Network Engineer Data Center
Resume:
Deepak Kolathur
******.**********@*****.***
SUMMARY: Experienced Network Engineer with 8 years of expertise across enterprise and service provider environments, specializing in switching, routing, firewalls, proxies, wireless, and authentication systems. Skilled in supporting complex campus and data center networks using multi-vendor equipment. Known for delivering reliable, scalable solutions with strong communication, documentation, and cross-functional collaboration. Always seeking innovative ways to improve network performance and streamline operations. CAREER HIGHLIGHTS:
• Proven experience in designing, deploying, and troubleshooting enterprise and service provider networks with strong knowledge in LAN, WAN, ISP circuits, network security, ADCs, SSL VPN, and wireless LAN.
• Configured and maintained F5 Load Balancer and Citrix NetScaler for traffic distribution, GLBP, and web interface sites to enhance internal client access and resiliency.
• Hands-on with installation, configuration, and administration of Cisco Catalyst (2960 to Cat 9K), Juniper EX/QFX, and Aruba Campus switches in complex environments.
• In-depth knowledge of protocols such as STP, RSTP, MST, PVST+, ARP, VLAN, VTP, 802.1Q, EtherChannel, HSRP, VRRP, GLBP, DNS, and DHCP.
• Proficient in deploying and troubleshooting Cisco Routers (ASR1K, 7200, 3900, 3800, etc.), Juniper MX, and Arista 7000 routers in high-traffic networks.
• Strong background in OSPF, IS-IS, EIGRP, and BGP configuration, including route redistribution, traffic manipulation, ISP peering, MPLS, and DMVPN.
• Extensive involvement in access, distribution, and core layers across IDF/MDF and data centers; hands-on experience with spine-leaf using Cisco ACI and Arista CloudVision.
• Solid understanding of redundancy technologies such as VPC, VSS, MEC, MLAG, Port-Channels (LACP, PAGP), and VDC for fault tolerance and uptime.
• Built Splunk dashboards and reports using data from Python APIs interacting with Cortex XSOAR, enabling real-time security insights.
• Practical experience in legacy and next-gen firewalls: Cisco ASA, Palo Alto, Check Point, and FortiGate, including full lifecycle deployments and policy configurations.
• Deployed Prisma Cloud across Azure, GCP, and PCF, integrating with third-party tools like Splunk and XSOAR for unified cloud security management.
• Familiar with centralized firewall management via Panorama, FortiManager, and SmartConsole; responsible for log analysis, policy backups, and perimeter firewall operations.
• Configured security features including NAT, URL filtering, SSL proxy, App-ID, User-ID, Threat-ID, WildFire, zones, virtual systems, and IPS across perimeter and cloud-based firewalls.
• Worked with IronPort, Bluecoat, and Zscaler proxies for secure web access; led migration from IronPort to Zscaler with geo and AD group-based access rules.
• Configured and maintained Zscaler Private Access (ZPA) for user-level VPN access, handling app connectors, policies, app segments, and LSS connectors.
• Performed daily incident reviews using Cortex XSOAR, ensuring accurate documentation and timely resolution of security-related tickets
• Designed and implemented fault-tolerant Oracle Cloud (OCI) solutions using Terraform, Python/Shell scripting, REST APIs, and console automation.
• Tested and supported various hardware and software including servers, routers, switches, modems, Office 365, IoT platforms, and DevOps tools like Terraform, VSTS, and Chef.
• Hands-on with F5 (LTM, GTM, ASM), NetScaler, and Cisco ACE, configuring VIPs, load balancing modes, iRules, DNS-based failover, SNAT, and persistence profiles.
• Configured cloud networking in AWS and Azure, including VNETs, security groups, Direct Connect, ExpressRoute, and firewalls across availability zones.
• Experienced in Cisco ACE 4710, F5 LTM/GTM, and reverse proxy design; familiar with one-arm/two-arm architecture and SSL traffic handling
• Implemented VXLAN overlays with BGP/OSPF underlays, VTEPs, bridge domains, tenants, EPGs, EVPN, and symmetric IRB within Cisco ACI and Arista CloudVision. TECHINCAL SKILLS:
Router and VoIP Platforms
Cisco Routers series ASR9k, 7300, 4000, 3800, 2000, 1900; Juniper MX, Arista 7000 series.
Routing Fundamentals and
Protocols
Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, Policy- Based Routing, Redistribution, Port forwarding
Switch Platforms Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K,5K, 7K; Juniper EX, QFX, Aruba 2000, 3000 series. Switching Fundamentals and
Protocols
Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP
Firewall Platforms
Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506- X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K) with panorama 8.0, WAF, Fortinet FortiGate NGFW (1K, 2K and 5K), Illumio, FireEye, SonicWall. Security Protocols
Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap Network Management and
Monitoring
Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, Security Device Manager (SDM), Cisco Works, SolarWinds, Net low Traffic Analyzer, Network Performance Monitor (NPM),Network Configuration Manager
(NCM), Spectrum Access Manager (SAM), IP Address Manager, Additional Polling Engine.
Load Balancers and Proxies F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, Citrix NetScaler, MWG, Zscaler Proxies, Bluecoat Proxies.
WAN and SD-WAN
technologies
MPLS, ISP Leased Lines, SONET, Viptella, Versa.
Other Networking Protocols
and Fundamentals
DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACAS+, PBX servers, SDN, IPV4, IPv6, Operating Systems Windows 10/7/XP, MAC OS, Linux, NX-OS, IOS XR, XE. Wireless and Radius
Technologies
Canopy Wireless Devices, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers, Prime Infrastructure, Ekahau, Air Magnet, AirWatch and WLC’s (8510, 5508, 5706), Cisco AironetAP’s
(2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE, Clear Pass 6.0,6.2,6.5, 802.11a, b,c,g,n,ac
Scripting Python, Ansible and TCL (F5)
CERTIFICATIONS :
• Cisco Certified Network Associate (CCNA)
• Cisco Certified Network Professional (CCNP)
• PCNSE – Palo Alto Networks Certified Network Security Engineer WORK EXPERIENCE :
Client: Callaway Golf, San Jose, CA Mar 2023 - Present Role: Sr. Network Engineer
Responsibilities: (Switching, Routing, FW, LB, AWS)
• Designed and deployed Layer 2/3 enterprise switching infrastructure using Cisco Catalyst (2960, 3850, 6500), Nexus (9K-C9372, 7K, 2K), and Juniper EX switches with VPC, MEC, and spanning-tree optimization.
• Configured and optimized BGP, OSPF, and EIGRP across core/distribution layers with route maps, AS-path control, and OTV-based Layer 2 DCI between data centers.
• Built and secured AWS network infrastructure (VPCs, EC2, Route Tables, Security Groups), integrated Prisma Cloud, and deployed SD-WAN (Versa) with Direct Connect.
• Automated network and security operations using Python scripts and REST APIs to interact with Cortex XSOAR and Splunk for alert handling and log analysis.
• Led migration from Cisco ASA to Palo Alto PA-5000 firewalls; implemented URL filtering, SSL decryption, NAT, GlobalProtect VPN, and application-layer policies.
• Integrated Palo Alto firewalls with Panorama, managing centralized policy updates, threat prevention
(Wildfire), and zone-based segmentation.
• Migrated legacy Cisco ACE load balancers to F5 LTM/GTM/APM, designing one-arm/two-arm architectures, creating iRules, SNAT, health monitors, and SSL offload policies.
• Configured F5 APM sessions, Layer 7 access policies, SAML authentication with Azure AD, and application routing using advanced iRules.
• Deployed and supported Zscaler ZPA for user-based app VPN; configured APP connectors, LSS connectors, access policies, and integrated with Azure AD.
• Installed and managed Cisco and Aruba Wireless infrastructure, WLCs (5508, 8510), APs, SSIDs, and performed MAC-based and 802.1X auth using Cisco ISE.
• Administered enterprise IPAM with Infoblox and SolarWinds, maintaining DHCP scopes, DNS entries, zones, and delegations.
• Created and implemented Methods of Procedure (MOPs) for routing, firewall, and NAT changes to ensure seamless, documented deployment with rollback options.
• Performed deep packet capture and flow analysis across firewalls, F5, and Nexus using syslog, SNMP traps, and NetFlow for incident triage and RCA.
• Evaluated and conducted a POC on Versa and Viptela SD-WAN, assessing routing policy enforcement, failover, and integration into existing hybrid WAN.
• Deployed and optimized Riverbed Steelhead WAN optimizers to enhance application performance for remote users and branch offices.
• Managed Zscaler ZIA policies including URL filtering, SSL inspection, geo-blocking, blacklist/whitelist logic, and AD group-based policy enforcement.
• Supported hybrid multi-vendor environment with Cisco ASR9K, Juniper SRX/MX/EX, Versa SD-WAN, F5, and Palo Alto platforms.
• Maintained proactive infrastructure monitoring via SolarWinds Orion, managing alerts, performance dashboards, and device inventory.
• Created and maintained detailed Visio diagrams, network architecture documents, firewall rulesets, and SharePoint-based documentation for compliance.
• Implemented Illumio firewall rulesets for segmentation, microsegmentation, and policy control across cloud and on-prem resources.
Client: Con Edison, New York City, NY Jul 2021 – Dec 2022 Role: Sr. Network Engineer
Responsibilities: (Zscaler, Azure, SD-WAN)
• Led SD-WAN deployments and architecture evaluation for Cisco Viptela, Juniper Contrail, VeloCloud, and Silver Peak, optimizing hybrid WAN connectivity with policy-based routing and failover strategies.
• Configured and supported MPLS circuits, leased lines, Metro Ethernet, and site-to-site IPSec tunnels, integrating SD-WAN into existing WAN infrastructure.
• Designed and maintained Enterprise Wireless Infrastructure using Cisco WLC 5508, configuring SSIDs, AP provisioning, and conducting upgrades in active/standby environments for high availability.
• Enforced secure wireless access through Cisco ISE integration, deploying downloadable ACLs, MAC authentication bypass, and 802.1X policies for wired and wireless endpoints.
• Installed and maintained F5 LTM load balancers, creating VIPs, SNATs, persistence profiles, and SSL offloading to support application delivery across DMZ and internal environments.
• Delivered Tier II support for F5 Big-IP LTM and participated in migration from Cisco ACE to F5, including application migration planning, iRule development, and traffic flow validation.
• Implemented LAN/WAN designs including IP address planning, VLAN segmentation, routing strategies, and DMZ segmentation in redundant data centers.
• Worked on Cisco Nexus switches (7010, 5548, 2148T, 2248) for datacenter deployments, leveraging VDCs and FEX for flexible access and scalability.
• Maintained Cisco ASR 1000 and 7200VXR routers, deploying 3900, 3800, 2951, and 2821 routers for branch and remote connectivity.
• Deployed and managed Checkpoint, ASA, and SonicWall firewalls, performing migrations, policy translation, rule optimization, and deep packet inspection (DPI) enforcement.
• Hardened security posture through migration to Palo Alto PA-3000/PA-5000, enabling application and URL filtering, IPsec VPNs, SSL forward proxy, and Wildfire threat detection.
• Configured and administered Cisco ISE 3315 appliances and VMs for access control, guest policies, profiling, and posture assessments; monitored endpoints via Cisco ISE GUI.
• Implemented and maintained VLANs, STP, and trunking on Cisco EX series switches; applied SNMP-based monitoring for switch status and metrics.
• Provisioned and supported AWS cloud environments, deploying EC2, Route53, RDS, Lambda; assisted with VPC networking and cloud automation using CloudFormation.
• Migrated applications and VMs from on-premises to AWS, supporting large-scale hybrid cloud setups and blackboard deployment use cases.
• Ensured protocol compliance and security across TCP, UDP, ICMP, and DNS-based traffic flows; optimized NAT/PAT handling and ACLs on multi-vendor firewall platforms.
• Performed policy-based routing and OSPF configuration on Juniper M and MX series routers, integrating them into multi-vendor environments.
• Managed F5 Big-IP LTM load balancers across Layer 4/7 for application delivery; handled SSL termination, monitor configuration, and high availability.
• Provided Tier II support for firewall policy changes, NAT rule implementations, and traffic path troubleshooting across multiple security platforms.
• Used Microsoft Visio to document physical/logical network topologies and data center layouts; updated internal documentation in Confluence.
• Supported performance tuning and VLAN optimization across Cisco 3550, 4500, and 6500 switches to enhance throughput and reduce latency across core links. Client: Microsoft, Seattle, WA Jan 2020 – June 2021 Role: Sr. Network Engineer
Responsibilities:
• Managed and supported multi-vendor firewall infrastructure including Checkpoint (R77.20), Cisco ASA, and Palo Alto PA-3000/5000, handling rule migrations, NAT policies, threat signatures, and WildFire.
• Configured Panorama and SmartConsole for centralized firewall administration, policy optimization, firmware upgrades, and log auditing.
• Enforced security policies via web proxy filters and access control systems, implementing category-based filtering, SSL inspection, and remote browsing protection circuits.
• Designed and maintained enterprise switching environments using Cisco Catalyst (3500, 3750, 4500, 6500), implementing VLANs, STP/RSTP, EtherChannel (LACP), and Trunking.
• Supported routing configurations across enterprise networks using BGP, OSPF, EIGRP, and static routing with route filtering, redistribution, and prefix-lists.
• Built and maintained IPSec VPNs, crypto maps, and ISAKMP policies for secure site-to-site and branch communications.
• Led data center migration projects involving routing redesign, firewall integration, equipment re-racking, and downtime planning.
• Configured and monitored Cisco ASR 5500, 7200 series, and Nexus hardware in WAN and edge environments, validated performance using VPC, SPAN, and flow testing.
• Utilized Cisco ACS, SNMP traps, syslog servers, and Wireshark for performance monitoring, traffic inspection, and security event analysis.
• Administered ACLs, NAT/PAT, and service-specific access rules for TCP, UDP, ICMP, DNS, and HTTP/S across routers and firewalls.
• Supported AWS network operations including EC2 provisioning, VPC setup, security groups, route tables, and hybrid IP planning.
• Facilitated app and workload migration to AWS, coordinating routing, access controls, and encryption policies across cloud and on-prem environments.
• Created and maintained documentation for network designs, topologies, and security policies using Visio and internal Confluence systems.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment. Client: Wipro, Hyderabad, India Jul 2017 – Dec 2019 Role: Network Operations Engineer
Responsibilities:
• Provided first-level monitoring and support for enterprise networks, handling incident tickets and performing basic troubleshooting of routers, switches, and WAN links.
• Installed and configured Cisco routers (2500, 2600, 2800 series) and switches (2950, 3560), supporting EIGRP-based routing and VLAN segmentation in branch environments.
• Assisted in configuring Access Control Lists (ACLs) and static routes for traffic filtering and basic perimeter protection.
• Supported VLAN creation, inter-VLAN routing, and trunking on Layer 2/3 switches; resolved port security and MAC conflict issues.
• Performed hands-on cabling and physical network setup in IDF/MDF rooms and data centers, managing both copper and fiber connections.
• Monitored WAN circuits and frame relay links, escalating chronic issues to higher-tier network teams for resolution.
• Configured and maintained IPsec VPNs for branch connectivity, assisting with tunnel establishment, crypto maps, and authentication parameters.
• Participated in system backup and restoration processes for network devices to ensure configuration continuity and disaster recovery readiness.
• Documented network diagrams, device configurations, and troubleshooting steps using internal tools and templates.
• Built foundational experience across OSI layers, TCP/IP model, NAT, DHCP, DNS, and SNMP protocols through ticket resolution and shadowing senior engineers. EDUCATION :
• B.Tech Electronics and Communication Engineering Sri Venkateswara University, Tirupati, India.
• Master’s in Management Information Systems
Northern Illinois University, DeKalb, IL.
Contact this candidate