LAN technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, 40 & 100 GBE, Port- channel, VLANs, VTP, STP, RSTP, MST, 802.1Q
Security Protocols
IKE, IPSEC, SSL-VPN, ACL, NAT, PAT, URL Filtering, SSL Forward Proxy, Blocklists, VPN, Port-Security, SSH, AAA, Prefix-Lists, Zone-Based Firewalls, HIPAA Standards, Ingress & Egress Firewalls, Content Filtering, Load Balancing, IDS/IPS, SNMP Trap.
Networking Protocols
RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, RADIUS, AAA, SNMP, VPC, VDC, MLAG.
Operating Systems
CAT IOS, IOS XE, XR, NX-OS, Junos, PANOS, F5 BIG-IP OS, Linux, Windows
WORK HISTORY
Sr. Network Engineer
AT&T Services, Inc Dallas,TX 03/2023 - Current
Deployed Cisco ACI Multi-Pod architecture on Nexus 9000 Series switches, implementing BGP EVPN for seamless workload mobility and inter-fabric communication
Configured and optimized Cisco DNA Center (DNAC) with ISE and TrustSec for automated network segmentation and identity-based security policies
Integrated Cisco SD-WAN on Catalyst 8500 and ISR 1100 routers, utilizing vManage and vBond for policy enforcement, cloud offload, and DIA (Direct Internet Access) optimization
Implemented multi-cloud SD-WAN extensions using Azure Virtual WAN and AWS Transit Gateway, establishing encrypted overlays between cloud and on-premises environments
Configured VXLAN EVPN on Arista 7500R and 7280R Series switches, enabling high-performance, multi-tenant fabric with MP-BGP route reflection
Deployed Cisco SD-Access on Catalyst 9300X and 9500 Series switches, ensuring automated policy-based access control across wired and wireless networks
Automated network provisioning with Terraform and Ansible, integrating API-driven deployments for Cisco IOS-XE and Nexus switches across global sites
Implemented Palo Alto PA-5450 and PA-7000 Series firewalls in high-availability mode, leveraging App-ID, threat prevention, and decryption policies for enhanced security
Migrated firewall infrastructure from Fortinet FortiGate 1500D to FortiGate 6000F Series, improving security posture with NGFW features such as deep packet inspection and SD-WAN orchestration
Configured F5 BIG-IP LTM and APM for SSL offloading, load balancing, and SAML-based authentication with Azure AD for secure application delivery
Deployed Citrix NetScaler ADC VPX for cloud and on-prem application acceleration, integrating with Microsoft Exchange and Citrix Gateway for seamless access
Optimized Infoblox DDI with RPZ (Response Policy Zones) and DNSSEC, securing internal and external DNS traffic from malware and spoofing attacks
Integrated Zscaler Private Access (ZPA) with Azure AD and Okta for zero-trust security, ensuring seamless, secure access to internal applications without VPN dependencies
Configured AWS Network Firewall with Transit Gateway for centralized security enforcement and deep packet inspection between VPCs and hybrid cloud environments
Engineered a redundant hybrid cloud connectivity solution using Azure ExpressRoute, Direct Connect, and SD-WAN tunnels, ensuring failover resiliency
Automated firewall rule audits using Python scripts and Palo Alto APIs, enforcing compliance with CIS benchmarks and reducing misconfigurations
Deployed SolarWinds NPM and NTA for real-time network monitoring, NetFlow traffic analysis, and root cause troubleshooting across multi-vendor environments
Configured advanced QoS policies on Cisco Catalyst 9600 Series switches, prioritizing real-time traffic such as VoIP, video conferencing, and business-critical applications
Optimized STP configurations with BPDU Guard, Root Guard, and Loop Guard on Cisco Nexus and Catalyst platforms, preventing topology loops and enhancing stability
Migrated enterprise wireless infrastructure to Aruba AP-635 Wi-Fi 6E access points, integrating with Aruba ClearPass for network access control and security automation
Enabled 802.1x authentication with EAP-TLS on Cisco ISE, ensuring endpoint posture compliance before granting network access
Configured Azure Traffic Manager for global DNS load balancing and integrated Azure WAF (Web Application Firewall) for application-layer protection
Deployed multi-tenant micro-segmentation using VMware NSX-T, enforcing security policies with distributed firewalling and identity-based access
Engineered a high-speed Ethernet backbone with 400G optics, deploying Arista 7800R3 modular switches for hyperscale data center performance
Implemented MPLS Layer 3 VPN on Juniper MX204 and Cisco ASR 9901 routers, ensuring scalable WAN segmentation and traffic engineering across enterprise sites
Configured eBGP peering and route dampening policies on Cisco Nexus 9800 switches to optimize ISP traffic flow and reduce route flapping
Automated software upgrades and compliance reporting using Ansible for Cisco, Juniper, and Arista platforms, reducing operational overhead
Deployed Cisco Umbrella Secure Web Gateway (SWG) for cloud-based threat intelligence and DNS-layer protection against malware and phishing attacks
Managed VMware vSphere clusters with HA and DRS, optimizing virtual machine resource allocation for high-availability workloads
Configured network telemetry collection using Cisco Nexus Insights and Splunk, analyzing flow data to detect anomalies and optimize performance
Enabled seamless failover between on-prem and cloud security perimeters using Palo Alto Prisma Access, integrating user-based policies with global security enforcement
Configured dual-stack IPv4/IPv6 routing on Cisco ASR 1001-X routers, ensuring future-proof connectivity for enterprise network expansion
Deployed Azure Sentinel with custom log parsers to analyze firewall, VPN, and SIEM data, enhancing threat detection and response automation
Enabled SD-WAN analytics and AI-driven optimization on Meraki MX250 security appliances, ensuring application-aware traffic steering and security enforcement
Configured AWS Cloud WAN with dynamic BGP peering, integrating it with on-premises SD-WAN fabric for scalable global networking
Integrated Aruba Mobility Controllers with cloud-based AI-driven analytics to optimize WLAN performance, minimize interference, and improve user experience
Engineered private 5G network integration with enterprise SDN infrastructure, optimizing wireless backhaul connectivity for IoT and industrial automation
Deployed Layer 2 encryption using MACsec on Cisco Catalyst 9500 switches to protect sensitive data traffic over high-speed links
Configured Azure Firewall Premium with IDPS, TLS inspection, and policy-based routing to secure hybrid workloads in a multi-cloud architecture
Established high-speed interconnects using 100G and 400G QSFP-DD optics on Juniper QFX5120 and Arista 7280R3, ensuring low-latency data center fabrics
Automated ITSM workflows in ServiceNow, integrating incident response with network monitoring alerts from Cisco DNAC
Network Engineer
The World Bank Group 03/2021 - 12/2022
Managed Palo Alto Firewalls (PA-220, PA-3200, PA-5200) through Panorama for centralized policy deployment, log management, and security enforcement
Performed security monitoring and traffic analysis on Palo Alto firewalls, implementing threat prevention policies to block malicious activity
Installed, configured, and optimized Palo Alto firewalls, enforcing URL filtering, App-ID policies, and VPN configurations for secure remote access
Configured IPsec VPN tunnels, managed firewall rules, and applied security policies on Palo Alto devices for encrypted site-to-site and remote user connectivity
Worked on Next-Generation Firewall (NGFW) features, including IPS, threat prevention, and SSL decryption, to enhance security posture
Migrated VPN configurations from Cisco ASA to Palo Alto, ensuring a seamless transition while maintaining encryption standards and access control
Configured and deployed Cisco ASA and Firepower firewalls with Site-to-Site VPNs, using AES-256 encryption for secure data transmission
Provided Level-3 network support for Cisco Nexus, Catalyst, and ASA firewall environments, troubleshooting complex connectivity issues
Deployed and configured Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) to secure web and private application access for remote users
Integrated Zscaler Cloud Security with Azure AD SSO for centralized identity and access management across cloud and on-prem networks
Configured Splunk Enterprise Security (ES) for log ingestion, correlation, and alerting, integrating network logs from firewalls, switches, and IDS/IPS systems
Developed custom dashboards and correlation rules in Splunk to identify security anomalies, bandwidth utilization trends, and authentication failures
Integrated Cisco ISE with Active Directory and Duo MFA for role-based access control and Zero Trust security enforcement
Configured RADIUS authentication on Cisco ISE and Aruba ClearPass for dynamic VLAN assignment and policy-based network access control
Implemented Cisco ISE for 802.1x authentication on wired and wireless networks, enforcing posture assessment and compliance checks
Executed migration from Citrix NetScaler ADC to F5 BIG-IP, configuring traffic steering, load balancing, and SSL termination for enterprise applications
Administered F5 BIG-IP LTM and APM, managing licensing, provisioning, iRules, and SSL certificate configurations for secure application delivery
Monitored application health and optimized load-balancing algorithms on F5 appliances to ensure high availability and low-latency traffic distribution
Provisioned SD-WAN services on Cisco Meraki MX95 and MX105 appliances, implementing intelligent failover for MPLS and broadband connections
Worked on Versa Networks SD-WAN, configuring traffic shaping, application steering, and cloud security policies for distributed branch networks
Utilized Cisco DNA Center for network assurance and automation, troubleshooting switch and access point issues using AI-driven insights
Configured and managed Cisco ACI, setting up EPGs, contracts, and L3Out configurations for seamless application connectivity
Implemented BGP route filtering on Juniper MX204 routers, applying route maps and communities to optimize inbound and outbound traffic flows
Configured OSPF summarization on Cisco ASR 1001-HX routers to improve routing efficiency and reduce unnecessary updates across large networks
Applied EIGRP stub routing on Cisco Catalyst 9500 switches, optimizing convergence time and minimizing unnecessary query propagation
Configured Google Cloud VPCs with firewall rules, inter-VPC routing, and private endpoints to support secure cloud connectivity
Deployed AWS Application Load Balancer (ALB) and Network Load Balancer (NLB) to distribute traffic across hybrid workloads and ensure redundancy
Applied automation tools like Ansible and Terraform for firewall policy updates, network provisioning, and device compliance enforcement
Managed Aruba 500 Series (Wi-Fi 6) and 600 Series wireless access points, optimizing RF channels and security settings for enterprise WLAN deployments
Configured and deployed Cisco Wireless LAN Controllers (WLCs), managing AP groups, SSID configurations, and security policies
Configured Site-to-Site and SSL VPN tunnels on FortiGate firewalls to provide encrypted remote access and inter-site connectivity
Deployed and configured Cisco Firepower Threat Defense (FTD) appliances, implementing URL filtering, IDS/IPS, and malware protection
Cisco-Network-Administration
Schneider Electric, INDIA 08/2018 - 02/2021
Setting up VLAN's and configuring ISL trunk on Fast-Ethernet channel between switches
Implemented SNMP on Cisco routers to simplify network management and troubleshooting
Install, configure Routers, terminal Servers and CSU/DSU's to support WAN links
Deployed and Configured QoS on LAN/WAN
Strong knowledge of various routing protocols including RIPV2, EIGRP, OSPF and BGP4 for peering request processing
Provided level 2 network support at remote site locations in data centers
Troubleshoot and triaged network faults by analyzing network architecture and design from both a physical and logical standpoint
Available 24x7 and participate in rotational on call within teams as needed for resolution, system maintenance and incidents
Responsible for Configuring SITE-TO-SITE VPN on Cisco routers between headquarters and branch locations
Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client
Involved in troubleshooting of DNS, DHCP and other IP conflict problems for retail market
Used various scanning and sniffing tools like Wire-shark
In retail markets
Hands on experience working with security issue like applying ACL's, configuring NAT and VPN
Worked on Catalyst 6500 Series/7600 Series ASA Service Module and Intrusion detection system (IDS), IDSM-2 meta event generator to prevent attacks such as denial of service (DoS) while working with content delivery network (CDN)
Contact this candidate