SUMMARY

• Around 8 years of Experienced Telecommunications and Network Professional worked on medium to large scale environments, enterprise and Data center networks.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional, Experience in Networking and Security domain which includes designing, Deployment and providing network support, installation, and Operation for a broad range of LAN / WAN Environment.
• Experience working in large - scale environments on high priority troubleshooting issues, several Proof of concepts for installations and Migrations to different vendor Equipment or implementing a new technology. Network Design, IDF and MDFarchitecture, Datacenter Architecture and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.
• Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5/NetScaler. Experience with Aruba Wireless LAN Controllers.
• Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment andNexus 2k, 3k, 5k, 7k and 9kin Datacenter Environment.
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
• Experience in working on Automation for Ciena 39xx series, ACX devices.
• Experience in Design & Deployment of Cisco ISE and Provided comprehensive guest access management for Cisco ISE administrators
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Configure and maintain Cisco switch configurations along with Cisco ISE.
• Worked on Open Config Platform.
• Experience inVSS, VPC, and VDCtechnologies. Experience working on Gateway redundant protocolsHSRP, VRRP, and GLBP. Experience with Access, Distribution and Core Layer Architecture in Datacenter. Experience in Spine Leaf Architecture.
• Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k).
• Expertise in installing, configuring and troubleshooting Juniper Routers (E, J, M, and T-series).
• Experience with cisco ACI and Arista Cloud Vision on a POC. Knowledge on Spine leaf Architecture in Datacenter. Worked on EVPN, VXLAN, VTEPS, Bridge Domains, MP-BGP etc.
• Experience and high-level technical knowledge inOSPF, EIGRP, RIP and BGProuting protocols. L1/L2 troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on upgrading Edge routers, failing over ISP circuits for maintenance.
• Virtualized and migrated 60+ legacy v10 appliances with over 5000 VIPs and 12000 pools t0 F5 TMOS v11 vCMP across 2 global data centers, including substantial iRules updates to support the new architecture. Basic Experience in Automation using iControl and Python v3 for configuration and backups in f5.
• Managed the firewalls, proxy servers, site to site and B2B VPNs, client SSL and IPsec VPN gateways for 50 networks with 9000+ users and hundreds of public web apps.
• Managed all web content functions for a 10 node, 300 VIP LTM environment, including SSL offload, URL/URI redirection, Application Security, and Authentication Policy
• Experienced in network and applications diagnostic and reporting tools such as Wireshark, TCPDump, SSLDump, firewall session logs, Splunk, etc.
• Developed and implemented security policy around the Cisco ACS (Authentication Control System), with RADIUS and TACACS authentication support against an Active Directory database, including device management, wireless and VPN applications
• Experience in configuring, implementing and troubleshooting F5 and Citrix Load Balancer in a large environment with sensitive applications.
• ConfiguredF5 LTM, series 5000series for the corporate applications and high availability. ImplementedLTM and GTM in DMZand Internal network.Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix.
• Worked on APM module with integration withRADIUS server and RSA secure IDfor applications that require 2-factor authentications.
• Proficient and high-level expertise using the F5 based profiles, monitors,VIP’s, pools, SNAT, SSL offload, iRules, virtual Servers, iAPPs. Migration experience fromACE to F5/ old F5 to New F5. Expert in TMSH.
• Experience with manipulating variousBGPattributes such asLocal Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Extensive Knowledge of the implementation ofCisco ASA 5500 series - 5505, 5510, 5512-Xfirewalls withFirepowermodule. Palo Alto firewall policies, panorama and Checkpoint firewallsNG, NGX. Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
• Experience withNext Gen Firewalls PA 200, 500, 3020 and VM seriesfirewalls for both Internet and internal traffic filtering.Experience withPanorama M100series and maintaining up to 23 firewalls in large networks. Experience in SSL forward Proxy, URL filtering and Policies on PA Firewalls.
• Experience with McAfee Web Gateways and Bluecoat Proxies for the internet traffic. Expert in IPS sensors in DMZ and inside network and device level proxy configuration for Internet traffic. Experience in WCCP.
• Experience working withAruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP’s, Virtual AP’s, RTLS, Wireless SSID’s, remote and campus AP’s, upgrading WLC, worked in Active/Active local Controllers and Master controller. Worked on RAP3 for remote access.
• Support Quality Inspections and Operational Test (OT) events related to the 2GWLAN Aruba Networks Controllers, and Access Points. (Aruba 6000 controller, Aruba AP65,70,124,85,125) system.
• Develop and support of theSevOnemonitoring platform and maintaining current SevOne installation and SevOne user interface. Worked on SolarWindsNPM, NCM, IPAM.
• Experience working withAvaya and Cisco VOIPenvironments with assigning VOICE Vlans, troubleshooting call quality and basic level proficiency in QoS. Worked on configuration of Avaya VOIP gateways, voice VLANS, DHCP scopes for VOICE VLAN, DSCP marking for VOIP traffic, Policing, shaping of VOIP traffic from access to Core Layers.
• Involved in troubleshooting network traffic and its diagnosis using tools likeping, trace route, Gigaton, Wireshark, TCP dump and Linuxoperating system servers.
• Experience with Akamai kona waf and implemented http and https inspect rules for SQL injections, malicious file execution, cross site scripting.
• Worked on Automation tools like TUFFIN.
• Configured SDWAN router Viptela to connect remote sites over the Internet
• Developed Splunk infrastructure and related solutions as per automation toolsets
• Engineering, Implementation, Installation, Integration, version upgrade and patch installation of APM applications: Dynatrace
• Knowledge on Amazon AWS Virtual private cloud services.

TECHNICAL SKILLS

Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP

Networking Hardware: Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls.

Routing Protocols: OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint

Network Monitoring: SolarWinds, Wireshark, HRping, Whatsupgold, Infoblox

Operating Systems: Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS

Routers: 1800, 2611, 2800, 3600, 3845, 3900,4300, 4400, 4500, ASR 1000X, 7206VXR, Juniper M & T Series.

Load Balancers: F5 Networks (BIG-IP), NetScaler (Citrix)

Capacity & performance: Cascade Riverbed (Flow Monitor), WAN Killer

Switches: CISCO 2960,3750,3850, CAT 9300, CAT9400, CAT 9500,4500,6500,6800 Nexus 7k,5k,2k

Programming Languages: C, C++, Perl, Power Shell, Python, Yang, XML

Simulation Tools: GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence

Firewalls: Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Features & Services: IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics

PROFESSIONAL EXPERIENCE

Confidential, San Jose CA

Sr. Network Engineer

Responsibilities:

• Support, Maintain and Troubleshooting various Network Infrastructure devices and services in Datacentres.
• Experience in administrating Viptela SDWAN enterprise deployment and implementations of Network and Devices for SDWAN environment.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Significant experience building out Application Performance Monitoring solutions with Dynatrace.
• 24x7 Support management of the monitoring environment using tools including Dynatrace, Splunk.
• Designed, implemented and maintained AWS backend infrastructure
• Maintaining Alight 200+ Network Hardware such as Cisco Nexus (7K, 5K, 2K), Catalyst switches, Cisco ISR Series routers, Juniper SRX routers, MX, QFX switches, Nortel Switches under Access, Distribution and Core Networks.
• Configure IPSEC VPN (Site-Site to Remove Access) and Maintain external Client Connectivity.
• Configuration and Administration of Alight Network Firewall to manage large scale firewall deployments, Palo alto, Cisco ASA-X Firepower, Juniper SRX, and Open-source BSD Firewalls.
• Supporting the application migration and represent the Network configuration and Security ACL on incidents and resolve any connectivity issues
• Configure and Maintain Authentication Services such as Alight Cisco ACS and Aruba ClearPass around the Environment with Troubleshooting AAA (TACACS+ & RADIS) services for users.
• Provisioning (IP assignment, core network configuration, DNS setup, monitoring and graphing for colocation, leased lines, customer backup and other customer network services).
• Configure and implement production and operations management in various Network projects which enhances the performance of the network.
• Deploying, Scaling and troubleshooting many Datacentres across all of AWS network fabrics.
• Deploy the code to AWS instances and spin new instances when and where required
• Worked with Cisco Channel partners to build practices around Cisco ACI
• Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centres using a Spine and Leaf architecture. Responsible for the secure development lifecycle environment form NX-OS to Application Centric Infrastructure (ACI) in Data centre, implemented in the lab environment.
• Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS)
• Experienced in Cisco Catalyst and Nexus network switches and routers and Cisco ASA firewalls and wireless controllers and access points.
• Implemented VDC, VPC, and OTV on the Nexus 5K and 7K switches.
• Performed sizing calculations of VMware environments based on current systems and future growth.
• Implement best practices associated with Network and security appliances value-driven development - ensuring quality from deployment of various Network Infrastructure in the firm.
• Troubleshooting L2 and L3 Network Environments, performing installation, configuration, and deployment of WAN and LAN networking hardware, including the configuration and implementation of Routers, Switches and Firewalls.
• Network involves various device from desktops to switches, routers, firewalls. All this are configured and deployed in Network accordingly as per the requirements within Change Window.
• Upgrade software version on yearly basis on all Alight networks and security devices necessary
• Keeping Alight Network Structure up to date for any bug fixes, systems improvement. This involves use of different applications.
• Perform audits to identify vulnerabilities, malware, spyware and remediate problems to ensure compliance using automation tools like Tufin and Riverbed Net Profiler over Switches, Routers and Firewalls to discover, generate and deploy the Production configuration.
• Maintain network performance by using SNMP monitoring tools such as SolarWinds, Omni Center to perform network monitoring, analysis as well as troubleshooting network problems.
• Performs system administration functions such as traffic monitoring, performance tuning, log management, disk space monitoring, and application troubleshooting in Linux and Windows platforms. In addition, installation, configuration, log analysis and tuning of DHCP, DNS, FTP Web, and proxy servers.
• Perform incident capture, verification, and diagnostics including Support with the TAC (Cisco, Juniper, Tufin, Palo alto) cases associated with the technical issues through the problem resolution in finding the root cause analysis of the Network failure there by curbing it using tools of operational research and methods.
• Create High level diagrams, templates documentation for existing platform and the new deployments
• Providing Technical solutions to the enterprise team, submitting the whitepapers on technical challenges and resolutions, demonstrating the working Infrastructure to the client as per business needs using Visio and other tools.

Confidential, Santa Fe, NM

Sr. Network Engineer

Responsibilities:

• Configured, managed, and troubleshoot F5 BIG-IP Application Load Balancers for internal access and external Internet facing VIPs.
• Created locations for each site once the GRE Tunnel is up on the respected location for the traffic flow. To granulize the traffic created Sub-locations for each site.
• Hands on experience in installing, con guring & troubleshooting multiple products on Cisco and Juniper routers, switches, Arista, Aruba switches, load balancers, Network access controllers etc.
• Proven expertise on design and implementation of high-density Data Center and DR.
• Troubleshooting firewall rules in Cisco ASA, Checkpoint, Zscaler.
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber
• Designed, developed and tested scalable cloud-based solution architectures and infrastructure AWS and Azure, Such as Route 53, ELB, Security group, VPC, VPN, NACL, NSG and VNET)
• Worked on migration from juniper firewall to Palo Alto and juniper to ASA firewall using virtual tools.
• Worked on Blue Coat Proxy migration to Zscaler.
• Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA-5050 and the PA-5260).
• Performed migrations from Check Point firewalls to Palo Alto using the PAN Migration Tool MT3.3.
• Implement advanced Palo Alto Firewall features like URL filtering, User-ID, App-ID, Content-ID on both inbound and outbound traffic.
• Strong Routing experience working under complex WAN and SD WAN environment.
• Represent Network Operations function related queries for all change management.
• Work with infrastructure service vendors for service improvements plan initiatives.
• Complete understanding of Cloud Technology and has hands-on experience working on AWS or Azure cloud.
• Experience in using network management tools for performance, tuning, troubleshooting and capacity planning.
• Adhere to Global network standards, policies, guidelines in-line with meeting regulatory requirements wherever applicable policies, guidelines.
• Collaboration with cross-functional teams internally for support issues.
• Deploy ISE technology in infrastructure to establish secure and authenticated network and ISE development with profiling and certificate-based authentication. Configured and performed software upgrades on Cisco
• Wireless LAN Controllers 2504, 4404, 5508 for Wireless Network Access Control integration with Cisco ISE.
• Troubleshoot issues and outages on Trunks and Router interfaces and firewalls extensively.
• Created URL category for each service based on the requests
• Created URL Policies for each URL Category Created.
• Created SSL Inspection Bypass for particular internal Sites
• Created Firewall Control Policies as per organization and requester choice.
• Created Hosted PAC Files based on the organization request what to be accessed before and after authentication.
• Configuration of web filtering and managed firewall services PAC file creation and GRE tunnel configuration
• Provided Desktop Support for internal users.
• Handle Service-Now tickets related to Cisco ASA & Zscaler, & VPN along with the connectivity issues and provide support when any issue is raised.
• Implementing and troubleshooting firewall rules in Cisco ASA 5525, 5580, Checkpoint R77.20 Gaia and VSX as per the business requirements.
• Deployed Palo Alto firewalls using Confidential NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV.
• Enable file forwarding to Wildfire cloud through Content-ID implementation to identify new threats. • Leveraged Palo Alto Networks’ Wildfire inspection engine to prevent Zero-Day attacks.
• Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance.
• Implement the Global Protect VPN, IPSec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity.
• Deployed Active/Standby modes of High Availability (HA) with Session and Configuration synchronization on multiple Palo Alto firewall pairs. Knowledge on the application of Active/Active HA mode.
• Enforce policy checks on north-south and east-west data center traffic through Panorama M-500. Provided escalated technical support in troubleshooting firewall and network issues.
• Hands-on experience with Bluecoat Proxy Secure Web Gateways for content filtering, Data loss prevention and preventing Zero-Day exploits.

Confidential, San Antonio, TX

Sr. Network Engineer

Responsibilities:

• Created a OAM Model for open config platform.
• Worked on vendor neutral case for OAM model
• Configured Blue Coat Proxy, SG Web Application Reverse Proxy for securing.
• Worked on zscaler cloud proxies and supported migration from iron port to zscaler
• Configured policies on zscaler using ad groups. Integrated zscaler with azure AD SCIM for ad groups and user saml attributes.
• Involved in checking how the model goes with QOS related work.
• Experience in writing JSON for different scripting languages.
• Experience in working on Git hub.
• Worked on bluecoat proxies with ids and ips sensors.
• Worked on kona cloud platform to inspect traffic for all applications before reaching the actual server
• Worked on URL categories, whitelisting, balck listing urls for users, ad groups, departments, locations using ip subnets.
• Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems.
• Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Implementing Routing and Switching using the following protocols;OSPF, BGPonJuniperM series routers.
• Experience with working on firewalls like CISCO ASA 5500 series (5510,5540), JUNIPER SRX series and also PALO ALTO (pa-3060, pa-5060), etc.
• Has experience in Bash and Python scripting with focus on DevOps tools, CI/CD and AWS Cloud Architecture and hands-on Engineering.
• Involved in dealing with Composite Network models that consists of Ciena 39 series and ACX Platforms.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex Connect
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 2504, 4404, 5508 for Wireless Network Access Control integration with Cisco ISE.
• Upgrading Cisco ISE appliances company wide. Recently rolled out OpenDNS including onsite VM appliances.
• Experienced on Cisco ISE and advanced technologies like QOS, Multicasting, MPLS and MPLS-VPN and Bluecoat proxy server SG.
• Worked on Network Configurations of difference models related to automation.
• Experience in Scripting languages like Yang and XML.
• Experience with Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Extensively worked on virtual F5 LTM module on VMware for application testing.
• Configured and Managed User group, permission, Role, Resource pool on VMware virtual center.

Confidential, Palo Alto, CA

Network Engineer L2

Responsibilities:

• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE
• Performed upgrade process for Cisco ISE software from version 1.0.4 to 1.1 ADE-OS, patch management and data backup management.
• Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018
• Experience with configuring FCOE using Cisco nexus 5548
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
• Worked on Cisco ISE deployment which was a replacement for the ACS and provided new long term and short-term guest wireless services for the Port Authority.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Experience in Application Security Manager (ASM) which is a layer 7 web application firewall (WAF) available on F5's BIG-IP platforms.
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices also configure 2k, 3k, 7k series Routers
• Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
• Experience with moving data center from one location to another location, from 6500 based data centers to Nexus based data center.
• Configuring user's roles and policies for authentication using Cisco NAC and monitoring the status of logged users in network using Cisco ISE.
• Hands on experience installing and configuring Cisco ISE 1.3 and later upgrading to 1.4.
• Implemented Cisco ISE 2.0 for Wireless 802.1x Authentication and Authorization with Flex connect
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control (NAC) integration with Cisco ISE.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and working with BGP WAN towards customer
• Performed wireless site surveys using industry standard tools such as Air Magnet and Cisco & Aruba Switches
• Managed and completed over 100 projects installing/upgrading client's wireless infrastructure to Aruba and Supported wireless networking team working on Aruba wireless.
• Experience with configuring Cisco 6500, 6800, 4500 VSS in Distribution layer of the Data center network
• Configuring and managing F5 LTM (Local Traffic manager) in large scale environment.
• Configure and troubleshoot Juniper EX/SRX series switches.
• Network security including NAT/PAT, ACL, and ASA/SRX/Palo Alto/Fortinet Firewalls.
• Good knowledge with the technologies Site to Site VPN, DMVPN, SSL VPN, WLAN and Multicast.
• Well Experienced in configuring protocols HSRP, GLBP, PPP, PAP, CHAP, and SNMP.
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
• Install, manage and monitored Large scale Palo Alto Firewalls through Panorama.
• Experience with communicating with different customers, IT teams in gathering the details for the project
• Experience in installing and configuring DNS, DHCP servers.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports.
• Used Extra hop for the detection of any abnormalities in the network, tracking file access in databases and storage for data security, and locate bottlenecks over the network
• Strong hands-on experience on, ASA Firewalls, Palo Alto Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Installation and Configuration of Cisco Catalyst switches 6500, 3850 & 2960, 9300 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy it also includes the configuration of port channel between core switches and server distribution switches
• Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Worked with the Python 2 & 3 version
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, prevention where needed.
• Configuration and Administration of Cisco and Juniper Routers, Switches and mixed vendor Firewalls.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Configuration, Assigning DHCP profiles
• Switching tasks include VTP, ISL/ 802.1q, IP Sec and GRE Tunneling, VLANs, Ether Channel, Trucking, Port Security, STP and RSTP.
• Worked with HP switches, Extra hop, F5 Load Balancer.
• Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer’s instructions and troubleshooting any related issues.
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus5000 to connect servers and storage devices.
• Convert WAN links from TDM circuits to MPLS and to convert encryption from IP Sec/GRE to Get VPN.
• Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management and complex customer issues.
• Experience with f5 asm on application security policies to block any http response codes, sql injections in to virtual servers traffic.
• Experience with cisco IronPort security policies for ips and ids
• Experience with dlp- data loss prevention policies on proxies
• Performing network monitoring, analysis using various tools like Wireshark, & SolarWinds, Dynatrace, Extrahop tool helped for tracking root cause problems.
• Experience to check the drop for the application with use of the Splunk and then write the firewall rules.
• AWS data backup (snapshot, AMI creation) techniques, along with data-at-rest security within AWS.
• Developed an executable application that securely transfers files and creates folders in AWS S3.
• Created Server-less Architecture for on-premise Application Migration to AWS cloud.
• Implemented Cisco ACI infrastructure for supporting rapid application change by reducing complexity with a common policy framework that can automate provisioning and resource management.
• Worked on VMWare migration from physical servers to virtual servers