Akhila Gongulur

Senior Network Security Engineer

SUMMARY:

 8 years of experience in Network and security engineering with performing Network analysis,
design, and implementation with a focus on security optimization and support of large networks.
 Hands-on experience on the Palo Alto firewall platforms PA-7050, PA-5050, PA-2000 series, PA-
200, PA-500.
 Worked on Cisco catalyst switches series, responsible for the checkpoint, cisco, and Fortinet
firewall administration across global networks.
 Hands-on expertise with routers 2800, 2900, 3800, 3900, 7200, 7600, ASR 9010, ASR 1002, and
Juniper ACX, EX 4300, MX 480, and MX 960 series.
 We have implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP,
PAgP), etc.
 Experience in managing and troubleshooting SD-WAN infrastructure.
 Strong knowledge in configuring and troubleshooting routing protocols like OSPF, VOIP, IPT, IS-IS,
SNMP, EIGRP, and BGP.
 Working knowledge with Load balancers F5 LTM like 2200, 4200v, and 7050 for various
applications.
 Proficient in Python scripting for automation of various tasks, contributing to increased operational
efficiency.

TECHNICAL SKILLS:

Firewalls Palo Alto Networks, Fortinet FortiGate, Cisco ASA firewalls, Checkpoint
Firewalls
Switches Nexus 2k/5k/7k, Arista 7k series and Juniper switches.
Routing series Cisco ISR 4000, 1000, 900, and 800, Juniper MX480 and MX960 series.
Routing Protocols OSPF, EIGRP, BGP, RIPv2, IS-IS, PBR, Route Filtering, Redistribution,
Summarization, and Static Routing.
Network Wire shark, Net flow Analyzer Net Scout, SNMP, Cisco Prime, Ethereal, HP
Management open view.
Tools
LAN Technologies SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Lightweight access
point, WLC.
Load Balancers F5 LTM, GTM and VIPRION

Professional Experience:

AXA, IL July 2024 - Present

Responsibilities:

 Used Panorama M-500 to push unified security policies across multi-site network, optimizing
configuration for firewalls like PA-5250 and PA-5220, series.
 Implemented automated workflows and scripting using Panorama’s REST API.
 Created and maintained templates in Panorama to standardize configuration settings across
different firewall deployments.
 Configured VLAN 10 and VLAN 20 with appropriate trunk ports on Cisco Catalyst switches to
support a multi-department setup.
 Worked on modifying access control lists (ACLs) on firewalls using SecureCRT, and enhanced
network security by controlling inbound and outbound traffic.
 Automated repetitive configuration tasks using SecureCRT’s scripting capabilities.
 Managed NAT (Network Address Translation) policies through ASDM for seamless communication
between internal and external networks.
 Utilized ASDM for firewall upgrades and patch management, minimizing downtime and improving
system reliability.
 Worked on SmartConsole for logging and auditing, tracking changes made to firewall policies and
troubleshooting security incidents.
 Deployed and monitored Intrusion Prevention System (IPS) policies on FMC, identifying and
mitigating potential threats in real-time.
 Analyzed high-bandwidth usage through FMC and applied traffic-shaping policies to prioritize
critical applications.
 Set up VXLAN fabric on Nexus 9300 switches for scalable data center interconnects.
 Configured and maintained Verizon FiOS Quantum Gateway routers for enterprise-grade internet
connectivity, ensuring secure and reliable access.
 Monitored and optimized network performance for Verizon routers using Verizon-provided
management tools and SNMP.
 Set up device IPs in Qualys for targeted scans, enabling precise identification of vulnerabilities
across diverse network segments.
 Enhanced scan efficiency by configuring custom scanner profiles to avoid unnecessary bandwidth
consumption during peak business hours.
 Implemented alerting mechanisms in SolarWinds, notifying the team of threshold breaches and
device outages to minimize downtime.
 Used PRTG maps and reports to document network performance trends and identify capacity
planning requirements.
 Integrated ServiceNow with monitoring tools like SolarWinds and PRTG, creating automatic
incident tickets for detected network anomalies.
 Efficiently addressed firewall configuration issues and VPN connectivity requests through
structured workflows in ServiceNow.
 Automated ticket assignment workflows in ServiceNow, ensuring proper routing to network
engineering teams based on predefined categories.

MTX Group, TX. Dec 2022 –June 2024

Responsibilities:

 Migrated Palo Alto Next-Generation firewall series PA-850, PA-3430, PA-5430, PA-7050, and PA-
7080 from Cisco PIX and ASA and source of knowledge for SD-WAN and routing trends and
technologies.
 Staged, planned, and deployed Palo Alto 5060 within Data centers, worked with Palo Alto
 Forti Manager 300D and FortiGate 6300F, and 4800F, cluster for deploying IPsec site-to-site VPNs,
upgrading the Tufin Orchestration suite from 1.8 to 2.10 on a T-1000 appliance, Forti web 1000d
secure access platform.
 Stayed current with the latest Fortinet technologies and best practices, incorporating them into
the network security strategy for continuous improvement.
 Utilize over 10 Nexus 5000/2000s switches for data center aggregation, maintaining over 200
Cisco catalyst switches for LAN access and distribution layer switching.
 Installed and configured Cisco Nexus 9k/7k/5k/3k switches for VPC, Vlans, MST, and 802.1q for
top-of-the-rack switches and distribution layer switches.
 Troubleshooting firewall issues and performing packet captures on Juniper SRX 5800, SRX 5400,
and SRX 4700 firewalls using trace options and using snoop in net screen firewall.
 Configuring/Troubleshooting issues with the following types of routers Cisco (7200, 6500, 4500,
1700, 2600, and 3500 series) to include: bridging, switching, routing, Ethernet, NAT, and DHCP as
well as assisting with customer LAN/WAN, router/firewalls.
 Designed and configured policy sets, authentication, and authorization policies on Cisco ISE to
enforce security compliance and access controls.
 Planned and executed DNS migration projects using Infoblox, consolidating multiple DNS
environments into a centralized and standardized infrastructure.
 Worked on deploying and managing intrusion detection and prevention systems (IDPS) to detect
and block unauthorized access attempts, malware, and suspicious network activities in an ISEC
environment.
 Implemented and maintained Active Directory Trusts to enable secure collaboration and resource
access between different domains and forests.
 Implemented and maintained integration with external services, such as load balancers, firewalls,
and storage, within the Cisco ACI framework.
 Stayed current with the latest Cisco ACI technologies, software updates, and best practices to
ensure the adoption of cutting-edge solutions for data center networking.
 Proven track record in troubleshooting and resolving complex issues within Viptela SD-WAN
environments, ensuring high availability and quality of service (QoS) for critical applications.
 Experience in integrating Viptela SD-WAN with security services, including firewall policies, IPsec
VPN, and encryption protocols, to enhance network security and compliance.
 Experience in conducting performance tuning and optimization on F5 VIPRION2400, 4400
systems, ensuring efficient resource utilization and effective traffic management.
 Experience in integrating F5 VIPRION with other technologies and services, such as firewalls, WAF
(Web Application Firewall), and DDoS protection solutions, to enhance security posture.
 Implemented and configured AWS CloudWatch to monitor the performance and health of AWS
resources, including EC2 instances, RDS databases, and Lambda functions.
 Implemented and optimized wireless and wired network configurations using Cisco Meraki
equipment to ensure high performance and reliability.

Charter Communications, CT March 2022 – Nov 2022

Responsibilities:

 Created VSYS builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone.
 Responsible for evaluating, testing, configuring, proposing, and implementing network, firewall,
and security solutions with Palo Alto networks.
 Provided Palo Alto administrative technical support with secure keys, High availability HA ports for
the PA-3250, PA-4000, PA-5450 series, and PA-7050 firewalls and the HA ports on the PA-7050
firewall appliances, VPN, layer 2/3, mobile security and virtual wind deployment administration,
User ID, App ID, and content ID agent configuration RADIUS, LDAP and IPsec, SSL tunneling.
 Designed and deployed complex security policies on FortiGate firewalls, including access control
lists (ACLs), firewall rules, and VPN configurations, ensuring secure network traffic and
compliance.
 Performed firewall audits for the entire firewall estate of DTNA to optimize firewall security
policies, rules, and object usage for all Forti Manager 200D and 300D, FortiGate 1000F, 2600F,
Forti Manager 5.2.4, FortiOS, 5.2.6, and Tufin secure track R13-4, R15-3; at all remote offices.
 Integrated and managed Fabric Extenders with Cisco Nexus switches, extending the network's
reach and scalability while maintaining centralized management and control.
 Experience in configuration of Juniper security appliances SRX 340, SRX 550, SRX 1600, NS 50,
SSG 550M, and SSG 520M.
 Installation and configuration of various Cisco routers like 800, 1600, 2500, and 2600, and
configuration of various Cisco switches like 2960, and 3560.
 Worked on Cisco Routers 2800, 2900, 3800, 3900, 3750, 4500, 7600 (6500-sup720), ASR 9k and
ASR 1002.
 Implemented with Cisco layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the
use of inner-VLAN routing, HSRP, ISL trunk, ether channel.
 Configured and troubleshooted HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS, and Route maps.
 Implemented and maintained Virtual Private Network (VPN) solutions using Cisco Firepower 4145,
and 4125 devices, ensuring secure remote access and site-to-site connectivity.
 Stayed updated with the latest Cisco Secure Firewall 3105, 3110 features, firmware updates, and
best practices to ensure the network remains secure against evolving threats.
 Managed and maintained Cisco ISE infrastructure, including software upgrades, patch
management, and system optimizations for improved performance.
 Implemented DNS security best practices, including DNSSEC, DNS firewall, and threat intelligence
integration within the Infoblox ecosystem.
 Implemented ISEC to adopt a holistic approach to network security, encompassing risk
assessment, threat detection, incident response, and ongoing monitoring for comprehensive
protection.
 Conducted regular security assessments of Active Directory configurations, identifying and
mitigating potential vulnerabilities to safeguard against unauthorized access.
 Implemented and maintained Cisco ACI's integration with external Layer 4-7 services, such as
firewalls and load balancers, for comprehensive application security and optimization.
 Collaborated with network architects and application teams to design and implement Cisco ACI
solutions aligned with business requirements.
 Analyzed and processed data using Python libraries such as Pandas and NumPy, extracting
meaningful insights.
 Implemented secure connectivity across distributed networks by leveraging Viptela's centralized
policy and control plane architecture.
 Experience in configuring and optimizing Viptela components including smart controllers, vEdge
routers, and vManage for efficient network operations and traffic management.
 Skilled in implementing high availability and redundancy configurations using VIPRION2400
series, ensuring uninterrupted application availability and reliability.
 Extensive hands-on experience in deploying and configuring VIPRION chassis and blades,
optimizing resource allocation for efficient load balancing and traffic management.
 Skilled in implementing advanced features of Arista switches, including VXLAN, MLAG (Multi-
Chassis Link Aggregation), and Network Automation using APIs (REST, JSON), for scalable and
agile network infrastructures.
 Implemented and managed Elastic Load Balancers (ELBs) within AWS VPC to ensure high
availability and distribute traffic across multiple instances.
 Implemented and managed domain registration and transfer processes through the Amazon
Route 53 console, ensuring accurate and up-to-date domain information.
 Implemented and managed backup connections and diverse routing to ensure high availability
and redundancy for AWS Direct Connect links.
 Implemented and maintained Aruba's RFProtect technology for wireless intrusion detection and
prevention, enhancing the overall security of the wireless infrastructure.

Hartsfield Jackson Int Airport, GA June 2018 –Sep 2021

Responsibilities:

 Installed and configured Palo Alto PA-2000 series box and troubleshooted for network issues.
 Configuration and troubleshooting of Cisco catalyst 6509, and 7613 with supervisor cards.
 Implemented and configured routing protocols like EIGRP, OSPF, and BGP.
 Experience with converting checkpoint VPN rules over to the Cisco ASA solution. Migration with
Cisco ASA VPN experience.
 Skilled in designing and implementing security policies on Check Point firewalls to control and
monitor network traffic effectively.
 Experience in integrating NetScaler ADC with various application delivery and networking
technologies, such as virtualization platforms, cloud services, and SD-WAN solutions.
 Proficient in optimizing NetScaler configurations to achieve optimal performance, scalability, and
reliability for critical applications and services.
 Experience in using Wireshark for deep packet inspection and analysis of network traffic across
various protocols, including TCP/IP, UDP, HTTP, DNS, and others.
 Expertise in capturing live network packets or analysing pre-captured packet traces using
Wireshark, applying filters to isolate and focus on specific traffic patterns or protocols.
 Skilled in using SolarWinds' network packet analysis features to perform root cause analysis and
troubleshoot complex network issues affecting performance.
 Skilled in analyzing Tetration data to gain insights into application behaviour, latency issues, and
performance degradation across the infrastructure.
 Collaborated with cross-functional teams on Python projects, ensuring code quality and adherence to best
practices.
 Skilled in implementing TrustSec Security Group Tags (SGTs) to dynamically classify and enforce
access policies for users, devices, and applications.

Lycos Private Ltd, India. June 2016 – May 2018

Responsibilities:

 Implemented a network monitoring tool for monitoring servers, routers, and other network
resources.
 Supported core network consisting of Cisco 7200 series routers running multi-area OSPF.
 Connected switches using trunk links and Ether channel.
 Managed network security process using ASA firewalls.
 Worked with the team in designing network architecture for a B2C environment.

Education - BSC Science in Parbhani University Aurangabad Maharashtra