Network Engineer Palo Alto
Resume:
Rajashekar
Sr. Network Engineer
ad6zdd@r.postjobfree.com
Professional Summary:
Accomplished Network and Security engineering professional 8 years of real time experience in designing, deploying, migrating, and supporting critical multi-site redundant network environments.
Design, develop, and document comprehensive test plans to set up test scenarios, both hardware and software components.
Experience testing Cisco & Juniper routers and switches in laboratory scenarios and then deploy them on site for production.
I have a very sound knowledge of IPV4/IPV6 implementation of Sub-netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
Designed and deployed new Cisco catalyst 6513 and 6509 with dual Supervisor Engine 720 at both Distro and Core layer.
Experienced in configuring, deploying, maintaining, and troubleshooting of routing protocols like RIP, OSPF, EIGRP and BGP on Cisco 1800, 2600, 3600, 7200 and 7600 routers. And performed Policy based routing.
Installing, configuring, and troubleshooting Cisco routers ASR 1K, 2901, 2911, 4200x, 2800 and 2600 Series, NEXUS 9K/7K/5K/2K, Cisco Catalyst Switches 2960X, 3750, 3850, 3950, 4500 and 6500 series, Cisco UCS Storage
Experience with F5 load balancers - LTM, GTM series like 6800 and 8900 for the corporate applications and their availability
Experience with Checkpoint Firewall policy provisioning
Experience working with OTV & FCOE on the Cisco Nexus 7010/5548 between the datacenters.
Responsible for Cisco ASA firewall administration across our global networks.
Proficient in configuring and troubleshooting route Re-distribution between Static, RIP, EIGRP, OSPF, and BGP protocols and in Route Manipulation
Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX, Net Screen Firewalls, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto IDS, Foundry / F5 Load Balancers, and Blue Coat Packet Shaper systems.
Hands on experience on Up-gradation of Cisco IOS of different Cisco devices & modules.
Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
Strong hands-on experience in installing, configuring, and troubleshooting of Cisco Nexus 7k, 5k, 2k, Cisco 7600, 7200, 3800, 3900, 2800, 2900 series Routers, Cisco Catalyst 6500, 4500, 2960 and 3750 Stack Switches.
Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
Experience in design, Deploying & Troubleshooting F5 Load Balancer Includes BIGIP Series 5050V, 10000V, 8900, 6900, and 3900.
Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM. GTM, ASM, APM
Provides technical leadership for problem escalation and resolution.
Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional.
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
Implemented traffic filters using Standard and extended access-lists, Distribute-Lists, prefix lists and Route Maps.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
I have 6 years of experience with Data Center.
Design, troubleshooting and configuration experience with OSPF, IS-IS, EIGRP and BGP protocols on multi-vendor routers. Worked on Traffic path manipulation using various attributes, redistribution of routes, ISP peering, WAN connections, MPLS and DMVPN.
Configure, Manage and Monitor Palo Alto firewall models (specifically the PA-5050 and the PA-5260).
Performed migrations from Check point firewalls to Palo Alto using the PAN Migration Tool MT3.3.
Juniper SRX210, SRX240 Ex4300, EX4300, EX300,QFX5100,MPLS,OSPF,IGRP,EIGRP,HSRP,TCP/IP, IWAN, T1, DS3Operation: Switches, Layer2 switching – VLAN, port channel, Virtual Port Channel.
Configure, manage and Monitor Palo Alto firewall models (Specifically the PA-5050 and the PA-5260)
Palo Alto Networks, Cisco ASA firewalls, Checkpoint, Panorama Palo Alto Networks firewall management.
Technical Skills:
Operating Systems
Windows (Server 2003/2008, Vista, Windows 7), Linux OS
Routers
Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000
Switches
Cisco 3750, 4507, 4510, 6500 & 9300 series switches, Nexus 7010, 5548, 2448
Routing
MPLS, OSPF, EIGRP, BGP, RIP-2, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing
Switching
LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.
Network security
Cisco (ASA, PIX) 5510, ACL, IPSEC VPN, Palo Alto, GRE VPN
Load Balancer
F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer
LAN
Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.
WAN
Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing. Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP Management
AAA Architecture
TACACS+, RADIUS, Cisco ACS
Network Management
SNMP, Solar Winds, HP open view, and Wire shark
Reports and Network Diagrams
Microsoft (Visio pro.)
CVS Woonsocket - RI March 2023 – Present
Sr. Network Engineer
Responsibilities:
•Configuring, managing, and troubleshooting networks using routing protocols like BGP, RIP, EIGRP and OSPF Single Area and Multi Area.
•Worked on various point to point SONET links such as OC3, OC12, STM-1.
•Troubleshoot latency and throughput issues on MPLS and Dedicated Internet Access circuits.
•Configured and resolved various OSPF issues in an OSPF multi area environment.
•Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer's WAN infrastructure.
•Monitoring alerts and reporting to Global Foundation Services and Microsoft Operation Center
•Primary responsibilities include but not limited to design, implementation and troubleshooting of all LAN/WAN solutions offered by LAN/WAN Professional
•Implementing a new Network Architecture as per low-level design.
•Network design for new server connectivity.
•Design and architect and implementation Data centers for large carrier-class customer utilizing Nexus 7018, Nexus 7010.
• Worked as a part of network team where my daily tasks included configuring, monitoring and troubleshooting of Campus and Datacenter networks.
•Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Bluecoat Proxies and WAN/MAN Optimizers.
•Worked on AWS connectivity and Security.
•Data center build and support.
• Performance of network and servers to identify potential problems and bottleneck. Performed RIP & OSPF routing protocol administration. Maintenance and troubleshooting of connectivity problems using Ping, Trace route.
•I have knowledge of cisco Meraki and hand on experience in configuring Meraki devices. Also creating device and feature templates require SD-WAN.
•Troubleshooting of Cisco 2800,2900, 3900, 7200, 7600, ASR9k, Nexus Series routers
Configure BGP features such as as-override, Local pre, EBGP load sharing on client connections.
•Experience with cisco Meraki wireless managed network infrastructure.
•Assisted in the migration from DMVPN to cisco Meraki SDWAN.
•Design/configure/Monitor alerts in SolarWinds and PRTG- hardware and software nodes.
•Creation and Monitoring all system Alerts via SolarWinds.
•Maintain asset management in SolarWinds.
•Troubleshooting using Net Brain tool, monitoring network traffic and analytical tools Wireshark and SolarWinds.
•Installing/configuring console server, RT server and PCO.
•High availability HSRP, VRRP, ether channel creation on Cisco, switches, and routers.
•Transitioned as Network Project Manager and participated in kick off meetings, gathered data from stake holders to create Network design template.
•Worked on Network Acceptance to comply with Microsoft design standard and delivered projects in time after quality check.
•Weekly and daily meetings with clients to understand their network requirements discuss these with management and come up with an action plan.
•Quickly resolve all IP network issues to reduce waste and downtime of a Network infrastructure.
•Experience in ordering new modules and SFPs for the devices to support network expansion.
•Helping Tier I engineers in any of the issues related to various aspects and concerns.
•Interacted with different teams - on developing/ implementing the Onsite Offshore model for 24X7 support.
•Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA-500 and the PA-5260)
•Performed migration from Check point firewalls to Palo Alto using the PAN Migration Tool MT3.3.
•Distribution and Core layers. Configured OTV layer 2 connection between Data centers, VPC, VDC and FEX on Nexus.
•Deployed Palo Alto Firewall features like URL filtering User-ID, App-ID, Content-ID on both inbound VM-1000-HV.
•Provided technical and vendor support services, designing and planning Network planning, Implementing, Configuration, SRX2100, SRX240,
•Implemented procedures for configuration and management of routers and switches confidential local and remote site.
•Experience in Infoblox and DNS and F5, LAN and WAN troubleshooting, Confidential call manager & unity, VMWare/vSphere infrastructure, VoIP, VPN, Avaya PBX.
•Performed migrations from Check Pont firewalls to Palo Alto using the PAN Migration Tool MT3.3.
•Deployed Palo Alto Firewall feature like URL filtering, User-ID, App-ID, Content-ID on both inbound and outbound traffic.
•Migrated from Cisco ASA to Palo Alto firewalls.
•Leveraged Palo Alto Network Wildfire inspection engine to prevent Zero-Day attacks.
AT&T, Middletown - NJ Feb 2022 – March 2023
Sr. Network Engineer
Responsibilities:
Configured and deployed Cisco catalyst 6506, 4948e, 4510 switches and Cisco 3660, 3845, and 7609 series routers.
Installation and Configuration of Cisco Catalyst switches 9k series, 3850, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy.
Installed and aligned switches, routers, and firewalls through all network layers.
Software Defined Networking (SDN) - VMware NSX, Cisco ACI.
Experience in Cisco ACI Integrating Layer 2, Layer 3, L4-L7 and VMware with ACI
Accomplished and documented security related activities to maintain network security and data reliability.
Designing, Implementing and Troubleshooting Cisco 9K, 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR
Hands on experience with cisco Meraki cloud networking
Designed and implemented Cisco/Meraki Enterprise Cloud Wireless Bridge/Repeater to extend the LAN for multiple buildings.
Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes on Cisco Routers
Designed and configured Virtual Switching System (VSS) on 6500 and 4500x switches.
Implemented high security model between all VLANs by ACL filtering and private VLANs.
Deployed and configured cisco medaka templated based configuration across the enterprise.
Designed network architecture including VLAN, LAN, WANS and remote networks.
Configure, test, and deploy Cisco Meraki devices to remote clinic locations.
Hands on experience with multicast protocols IGMP, CGMP, PIM-sparse and dense mode.
Configured GRE tunnels and routes for multicast traffic flow between various locations.
Extensive knowledge of switch functionalities and multilayer switching networks like STP, RSTP, CEF, Ether Channel (PAGP and LACP). Redundancy Protocols like HSRP, VRRP and GLBP and Load Balancing using PAGP and LACP and PPP over Multilink.
Worked on Network Layer technologies including Routing & Signaling protocols, Layer3 VPN and Multicast supported by cisco core and edge series routers.
Designing and providing support of Routers, Switches, Security Solutions, VPNs, SD-WAN and Network Management Solutions across LAN/WAN
Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using different capturing tools.
Hardware upgrades include Cisco switches from individual switches to Stacks of 3950 series, from 4500 series switches to 9400 series switches and more. Software upgrades include upgrading a variety series of switches to latest updated software for ISE deployments.
Performed Security operations in terms of pushing new policies and deploying new rules. Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
Supporting and troubleshooting of complex LAN/WAN infrastructure that include routing protocols OSPF & BGP, MPLS
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network.
Designed, configured, implemented site-site VPN on Cisco ASA 5500 firewall.
Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
Diagnose, troubleshoot, and resolve hardware, software and other network related problems and replace defective components when necessary.
Configuring, Monitoring and Troubleshooting Cisco’s ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/Netting with the firewalls as per the design.
Worked on F5 load balancer including APM and ASM
Creating RFCs in Service Now tool as per business needs and presenting them in CAB meetings.
Configuring and maintaining Infoblox for DHCP, DNS and IP management
Working on various network tools like SNOW, Cisco Prime, Infoblox.
Monitor and troubleshoot capacity and performance issues using SNMP management tools including Cisco Prime and SolarWinds Orion.
Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized management appliances.
Migrated from Cisco ASA to palo Alto firewalls.
Configured windows USER-ID agent to collect host information using Palo Alto Global Protect.
Configured APP-ID feature in Palo Alto firewalls to attack surface, regain visibility and control over traffic.
COGNIZANT Tech Solutions, Hyderabad Sep 17 – Dec 2021
Network Engineer
Responsibilities:
Involved in Configuring and implementing of Composite Network models consists of Cisco 7600,2600,3800 series routers and Cisco 2950, 3500,5000, 6500 Series switches.
Responsible for all WAN circuit installations with VPN/GRE tunnels, AT&T, Level 3 and maintain the WAN fiber ring network and Cisco CWDM equipment.
Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR
Responsible for maintaining the entire Routing and switching domain across the campus / Branch to Head Office and also the Layer-2 campus network across the remote branches which included configuring VLANs.
Administration of ASA firewalls in the DMZ and FWSM in the Server Farm to provide Security and Controlled/ restricted access.
Design the firewalls rules on Cisco ASA 5520, 5540-X, 5585 and implemented different NAT policies.
Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
Route redistribution between OSPF, EIGRP and in required routers, between IGP and BGP
Worked on GTMs like F5 and A10's on DNS issues and was a part of A10 to F5 GTM migrations.
Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
Configuration of the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc.
Maintenance and configuration of Cisco ASR1000 series and 7200VXR routers at data center and deployment of 3900, 3800, 2951 and 2821 for branch connectivity
To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
Worked on Check Point Security Gateways and Cisco ASA Firewall to troubleshoot connectivity issues.
Responsible for Cisco ASA firewall administration across our global networks.
Successfully installed Palo Alto PA 5060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
Managed VPN user and Active Directory by resetting passwords, unlocking accounts, adding users, and GP.
Creation of Virtual Switches, Ports and Port groups and setting up Layer 2 Security Policies for Virtual Networks.
Engaged to help client design and implement a Single Signon Solution using the Forgerock stack using OpenAM and OpenDJ
Migrated legacy F5 LTM and GTM appliance to newer version appliances.
Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers
Deployed F5 Enterprise manager of 4000 series for all the cluster devices over the network for easier management of configurations like SSL certificates, disable and enable of nodes states.
Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) for managing the traffic and tuning the load on the network servers. `
Involved in troubleshooting of DHCP and other IP conflict problems.
Configuration and Installation of Cisco Routers 3900 series, 7200 series, 7600 series, ASR 1000 series
Maintenance and Installation of Cisco Nexus 7K, 5K, 4k Cisco Catalyst Switches 6500, 4500, 3110, 3850, 3750, 2960
Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
Worked on designing, configuring & troubleshooting of routing protocols: RIP, EIGRP, OSPF, MP-BGP, BGP
Administrating on F5 LTM, GTM, ASM, APM on series 5050, 10000 8900
Created an automated backup procedure for all F5 load balance appliances.
Assisted in designing and development of provisioning and de-provisioning processes for all systems.
Implemented procedures for development and deployment of password management processes.
Assisted in designing and development of provisioning and de-provisioning processes for all systems.
Implemented procedures for development and deployment of password management processes.
Configured Routing protocols such as OSPF, BGP, RIP, static routing and policy-based routing.
Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, port aggregation, Route redistribution and route update manipulation using route-maps; distribute lists and AD manipulation and link negotiation.
Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools
Working with different Network Management Tools and Sniffers like Wireshark (ethereal), HP-Open view, RSA envision, and Cisco works to support 24 x 7 Network Operation Center.
TATA Consultancy Services, Hyderabad Sep 16 – Aug 17
Network Engineer
Responsibilities:
Performed network engineering, design, planning (WAN & LAN) & implementation. Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
Troubleshooting of Cisco 2800,2900, 3900, 7200, 7600, ASR9k, CRS, GSR 12k Series routers
Performing troubleshooting on slow network connectivity issues, and Performance on F5 and Cisco ASA Firewall
Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between Switches.
Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Hands On experience in push Policy from Panorama to Firewall in Palo Alto.
Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
Deployed and configured Cisco ASR 1000, 7000, 9000 series routers
Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
Designed and implemented security policies using ACL, firewall.
Performed upgrading of load balancers from citrix to F5 BigIP load balancer to improved functionality, reliability and scalability in the system.
Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
Upgrades/Downgrades of F5 TMOS, Hot-fix installations depending on need.
Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
Worked on Extensively on Cisco Firewalls, Cisco (506E/515E/525/) & ASA 5500(5510/5540) Series.
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
Configured routing policy for BGP. Switching related tasks included implementing VLANs and configuring ISL trunk and 802.1Q on Fast-Ethernet channel between switches.
Implemented Cisco IOS Firewall IDS using 2600 series router.
Worked extensively on firewalls and VPN gateways Checkpoint, CISCO ASA and Palo Alto
Troubleshooting on network problems with Wire shark, identify problem and fix.
Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module)
Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
Redistribution of routing protocols and Frame-Relay configurations.
Configuring and troubleshooting type of routing to route traffic flow per customer requirement as primary, backup/load balanced and load splitting.
Performed the maintenance of Active Directory and replication scheme, DNS/DHCP services and time services; wrote step-by-step procedures for implementing upgrades.
Dealt with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency, redirection of the URL.
Configured VLANs on a switch for inter-VLAN communication. Configured VLAN Trunking Protocol (VTP) on Core Switches. Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches for STP, VTP Domain, VLAN, Trunking, Fast Ether Channel configuration.
Documented all the work done by using Visio, Excel & MS word.
Contact this candidate