Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Apoorva A

Warsaw,IN

Summary

Over 5+ years of experience in designing, monitoring, and configuring large enterprise networks, with strong hands-on expertise in Cisco ASA, Palo Alto, and Fortinet firewalls. Designed and configured site-to-site VPNs on Cisco ASA and Palo Alto firewalls. Implemented policies on Palo Alto (3020/5020) for security, QoS, Policy-Based Forwarding (PBF), decryption, application override, DoS, and zone protection. Modified policies on Cisco ASA, Palo Alto, and Fortinet to enhance security, QoS, and memory optimization. Designed MPLS and DMVPN solutions to provide redundancy for remote sites, and delivered network infrastructure designs for Data Center LAN, WAN, and Wireless environments. Collaborated with network architecture teams for server connectivity, security testing, and ensuring server-to-network compatibility. Expertise in routing protocols such as OSPF, EIGRP, BGP, Policy-Based Routing (PBR), and static routing. Configured and troubleshot Cisco routers (7600, 7200, 3800, ISR, ASR series) and switches (3750 stackable switches using Cisco StackWise technology). Hands-on experience with Layer 2 and Layer 3 technologies, including VLANs, VTP, STP, RPVST+, EtherChannels, and inter-VLAN routing. Strong knowledge of TACACS+, RADIUS, and integration with firewalls for authentication and access control. Extensive experience with Intrusion Detection and Prevention Systems (IDS/IPS), and analyzing logs using tools like NetScout, Nagios, Splunk, SolarWinds, and HP NNMi. Proficient in troubleshooting network traffic using packet capture tools on Cisco ASA, and Palo Alto Firewalls. Extensive knowledge of WAN technologies, including MPLS, DMVPN, and IPSEC VPNs, as well as configuring WAN protocols such as PPP, PAP, and SNMP. Implemented HSRP and VRRP for network redundancy, and ensured high availability across networks. Expertise in multi-layer switching and transparent bridging for enhanced network performance. Managed and deployed large-scale network migrations and infrastructure upgrades, meeting budget and deadlines. Created comprehensive run books and design documentation, including templates for LAN/WAN, data center, wireless, and security. Proficient in documenting network designs using Microsoft Visio. Experienced in network monitoring and troubleshooting using tools like Wireshark, SolarWinds, and Splunk. Integrated Active Directory, Exchange Mail Servers, and managed NAT, FTP, and Terminal Servers. Skilled in maintaining device inventories and configurations using SSH, Syslog, SNMP, NTP, TFTP, and FTP. Strong knowledge of TCP/IP, IPv4, UDP, Ethernet, and voice/data integration techniques, along with expertise in network upgrades on Cisco IOS platforms, ensuring secure and optimized data flow.

Overview

7
7
years of professional experience
1
1
Certification

Work History

Network Engineer

HCL Tech
San Antonio, TX
01.2024 - Current
  • Expert in the design, deployment, and migration of firewall solutions across multiple platforms, including Palo Alto, Cisco ASA, Cisco Firepower 2120, and Check Point Firewalls. Skilled in developing comprehensive firewall implementation plans, configuring firewall rules, and ensuring seamless integration of new firewall builds into enterprise networks.
  • Adept at defining, reviewing, and optimizing firewall rules to meet organizational security standards. Experienced in configuring firewall policies, VPN groups, and NAT rules, ensuring secure, high-performance network operations.
  • Hands-on experience migrating and upgrading firewalls, including the transition from Palo Alto and Cisco ASA to Cisco Firepower 2120, ensuring minimal network disruption, and a smooth transition to the latest security standards and features.
  • Configured and maintained highly secure Site-to-Site VPN tunnels using IPSec encryption standards, particularly for connecting Palo Alto firewalls to AWS environments, ensuring secure, reliable communication across multiple sites.
  • Skilled in using SIEM tools such as NetScout, Nagios, Splunk, and SolarWinds for monitoring network security, analyzing log data, and identifying potential threats. Proficient in troubleshooting network security issues, including analyzing traffic and logs, and resolving complex issues using tools like Wireshark and TCPDUMP.
  • Expertise in deploying and managing Intrusion Detection and Prevention Systems (IDS/IPS), ensuring real-time protection of the network. Capable of investigating suspicious traffic patterns, and implementing appropriate countermeasures.
  • Extensive experience in implementing authentication protocols like AAA, TACACS+, and RADIUS for centralized user management, and secure access control within the network.
  • In-depth experience with complex routing configurations and troubleshooting, including protocols such as MP-BGP, OSPF, EIGRP, and BGP across various Cisco and Juniper devices (Cisco 76XX, 72XX, Juniper 22XX/23XX). Ensured robust network performance by optimizing routing, and troubleshooting protocol failures.
  • Proficient in monitoring and optimizing network traffic using advanced tools like TCPDump, Wireshark, and Packet Capture. Skilled at diagnosing and resolving network connectivity issues to ensure optimal network performance and availability.
  • Strong knowledge of Layer 2 and Layer 3 technologies, including VLANs, STP, VLSM, Switch Trunking, and ARP. Expertise in ensuring optimal switching performance, configuration of inter-VLAN routing, and advanced network topologies.
  • Managed network hardware and software inventory, coordinated with vendors for hardware replacements or upgrades, and ensured proper maintenance of firewall appliances and related equipment to avoid operational disruptions.
  • Committed to maintaining the highest security standards by continuously reviewing and improving network configurations, performing regular backups, and keeping up-to-date with industry best practices in firewall management and network security.

Network Engineer

Statefarm Insurance
Bloomington, IL
06.2023 - 01.2024
  • Expertise in configuring and maintaining routers and switches, with hands-on experience implementing and troubleshooting routing protocols such as RIP, EIGRP, OSPF, and BGP for optimal network performance.
  • Proficient in troubleshooting a variety of WAN technologies, including Frame-Relay and MPLS, ensuring reliable network connectivity and performance.
  • Involved in the design, migration, and implementation of Site-to-Site VPNs using IPsec and GRE tunneling protocols for secure inter-site communication.
  • Designed and implemented security measures, including Cisco IOS ACLs and Context-Based Access Control (CBAC), ensuring secure access and traffic control across the network.
  • Configured and managed AAA authentication using Cisco Secure ACS (RADIUS/TACACS+) for centralized network access control.
  • Configured ASA Firewalls (5520/5540) for high availability (Active/Standby), managed ACLs, NAT policies, and object grouping to secure internal users, and servers.
  • Responsible for the design, integration, configuration, and ongoing maintenance of LAN, WAN, firewalls, DHCP, and DNS services. Monitored and ensured the performance and security of the network infrastructure.
  • Experienced with F5 BIG-IP Load Balancer (LTM) products, including configuration and monitoring to ensure high availability, and effective load distribution across servers.
  • Skilled in troubleshooting EIGRP, OSPF, and RIP routing issues, ensuring network stability, and efficient data flow between devices and sites.
  • Installed and configured Cisco Cat 6500, 37XX, and 45XX series switches, enabling optimal network performance and reliability.
  • Implemented and managed spanning tree protocols (STP), RPVST+, BPDU Guard, and Root Guard, ensuring network stability and security by securing unused ports in appropriate VLANs.
  • Coordinated network installations, worked closely with project managers and end users, and followed up to ensure that changes were completed successfully, with optimal system and network performance.

Network Engineer

Bank Of America
Indianapolis, IN
12.2022 - 05.2023
  • Developed and implemented network architecture solutions tailored to the organization’s requirements, including LAN, WAN, and cloud-based infrastructures, ensuring scalability, and reliability.
  • Configured and maintained network devices, including routers, switches, firewalls, and access points, to ensure smooth network operation and security.
  • Oversee the installation and seamless integration of new hardware and software into the existing network environment, ensuring minimal disruption to operations.
  • Identified and resolve network issues, including connectivity problems, performance degradation, and hardware failures, ensuring continuous network availability.
  • End-User & IT Support: Provide expert support to end users, and collaborate with other IT teams to address and resolve network-related issues in a timely manner.
  • Utilized advanced network monitoring tools to detect potential issues before they impact operations, ensuring high network uptime and performance.
  • Continuously monitor network performance, making adjustments to improve speed, efficiency, and overall system health.
  • Analyzed network traffic patterns, and predict future growth requirements to ensure network scalability and capacity planning.
  • Diagnosed and resolved network performance bottlenecks, ensuring efficient and uninterrupted network communication.
  • Implemented and managed critical network security measures, including firewalls, IDS/IPS, and VPNs, to safeguard the organization’s data and assets.
  • Ensured that all network security configurations comply with industry best practices, organizational policies, and regulatory standards.
  • Responded promptly to security breaches, conduct thorough investigations, and address vulnerabilities to mitigate risks to the network.
  • Created and maintain comprehensive documentation for network configurations, changes, and procedures, ensuring clear communication and knowledge sharing.
  • Generated detailed reports on network performance, incidents, and improvement initiatives, presenting findings and recommendations to stakeholders for informed decision-making.

Network Engineer

Wipro
Hyderabad, Telangana, India
06.2019 - 05.2021
  • Managed the administration of Checkpoint Firewalls by defining and periodically reviewing firewall rules to ensure optimal security and compliance with organizational policies.
  • Configured and troubleshot routing protocols, including BGP, OSPF, and EIGRP, ensuring efficient network routing and performance.
  • Configured IP access filter policies and utilized network analysis tools to monitor and maintain network security and performance.
  • Hands-on experience with F5 load balancers (6400, 6800, 8800 series), performing troubleshooting and optimization tasks to ensure high availability and load balancing across the network.
  • Responsible for configuring Site-to-Site VPNs between the Head Office and branch locations, ensuring secure communication across remote sites.
  • Configured and troubleshot Juniper EX2200, 2300, and 4500 series switches, as well as Cisco ISR and ASR series routers, to ensure network connectivity and performance.
  • Managed the configuration and troubleshooting of a range of routers, including Cisco 1700, 2600, and 3500 series, handling various tasks such as bridging, switching, routing, Ethernet, NAT, DHCP, and supporting LAN/WAN environments.
  • Administered L2/L3 switching technologies, including creating and managing VLANs, configuring port security, trunking, STP, inter-VLAN routing, and securing LANs to prevent unauthorized access.
  • Configured Cisco IOS features like NAT and SNMP for enhanced network security, and monitored remote sites using network management tools to ensure seamless connectivity.
  • Assisted in infrastructure design and upgrades, including LAN backbone connections, and provided troubleshooting support to LAN administrators for network connectivity issues.
  • Led the upgrade of Cisco switches and routers, such as 2811, 3850, 3650, 3560, and 4500 series, ensuring that all hardware was running the latest software versions and configurations.
  • Configured private VLANs to mitigate VLAN hopping attacks and implemented security measures like IP source guard and DHCP snooping to prevent spoofing.
  • Enhanced Spanning Tree Protocol (STP) to improve network convergence by enabling features like Port-fast, Uplink-fast, and Backbone-fast, ensuring faster recovery and reduced downtime.

Associate Engineer

Global Logic Technologies
Hyderabad, Telangana, India
10.2017 - 06.2019
  • Continuously monitor network traffic and performance metrics using network monitoring tools.
  • Detect anomalies or performance bottlenecks and promptly report them to senior network engineers or IT management.
  • Perform routine checks on network devices and systems to ensure proper functionality and efficiency.
  • Maintain detailed records of network performance, maintenance activities, issues detected, and corrective actions taken.
  • Assist in configuring network devices, such as routers, switches, and firewalls, in compliance with established guidelines and design documents.
  • Support the installation and integration of new networking hardware and software by setting up devices and verifying their functionality.
  • Update network diagrams and documentation to reflect changes or new configurations.
  • Verify network device configurations to ensure compliance with design and security policies.
  • Provide support to end-users or IT staff facing network-related issues, such as connectivity problems or slow performance.
  • Use diagnostic tools like ping tests, traceroutes, and log analysis to identify the root cause of network issues.
  • Escalate complex or unresolved issues to senior engineers or support teams for further assistance.

Education

Master of Science - MSEIS

Indiana Institute of Technology
Fort Wayne, IN
05-2023

Skills

  • Wireless networking support
  • Infrastructure planning and design
  • Firewall security
  • Firewalls and endpoint security
  • Firewall management tools
  • Security architecture and technologies
  • Firewalls (Palo Alto 3000/5000, Cisco Firepower 2120 firewalls, Fortinet 100, 200 Appliance)
  • Network Security (ACLs, IPsec, VPN, Port Security, AAA, and IDS/IPS)
  • Routing (OSPF, EIGRP, BGP, RIP-2, PBR, route filtering, redistribution, summarization, static routing)
  • Routers (Cisco 76XX, 72XX, 45XX, 38XX series, ISR, and ASR)
  • Load Balancer (F5 Networks (BigIP) & Brocade Load Balancers)
  • Switching (VLAN, VTP, STP, PVST, RPVST, Inter-VLAN routing, Multi-Layer Switching, Multicast Operations, Layer 3 Switches, EtherChannels, Transparent Bridging)
  • Switches (Cisco 65XX, 37XX series, and Juniper EX)
  • Cisco ACS server (RADIUS, TACACS, and Digital Signatures)
  • LAN (Fast Ethernet, Gigabit Ethernet)
  • WAN (VPN, MPLS, SSL)
  • Features and Services (HSRP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP, and FTP Management, SYSLOG, Network Monitor Tool)
  • Reports (Microsoft Visio)
  • Operating System (DOS, Windows (95, 98, NT/2000, XP, Vista/7/8/10), Cisco IOS, Pan-OS, JUN-OS)
  • Virtualization (VMWARE (vSphere and Venter))

Certification

  • • Cisco Certified Network Associate (CCNA) •
  • Cisco Certified Network Professional (CCNP)

Timeline

Network Engineer

HCL Tech
01.2024 - Current

Network Engineer

Statefarm Insurance
06.2023 - 01.2024

Network Engineer

Bank Of America
12.2022 - 05.2023

Network Engineer

Wipro
06.2019 - 05.2021

Associate Engineer

Global Logic Technologies
10.2017 - 06.2019

Master of Science - MSEIS

Indiana Institute of Technology

Similar Profiles

CREATE PROFILE
Apoorva A