Ankit Mishra

Clients Managed: Regis Jesuit High School (CO), Southwestern College (KS), University of St. Thomas (TX)

• Design, implement, and manage hybrid network architectures across client environments, integrating on-premise systems with AWS and Azure Cloud Networking for scalability and redundancy.
• Administer and secure firewall platforms including Palo Alto Networks, Cisco ASA Firepower, and FortiGate, supporting site-to-site and remote VPNs, NAT rules, URL filtering, and threat protection.
• Configure and audit core and distribution switching on Cisco Catalyst 9400, Dell, and Aruba switches, optimizing VLAN segmentation, STP stability, routing, and access control lists (ACLs).
• Design and maintain secure DMZ zones, sandbox VLANs, and firewall-based micro-segmentation for hosting internet-facing services with compliance and performance in mind.
• Manage high availability clusters and troubleshoot traffic flows using tools like Cisco ASA packet-tracer, FortiGate debug flow, and routing inspections.
• Deploy and maintain wireless infrastructure using Ruckus SmartZone WLCs, Cisco WLC, Ruckus APs, and Cisco APs, ensuring stable client connectivity, roaming, and dynamic VLAN assignments.
• Deliver cloud-managed wireless solutions via Aruba Networking Central and Aruba APs, integrating remote site control, firmware management, and radio tuning.
• Implement secure onboarding and identity control using Ruckus Cloudpath, Aruba ClearPass, and FortiAuthenticator, enabling certificate-based and SAML/Radius authentication, including Office 365 (Azure AD) integration.
• Centralize network visibility and compliance reporting using FortiAnalyzer and Azure/AWS network logs for SIEM pipeline integrations and alerting.
• Conduct CLI-based diagnostics and health checks on firewalls and switches, including fans, power supplies, thermal states, and port/interface monitoring.
• Utilize Cisco DNA Center, CDP/LLDP, and topology tools to map infrastructure, document network paths, and ensure physical/logical consistency across client campuses.
• Customize and manage routing policies, inter-VLAN traffic, and VPN tunnels, including static routes, BGP, and cloud VNET/VPC connectivity strategies.

• Review Alerts and Incident Reports: Begin the day by reviewing overnight alerts and incident reports from monitoring systems, focusing on any potential security threats or anomalies on F5 Load Balancers, Fortigate Firewalls, and Cloud environments
• Check System Health: Monitor the health and performance of F5 Load Balancers, Fortigate Firewalls, and cloud environments (Azure, AWS, GCP) using management consoles and monitoring tools
• Configuration Management: Perform configuration changes and updates on F5 Load Balancers and Fortigate Firewalls to optimize performance, enhance security, and accommodate new business requirements
• Ensure changes adhere to company policies and best practices
• Cloud Configuration: Creation of New VPCs, VNets, NSGs, DNS Cloud Mapping, and Deployment of New FortiGate FWs, F5 LBs and various other devices as VMs, Enabling VPC service controls, whitelisting of service accounts in Azure, AWS & GCP.
• Cloud Security Management: Review and adjust security configurations in Azure, AWS, and GCP environments to mitigate risks and ensure compliance with industry standards and regulatory requirements
• This may involve adjusting network security groups, configuring access control lists (ACLs), or implementing encryption mechanisms
• Troubleshooting and Support: Provide technical support and troubleshooting assistance to internal teams or clients experiencing issues with network connectivity, load balancing, or firewall configurations
• Collaborate with vendors or cloud service providers as needed to resolve complex issues.

• Proficient in using monitoring tools (SolarWinds, Nagios, Thousand Eyes) to proactively identify and address network anomalies in Nestle Global Network.
• Skilled in incident response, troubleshooting root causes, and implementing effective solutions to minimize downtime using Service Now.
• Expertise in configuring and managing routers (Cisco ISR, ASR, ISR 100 Viptela) and switches (Catalyst 4507R, 3560, 6500 series), optimizing routing protocols (BGP, EIGRP), and ensuring efficient data flow.
• Strong problem-solving skills for diagnosing and resolving complex network issues at both hardware and software levels.
• In-depth knowledge of Cisco networking technologies and tools (Service Now, BMC Remedy, Infoblox, Men and Mice), with familiarity in MPLS, VRF, and QoS configurations.
• Played a pivotal role in the deployment of Cisco SD-WAN, improving application response times and ensuring uninterrupted connectivity through thorough testing of failover mechanisms and implementing SD-WAN policies for optimal traffic routing.

• Configured and maintained VPN tunnels (GRE, IPSec) for Banks and Petroleum companies using tools like MARS and Xlite.
• Managed greenfield and brownfield implementations, and resolved change management tickets (IP and network protocol changes).
• Configured over 1500 GRE tunnels and 500+ IPSec tunnels.
• Responsible for site maintenance, issue resolution, and configuring VRFs and policy-based routing.
• Worked with Cisco Catalyst switches, Cisco ISR Routers, and SIM-based routers/modems (HP, Huawei, Techroute).