sindhu kavali

Master's

Computer Networking and Telecommunications

Cyber Security Systems

Network Systems Administration

Compass Group

Senior Network Engineer

- Responsibilities - Worked in BMC's Deployment and Operations team to support multiple migrations in switching, routing, firewalls, LB, and Proxies - Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy). Configured and maintained IPSEC and SSL VPNs in Palo Alto. Successfully installed PA-5000 series firewalls in the Data Center as perimeter Firewalls - Migration of ASA firewalls to PA next-gen Firewalls using migration tool in PA. Migrated all IPSEC tunnels, ACLs, NAT rules, and policies - Experience working on Cisco ASR 9K, Nexus 7K, and 9K. Configured and designed OSPF, EIGRP, and BGP at the Distribution and Core layers. Configured OTV layer 2 connection between Data centers on Nexus - Worked on Juniper devices like M, MX, and T routers on advanced technologies like MPLS VPNs, TE, and other service provider technologies - Worked with different models of Cisco/Juniper/Arista switches, routers, firewalls, load balancers, VPNs, and wireless systems - Heavily involved with data center migration from Cisco to primarily Arista with minimal downtime utilizing VxLAN - Worked on setting up pulse secure SSL VPN in Dmz for remote user connectivity and authentication of directory services in pulse secure, endpoint host checker, deploying Pulse connect client to endpoints, VPN tunneling, etc - Experience with configuring BGP, and OSPF in Juniper M and MX series routers. Worked on several BGP attributes like MED, AS-PATH, and Local Preference for route optimization. Worked on Route-Reflector, and Route-Redistribution among routing protocols - Deploying and decommissioning Cisco switches/Firewalls and their respective software upgrades. Hands-on experience in Installing and Configuring Palo Alto PA-3060 Firewalls to protect Data Centers - Designing and providing support for Routers, Switches, Security Solutions, VPNs, L4-7 Load Balancers, SD-WAN, and Network Management Solutions across LAN/WAN - Integrated Meraki SD-WAN into the infrastructure during the design process - Configured WAN connections with Meraki and FortiGate SD-WAN - Implemented Palo Alto solution for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing - Work with Load Balancing to build connectivity to production & disaster recovery servers through Citrix NetScaler - Designed and developed AWS Cloud Formation templates to create custom VPC, Subnets, and NAT to ensure deployment of web applications - Deploying Cisco 6500, ASR 9K /Arista/Juniper Routing/Switching - 6500/7020R/QFX - Deploying Layer 2 Layer 3 protocols (BGP, OSPF, STP (PVST+) and Ether Channel, Port channels in Cisco and Arista platforms - Installed Meraki SD-WAN solution Confidential remote branches to better utilize carrier circuits and mitigate packet loss and latency - Experience in Configuring VPN, routing, NAT, access, security contexts, and failover in ASA firewalls - Performing troubleshooting on slow network connectivity issues, and Performance on F5 and Cisco ASA Firewalls. To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures - Design expertise for the SD-WAN (Versa & Viptela), SD-LAN, and WAN optimization technologies for efficient delivery of the application data across LAN and WAN - Maintained TACACS+/RADIUS Servers for AAA authentication and User authentication. Provided VPN services to site-to-site and, Remote access VPNs using IPSec tunneling. Work with IP for any vulnerabilities /ACLS and remediate as needed - Worked on Multiple AWS instances, set the security groups, Elastic Load Balancer and AMIs, and Auto scaling to design cost-effective, fault-tolerant, and highly available systems - Maintenance and troubleshooting of LAN, WAN, IP Routing, Multilayer Switching - Designed & Deployed Cisco ISE and Provided comprehensive guest access management for Cisco ISE administrators. Configured Cisco ISE for Domain Integration and Active Directory Integration - Implemented SSL offloading on NetScaler load balancer by uploading certificates and binding them to the virtual servers along with configuring proper SSL policies & cipher suites - Created templates for AWS infrastructure as a code using Terraform to build staging and production environments - Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE - Extensive Knowledge in configuring and troubleshooting as well as creating Virtual Servers, Nodes, Pools, and iRules on BIG-IP F5 load balancer LTM for load balancing and traffic management in the DC environment - Tests security measures to reduce and mitigate risk. Actively probes the network for new threats and risks - Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls. Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls - Design and implement global Active Directory migration in support of confidential divestiture - Renovate, design, and implement Microsoft Active Directory (Access Controls, Group Policy, Kerberos Authentication, naming standards, trust relationships, best practices, security policies, and standards - Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 500,0, and 2000 - Policy Reviewing, Audi,t, and cleanup of the unused rule on the Firewalls using Tufin and Splunk. Rule and URL filtering remediation for Palo Alto devices. Maintain and manage Splunk-related issues - Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, and 7200 Series routers. Worked on Catalyst 4506E, 4507, 6,503E, and 6506E series switches along with Nexus 5020 switches in the change of configurations and maintenance. VSS on 6506E switches maintenance to provide dual homing for the consumers as well redundancy - Proficient in Configuring VPC between the Cisco Nexus 7k, and 5k. Scheduled maintenance of Nexus 2248, 5548, and 7010 switches so that there are no Orphan ports in the network - Environment: Cisco Cat 2960, 3750, 3850, Cat 9300, 9500, 6500, 4500X, Nexus 2k,3k,5k,7k,9k, F5 Viprion, BIG IP 5000, PA 5000 series, Panorama, Cisco Versa, Cisco Wireless LAN 5508, Cisco ACI, Juniper EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240, Zscaler proxies, SolarWinds, Cisco VOIP, Cisco ASR 9k, 1K