You are on page 1of 6

Cisco Certified

Palo Alto PCNSE Certified

F5 Certified

Sumet Patel
santosh@softnice.com
610-335-1079
Phone Number : 682-251-0188,
Email Address: patil.sumett@gmail.com
Professional Summary

7+ years of experience in Networking and Security, including hands-on experience in providing network support,
installation and analysis for a broad range of LAN / WAN communication systems.
Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification
of Palo Alto PA-500, PA-2k, PA-3k, PA-5k & PA-7050, Check Point/Nokia Firewall VPN-1 FW-1 NGX R65, R70 &
R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager command line & GUI, Cisco Pix
and IOS Firewall, Cisco ACL & Cisco ASA
Knowledge of DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN
Proficient in implementing and support of Network product lines like Cisco, F5 for various functionality within the
architected framework
Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router
models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900
series switches
Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis
Configuration of SSL VPN through access blade and up-gradation of Firewall
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment
Configuring firewall filters, routing instances, policy options.
Expertise on Cisco Datacenter Switches such as Nexus 6500, 7000.
Proficient in setting up IT infrastructure including wide area networks (WAN) / local area networks (LAN), security
management systems & networking devices administration.
Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200,
3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.
Controlling, monitoring and troubleshooting LAN, WAN and VoIP technologies, Avaya Voice gateways
Understanding of IPSEC & GRE tunnels in VPN implementation using Cisco IOS and checkpoint firewall /VPN,
Juniper SSG, Juniper SRX, NetScreen
Load Balancer F5 LTM/GTM, F5 BIG IP, F5 BIG-IP LTM, F5 BIG-IP GTM
Hands on experience with the usage of diagnosis tools like TCPDUMP for analyzing the real time statistics during
the packet flow.

Delta Airlines, Eagan, MN


Palo Alto /F5 Engineer

Nov 2015 -Present

Palo Alto installation, configuration, administration, monitoring and implementing the policies
Palo Alto, 3060,5060, and 7050
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing
and supporting Checkpoint Gateways
Maintained, configured, and installed Cisco ASA 5520 Firewall
Palo Alto user-identification implementation with KIWI servers user Palo Alto user-id agents
Palo Alto integration with VMware Virtual Desktop infrastructure

Palo Alto upgradation and degradation


F5 configuration, installation and monitoring with F5 APM
Implementing checkpoint policies with multiple gateways in clusters
Configured VLAN trunking with Palo Alto interface
Maintained, configured, and installed Cisco routers and switches: 7500/catalyst 6500/RV320/2960/catalyst
3550/12410, 12816, 1204 series, Nexus 7k and 5k, WLC, and ASA 5540
Configured routes on Palo alto firewalls 3060, 5060, 7050
Citrix Net scalar with DMZ and internet firewalls
Worked on F5 BIG-IP Local Traffic Manager (LTM) to automate, and customize applications in a reliable,
secure, and optimized way
F5 Agility 2016 Boot Camps - SSL iRules, ASM Level III, HTTPS iRules
Working with Cisco Catalyst/Nexus/UCS/MDS, and F5's including ASM's
Established IPSec VPN tunnels between branch offices and headquarter using Cisco ASA Firewall
Programmed iRule in F5 BIG-IP device based on F5's exclusive to unprecedentedly control and directly
manipulate and manage any IP application traffic.
Experience in integrating identity federation with Cloud (SaaS) SAML based applications using F5 APM.
Strong production experience in managing F5 BIG-IP APM and LTM.
Used F5 BIG-IP Local Traffic Manager (LTM) and provided a flexible, high-performance application delivery
system to increases operational efficiency and ensures peak network performance for critical business
applications.
Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineers
instructions and troubleshooting any related issues
Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX,
NetScreen Firewalls, Check Point Provider-1 / VSX, Nokia VPN, Palo Alto IDS, Foundry / F5 Load Balancers,
and Blue Coat Packet Shaper systems
Experience with Juniper environment including SRX/Junos Space.
Configuring TACACS, LDAP, and RADIUS for Cisco ASA and Palo Alto firewalls
Integrating Panorama with Palo alto firewalls, managing multiple Palo Alto firewalls using Panorama
Palo Alto App ID migration from the legacy based port rules for PA 5060, 7050
Citrix Net scalar configuration and installation and monitoring
Cisco AMP for Endpoints provides automation through advanced behavioral detection capabilities that
deliver a prioritized and collated view of top areas of compromise and risk.
SIEM tuning and log analysis of alerts.

Provided Tier 3 support on SourceFire IPS/NGFW sensor placement and deployments. Assisted junior
analysts in packet analysis and snort rule creation.
Managed multiple security devices in order to protect the Enterprises network Vulnerability Scanners,
Malware Detection, Intrusion Detection; Host based Firewalls, SIEM, Web Application Firewall
Palo Alto SSL decryption installation and configuration on PA 3060,5060, and 7050
Experience in Qualys policy compliance in detecting internal and external threats and vulnerability
Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client
networks
Administration of ACAS, Tenable, systems including Security Center, Nessus, PVS, LCE

Ability to configure and monitor security tools such as security information and event management (SIEM)
QRadar.
Support for all migrations, upgrades, PCI and SOX audit requirements, and vulnerability assessments.

EA Sports, Orlando, FL
Palo Alto /Network Security Engineer

Feb 2014 Oct 2015

Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and
supporting Checkpoint Gateways.
Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
Worked on F5 Load Balancer to load balance the Unified CVP http and https traffic.

Deployed the Unified CVP solution with F5 BIG-IP load balancer in Standalone and Comprehensive deployment
models for HTTP load balancing.
F5 Networks Configuring BIG-IP ASM v11: Application Security Manager (TMOS 11.X) -2015
Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
Configured F5 BIG-IP for server load balancing, global data center load balancing, DNS services, web application
firewall, access management, web performance optimization, and WAN optimization.
Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for
routers/switches/firewalls.
Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business
requirements.
Maintained, configured, and installed Cisco and Juniper routers and switches: 7500/catalyst
6500/RV320/2960/catalyst 3550/12410, 12816, 1204 series, Nexus 7k and 5k, WLC, and ASA 5540
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from
various other equipment.
Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto
appliances serving as firewalls and URL and application inspection.
Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher
(RD), Route Target (RT), Label Distribution Protocol.
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business
requirements.
Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering)
Successfully installed Palo Alto PA-3060 firewalls to protects Data Center
Implemented Positive Enforcement Model with the help of Palo Alto Networks
Exposure to wild fire feature of Palo Alto
Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating
Access/distribution and core layer switching architecture.
Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Exposure to wild fire feature of Palo Alto.
General Day to day Data Center operations; Contact with engineers, hardware planners and management to
prevent and solve issues within the Data Center environment.
Reported directly to the Senior Vice President of Data Center Operations daily.
performance, Cisco AMP for Endpoints deployed on PCs, Macs, Linux, mobile devices, and virtual environments
Cisco AMP for Endpoints uses cloud-based big data analytics to go beyond point-in-time detection, constantly reevaluating data gathered over time to detect stealthy attacks.
Worked on SIEM tolls such as Splunk, SolarWinds , LogRhythm
Responsible for Cisco ASA firewall administration across our global networks
Provided Level-3 Network support for Cisco Switches and Cisco ASA 5500 Series Security Appliances.
Configuring and Troubleshooting Cisco Firewall/ASA, Checkpoint FW, Bluecoat ProxySG and Cisco Ironport.
Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA firewall
Installed and tested Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS
switching for stable VPNs.

Experience using Qualys Tool for networking discovery and mapping, asset prioritization,
vulnerability assessment and tracking.

Troubleshooting with the full range of Fortinet products with primary focus on Fortigate and FortiAP
Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
Experience in Qualys policy compliance in detecting internal and external threats and vulnerability.
Supported on Cisco Nexus 5000 and Nexus 7000 Series Switch fabric links.
Designed and implemented IT security policies and networked backup systems.
Configured route redistribution between OSPF and EIGRP in a multi-area OSPF network.
Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.

Daily responsibilities included design, implementation, support and administration of multiple security products
running CheckPoint Provider-1 and VSX.
Worked on Sourcefire for virus detection and source vulnerability detection.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers.
Provided tier 3 support for CheckPoint Firewall-1 software to support customers.
Assist network operations and level two network engineers in the diagnosis of difficult or complex network related
problems.
Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and
supporting Checkpoint Gateways.

Chevron, Houston, TX
Network Security Specialist

Apr 2012 Jan 2014

Migrations included and not limited to Cisco to Cisco and Cisco to Checkpoint and Checkpoint to Checkpoint
Worked extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series
switches and Cisco 3560/3750s switches
Configuration and support of Juniper Netscreen firewalls and Palo Alto firewalls.
Worked on F5's Traffic Management Operating System (TMOS) ensuring applications are fast, secure and
available.
Palo Alto design and installation for Application and URL filtering
Configured and troubleshot Palo Alto firewall using CLI.
Appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design
Configuring VPN, clustering and ISP redundancy in Checkpoint firewall
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security
Monitoring and troubleshooting traffic through Smart View Tracker
Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning &
configuring VLANs/routing/NATing with the firewalls as per the design.
Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
New firewall design, installation, routing configuration & implementation. Manage and support Remote Access
VPN setup for users and field locations with Nortel VPN Captivity Switch and RSA Secure IDS two-factor
authentication
Configured RIP, OSPF and static routing on Juniper routers.
Configuring, maintaining and troubleshooting IPS and IPS-1 in Checkpoint
Maintain the periodical software update on security devices depends upon the bugs fixed with the new software
releases
Implementation, configuration and support of Checkpoint and ASA firewalls for multiple clients
Firewall Policy administration and work with user requests submitted by users
Maintain the security standards across the security devices as per the security policies. IDS/IPS Signature
updates and CSM Management
Implemented and troubleshooting the Virtual firewalls (Contexts) solutions in ASA
Designed and implemented various Routing protocols such as OSPF, EIGRP, RIP, BGP across networks in
multiple locations
Managed multiple security devices in order to protect the Enterprises network Vulnerability Scanners,
Malware Detection, Intrusion Detection; Host based Firewalls, SIEM, Web Application Firewall

Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs
Build IT security infrastructure including Checkpoint, Juniper and Palo Alto firewalls
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
Implemented and troubleshooting the Virtual firewalls (Contexts) solutions in ASA
Worked on Juniper firewall

Heinz, Pittsburgh, PA
Network and Security Engineer

Hands on experience on all software blades of checkpoint firewall


Configuring VPN, clustering and ISP redundancy in Checkpoint firewall
Configuring, maintaining and troubleshooting IPS and IPS-1 in Checkpoint

Dec 2010 Mar 2012

Configured redundant interfaces, DHCP server, DHCP relay, ntp settings, and sub interfaces on firewalls
Built and support VRRP / Cluster based HA of Checkpoint firewalls
Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client networks
Perform advanced troubleshooting using Packet tracer and tcpdump on firewalls
Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineers
instructions and troubleshooting any related issues
Security Device Palo Alto/ASA Firewalls, Sourcefire IPS/IDS, VPN
Configuring ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection.
Configuring various VPNs like IPsec Site to Site, SSL VPN.
Deploying Cisco WSA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA firewall
Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools
Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures
Automation of security operations and optimizing the usage of infrastructure
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment
Configuration of SSL VPN through access blade and up-gradation of Firewall
Participated in Pfizer Legacy Data Center Network Infrastructure Transition and Disaster Recovery Center
transition for various locations
Create policies, alerts and configure using SIEM tools (Splunk , SolarWinds , LogRhythm)
Internal and External audits related to PCI and SOX
Works closely with Customers in determining the business needs for a Project and build Detail design which
includes Data Flow diagram, Logical and Physical Diagram
Planning, designing and implementing a secure ODC Network setup for upcoming projects.

Orange Eye Technologies, India


Network Support Executive

May 2009 Sep 2010

Configured and supported TCP/IP networks.


Monitored the network with Cisco Works 2000.
Documented the design, implementation and troubleshooting procedures.
Configured and troubleshoot VLAN, VTP, STP and Trunks.
Responsible for procurement and installation of H/W, network drives and other IT infrastructure.
Network Administrator responsible for the full Planning, designing, installation and administration of the Corporate
WAN (wide area network).
Worked on the datacenter environment, with routers and switches.
Configuration, Management, Troubleshooting of Network devices (Routers, Switches, Firewalls, Servers, DSL
Modems etc.). Maintained the Telecommunication Connectivity using DSL and T1 Lines.
Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols.
Managed IP addressing and implemented IP Access Lists.
Evaluate and recommend inter-connectivity hardware, software, and services to fulfill various businesses needs
as requirements develop.
Worked on Routers Cisco 2620, 3750 and 2950 Switches & Link sys wireless access points.

PROFESSIONAL SKILLS
Cisco and other vendor equipment:
Cisco routers (7200, 3800, 3600, 2800, 2600, 1800 series), Catalyst 6500, 4500, 4900, 3750, 3500, 2900
Firewalls: Palo Alto, Checkpoint R55/R75/R77/ Firewall-1, Cisco ASA
SWITCHES
Cisco Multi-layer Switch 6500, Catalyst 4500, Catalyst3750, Catalyst2900 and Catalyst 3500XL
ROUTERS
Cisco 2811, Cisco 6509-E (Multi-layer Switch), Cisco7200, Cisco3800, Cisco 3640, and Cisco 3745
Routing Protocols: EIGRP, OSPF, BGP, RIP & IGRP
Infrastructure Services: DHCP, DNS, SMTP, FTP, TFTP, IIS
Load Balancer F5-Big-Ip, LTM, Ax10, Brocade ADX

LAN Protocol: HSRP, VLAN, STP, VTP, Ether Channel, Trunks.


WAN Technology: Frame Relay, ISDN, PPP, HDLC, ATM.
AAA Architecture: TACACS+, RADIUS, Cisco ACS.
Bachelors in