Network Engineer Palo Alto
Resume:
Bharath Yadav Golla
Senior Network Engineer
************.****@*****.***
SUMMARY:
Over 6.7 years of professional experience of expertise in implementing and troubleshooting various Network Technologies.
Worked with Palo Alto PA-5450, PA-5260, PA-3220 firewalls using panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
Integrated customers from various firewall solutions to Fortinet 1800F, 3200F, and 500E cloud and customer premises firewalls.
Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probes and monitors.
Implementing Cisco ACI Fabric which is based on Cisco Nexus 9800, 7018, 5600 series Switches and the Cisco Application Virtual Switch (AVS).
Configured IPSEC-VPN tunnels with ASA 5500, 5515, 5545 series Firewall between some branch offices & headquarters.
Working on Routing and Switching on the third party segment using Cisco based Routers such as 8000 series and ASR 9000 series and Switches like 8200, 8500, 8100 series.
Configure, maintenance and administration of Checkpoint Firewall R75 up to R77 version, Secure Platform Installation including VPN.
expertise in cloud networking technologies and infrastructure design within Azure, AWS
Implemented network security controls such as Azure NSGs/ASGs, AWS Security Groups, Network ACLs, and firewalls (Azure Firewall, AWS Network Firewall) to enforce east-west and north-south traffic filtering.
CERTIFICATION:
Cisco Certified Network Associate (CCNA)
Microsoft Certified Azure Cloud Fundamentals
TECHNICAL SKILLS:
Switches
Nexus 9k, 5k, 7k, Arista switches, Catalyst switches and Juniper switches,BGP/EBGP, Junos and XR.
Network security
Cisco (ASA,) 5510, Palo Alto, juniper SRX, ACL, IPSEC VPN, Remedy, Azure, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS.
Routing
RIPv2, OSPF, EIGRP, IS-IS, BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing, Routing Policy,Route Reflection
LAN Technologies
SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.
Wireless
Cisco Meraki, Aruba wireless.
Firewall
Palo Alto, Cisco Firepower, ASA 5585, 5540, 5520 and Juniper SRX series, Fortinet (FortiGate) Firewall, Checkpoint Firewall.
Cloud services
AWS Cloud Networking (EC2, VPC, Route53) Direct connect
Professional Experience:
Wells Fargo, Charlotte NC April 2024 - Present
Sr. Network Engineer
Responsibilities:
Configured with Qualys evaluation of vulnerabilities, Splunk log tracking, Sourcefire, and Palo Alto IPS/IDS systems.
Using Panorama, safety procedures, device grouping, and designs were put into place to enable scalable and established Palo Alto firewall administration.
Set up Palo Alto Firewall administration features to track network activity, identify security risks, and examine unusual trends.
Working on PAN-PA-5400-DPC-A, PA-5450, and PA-3440 series are just a few of the Palo Alto NGFW models that were set up and accepted to ensure optimal performance and secure operation.
Implemented Managed Rulesets from Cloudflare’s security library to provide proactive protection against emerging threats, including zero-day vulnerabilities.
Deployed Bot Management Solutions using Cloudflare WAF to identify and mitigate malicious bot activities, reducing automated attacks and credential stuffing attempts.
Installed Cisco Secure Firewall 3105 and 3110's most recent features, firmware updates, and guidelines for strengthening the network's resistance to new threats.
Using the integrated SM-40, SM-48, and 4145 tools from Cisco Firepower, tracked and evaluated safety incidents in order to identify and eliminate advanced threats and enhance network durability in general.
Using Prisma Cloud's sophisticated analytics, I tracked and examined network traffic in order to find and address any possible weaknesses in the cloud's architecture.
Developed the overall safety condition of the network by managing identity-based micro segmentation policies through Prisma Cloud, which decreased the risks of lateral migration.
Designed, deployed, and managed Cisco ACI solutions, enabling automated and policy-driven network configurations across multi-cloud and on-premises environments.
Configured Application Network Profiles (ANPs) and End Point Groups (EPGs) within Cisco ACI, ensuring optimal application performance and security through granular segmentation.
Integrated Cisco ACI with existing network infrastructure, enhancing network visibility, automation, and security through a unified policy model.
Improved accessibility and redundant are ensured by increased routing and centralized backup connections for AWS Direct Connect links.
Implemented the AWS Route 53 console to oversee the domain authorization and transfer procedures, guaranteeing the precision and up-to-dateness of domain data.
Working on AWS Virtual Private Cloud (VPC) Elastic Load Balancers (ELBs) were implemented to maximize sharing traffic among several instances and improve accessibility.
Monitored F5 BIG-IP devices, which included regular WIP and VIP configuration, SSL offloading management, and iRule scripting.
Set up and deployed F5 Load balancers, optimizing the use of resources for traffic control and load balancing.
Installing internet connectivity so that several sets of Meraki MX65, MX65, and MX67 devices are connected to the router and enjoy advantages like increased security.
Improved the platform's capacity to manage specific network development and tasks by designing unique Ansible variations for managing systems.
Developed and set up Active Directory trusts, which allowed for resource usage and secure interaction between various domains and forests.
Added compatibility between Ansible and hardware from Palo Alto, Juniper, and Cisco to enable uniform network management and policy enforcement across diverse network stacks.
Set up network equipment in a convenient clinical setting, such as Cisco switches, routers, firewalls, wireless LAN controllers, and connection points.
Install Cisco routers ASR 9922, 9912, and 9901, especially in strategic areas, to guarantee a consistent and unbroken internet connection.
Configured Guest Access solutions with Cisco ISE, enabling secure, time-limited network access for visitors while ensuring network isolation and monitoring.
Setting up a Juniper structures with more than 500 firewalls and a variety of Juniper hardware models, such as the SRX 340, SRX 550, and SRX 1600.
Work with Netmiko to establish the website, changing protocols to ensure precise and reliable device setups in various situations.
Installed Routing Policy Language (RPL) on Nexus 7000 series switches, which allows for dynamic and adaptable routing administration to maximize network control and performance.
Configured and managed Cisco Nexus NX-OS devices, ensuring seamless network operations through advanced monitoring, automation, and troubleshooting techniques.
Integrated Azure Network Watcher, AWS VPC Flow Logs, CloudWatch, and Traffic Mirroring for monitoring, diagnostics, and incident response.
Integrated Cisco Nexus 5548, 5600, and 7018 switches with existing data center architectures, providing high-speed connectivity for compute, storage, and virtualization environments.
AT&T, Dallas TX Aug 2022 – March 2024
Network Engineer
Responsibilities:
Set up and adjusted security rules on Palo Alto firewalls to control traffic, prevent unwanted access, and effectively identify and eliminate threats.
Monitored Palo Alto unit staging, arranging, and installation in data centers, including Panorama modifications to track, block, or permit firewall traffic.
Worked collaboratively on Palo Alto firewall administration, managing models such as PA-5420, PA-3410 and PA-5220, and leveraging Panorama servers for traffic monitoring and flow control implementation.
Implemented and ran customized scripts to simplify demanding operations and streamline firewall management using Fortinet's scripting capabilities.
Developed and implemented training courses on how to properly handle and utilize FortiGate firewalls, such as the 1800F, 500E, 200E models.
Configured FTD policies, including access control lists (ACLs), intrusion prevention, and URL filtering, to protect against advanced threats.
Implemented report generation and alerting through FMC, improving operational efficiency and response times to security incidents.
Deploying Cisco Secure Firewall 4245 and 4225 devices, VPN services were configured and managed, granting users and partners secure internet access.
Developed and upheld special Prisma safety protocols that adhered to the company's safety policies and industry requirements.
Used Prisma Access to enforce the Zero Trust principles, ensuring the safe access of more than 2,000 distant employees while maintaining consistent security standards across all online environments.
Using an extensive and multiple approach, Cisco ACI was combined with safety features and devices to strengthen the network's safety posture.
Working on Cisco ACI safety measures were set up to continuously enforce security by dynamically adjusting to variations in network activity and software installation.
Installed the optimization and system tuning strategies for F5 iRules systems, guaranteeing smooth traffic control and resource utilization.
Using LTM and GTM for optimal efficiency, I oversaw the setup, tracking, and set up of BIG-IP F5 load balancers.
Set up claims-based authorization rules in Active Directory Federation Services to implement attribute-based authentication and restricted access.
Implemented virtual networks (VNets), subnets, route tables, and network security groups (NSGs) in Azure to enforce segmentation and secure cloud workloads.
Configured Azure Firewall and Application Gateway (WAF) to inspect inbound/outbound traffic and provide centralized threat protection for cloud-native applications.
Install and use Netmiko to set up various apps that automate various tasks, such as updating various platforms, improving and relating apps, and more.
Using dependable Aruba interfaces Data facilities, the effectiveness and security of internet access were continuously observed and tracked.
Development of Arista 5000, 7010X, and 7020R Cloud Vision for central administration and the synchronization of VXLAN set up, utilization, and tracking procedures.
Managing network devices and installation across different companies with improved Ansible.
Integrated distinct DNS situations into an administrative and uniformed structures by implementing DNS transfer initiatives with Infoblox.
Assisted in the design and implementation of network segmentation strategies within ISEC to limit lateral movement of threats and enhance overall network security posture.
Implemented a variety of controls to improve and resolve problems with Cisco routers, such as those in the 8100, 8200, and 8600 series, worked on network connections in different layers of the OSI.
Developed substantial contributions to the setup of different Cisco routers and L2/L3 switches in order to meet specific network needs.
Integrated Terraform with version control systems like Git to streamline collaboration and change management of infrastructure code.
Working with Juniper MX240, MX480, and MX960 routers enables us to create web pages that efficiently manage web traffic.
Deployed Cisco ISE profiling services, automatically identifying and classifying endpoints based on their behavior, type, and role within the network.
Working on Cisco Nexus 9300, 9500, 9800, and 7010 may reduce 10% on appliances and boost network bandwidth through installing Fabric Extender devices.
Wipro, India Dec 2018 – June 2022
Network Engineer
Responsibilities:
Configure, maintenance and administration of Checkpoint Firewall R75 up to R77 version, Secure Platform Installation including VPN.
Working on IPSEC-VPN tunnels with Cisco ASA 5500, 5585, 5520 and 5545 series Firewall between some branch offices & headquarters.
Conducted regular security audits and assessments on Cisco routers like 1900, 2900, 3900 series to identify and remediate vulnerabilities and security weaknesses.
Configured and monitored logging and reporting on Palo Alto PA-3060, PA- 5060 firewalls to analyze network traffic and security events effectively.
Utilized Wireshark for protocol analysis, dissecting packets to understand communication patterns and diagnose network anomalies across protocols such as TCP, UDP, HTTP, and DNS.
Deployed, configured, and managed the Solar Winds Orion platform for comprehensive network and infrastructure monitoring, delivering visibility into the IT environment.
Installed Tetration sensors to comprehensively collect and analyze data, providing deep insights into application behavior and dependencies.
Implemented the Cisco TrustSec framework to enforce scalable and dynamic access control policies across the network infrastructure.
Offered guidance on cable management best practices to maintain a tidy and organized cabling infrastructure, minimizing signal interference and simplifying troubleshooting.
Improve online frequency and enhance resiliency, spanning tree tasks were maintained and configured on Juniper switches EX 2300, EX 3400, and EX 2300-C.
Configured intelligent traffic steering policies within Silver Peak to optimize network traffic routing, ensuring efficient resource utilization.
Education: - Masters in Information Technology and Management, Tampa, Florida, 2024.
Contact this candidate