Sandeep Kunchala

• Designed and support the consolidation of data centers utilizing Cisco 6500, Nexus 2K, 5K and 7K infrastructure.
• Involved in configuring and implementing of composite Network models consists of Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• To troubleshoot complex networks layer 1, 2 and layer 3 (Ten Gigabit circuits, Routing with BGP, OSPF, RIP Routing protocols) technical issues.
• Experienced in providing a plan, designing and implementing the services for the enterprise class data center networks with leading technologies such as virtual port channel (VPC), virtual extensible LANs, Fabric path and Overlay Transport Virtualization (OTV) in NX-OS
• Strong networking capability and knowledge of different firewall platforms to help in random identification and isolation of issues during outages and incidents.
• Participated in the installation, configuration, post installation daily operational tasks and configuration and deployment of Cisco Nexus equipment.
• To troubleshoot complex networks layer 1, 2 (Frame Relay, ISDN, Point to Point, ATM) to layer 3 (Routing with MPLS, BGP, OSPF, EIGRP, and RIP Routing protocols) technical issues.
• Worked on a project to update and manage configuration parameters for data center and servers using Python scripting.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, and Cisco 3800 series routers
• Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls
• Configuring and enable Net flow on layer 3 ingress ports with defined active timers.
• Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding and also Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Implemented traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Used Net Flow Data statistics from Net Flow engine and export it to a Net Flow Collector for storage.
• Good knowledge on lexicon, regex, and content type filtering on Iron port  Supported a user base of more than 30000+ active accounts across multiple domains.
• Deployed, configured and implemented cisco 6800 catalyst switch.
• Dealt with monitoring and documenting the services in compliance to the SLA requirements as a NOC team member.
• Experience in working with Network automation tools and testing for network change and configuration management.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Worked on Juniper SA 2500 to configure SSL VPN clients  Experience working with Exchange 2010 SP3 for planning and deployment.
• Worked with Management tools like CSM and Cisco ACS.
• Worked with Cisco IOS, NX-IOS, IOS-XR.
• Worked with MPLS to improve quality of service (QoS) by defining LSPs that can meet specific service level agreements (SLAs) on traffic latency, jitter, packet loss and downtime.
• Worked on GUI and CLI monitoring for UCS data management using xml API
• Worked with Load balancing device like F5 Big-IP local traffic manager (LTM) 1600.
• Hands on experience in F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Experienced in working with BIG-IP Edge Portal and BIG-IP Edge Client.
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
• Implemented various OSPF scenarios on networks consisting of 7600 routers.  Configured policy based routing for BGP for complex network systems.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local preference.
• Worked with Nagios for monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH).
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs in the network.
• Provided full visibility and notification of authorized and unauthorized network access with integration of CISCO ASA/FWSM and NAC solution.

Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, Juniper SRX100, Fortinet Next Generation Fire Walls, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Checkpoint, Cisco ASA, AWS, TCL, Riverbed, Clustered SQL server 2014/2012/2008R2/2008/2005, DC migration, Active-Active& Active-Passive Clustering, Windows 2012/2008R2/2008/2003

Responsibilities:

• Managing and configuring Cisco Switches and Routers independently.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Configured various Routing protocols such as RIP, OSPF, EIGRP, and static routing.
• Maintaining Core Switches, creating VLANs, and configuring VTP.
• Major Deliverables included meeting yearly scheduling demand for advanced switching hardware/software (Universal Translations & Centrex) instruction, in addition to cross-training in wireless technologies.
• Troubleshooting of Cisco 2900, 3900, 6500, 7500, 7200 Series routers.
• Configured static NAT, dynamic NAT, and dynamic NAT overloading.
• Palo Alto installation, configuration, administration, monitoring, and implementation of the policies.
• Palo Alto user-identification implementation with KIWI server’s user Palo Alto user-id agents.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from a TFTP server.
• In-depth expertise in the implementation, optimization, troubleshooting, and documentation of LAN/WAN networking systems.
• Responsible for designing, implementing, and troubleshooting temporary infrastructures for Live Webcasting Events.
• Involved in F5 BIG IP LTM administration, familiar with enterprise-level traffic managers like 6800, 3600, 1600,3400 series.
• Configuring and adding, moving, and removing of various IP phones like (7941, 7961, and 7971).
• Knowledge on VOIP protocols like H.323, RTP, SIP and good understanding about VOIP devices.  Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.
• Performing network monitoring, providing analysis using various tools like Wireshark, Solar winds etc.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Worked on a project to update and manage configuration parameters for data center and servers using Python scripting.
• Responsible for Cisco ASA firewall administration across our global networks.
• Responsible for L2 & L3 support of customer’s Network and Security Infrastructure devices.
• Member of a team of professionals responsible for day-to-day 24/7 management of the IT infrastructure, managing multiple Windows, and Linux servers in enterprise environment.
• Network Services – configure, manage, and monitoring through Adaptive Security Device Manager on Cisco ASA 5512, 5515, 5520, and PIX-515E firewalls, configure and troubleshoot S2S IPSec VPN’s.
• Configuring, managing, troubleshooting Cisco core switches not limited to Nexus 7009 switch, Catalyst 4507, 2960 and 3750 switches.
• Plan, schedule & perform IOS upgrade on Cisco ASA 5505, 5512, 5516, 5520 firewalls that are located in the different global regions.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Created Cisco ISE dashboards with required dashlets to sort and filter endpoint data based on endpoint categories, guest types, location or OS type.
• Configured and Implemented Cisco Identity Services Engine (ISE) with connectivity to Microsoft Active Directory for authentication including Certificate Based Authentication, Windows 2012 Certificate Authority.
  Use the data from Cisco ISE to trace out security violations in events of ransomware attacks.
• Create and implement access control lists (ACL’s) and policy maps, NAT translations, configuration and administration using Cisco ASDM, analyze Wireshark and Network Monitor captures from Cisco ASA firewalls for troubleshooting network level issues.
• Configure the Voice VLAN for IP phones on Catalyst 4507 PoE switches and worked with VoIP team in troubleshooting issues related to Voice gateway VG248 & upgrading the firmware on IP Phones like Cisco 7960 during the upgrade of Cisco UCM from v7.1 to v11.
• Implement ITIL processes to proactively monitor and address network connectivity issues in order to reduce business impact while increasing network up-time along with network monitoring tools such as PRTG and Nimsoft.
• Handle changes & maintain documentation in respect to CI items for IT assets in internal ticketing system integrated CMDB database.
• Configure and troubleshoot infrastructure services not limited to DHCP, DNS, LDAP, and SMTP.
• Resolve critical production outages/problems by extending network support to other global office locations.
• Check & troubleshoot VMware ESXi Host level connection issues with Cisco UCS fabric interconnects, Brocade switches, EMC VNX 5300, IBM Flash Storage 810 during storage vMotion/migration activities.
• Secure and maintain network and datacenter infrastructure documentation as it relates to system configuration, mapping, processes, and service records using Visio and SharePoint portal.
• Worked with Backup team on Symantec/Veritas Backup Exec 2012, 2015 and tape rotation policies.
• Worked with VMware team to build Virtual machine templates of Windows Server 2012 & RHEL OS to be available for ready-to-go deployments.
• Installed, configured Cisco Meraki equipment and web based monitoring platform for MR32 wireless access points.
• Served as primary point of contact to trace, troubleshoot and clean up malware during malicious ransomware attack incidents, educate users regarding computer and network security practices.
• Worked with multiple IT implementation & operations teams, key decision makers & stakeholders to define, understand business requirements, meet their goals; help them identify & resolve business critical issues ensuring compatibility & interoperability of in-house computing systems.
• Active team member coordinating IT stakeholders discussing best practice approaches through ITSM Change Management tools including Remedy.
• Established and maintained great partnerships with internal server, storage, network, platform services (middleware & database) teams working on service request and change procedures.
• Participated actively in proof of concept projects implementation which included storage and backup solutions from private cloud providers Amazon AWS & Microsoft Azure.

Environment:

Cisco switches - 2948/3560/4500/3560/3750/3550/3500/2960 6500 and Cisco routers - 1200/3640/7200/3845/3600/2800, Cisco Nexus 7K/5K, Cisco ASA 500, Cisco ISE, F5 BIGIP LTM,
RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP, TCL, SQL Server 2005 Integration services packages.

Responsibilities:

• Daily analyzed network traffic looking for trends and or malicious activities, created vulnerability report with action plans.
• Implemented IPSec Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with Cisco PIX and Cisco ASA Firewalls.
• Configured Security policies including NAT, PAT, VPN, route-maps and Access Control Lists.
• Active team player in network redesigning team assigned for Small Office/Campus branches. This project included changes to both existing voice and data environments.
• Responsible for installation and configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configuring OSPF, EIGRP, BGP with Access Control lists planned in Network Design Document following the ITSM change process. Configured port channel connectivity between core switches and server distribution switches connecting to storage devices.
• Implemented BGP features such as AS-override, Local preference, eBGP multipath load balancing.
• Gained knowledge on VoIP and video communications, SIP Trunking, video streaming services.
• Working knowledge and hands on experience on Cisco GSR, Catalyst 6500, 7600/7200 series enterprise routers/switches while configuring OSPF.
• Manage and implement Cisco ISE security and NAC security products, configure NAC appliance and NAC profiler to restrict endpoints based on identity or security postures, enforce policies on BYOD (mobile) devices.
• Deployed and supported Cisco Identity Services Engine (ISE) with the Cisco ASA 5500 series for VPN connectivity to endpoints in other regions across the organization.
• Experience with deployment of ISE 3315 and VM version 1.2 with VMware team to monitor enterprise-distributed Cisco equipment using Cisco ISE Web GUI.
• Implement, configure, maintain & troubleshoot Authentication, Authorization, Accounting (AAA) configurations (RADIUS / TACACS+) across the global infrastructure using Cisco Secure Access Control Server (ACS).
• Migrated data center infrastructure from one central location to a remote location, primarily from Catalyst 6500 based DC to Nexus 7009 switches at core.
• Created vPC domain, design single sided/double sided vPC, vPC peer-keep alive, vPC peer-link, and vPC member ports between Nexus 7009 and Nexus 5500 series switches in data-center.
• Upgraded NX-OS on Nexus 7009 through ISSU (In service software upgrade).
  Migrated legacy F5 LTM and GTM appliance to newer version appliances.
• Configured F5 GTM solutions, which includes WideIP, Pool Load Balancing Methods, probers and monitors.
• Maintain, install and upgrade/downgrade Cisco hardware including routers, switches, firewalls, and data center switches like Catalyst 3560/3750/6500’s, ASA 5505-5550 firewalls, and Cisco UCS 6100/B-series blade servers.
• Configured Virtual Chassis for Juniper EX-4500, EX-4200, EX 3200, EX-2200 series Ethernet switches & Juniper QFabric QFX3500 with a master and backup.
• Good understanding of Juniper Q-Fabric Operation & Design.
• Adding devices, configuring SNMP traps on network devices, health monitor, modifying device configurations to enable monitoring through Cisco Prime Infrastructure GUI.
• Worked on GTMs - F5 and A10's on DNS issues and also was a part of A10 to F5 GTM migrations.
  Configured HSRP, VLAN Trunking 802.1Q encapsulation, VLAN Routing on Catalyst 6500 switches
• Learnt Scripting for automation of processes and few PowerShell commands for Windows Servers (2008, 2012), gained familiarity with other scripting languages like bash shell scripting, Perl, Python.
  Configuration and troubleshooting of Cisco 2800, 2900, 7500, 7200 Series routers
• Experience with configuring OTV between the data centers as a layer 2 extension.
• Installed Cisco Aironet access points and add them to Cisco wireless controller (5508), manage Aruba, Cisco wireless access controllers, troubleshooting LWAPP on Aruba wireless access points.
• Review, validate Network capacity procedures and policies, best practices to ensure proper functioning of Office 365 applications including Outlook, Skype for Business applications.
• Troubleshoot and fix intermittent disconnects on MS Outlook, Active Directory user account lockouts using Account Lockout Examiner, Microsoft Support and Recovery Assistant, Wireshark captures.

Environment:

Catalyst 6500/3750/3550/3500/2950 switches, Nexus 7K, 5K switches, Cisco 7200/3600/ 2800/2900 series routers, TACACS, EIGRP, RIP, OSPF, BGP, VPN, Cisco Prime, ISE, EtherChannel, vPC, Juniper QFabric, Juniper EX series switches, Cisco UCS, F5 load balancers, Palo Alto and Cisco ASA firewalls, Outlook/Office 365

Responsibilities:

• Perform LAN/WAN network design, planning, implementation and troubleshooting.
• Installed & configured OSPF on Frame-Relay with multi-area design in core routers (Cisco 7200, 7204, 7206 routers)
• Make effective use of existing Network Monitoring Systems (SNMP Server, PRTG, NetBrain).
• Implementation of global monitoring solution using Solar Winds NPM (Network Performance Monitoring) tool.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Involved in configuring & implementing Quality of Service, QoS and policy maps on Cisco routers at branch locations.
• Designed and Implemented Cisco UCS pods in Nexus 7000 and Cisco 6500 Platform.
• Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k
• Configuration and troubleshooting OSPF link state protocol in single area and multiple areas.
• Migrated Catalyst 6500 series switches to Nexus 5K in data center.
• Configure, add, delete, and modify inbound, outbound access control list rules on Checkpoint firewalls.
• Setting up VLAN’s and configuring ISL trunk on Fast-Ethernet channel between switches.
• Implemented SNMP on Cisco routers to simplify network management and troubleshooting.
• Install, configure Routers, terminal Servers and CSU/DSU’s to support WAN links.
• Deployed and Configured QoS on LAN/WAN. Strong knowledge of various routing protocols including RIPV2, EIGRP, OSPF and BGP4 for peering request processing.
• Provided level 2 network support at remote site locations in data centers
• Worked on Catalyst 6500 Series/7600 Series ASA Service Module and Intrusion detection system (IDS), IDSM-2 meta event generator to prevent attacks such as denial of service (DoS) while working with content delivery network (CDN).
• Activities included substantial lab testing & validation prior to implementation of Nexus 7K, 5K & 2K for their connectivity towards blade servers.
• Troubleshot VLANs, VDC, Virtual port channel (vPC) and configuration on Nexus 7K.
• Troubleshoot unicast / multicast traffic on Nexus 7K core switch.
• Troubleshoot Nexus 5k switch crash event and SPAN configuration.
• Configured VLAN’s, VLAN Trunking with 802.1Q & Ether Channel for redundancy across distribution layer switches.
• Monitor 10G WAN links and multiple network egress/ingress traffic using Juniper NSMXpress.
• Worked with Cisco, Brocade, Juniper tech support teams to resolve network & infrastructure issues.

Environment: Catalyst Switches – 3750, 4500, 4508, 6500, Cisco Routers - 2600, 3600, 7613, Switches - 3750, 4500 and 6500 series and Cisco Firewall ASA 5585-X, Solar Winds, Checkpoint Firewall, Routing Protocols (EIGRP, OSPF, RIP), Switching protocols (VTP, STP, GLBP, HSRP)