Archana Attili - Network Engineer |
[email protected] |
Location: Chicago, Illinois, USA |
Relocation: |
Visa: OPT-EAD |
Archana Attili
Sr. Network Engineer Email: [email protected] Ph. No: 908-333-4808 Professional summary: Around 8+ years of Experienced Telecommunications and Network Professional worked on medium to large scale environments, enterprise and Data center networks. Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional, Experience in Networking and Security domain which includes designing, Deployment and providing network support, installation, and Operation for a broad range of LAN / WAN Environment. Experience working in large-scale environments on high priority troubleshooting issues, several Proof of concepts for installations and Migrations to different vendor Equipment or implementing a new technology. Network Design, IDF and MDF architecture, Datacentre Architecture and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment. Hands on experience in configuring Pre-rules, Post-rules, object groups and templates in Panorama. Supported massive DDI (DNS, DHCP, IPAM) network environment. Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5/NetScaler. Experience with Aruba Wireless LAN Controllers. Profound working knowledge of administration and management of Palo Alto firewalls usingcentralized Panorama M-100 and M-500 devices. Genesys CTI, CISCO Routing/Cisco Unified Call Manager, Avaya Legacy/IP Office Call Manager VOIP experience with Avaya/Cisco Programming, Engineering, and Call Manager and Unity Strong knowledge on leveraging advanced firewalls features like APP-ID, User-ID, Global Protect, WildFire, NAT policies and Security Profiles. Maintain functional and technical knowledge of the VeloCloud SD-WAN product line. Statoil Communication Security Team member, providing operation support on Firewalls, BluecoatProxy, F5 Load Balancers, Confidential ACS, Algosec, Open gear, RSA & IDS technologies. Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Datacentre Environment. Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series). Creating VPN tunnels per request via JUNOS, SCREENOS or Fortinet Firewalls. Multiple years of experience in networking. Strong route/switch and firewall background that is movingmore towards Cloud Engineering using AWS and Terraform/Kubernetes orchestration and automation. Experience in working on Automation for Ciena 39xx series , ACX devices. Experience in Design & Deployment of Cisco ISE and Provided comprehensive guest access management for Cisco ISE administrators Understanding of SDN/ NFV ecosystem SDN controller, ONF, ETSI NFV, Open daylight, Open stack. Network design consolidation, virtualization and automation of complex data center functions.Cloud computing based storage services, application, Security filtering and Mission critical needs,LAN/WAN design using SDN/NFV, OPENSTACK/VNF and Cisco Tail-F controllers. Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE. Configure and maintain Cisco switch configurations along with Cisco ISE. Worked on Open Config Platform. Experience in VSS, VPC, and VDC technologies. Experience working on Gateway redundant protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution and Core Layer Architecture in Datacentre. Experience in Spine Leaf Architecture. Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k). Hands on experience ASPECT, Avaya and Cisco UC, Predictive Dialer, IVR, Nice Voice Recording(CTI) Computer Telephony Integration for desk phone, softphone, CuciLync, video conferencing, mobile phones, IM etc. Experience working with Aruba, Meraki LAN and Cisco Wireless LAN controllers and WAP s Configuring and Provisioning WAP s, Virtual AP s, RTLS, Wireless SSID s, remote and campus WAP s, upgrading WLC, worked in Active/Active local Controllers and Master controller. (Aruba 6000, 7200 Controller, Aruba AP65, 70, 124, 85, 125) system Worked on Cisco Meraki cloud solution systems and implemented various wireless applications LAN & Viptela Vedge 1000 & 20000 series router. Expertise in installing, configuring and troubleshooting Juniper Routers (E, J, M, and T-series). Experience with cisco ACI and Arista Cloud Vision on a POC. Knowledge on Spine leaf Architecture in Datacentre. Worked on EVPN, VXLAN, VTEPS, Bridge Domains, MP-BGP etc. Experience and high-level technical knowledge in OSPF, EIGRP, RIP and BGP routing protocols. L1/L2 troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on upgrading Edge routers, failing over ISP circuits for maintenance. Virtualized and migrated 60+ legacy v10 appliances with over 5000 VIPs and 12000 pools t0 F5 TMOS v11 vCMP across 2 global data centers, including substantial iRules updates to support the new architecture. Basic Experience in Automation using iControl and Python v3 for configuration and backups in f5. Managed the firewalls, proxy servers, site to site and B2B VPNs, client SSL and IPsec VPN gateways for 50 networks with 9000+ users and hundreds of public web apps. Managed all web content functions for a 10 node, 300 VIP LTM environment, including SSL offload, URL/URI redirection, Application Security, and Authentication Policy Experienced in network and applications diagnostic and reporting tools such as Wireshark, TCPDump, SSLDump, firewall session logs, Splunk, etc. Developed and implemented security policy around the Cisco ACS (Authentication Control System), with RADIUS and TACACS authentication support against an Active Directory database, including device management, wireless and VPN applications Cisco Meraki Configuration: Meraki Network creation and configuration - Location, Tags, DHCP,Wired/Wireless setup, Firewall, etc. configuration Gateway/IP Access, DNS, DMARC circuits repair,cabling, DMZ switch, external switch, CLM switch Experience wif Bluecoat Proxy and VPN Technologies including B2B and Remote. Experience in configuring protocols like TCP/IP, Routing Protocols (RIP, OSPF, BGP, IGRP and EIGRP),PPP, PPTP and L2TP. Experience in configuring, implementing and troubleshooting F5 and Citrix Load Balancer in a large environment with sensitive applications. Diagnosed network errors to the DMARC/DKIM/SPF for NOC operations. Configured F5 LTM, series 5000 series for the corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix. Deliver solutions for Perimeter Defense (Email/SMTP Gateways) like, CISCO Ironport, Proofpoint, CrowdStrike, CASB, DLP, Internal Mail Defense and Email Fraud defense.Designing and deploying network and device security applications such as Gigamon and Armis.IDS/IPS. Gigamon TAPs and HC appliances deployment. Worked on APM module with integration with RADIUS server and RSA secure ID for applications that require 2-factor authentications. Proficient and high-level expertise using the F5 based profiles, monitors, VIP s, pools, SNAT, SSL offload, iRules, virtual Servers, iAPPs. Migration experience from ACE to F5/ old F5 to New F5. Expert in TMSH. Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation. Extensive Knowledge of the implementation of Cisco ASA 5500 series - 5505, 5510, 5512-X firewalls with Firepower module. Palo Alto firewall policies, panoroma and Checkpoint firewalls NG, NGX. Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Experience with Next Gen Firewalls PA 200, 500, 3020 and VM series firewalls for both Internet and internal traffic filtering. Experience with Panoroma M100 series and maintaining up to 23 firewalls in large networks. Experience in SSL forward Proxy, URL filtering and Policies on PA Firewalls. Experience with McAfee Web Gateways and Bluecoat Proxies for the internet traffic. Expert in IPS sensors in DMZ and inside network and device level proxy configuration for Internet traffic. Experience in WCCP. Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP s, Virtual AP s, RTLS, Wireless SSID s, remote and campus AP s, upgrading WLC, worked in Active/Active local Controllers and Master controller. Worked on RAP3 for remote access. Support Quality Inspections and Operational Test (OT) events related to the 2GWLAN Aruba Networks Controllers, and Access Points. (Aruba 6000 controller, Aruba AP65,70,124,85,125) system. Develop and support of the SevOne monitoring platform and maintaining current SevOne installation and SevOne user interface. Worked on SolarWinds NPM, NCM, IPAM. Experience working with Avaya and Cisco VOIP environments with assigning VOICE Vlans, troubleshooting call quality and basic level proficiency in QoS. Worked on configuration of Avaya VOIP gateways, voice VLANS, DHCP scopes for VOICE VLAN, DSCP marking for VOIP traffic, Policing, shaping of VOIP traffic from access to Core Layers. Involved in troubleshooting network traffic and its diagnosis using tools like ping, trace route, Gigaton, Wireshark, TCP dump and Linux operating system servers. Experience with Akamai kona waf and implemented http and https inspect rules for SQL injections, malicious file execution, cross site scripting. Worked on Automation tools like TUFFIN. Configured SDWAN router Viptela to connect remote sites over the Internet Developed Splunk infrastructure and related solutions as per automation toolsets Engineering, Implementation, Installation, Integration, version upgrade and patch installation of APM applications: Dynatrace Knowledge on Amazon AWS Virtual private cloud services. Technical Skills: Networking Technologies LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP Networking Hardware Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Fortinet/Juniper firewalls. Routing Protocols OSPF, ISIS, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting Security Technologies PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint Network Monitoring SolarWinds, Wireshark, HRping, Whatsupgold, Infoblox Operating Systems Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR, IOS-XE, NX-OS Routers 1800, 2611, 2800, 3600, 3845, 3900,4300, 4400, 4500, ASR 1000X, 7206VXR, Juniper M & T Series. Load Balancers F5 Networks (BIG-IP), NetScaler (Citrix) Capacity & performance Cascade Riverbed (Flow Monitor), WAN Killer Switches CISCO 2960,3750,3850, CAT 9300, CAT9400, CAT 9500,4500,6500,6800 Nexus 7k,5k,2k Programming Languages C, C++, Perl, Power Shell, Python, Yang , XML Simulation Tools GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence Firewalls Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), McAfee Web Gateway, Checkpoint, Palo Alto firewalls. AAA Architecture TACACS+, RADIUS, Cisco ACS Features & Services IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR s, HLD and LLD documents, Dell equal logics Professional Experience: T-Mobile, Remote April 2022 Till Date Senior Network Engineer Responsibilities: Support, Maintain and Troubleshooting various Network Infrastructure devices and services in Datacentres. Manage and Support Cisco Firewalls (ASA), Smart dashboards across data centers. Monitoring logs, Traffic and Checkpoint in ASA and Palo-Alto. Worked on Palo Alto firewall and used panorama for centralized control of all the firewalls. Implemented Security policies, AAA features and Adding routes, troubleshooting Cisco ASA Firewalls. Responsible for Firewall Administration, Rule Analysis, Rule Modification on ASA and Palo Alto. For Firewall rule change, apply the necessary changes to the rule as per request and confirm it. Configured & managed around 500+ Network & Security Devices that includes F5 BigIP Load balancers and Infoblox tool for DNS. Developed Cybersecurity Risk framework for vCPE / SD-WAN platform that leveraged the Cloud Security Alliance Software Configuration and Maintenance of Splunk, Gigamon Network Visibility. Designed, configured, and implemented distribution and access layers network infrastructure for a new building using Cisco Nexus 7010s and Nexus 9508 using VPCs to floor switches (Catalyst 9606s) Configured and maintained VPCs with 7010 and 5548 in the network. Also configured and maintained VDCs in 7010 switches, maintained VRFs in those separate VDCs. Hands-on experience with configuring Routers, Switches, VPN, ASA, IPS, NAC, ACS, Cisco ISE, Firepower, Cisco NextGen Firewalls, AAA Model (RADIUS, TACACS+). Worked with Nexus 9k (standalone and ACI) ASRs, N5K/2k, N7K, ASAs, UCS, ACS, ACI, VMware Providing daily network support for national wide area network consisting of VPN and point-to point site. Experience configuring Virtual Device Context in Nexus 9k, 7k and 5k. As system-test engineer working on the Viptela SD-WAN solution, designed the test automation infrastructure for the entire suite of SD-WAN features. Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) Perform technical problem resolution including analysis, trouble isolation, and repair on SDWAN devices. Worked on Sloarwinds Orion to manage Data Centers Load balancer. Experience in administrating Viptela SDWAN enterprise deployment and implementations of Network and Devices for SDWAN environment. Implement the Global Protect VPN, IPSec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity. Checkpoint management (MDS) R7 .20 migration (Both VSX and Physical Server). Checkpoint R80 to Palo alto PANOS 9 migration. Fortinet Firewall administration, configuration of FortiGate 3000, 3815 series as per network diagram. Worked on Arista Cloud Vision (CVP) & Cloud Vision Exchange (CVX) Deployed on VMs. DCI implementation between datacenters with BGP-EVPN/VXLAN cross site connectivity. Protocols frequently used: - BGP for transit - BGP-EVPN - VXLAN - MPLS/VPLS. Leveraged Palo Alto Networks Wildfire inspection engine to prevent Zero-Day attacks.Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance. Responsible for all Juniper SRX firewalls consisting of SRX 3560, 1400, 550. Using CLI and/or Junos SpaceSecurity Director for management. Install, upgrade, troubleshoot, design, etc. Post sales, customer facing design, configuration, and implementation of Nutanix based hyperconverged solutions using vSphere ESXi hypervisor and Nutanix AHV hypervisor. Gathering application information which are using Splunk tool and analyze their bandwidth traffic. Side work includes, updating circuit ID s, SPF, DKIM and DMARC information in master circuit documentation. Checking 100 decommissioned 2800 series routers to confirm they were wiped andclean up flash memory for final remediation. Deployment of Prisma Access, Prisma Cloud. Built and deployed firewall boxes (Checkpoint GAIA and GAIA Embedded) from teh scratch. Built and dashboarded Check Point UTMs - Firewall, Advanced Routing (OSPF), Identity Awareness,and Application Control. Configured windows USER-ID agent to collect host information using Palo Alto Global Protect.Configured APP-ID feature in Palo Alto firewalls to reduce attack surface, regain visibility and control over traffic Conducted POC for application visibility utilizing Op Net ACE Live and nGenius NetScout appliance. Implemented the model build of National MPLS network upon SA Vision, for clientele. Installing, maintaining and troubleshooting the Network Operations Centres' principal monitoring software- NetScout, MS SCOM and SAVision live maps. Enforce policy checks on north-south and east-west data center traffic through Panorama M-500.Provided escalated technical support in troubleshooting firewall and network issues. Managed firewall using FortiGate to allow or block IPs, created policies added different interfaces and VLANs. installations, design, and implementation of Cisco solutions, VPN, Fortinet, VOIP Worked on deploying SD-WAN solution using Viptella. Administration, policy management and reporting for CrowdStrike Endpoint Protection for on-premand AWS devices/instances. Hands on experience on Radio Access Network (RAN) and core network platforms like eNB, MME, HSS, APN-DNS, SGW, PGW, PCRF, SGSN/GGSN and IP stacks AWS security group implementation via Terraform to create infrastructure as code. Helping the cloud architecture with next steps on proof of concept with AWS, Open stack, MS Azure, CISCO ACI, Juniper Contrail SDN/NFV. Selecting the appropriate AWS stack Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment. Configured Global Protect gateway to provide VPN connections for Global Protect agents. Significant experience building out Application Performance Monitoring solutions with Dynatrace. 24x7 Support management of the monitoring environment using tools including Dynatrace, Splunk. Administration and L3 support of our Infoblox DDI deployment and F5 GTM's and configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, and HA) on F5 BIG IP appliances Configured Log Forwarding to forward logs from the firewall to Panorama and then configured Panorama to send logs to the servers. Resolving remedy tickets as day to day operations both on Palo Alto and Checkpoint. Design expertise for the SD-WAN (Versa & Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN. Designed, implemented and maintained AWS backend infrastructure Update Policy on the VPM via Bluecoat Director Implemented and configured Prisma Access & Panorama Fortinet Firewall administration, configuration of FortiGate 3000, 3815 series as per network diagram. Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE. Handling Monitoring Alerts related to Bluecoat and troubleshooting accordingly Maintaining Alight 200+ Network Hardware such as Cisco Nexus (7K, 5K, 2K), Catalyst switches, Cisco ISR Series routers, Juniper SRX routers, MX, QFX switches, Nortel Switches under Access, Distribution and Core Networks. Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud. Installed and configured Cisco Meraki (MR66, MR74, MR84) wireless Access points in the warehouses. Troubleshooting Cisco routers, APs, Switches, Fortinet Devices and Meraki appliances. Responsible for design and implementation/migration from Cisco wireless platform to Meraki wireless LAN platform. Monitored and troubleshoot application response time issue with nGenius / NetScout platforms. Maintain Non-Microsoft mail gateways (SPAM Filter, Malware check), DKIM, DMARC, SPF & DNS. Configure IPSEC VPN (Site-Site to Remove Access) and Maintain external Client Connectivity. Configuration and Administration of Alight Network Firewall to manage large scale firewall deployments, Palo alto, Cisco ASA-X Firepower, Juniper SRX, and Open-source BSD Firewalls. Supporting the application migration and represent the Network configuration and Security ACL on incidents and resolve any connectivity issues Experience with SDN/NFV technologies including Open Stack Neutron, VM ware NSX, Open flow, Open Configurations of Check Point, Palo Alto, Cisco, Juniper, Fortinet FortiGate and SonicWall UTMs. Configure and Maintain Authentication Services such as Alight Cisco ACS and Aruba ClearPass around the Environment with Troubleshooting AAA (TACACS+ & RADIS) services for users. Cisco ISE Implementation for guest access to cisco wireless controllers using EOIP guest wireless services. Cisco ISE implementation for 802.1x authentication. Provisioning (IP assignment, core network configuration, DNS setup, monitoring and graphing for colocation, leased lines, customer backup and other customer network services). Configure and implement production and operations management in various Network projects which enhances the performance of the network. Configured Checkpoint with OSPF for Layer 3 routing. Extensively worked on troubleshooting gateways solving issues related to ClusterXL. Worked on MDM (Checkpoint Provider-1) Management and logging servers - 4 servers - 2 Mgmt 2Log. 11 domains * 4 servers = 44 CMAs / Log Servers. Work with a team of Network Engineers to track down IP addresses assigned to network elements Knowledge of VZW networking equipment(routers, switches, firewalls, load balancers, and others) Ability to trace down to the switchport connected devices that may have VZW IPC conflicts. Deploying, Scaling and troubleshooting many Datacentres across all of AWS network fabrics. Deploy the code to AWS instances and spin new instances when and where required Worked with Cisco Channel partners to build practices around Cisco ACI Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centres using a Spine and Leaf architecture. Responsible for the secure development lifecycle environment form NX-OS to Application Centric Infrastructure (ACI) in Data centre, implemented in the lab environment. Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS) IP networks optimization - NetScout nG1. Routine administration and configuration of MS SCOM to determine business critical applicationsKPI s. Hands on experience with the Bluecoat Proxy and Infoblox for the DNS, DHCP, and IPAM (DDI). Experienced in Cisco Catalyst and Nexus network switches and routers and Cisco ASA firewalls and wireless controllers and access points. Experienced on Cisco ISE and advanced technologies like QOS, Multicasting, MPLS and MPLS-VPN and Bluecoat proxy server SG. Implemented VDC, VPC, and OTV on the Nexus 5K and 7K switches. Performed sizing calculations of VMware environments based on current systems and future growth. Implement best practices associated with Network and security appliances value-driven development ensuring quality from deployment of various Network Infrastructure in the firm. Troubleshooting L2 and L3 Network Environments, performing installation, configuration, and deployment of WAN and LAN networking hardware, including the configuration and implementation of Routers, Switches and Firewalls. Maintain secure network infrastructure with Cisco, Brocade, and Fortinet switch.Maintain current network posture with Fortinet Fortigate firewalls 300, 1000, 2000, and 3700appliances. Proficiency in the use of IP Control IP Management Tool A strong understanding of structured network design, the ability to perform data imports into VZW IPmanagement tool by following detailed instructions .Upgrade software version on yearly basis on all Alight networks and security devices necessary. Worked on the implementation of Infoblox DNS, DHCP, and IPAM (DDI) for the network. Network involves various device from desktops to switches, routers, firewalls. All this are configured and deployed in Network accordingly as per the requirements within Change Window. Perform audits to identify vulnerabilities, malware, spyware and remediate problems to ensure compliance using automation tools like Tufin and Riverbed Net Profiler over Switches, Routers and Firewalls to discover, generate and deploy the Production configuration. Keeping Alight Network Structure up to date for any bug fixes, systems improvement. This involves use of different applications. Wrote certification criteria of 4G LTE devices Data throughput (3GPP Band13), Data Retry (3GPP 24.301),RF Conformance 36.521, RF protocol 36.523, VZW RF Supplemental and Spurious Emission with GPS Frequencies using Spirent 8100 LTE test system. Subject matter Expert in Aruba ClearPass, Cisco ISE. Maintain network performance by using SNMP monitoring tools such as SolarWinds, Omni Center to perform network monitoring, analysis as well as troubleshooting network problems. Performs system administration functions such as traffic monitoring, performance tuning, log management, disk space monitoring, and application troubleshooting in Linux and Windows platforms. In addition, installation, configuration, log analysis and tuning of DHCP, DNS, FTP Web, and proxy servers. Migrated from Cisco ISE to Aruba CPPM. Managed several security environments for Tipping point IPS, Bluecoat proxy, Fortinet Firewalls Perform incident capture, verification, and diagnostics including Support with the TAC (Cisco, Juniper, Tufin, Palo alto) cases associated with the technical issues through the problem resolution in finding the root cause analysis of the Network failure there by curbing it using tools of operational research and methods. Create High level diagrams, templates documentation for existing platform and the new deployments. Providing Technical solutions to the enterprise team, submitting the whitepapers on technical challenges and resolutions, demonstrating the working Infrastructure to the client as per business needs using Visio and other tools. Environment: Cisco-Umbrella, Cisco Catalyst Switches, nexus switches, riverbed s, F5 load balancers, ACI Fabric extenders, QRADAR, Cisco, Juniper, Palo Alto, BSD firewalls, TUFIN, Darktrace, Extra hop, Meraki Access-points, ILLUMIO, Solar winds NPM NCM IPAM. AT & T, Dallas TX Jul 20 Mar 22 Senior Network Engineer Responsibilities: Configured, managed, and troubleshoot F5 BIG-IP Application Load Balancers for internal access and external Internet facing VIPs. Implementation, configuration and administration of NetScout nG1 platform to aid business-critical application monitoring. Always in compliance with Confidential Processes, Procedures , and Security Policies Drive Avaya Legacy/IP Office CTI Integration with Avaya Customer Relationship Mgmt. CRM andAvaya Dialer. Integrating Screen Pop, Softphone, desk top phone, Video Conferencing IM, and Lync Deployment of Prisma Access (Palo Alto Cloud Solution) Responsible for installation, configuration of Palo Alto using Panorama. Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager. Designing and providing support of Routers, Switches, Security Solutions, VPNs, L4-7 Load Balancers, SD-WAN and Network Management Solutions across LAN/WAN. Hands-on experience implementing Palo Alto, including Prisma Access, Prisma Cloud and optionally Prisma Cortex. CrowdStrike Falcon administration. Implemented DKIM and DMARC (Inbound and Outbound) for O365 tenant Configured Remotely Cisco routers, switches and Meraki access points. Deployed Paloalto-7000 series device to the production environment, managed them via Panorama. Troubleshooting Cisco routers, APs, Switches, Fortinet Devices and Meraki appliances Managed wireless access controllers and troubleshooting Meraki Access points such as MR 66, MR 74, MR 84. Experience in RF transmissions & Antenna behavior, and familiar with 802.11 e protocols Created locations for each site once the GRE Tunnel is up on the respected location for the traffic flow. To granulize the traffic created Sub-locations for each site. Integrated Proofpoint solutions with Crowdstrike and Demisto working manufacturer development teams. Accessing Avaya IP Office Switch Extracting Call Routing, Dial Plan, Incoming/Outgoing Trunks, etc. in preparation for the migration Lead several projects such as VPN Pilot, Riverbed, Steelheads, Juniper and Fortigate for VPN solution. Provided design and Contrail SDN/NFV networking support using Cisco ACI, Cisco wireless controllers,Open-Stack, Juniper Contrail and Big Switch Network. Certifying 4G LTE devices Data throughput (3GPP Band 4/13), Data Retry, RF Conformance 36.521, RFprotocol 36.523, VZW RF Supplemental using Anritsu 7873L/7834 LTE test system. Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control (NAC) integration with Cisco ISE. Worked with Panorama 8.1.3 to configure the perimeter Palo alto firewalls. Migrations from existing hypervisor virtual infrastructures to Nutanix AHV hypervisor virtual infrastructures. Managing the planning, development, and installation of network systems by evaluating current and future business requirements of devices incorporated within the organization s network which includes Cisco Routers and Switches and the NetScout nGenius servers which runs on Linux operating system. Design expertise for the SD-WAN (Versa & Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN. Hands on experience with data center technologies that include spine leaf, CISCO ACI, Arista cloud vision. Hands on experience in installing, con guring & troubleshooting multiple products on Cisco and Juniper routers, switches, Arista, Aruba switches, load balancers, Network access controllers etc. Proven expertise on design and implementation of high-density Data Center and DR. Troubleshooting firewall rules in Cisco ASA, Checkpoint, Zscaler. Working experience on the Arista 7150S series, 7160 series, and 7260QX series switches; 7508R routers Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Designed, developed and tested scalable cloud-based solution architectures and infrastructure AWS and Azure, Such as Route 53, ELB, Security group, VPC, VPN, NACL, NSG and VNET) Worked on migration from juniper firewall to Palo Alto and juniper to ASA firewall using virtual tools. Worked on BlueCoat Proxy migration to Zscaler. Design and implementation of 802.1x wired/wireless user Authenticton using Cisco ISE radius server. Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA-5050 and the PA-5260). Performed migrations from Check Point firewalls to Palo Alto using the PAN Migration Tool MT3.3. Implement advanced Palo Alto Firewall features like URL filtering, User-ID, App-ID, Content-ID on both inbound and outbound traffic. Help VZW Enterprise Mobility team and providing support on AirWatch (MDM) application softwareacross the global network. Augmenting the Avaya VoIP infrastructure to accommodate a new Cisco SuiteAccess the current state of the Avaya Servers including the physical placement and configuration as well as the server redundancies that exist. Configured FortiGate, FortiManager, FortiAnalyzer, Juniper, and Cisco enterprise products. Configured devices including but not limited to Juniper MX320/960, FortiGate 40/60/80/100 series on premise and FortiGate 5101C cloud firewalls, FortiManager 3000/4000, and FortiAnalyzer 4000series. Support of Nutanix hyper-converged infrastructure running Splunk. Strong knowledge of email authentication - SPF, Sender ID, DKIM, DMARC.Worked as a part of AWS build team and merging all developer workings copies with shared mainlineserver for Continuous Integration. Strong Routing experience working under complex WAN and SD WAN environment. Represent Network Operations function related queries for all change management. Work with infrastructure service vendors for service improvements plan initiatives. Complete understanding of Cloud Technology and has hands-on experience working on AWS or Azure cloud. Experience in using network management tools for performance, tuning, troubleshooting and capacity planning. Adhere to Global network standards, policies, guidelines in-line with meeting regulatory requirements wherever applicable policies, guidelines. Migrating the Cisco ACS that supports switched to Cisco ISE because of the end of life of ACS. Collaboration with cross-functional teams internally for support issues. Deploy ISE technology in infrastructure to establish secure and authenticated network and ISE development with profiling and certificate-based authentication. Configured and performed software upgrades on Cisco Wireless LAN Controllers 2504, 4404 ,5508 for Wireless Network Access Control integration with Cisco ISE. Troubleshoot issues and outages on Trunks and Router interfaces and firewalls extensively. Created URL category for each service based on the requests Created URL Policies for each URL Category Created. Worked with different models of Cisco/Juniper/Arista switches, routers, firewalls, load balancers, VPNs Created SSL Inspection Bypass for particular internal Sites Created Firewall Control Policies as per organization and requester choice. Heavily involved with data center migration from Cisco to primarily Arista with minimal downtime utilizing VxLAN. Created Hosted PAC Files based on the organization request what to be accessed before and after authentication. Configuration of web filtering and managed firewall services PAC file creation and GRE tunnel configuration Provided Desktop Support for internal users. Email Security and brand protection Implementation using SPF, DKIM and DMARC standards working closely with the customers Information Security teams and participate in threat mitigation activities within the customers O365 tenant. Handle Service-Now tickets related to Cisco ASA & Zscaler, & VPN along with the connectivity issues and provide support when any issue is raised. Implementing and troubleshooting firewall rules in Cisco ASA 5525, 5580, Checkpoint R77.20 Gaia and VSX as per the business requirements. Deployed Palo Alto firewalls using Confidential NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV. Enable file forwarding to Wildfire cloud through Content-ID implementation to identify new threats. Leveraged Palo Alto Networks Wildfire inspection engine to prevent Zero-Day attacks. Manage multiple Palo Alto firewalls centrally through the Palo Alto Panoroma M-500 centralized Management appliance. Analysis of monitoring alerts and react as required based on the documented procedures. Collating data and identifying metrics and KPIs to monitor and improve the efficiency of the NetScout environment. Implement the Global Protect VPN, IPSec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity. Deployed Active/Standby modes of High Availability (HA) with Session and Configuration synchronization on multiple Palo Alto firewall pairs. Knowledge on the application of Active/Active HA mode. Enforce policy checks on north-south and east-west data center traffic through Panoroma M-500. Provided escalated technical support in troubleshooting firewall and network issues. Hands-on experience with Bluecoat Proxy Secure Web Gateways for content filtering, Data loss prevention and preventing Zero-Day exploits. Cisco, CA Feb 19 Jun 20 SDN Network Engineer/ Network Automation Responsibilities: Created a OAM Model for open config platform. Implemented over 250 Arista switches for new data center deployment in a CoLo facility utilizing Python scripts I built. Supporting 250 user VMware View virtual desktop infrastructure (VDI) on Nutanix hyper-converged infrastructure Worked on vendor neutral case for OAM model. Designed physical layouts and configuration of network components that are connected to the existing Avaya system. Configured Blue Coat Proxy, SG Web Application Reverse Proxy for securing. Worked on zscaler cloud proxies and supported migration from iron port to zscaler Configured policies on zscaler using ad groups. Integrated zscaler with azure AD SCIM for ad groups and user saml attributes. Involved in checking how the model goes with QOS related work. Experience in writing JSON for different scripting languages. Experience in working on Git hub. Worked on bluecoat proxies with ids and ips sensors. Worked on kona cloud platform to inspect traffic for all applications before reaching the actual server Worked on url categories, whitelisting, black listing urls for users, ad groups, departments, locations using ip subnets. Assisted the networking team on the installation of 7800, 6900, and 3900 series IP phones. Implemented cutting-edge 100G Arista environment for high-bandwidth global collaboration network utilizing VxLAN and EVPN. Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems. Maintenance and troubleshooting of network connectivity problems using PING, Trace Route. Performed scheduled Virus Checks & Updates on all Servers & Desktops. Implementing Routing and Switching using the following protocols; OSPF, BGP on Juniper M series routers. Experience with working on firewalls like CISCO ASA 5500 series (5510,5540), JUNIPER SRX series and also PALO ALTO (pa-3060, pa-5060), etc. Handling documentation for the Know IT database for the entire IT Telecom Department Working Routing Requests from Business Units updating changes to the Call Routing Vectors, VDNs and Announcements database in Avaya Switch Implementation and support of Nutanix hyper-converged solutions. Has experience in Bash and Python scripting with focus on DevOps tools, CI/CD and AWS Cloud Architecture and hands-on Engineering. Involved in dealing with Composite Network models that consists of Ciena 39 series and ACX Platforms. Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE. Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex Connect Configured and performed software upgrades on Cisco Wireless LAN Controllers 2504, 4404 ,5508 for Wireless Network Access Control integration with Cisco ISE. Upgrading Cisco ISE appliances company wide. Recently rolled out OpenDNS including onsite VM appliances. Worked on Network Configurations of different models related to automation. Experience in Scripting languages like Yang and XML. Experience with Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering. Configured LACP, OSPF protocols on Arista 7250qx-64 switches monitored and Created traffic Pattern on Arista 7250 switches using Open flow. Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment. Extensively worked on virtual F5 LTM module on VMware for application testing. Configured and Managed User group, permission, Role, Resource pool on VMware virtual center. Environment: Ciena 39xx series, MX 10003, ACX Platforms. Protocols: OSPF, BGP. TFTP Server. Scripting: Yang, XML, Python. Salesforce, San Francisco, CA Dec 17 - Dec 18 Network Engineer Responsibilities: Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE Performed upgrade process for Cisco ISE software from version 1.0.4 to 1.1 ADE-OS, patch management and data backup management. Expertise with Installation of Arista 7250QX series switches on Spine Platform. Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018 Experience with configuring FCOE using Cisco nexus 5548 Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network. Worked on Cisco ISE deployment which was a replacement for the ACS and provided new long term and short-term guest wireless services for the Port Authority. Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls. Experience in Application Security Manager (ASM) which is a layer 7 web application firewall (WAF) available on F5's BIG-IP platforms. Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices. Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices also configure 2k, 3k, 7k series Routers Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches Experience with moving data center from one location to another location, from 6500 based data centers to Nexus based data center. Working knowledge and demonstrated experience on the Arista 7150S series, 7160 series, and 7260QX Configuring user's roles and policies for authentication using Cisco NAC and monitoring the status of logged users in network using Cisco ISE. Hands on experience installing and configuring Cisco ISE 1.3 and later upgrading to 1.4. Implemented Cisco ISE 2.0 for Wireless 802.1x Authentication and Authorization with Flex connect Experience with setting up MPLS Layer 3 VPN cloud in data center and working with BGP WAN towards customer Performed wireless site surveys using industry standard tools such as Air Magnet and Cisco & Aruba Switches Managed and completed over 100 projects installing/upgrading client's wireless infrastructure to Aruba and Supported wireless networking team working on Aruba wireless. Experience with configuring Cisco 6500, 6800, 4500 VSS in Distribution layer of the Data center network Configuring and managing F5 LTM (Local Traffic manager) in large scale environment. Configure and troubleshoot Juniper EX/SRX series switches. Network security including NAT/PAT, ACL, and ASA/SRX/Palo Alto/Fortinet Firewalls. Good knowledge with the technologies Site to Site VPN, DMVPN, SSL VPN, WLAN and Multicast. Well Experienced in configuring protocols HSRP, GLBP, PPP, PAP, CHAP, and SNMP. Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers Install, manage and monitored Large scale Palo Alto Firewalls through Panoroma. Experience with communicating with different customers, IT teams in gathering the details for the project Experience in installing and configuring DNS, DHCP servers. Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports. Used Extra hop for the detection of any abnormalities in the network, tracking file access in databases and storage for data security, and locate bottlenecks over the network. Strong hands-on experience on ASA Firewalls, Palo Alto Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS). Installation and Configuration of Cisco Catalyst switches 6500, 3850 & 2960, 9300 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy it also includes the configuration of port channel between core switches and server distribution switches Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network. Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Worked with the Python 2 & 3 version Hands on experience with networking experience including configuring Cisco, Arista, Juniper Networks switch including 10/40/100Gb. Experience designing and configuring Arista and Cisco Switches and Routers, review technical requirements for deployment. Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, prevention where needed. Configuration and Administration of Cisco and Juniper Routers, Switches and mixed vendor Firewalls. Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Configuration, Assigning DHCP profiles Switching tasks include VTP, ISL/ 802.1q, IP Sec and GRE Tunneling, VLANs, Ether Channel, Trucking, Port Security, STP and RSTP. Worked with HP switches, Extra hop, F5 Load Balancer. Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer s instructions and troubleshooting any related issues. Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices. Convert WAN links from TDM circuits to MPLS and to convert encryption from IP Sec/GRE to Get VPN. Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panoroma servers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management and complex customer issues. Experience with f5 asm on application security policies to block any http response codes, sql injections in to virtual servers traffic. Experience with cisco IronPort security policies for ips and ids Experience with dlp- data loss prevention policies on proxies Performing network monitoring, analysis using various tools like Wireshark, & SolarWinds, Dynatrace, Extrahop tool helped for tracking root cause problems. Experience to check the drop for the application with use of the Splunk and then write the firewall rules. AWS data backup (snapshot, AMI creation) techniques, along with data-at-rest security within AWS. Developed an executable application that securely transfers files and creates folders in AWS S3. Created Server-less Architecture for on-premise Application Migration to AWS cloud. Implemented Cisco ACI infrastructure for supporting rapid application change by reducing complexity with a common policy framework that can automate provisioning and resource management. Worked on VMWare migration from physical servers to virtual servers. Environment: Cisco ASA Firewalls, F5 ADC, Cisco 3900,4300,4400,4500 Routers, Cisco Catalyst switches 6500, 3750, 3550, 2960,4500,6500,6800,9300,9400 Switches, Juniper SSG-140, Palo Alto Wildfire, Juniper EX series switches, Nexus 9k, 7k, 5k, ASR 9k, ASR 1k, Nexus 2000 FEX, Juniper SRX, Routing Protocols: BGP, OSPF, AAA (TACACS+ & RADIUS), TCL Scripting, ACL Configuration. Wipro, India Apr 14 Sep 17 Network Engineer Responsibilities: Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing. Involved in configuring and implementing of Composite Network models consists of Cisco 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches. Installed and maintained Cisco 7500 and 7200, 12000 backbone routers with HSRP and various IGP routing protocols such as RIP, EIGRP, and OSPF. Performed/Upgraded configuration of Cisco switches, routers, terminal servers, CSU/DSUs, WAPs, VPN, Remote Access and network management tools. Participated in TCP/IP networks planning, Implementation and Management with subnets. Involved in implementation of overall security system including access-list and NAT design for various Cisco access lists, a RADIUS/TACACS+ AAA server, a Linux syslog server and network monitoring using SNMP. Designed, Configured and implemented VPN tunnel with IPsec and GRE and Cisco ASA based security infrastructure. Configured and deployment of routing protocols RIP, OSPF, EIGRP & BGP over Cisco Routers in Production environment and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure. Worked on design, configuring and managing of Blue Coat Proxy Servers. Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS). Configured Cisco Access Control Server (ACS) to enforce security policy in User Groups. Designed and configured LAN networks with Access layer switches such as Cisco 4510, distribution layer switches such as 6513 and a routed core. Configured HSRP, Spanning tree Root guard, BPDU guard, and STP/RSTP features. Administration of network devices holding various servers of Windows, Linux/Unix platforms (physical & virtual servers). Supported major access to all firewalls and protocols through AAA by using Cisco Secure Access Control Server (ACS). Design, Configuring and troubleshoot F5 LTM load balancing. Configured & managed Security Devices that includes Juniper (Net screen) Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Plug Proxies. Used pulse secure VPN secure login & single sign in across the production environment. Implemented various Switch Port Security features as per the company s policy Configured RIP, and EIGRP on 2901 and 3925 Cisco routers. Provided technical support for expansion of the existing network architecture to incorporate new users. Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500. Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA. Creating the Security policy in ASM for Detect and Prevent the various application base attacks based on anomaly and apply those security policies in the HTTP/HTTPS VIP in LTM. Worked with enterprise level Wi-Fi configuration, troubleshooting, IP routing, network design, architecture and protocols and topologies. Designed and implemented WAN IP infrastructure using frame relay, T1/T3, DSL technologies. Configured OSPF redistribution and authentication with T3 LSA filtering to prevent LSA flooding. Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path. Troubleshooting issues related to Cisco Routers, Switches, and ASR, Nexus 5K, 2K, ASA5595, ACE 4710, MPLS and critical network links by coordinating with the vendor. Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues. Used network analyzers like Wireshark, ethereal and sniffer for packet analysis. Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers. Involved in Local Area Network (LAN) design, troubleshooting, and maintenance as per company s requirements. Worked with sniffing tools like Ethereal to analyze the network problems. Maintenance and troubleshooting of network connectivity problems using PING, Trace Route. Performed replacements of failed hardware and upgraded software. Configured VLANS to isolate different departments. Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues. Configured IPSEC VPN on SRX series firewalls. Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company. Performed scheduled Virus Checks & Updates on all Servers & Desktops. Implementing Routing using the following protocols; IS-IS, OSPF, BGP on Juniper M series routers. Design, installation and troubleshooting networks with hand-on experience with OSPF, ISIS, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering. Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing. Environment: Cisco 3925, 2620, 1900 routers, Cisco 3750, 2950 Switches, Routing protocols: EIGRP, RIP, OSPF, BGP, FHRP: HSRP, Sniffing Tools: Ethereal, Wireshark, Port Security, SRX Firewall, VLAN, 802.1Q Trunking, Cisco ASA 5500. Keywords: cprogramm cplusplus continuous integration continuous deployment sthree active directory information technology ffive hewlett packard fourg microsoft California Idaho Pennsylvania South Dakota Texas Wisconsin |