sai shiva T

Network Engineer


Network Engineer

Education Level:


Will Relocate:



PROFESSIONAL SUMMARY: * 6+ years of profound experience on configuration, troubleshooting, and maintaining enterprise networks. * Experience in configuring, troubleshooting and implementing on Palo Alto (PA 3k, PA 5k), Cisco ASA 55XX, Juniper SRX240, SRX650 and SRX3600 * Hands on Knowledge in implementing various features like Net flow, user-IDs, High-Availability in the Palo Alto firewalls. * Extensive knowledge on Kill Chain and various attacks like DOS, DDOS, and ZERO DAY ATTACK. * Exposure to Wild Fire feature of Palo Alto for detecting suspicious malware. * Expertise in Configuring Policies on Palo Alto Firewalls & Analysis of logs using Algosec. * Expertise in creating and implementing security policies using ACL, NAT, Route-maps on various firewalls. * Experience in installing, configuring and managing Authentication servers like RADIUS, TACACS+ and LDAP. * Good experience on Palo Alto design and installation of Application and URL filtering, Threat prevention, Data Filtering. * Experienced in handling Panorama management tool to administer Palo Alto firewalls. * Migration with both Juniper SRX and Cisco ASA to Palo Alto 7.0 using the Palo Alto Migration tool. * Hands on experience in NAT (Network address translation) configurations and its analysis for troubleshooting issues related to access lists (ACL). * Good knowledge on configuring F5 BIG-IP LTM/GTM load balancers and in providing application level redundancy and availability by deploying. * Implemented and maintained Source fire (IDS/IPS) system and hardened protection standards on firewall for enterprise network to protect sensitive corporate data and enabled IDS/IPS signatures on Firewall for Fine-tuning of TCP and UDP services. * Experience in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols. * Hands on experience in configuring tunneling modules like GRE, VPN ISAKMP. * Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 3800, 2800, and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches and data-Center Nexus 7018, 5596T, 2148T, and 6000switches. * Good amount of knowledge about various WAN technologies such as Frame-Relay, PPP and HDLC * Configuring, Implementing and Troubleshooting Static, RIP, OSPF, EIGRP, BGP on both Cisco and juniper devices. * Expertise in installing, configuring and troubleshooting Juniper Switches (series EX3300, EX4200, EX4600), Juniper Routers (series J, M and T) and Juniper series SRX Firewalls. * Expertise in configuring switching protocols such as ARP, RARP, VTP, PPP, VLAN, STP, RSTP, PVST+. * Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAGP). * Strong knowledge in DNS, DHCP, SMTP, FTP, HTTPS and web security architecture. * Handling multiple Firewalls in a managed distributed environment and good understanding on SIEM tools like QRadar. * Expert level knowledge on TCP/IP and OSI models. * Extensive knowledge on Implementing IPv6, Transition from IPv4 to IPv6, Multilayer Switching, UDP, Fast Ethernet, Gigabit Ethernet, Voice/Data Integration techniques. * Handling various application monitoring tools like NMAP, Solar Winds, Wire shark, and Splunk. * Hands on experience in coding with analytical programming using PERL, PYTHON and C++. * Good knowledge in preparing technical documentation and presentations using Microsoft Visio/ Office. * Expertise in handling devices using PANOS, Cisco IOS, JUNOS and NX-OS. Experienced with changing attributes in BGP for path selections like local preference, and MED. * Exposure to routing protocol authentication and implementing STUB area in EIGRP. * Extensive knowledge on implementing unequal load balancing in EIGRP. * Experienced in setting up ACL'S for policy based routing. * Extensive knowledge on implementing and configuration of Redundancy Gateway using HSRP and VRRP. * Involved in Troubleshooting of DHCP and other IP conflict problems. * Performed Switching Technology Administration including VLANs, inter-VLAN Routing, STP, RSTP and Port Aggregation & Link Negotiation. * Troubleshoot wireless access point problems. * Experience on monitoring the network traffic using Solar Winds, Splunk, NMAP, and wireshark. * Proficient on Wire shark for Packet Capture and analysis * Network diagrams development using MS Visio, network documentation using SharePoint portal NETWORK SECURITY ENGINEER: (January 2015 - December 2016) Client: Premera Blue Cross, WA * Worked on Palo Alto Firewalls (50+ firewalls) PA-3020, PA-3050, PA-5020, PA-5050, PA-5060series. * Managed Configuration, Logging and Reporting of Palo Alto firewall through the Panorama. * Creating, modifying and updating Application, Application Group, service and service groups on Palo Alto firewall. * Managed URL filtering, File blocking, Data filtering by Palo Alto firewall. * Configuring security policies on Juniper SRX240, SRX650 and SRX3600 based on the web and content filtering using the JunOS Space and CLI. * Administering multiple firewall of Juniper/ NetScreen, in a managed distributed environment and Policies between secure zones using NSM (Network Security Manager). * Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls. * Installed and configured IPS and IDS services using the Juniper IDP devices * Involved in migration of Juniper SRX 240 firewall to Pala Alto. * Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN * Configured and installed numerous versions of Cisco routers - 1700, 1800, 2800, 2900, 3800, 3900, 4331, 9010. * Moved to standard based protocol for multi-vendor support from EIGRP to OSPF in enterprise network. * Involved in the troubleshooting aspects of complex network infrastructure using routing protocols like EIGRP, OSPF and BGP. * Involved in the configuration and maintenance of IPsec Site-Site VPN. * Supported in giving access the User machines and partners exterior to the network using IPsec VPN tunneling and SSL. * Applied ACLs for Internet access to the servers using Cisco 5550 ASA firewall and performed NAT. * Involved in the redistribution into OSPF on the core ASA firewall. * Open the appropriate and security defined firewall ports by working with application team and making sure that their application communicates properly with others. * Hands on experience in configuring and implementing Prefix-lists, Route-maps, Ether-channels. * Key responsibility of LAN and WAN maintenance and troubleshooting any network related problems.. * Configured and deployed various versions of Cisco switches - Nexus 7K/5K, 3850X, and 3750 X/G PoE MultiGig. * Performed switching tasks such as creating VLAN's, Inter-VLAN routing, VLAN Trunking, STP, RSTP and Port Channeling. * Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network. * Test and validated the PYTHON custom scripts and delivered automated solutions. * Involved in configuration and management of different Layer 2 switching tasks which includes address learning, efficient switching etc * Involved in HSRP standby troubleshooting and load balancing protocol GLBP, Port channel management of the network. SENIOR NETWORKING ENGINEER: (October 2013 - November 2014) Client: FTS international, Dallas fort worth, Tx * Implementing and configuring routing protocols such as OSPF (v3, v2), RIPv2, BGPv4, EIGRP, HSRP, GLBP and MPLS.