Documente Academic
Documente Profesional
Documente Cultură
F5 Certified
Sumet Patel
santosh@softnice.com
610-335-1079
Phone Number : 682-251-0188,
Email Address: patil.sumett@gmail.com
Professional Summary
7+ years of experience in Networking and Security, including hands-on experience in providing network support,
installation and analysis for a broad range of LAN / WAN communication systems.
Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification
of Palo Alto PA-500, PA-2k, PA-3k, PA-5k & PA-7050, Check Point/Nokia Firewall VPN-1 FW-1 NGX R65, R70 &
R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager command line & GUI, Cisco Pix
and IOS Firewall, Cisco ACL & Cisco ASA
Knowledge of DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN
Proficient in implementing and support of Network product lines like Cisco, F5 for various functionality within the
architected framework
Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router
models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900
series switches
Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis
Configuration of SSL VPN through access blade and up-gradation of Firewall
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment
Configuring firewall filters, routing instances, policy options.
Expertise on Cisco Datacenter Switches such as Nexus 6500, 7000.
Proficient in setting up IT infrastructure including wide area networks (WAN) / local area networks (LAN), security
management systems & networking devices administration.
Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200,
3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.
Controlling, monitoring and troubleshooting LAN, WAN and VoIP technologies, Avaya Voice gateways
Understanding of IPSEC & GRE tunnels in VPN implementation using Cisco IOS and checkpoint firewall /VPN,
Juniper SSG, Juniper SRX, NetScreen
Load Balancer F5 LTM/GTM, F5 BIG IP, F5 BIG-IP LTM, F5 BIG-IP GTM
Hands on experience with the usage of diagnosis tools like TCPDUMP for analyzing the real time statistics during
the packet flow.
Palo Alto installation, configuration, administration, monitoring and implementing the policies
Palo Alto, 3060,5060, and 7050
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing
and supporting Checkpoint Gateways
Maintained, configured, and installed Cisco ASA 5520 Firewall
Palo Alto user-identification implementation with KIWI servers user Palo Alto user-id agents
Palo Alto integration with VMware Virtual Desktop infrastructure
Provided Tier 3 support on SourceFire IPS/NGFW sensor placement and deployments. Assisted junior
analysts in packet analysis and snort rule creation.
Managed multiple security devices in order to protect the Enterprises network Vulnerability Scanners,
Malware Detection, Intrusion Detection; Host based Firewalls, SIEM, Web Application Firewall
Palo Alto SSL decryption installation and configuration on PA 3060,5060, and 7050
Experience in Qualys policy compliance in detecting internal and external threats and vulnerability
Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client
networks
Administration of ACAS, Tenable, systems including Security Center, Nessus, PVS, LCE
Ability to configure and monitor security tools such as security information and event management (SIEM)
QRadar.
Support for all migrations, upgrades, PCI and SOX audit requirements, and vulnerability assessments.
EA Sports, Orlando, FL
Palo Alto /Network Security Engineer
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and
supporting Checkpoint Gateways.
Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
Worked on F5 Load Balancer to load balance the Unified CVP http and https traffic.
Deployed the Unified CVP solution with F5 BIG-IP load balancer in Standalone and Comprehensive deployment
models for HTTP load balancing.
F5 Networks Configuring BIG-IP ASM v11: Application Security Manager (TMOS 11.X) -2015
Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
Configured F5 BIG-IP for server load balancing, global data center load balancing, DNS services, web application
firewall, access management, web performance optimization, and WAN optimization.
Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for
routers/switches/firewalls.
Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business
requirements.
Maintained, configured, and installed Cisco and Juniper routers and switches: 7500/catalyst
6500/RV320/2960/catalyst 3550/12410, 12816, 1204 series, Nexus 7k and 5k, WLC, and ASA 5540
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from
various other equipment.
Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto
appliances serving as firewalls and URL and application inspection.
Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher
(RD), Route Target (RT), Label Distribution Protocol.
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business
requirements.
Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering)
Successfully installed Palo Alto PA-3060 firewalls to protects Data Center
Implemented Positive Enforcement Model with the help of Palo Alto Networks
Exposure to wild fire feature of Palo Alto
Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating
Access/distribution and core layer switching architecture.
Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Exposure to wild fire feature of Palo Alto.
General Day to day Data Center operations; Contact with engineers, hardware planners and management to
prevent and solve issues within the Data Center environment.
Reported directly to the Senior Vice President of Data Center Operations daily.
performance, Cisco AMP for Endpoints deployed on PCs, Macs, Linux, mobile devices, and virtual environments
Cisco AMP for Endpoints uses cloud-based big data analytics to go beyond point-in-time detection, constantly reevaluating data gathered over time to detect stealthy attacks.
Worked on SIEM tolls such as Splunk, SolarWinds , LogRhythm
Responsible for Cisco ASA firewall administration across our global networks
Provided Level-3 Network support for Cisco Switches and Cisco ASA 5500 Series Security Appliances.
Configuring and Troubleshooting Cisco Firewall/ASA, Checkpoint FW, Bluecoat ProxySG and Cisco Ironport.
Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA firewall
Installed and tested Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS
switching for stable VPNs.
Experience using Qualys Tool for networking discovery and mapping, asset prioritization,
vulnerability assessment and tracking.
Troubleshooting with the full range of Fortinet products with primary focus on Fortigate and FortiAP
Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
Experience in Qualys policy compliance in detecting internal and external threats and vulnerability.
Supported on Cisco Nexus 5000 and Nexus 7000 Series Switch fabric links.
Designed and implemented IT security policies and networked backup systems.
Configured route redistribution between OSPF and EIGRP in a multi-area OSPF network.
Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
Daily responsibilities included design, implementation, support and administration of multiple security products
running CheckPoint Provider-1 and VSX.
Worked on Sourcefire for virus detection and source vulnerability detection.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers.
Provided tier 3 support for CheckPoint Firewall-1 software to support customers.
Assist network operations and level two network engineers in the diagnosis of difficult or complex network related
problems.
Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and
supporting Checkpoint Gateways.
Chevron, Houston, TX
Network Security Specialist
Migrations included and not limited to Cisco to Cisco and Cisco to Checkpoint and Checkpoint to Checkpoint
Worked extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series
switches and Cisco 3560/3750s switches
Configuration and support of Juniper Netscreen firewalls and Palo Alto firewalls.
Worked on F5's Traffic Management Operating System (TMOS) ensuring applications are fast, secure and
available.
Palo Alto design and installation for Application and URL filtering
Configured and troubleshot Palo Alto firewall using CLI.
Appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design
Configuring VPN, clustering and ISP redundancy in Checkpoint firewall
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security
Monitoring and troubleshooting traffic through Smart View Tracker
Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning &
configuring VLANs/routing/NATing with the firewalls as per the design.
Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
New firewall design, installation, routing configuration & implementation. Manage and support Remote Access
VPN setup for users and field locations with Nortel VPN Captivity Switch and RSA Secure IDS two-factor
authentication
Configured RIP, OSPF and static routing on Juniper routers.
Configuring, maintaining and troubleshooting IPS and IPS-1 in Checkpoint
Maintain the periodical software update on security devices depends upon the bugs fixed with the new software
releases
Implementation, configuration and support of Checkpoint and ASA firewalls for multiple clients
Firewall Policy administration and work with user requests submitted by users
Maintain the security standards across the security devices as per the security policies. IDS/IPS Signature
updates and CSM Management
Implemented and troubleshooting the Virtual firewalls (Contexts) solutions in ASA
Designed and implemented various Routing protocols such as OSPF, EIGRP, RIP, BGP across networks in
multiple locations
Managed multiple security devices in order to protect the Enterprises network Vulnerability Scanners,
Malware Detection, Intrusion Detection; Host based Firewalls, SIEM, Web Application Firewall
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs
Build IT security infrastructure including Checkpoint, Juniper and Palo Alto firewalls
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
Implemented and troubleshooting the Virtual firewalls (Contexts) solutions in ASA
Worked on Juniper firewall
Heinz, Pittsburgh, PA
Network and Security Engineer
Configured redundant interfaces, DHCP server, DHCP relay, ntp settings, and sub interfaces on firewalls
Built and support VRRP / Cluster based HA of Checkpoint firewalls
Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client networks
Perform advanced troubleshooting using Packet tracer and tcpdump on firewalls
Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineers
instructions and troubleshooting any related issues
Security Device Palo Alto/ASA Firewalls, Sourcefire IPS/IDS, VPN
Configuring ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection.
Configuring various VPNs like IPsec Site to Site, SSL VPN.
Deploying Cisco WSA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA firewall
Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools
Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures
Automation of security operations and optimizing the usage of infrastructure
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment
Configuration of SSL VPN through access blade and up-gradation of Firewall
Participated in Pfizer Legacy Data Center Network Infrastructure Transition and Disaster Recovery Center
transition for various locations
Create policies, alerts and configure using SIEM tools (Splunk , SolarWinds , LogRhythm)
Internal and External audits related to PCI and SOX
Works closely with Customers in determining the business needs for a Project and build Detail design which
includes Data Flow diagram, Logical and Physical Diagram
Planning, designing and implementing a secure ODC Network setup for upcoming projects.
PROFESSIONAL SKILLS
Cisco and other vendor equipment:
Cisco routers (7200, 3800, 3600, 2800, 2600, 1800 series), Catalyst 6500, 4500, 4900, 3750, 3500, 2900
Firewalls: Palo Alto, Checkpoint R55/R75/R77/ Firewall-1, Cisco ASA
SWITCHES
Cisco Multi-layer Switch 6500, Catalyst 4500, Catalyst3750, Catalyst2900 and Catalyst 3500XL
ROUTERS
Cisco 2811, Cisco 6509-E (Multi-layer Switch), Cisco7200, Cisco3800, Cisco 3640, and Cisco 3745
Routing Protocols: EIGRP, OSPF, BGP, RIP & IGRP
Infrastructure Services: DHCP, DNS, SMTP, FTP, TFTP, IIS
Load Balancer F5-Big-Ip, LTM, Ax10, Brocade ADX