in-depth knowledge of IPv4, Sub netting and TCP/IP, DHCP, DNS, SNMP protocols. Fine understanding of LAN and WAN technologies STP, VTP, HSRP, VRRP, MPLS, Ethernet Experience in configuring, troubleshooting and monitoring using Cisco Switches, Routers, WLC and ISE, Checkpoint and Palo Alto Firewalls. Firewalls, Bluecoat Proxy, Symantec SWG, McAfee web gateway and Zscaler proxy. Configured OSPF, BGP on Cisco Switches and Routers. Actively participated in Implementation and customization of customer network.
Overview
6
6
years of professional experience
Work History
Senior Systems Engineer & Technology analyst
Infosys Limited
Hyderabad
02.2019 - Current
Performed firewall administration, network security, and network engineering in an OSPF/BGP environment
Work as part of a firewall and security team to support Checkpoint and Palo Alto firewalls, Bluecoat Proxy, Symantec Cloud Web Gateway, Zscaler, McAfee Web Gateway, and Active Directory
Replacing Checkpoint VPN, Symantec SWG and Bluecoat proxy with Zscaler and working on implementing Zscaler in Production
Worked on internet links rollout into production active/standby, load sharing
Deployment of client connector across Infosys DC, Azure and AWS cloud for Infosys internal and external web application security requirements
Created Hosted PAC Files based on the organization request what to be accessed before and after authentication
Worked on source and Destination NAT according to different projects and internal web applications requirement
Worked on multiple proxy technologies’ to provided unauthenticated access to endpoint updates, web application
Collaborated with network and security teams to design and optimize secure internet and remote access solutions
Created Forwarding profiles in ZAPP Portal for the Groups to use based on the Authentication
Creating local admin account for ZIA and ZPA for all the Security Group and the Operational folks
Created locations for each site once the GRE Tunnel is up on the respected location for the traffic flow
To granulize the traffic created Sub-locations for each site
Created URL category for each service based on the requests
Created URL Policies for each URL Category Created
Created SSL inspection, domain bypass particular websites
Created Firewall Control policies as per organization and requester choice
Created Hosted PAC Files based on the organization request what to be accessed before and after authentication
Added Network Services to the Firewall filtering in Administration
Created IP&FQDN groups
Configuration of web filtering and managed firewall services
Implementing and troubleshooting firewall rules in Checkpoint and Palo alto firewalls as per the business requirements
Joining different Client calls for new S2S connectivity setup and troubleshooting phase1/phase2 VPN issues
McAfee and Symantec Cloud Secure web Gateway Proxy server rules enablement and troubleshoot issue
Capturing TCP dumps, VPN debug and tracker logs as part of trouble shooting in client calls
Configuring Anti-spoofing and IPS/IDS based on the requirement
Implemented Checkpoint firewall rules according to business requirements and verifications
Attending the calls with client network team whenever new setup or connectivity is down issues
Configuring Site to Site VPN and enable Client to Site VPN and troubleshooting in check point firewall
Implement and troubleshoot layer 3 protocols Port channel, Interval routing virtual SVI, Implement High availability cisco switches through Stack, VSS as part cisco high availability solution
Troubleshooting BGP routing issues and issues related to route-map and prefix-list configurations
Upgrading device IOS (cisco router, Switches, Wireless controller, ISE server and firewalls)
Implementing the Change Orders on workflows
Backup and restore checkpoint configuration and Migration Checkpoint OS
Configuring the new L2 and L3 Switches into the live network and Configuring traffic ACL`S, SNMP, TACAC+ etc
As per ISG team security recommendation
Configuring the all-network devices Cisco (Router & Switches) and firewalls as per Dedicated ODC project client requirements
Review and fix the Vulnerability assessment NCs as part of Infosys internal and External Client Audit for all Dedicated ODC Network devices
Co-ordinate with onsite client engineers and provide support for activities & troubleshooting
Maintaining and providing the support to ODC Compliance of the network devices assigned
Monitoring the switch compliance from Cisco DNAC and verifying the compliance issues
Involved in Several BCP activities and provide the support for multiple Offshore Location.
Executive-Technical Service Group
Hinduja Global Solutions Ltd
Hyderabad
- 02.2019
Providing network support for the issues reported by the users from different branches & also by the Network monitoring team
Implement and troubleshoot first-hop redundancy protocols HSRP
Upgrading device IOS (cisco 1800 and 1900 series routers and 2950, 2960, 3750 switches)
Configuration of NAT/PAT, VLAN, troubleshooting VLAN or physical connectivity for servers and other devices, troubleshooting Cisco access-list, NAT issues
Troubleshoot issue’s related to intranet and internet hosted application URLs on proxy environments such McAfee Web Gateway through Proxy and firewall rule creation and PAC file change
Creating Policy on Cisco ASA and Palo alto firewall based on client business requirements
Monitoring the Server using ping and tracert Scripts for analyses Call drop or network Fluctuations
Configure Wireshark’s on endpoints for deep analysis report about Call drop Issue’s
Bandwidth analysis, monitoring of Cisco Routers, L3 Switches and links stability using SolarWinds
Maintaining proxy servers using web portal, adding secured clients, applying security and permissions for accessing Internet
IP’s reservation through MAC Bind in DHCP Server
Administration on Active Directory based on domain infrastructure
New user creation, assign privileges, password reset, account lockout, grant and revoke access for shared folders through ADS
Group Policy implementation and user rights assignment
Backup & restore of data through Symantec backup, offsite backup maintenance
Working knowledge on McAfee e Policy orchestrator & Symantec endpoint protection server console
Windows patch management through WSUS Server
Installation and managing of client applications such as Citrix, Talisman, Avaya Softphone and Cisco IP phones etc
Providing Technical support through multiple channels, such as telephone, ITSM tool, emails
Enable, Deployment and support Client Applications.
IT-Executive
Vibatel Solution Private Limited
Hyderabad
- 02.2016
To do changes in network (which includes IOS upgradation, Route the traffic from Primary to secondary if Primary link is flapping, Security and NAT Policy Creation firewall, adding VLAN, adding a route, password breaking of router and switches, managing unmanaged network) Maintenance of cisco routers 1800,2800 and cisco switches 2960,3550
Providing network support for the issues reported by the users from different branches & also by the Network monitoring team
Implemented all layer 2 security in our network to more it more secure
(DHCP SNOOPING, PORT SECURITY, SSH V2,) Implement Policy’s on Sophos UTM Internet firewall
Configuration of Static, Dynamic (RIP, RIP2, OSPF & EIGRP) and Default Routing protocols
Follow up from the all the ISP for the Branch office’s connectivity
Working with third party vendors for new project implementations related support
Investigate network performance issues that reported over a branch