SlideShare a Scribd company logo

Network Security

Download as DOCX, PDF
Santosh K L
Santosh K L

This document contains a summary of Santosh K L's contact information, work experience, skills, and qualifications. Some key details include: - Over 6 years of experience in technical services, process management, team management, and client servicing roles. - Most recent role as a Technical Services Engineer at Curvature Singapore supporting Cisco products such as switches, routers, and firewalls. - Previous experience as a Senior Network Engineer at Dimension Data Bangalore supporting firewall and security products from Checkpoint, Palo Alto, Cisco, and others. - Skilled in network security, routing, switching, firewall configuration and troubleshooting, and team leadership.

1 of 5
Santosh K L Contact No.: +65 8236 8734, +91- 9686263949 E-Mail: kl.san20@gmail.com To seek challenging assignment and responsibility, with an opportunity for growth and career advancement as successful achievements.  An astute, multifaceted, results-oriented leader with an experience of 6+ years in Technical services, Process Management, Team Management & Client Servicing.  Been associated with IBM India Pvt. Ltd, Bangalore as Operations Professional & Sr. Systems engineer with Larsen & Toubro InfoTech.  Proficient at managing & leading large teams for running successful process operations & experience of developing procedures, service standards for quality excellence.  A thorough professional with a proactiveattitude, capableof thinking in and out of the box, generating new design solutions and ideas.  An exemplary team leader with proven abilities in resolving critical escalated issues of team members.  Possess excellent interpersonal, communication and organizational skills with proven abilities in team management, customer relationship management and planning. Process Management  Mapping client’s requirements & coordinating in developing, implementing the required service specified by the client.  Creating & implementing workflows to facilitate structured support in relevant areas and issues.  Sending reports to top management and maintaining agreed SLA with customers & thereby focusing on maximizing customer satisfaction with quality adherence. Team Management  Identifying and implementing strategies for building team effectiveness by promoting a spirit of cooperation between team members.  Creating and sustainingan environment that fastens development opportunities and motivating the employees for enhancing the existing performance levels.  Maintaining the attrition levels and developing career progression plans. Professional Experience Dec 2016 till present, Curvature Singapore as Technical services engineer  Workingas Technical services engineer supportingmainlyCisco products suchasSwitches, Routers, ASA, Firepower, ISE, IPS etc…  Performhardwarediagnosticsfor customer queries suspectinghardwareissues and raiseRMAaccordingly for replacement.  Configuringvirtual firewallsin cisco ASAfor network traffic isolation,troubleshootingand configuring high availability with Active/active & active/standby failover.  Deployingsite-to-siteIPsec vpn,managingCertificate Authority server for PKI based authentications, Configuring Remote Access IPSEC VPN using cisco VPN client.  Proactivenetwork monitoring with cisco IPS sensor.IPS sensor initialization with deployingin promiscuous,inline& inlinevlan pairmodes.
 Configuring and troubleshooting dynamic routing protocols OSPF, EIGRP and BGP.  Configuring and troubleshooting VLANs, VTP, STP, RSTP, etherchannel etc…  Perform day-to-day operations for managing and network and security devices in a complex multi -vendor environment.  Implement next-generation identity and accesscontrol platform,which enablesenterprises to enforcecompliance, enhance infrastructure security and streamline service operations using Cisco ISE, which uses RADIUS and TACACS+ protocols.  Manager VPN sessions, interface throughput, configure HA, IPsec site-to-site VPN etc... Using ASDM.  TroubleshootASAconnection issuesusing packet tracer feature in ASDM and keep track of real time logs using ASDM log viewer.  Configure and troubleshoot DNS, DHCP, NTP and syslog servers.  Administer and troubleshoot OSPF, EIGRP and BGP routing protocols on Cisco routers.  Prevent loop occurrence when switches areinterconnected via multiple paths using STP.  Configurelayer 2 security featureslikePortsecurity,DHCP snooping,IPsourceGuard and dynamic ARP inspection in Cisco switches. Mar 2015 till Dec 2016, Dimension Data Bangalore as Senior Network Engineer-Security  Working as Senior Network Security TAC engineer supportingmultiplevendor products such asCheckpointR77 firewall, Palo Alto firewall, Bluecoat ProxySG, Cisco ASA, Cisco ISE, Infoblox IPAM.  Administration & troubleshooting ProxySG 510 which includes policy management using VPM, web caching, content filtering, authentication & access logging using Reporter toolkit & HTTPS traffic interception.  DeployingPalo Alto firewall rightfrominstalling on VMware platform to configuring the necessary features as defined by customer.  RegisteringPANfirewall for downloading regular updates for antivirus, URL filtering and PAN OS updates for keeping the firewall up to date for protection against threats.  ConfiguringZones to isolate the security levels to inside, outside and DMZ networks as part of basic security of network.  Create multipleVirtual Routersto routedifferentcustomer traffic based on routing information in virtual routers which is similar to VRF in Cisco terminology.  Setting up dynamic routing in PAN firewall using OSPF.  Design security policies on PAN firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.  ConfigureOutbound SSL decryption on firewall, URL filtering for blocking malicious websites based on categories or the content.  Deploy Global Protect (Client VPN) for secure access over internet with encryption and site to site VPN tunnel using VTI.  Organise Captive portal for the end users to authenticate before establishing connection to internet.  Experience in configuring & troubleshooting dynamic routing protocols like OSPF and EIGRP.  OSPF route filtering based on Route-type, advertising router, interface, next-hop etc…  Optimizing OSPF by tuning Hello-interval, Dead-interval and retransmit-interval.  Worked on Checkpoint R76 & R77 GAIA platform which includes administration of checkpoint components such as Smartdashboard, SmartviewTracker and SmartUpdate etc...  Hands on experience in troubleshooting MDS (Multi Domain Server) & DMS (Domain Management Server) for managing complex network security infrastructure using Checkpoint firewall which includes VSX & clustering.  Active/standby failover setup on all the DMZ, security & vpn zones firewalls.  Failover & redundancy setup for internet facing routers with HSRP protocol & QOS for priority based traffic routing.  Configuring and troubleshooting dynamic routing protocols OSPF, EIGRP and BGP.  Configuring and troubleshooting VLANs, VTP, STP, RSTP, etherchannel etc…  Deployingsiteto siteIPsec vpn,managing Certificate Authority server for PKI based authentications, Configuring Remote Access IPSEC VPN using cisco VPN client.  Managing end user authentication using AAA services with Cisco ISE integrated with Active Directory. Sep 2013 to Mar 2015, L&T InfoTech Bangalore as Systems Engineer Chevron Texaco Corp, Singapore  As senior systems engineer I’mexposed to a complicated setup of network security infrastructurewhich includes more than 1000+ firewalls across globe.  Identify and control users regardless of IP address,location or device usingPalo Alto (PA) firewall.
 Perform day to day operations for managing and network and security devices in a complex multi -vendor environment.  Implement next-generation identity and accesscontrol platformwhich enables enterprises to enforce compliance, enhance infrastructure security and streamline service operations using Cisco ISE which uses RADIUS and TACACS+ protocols.  Manager VPN sessions, interface throughput, configure HA, IPsec site-to-site VPN etc... Using ASDM.  TroubleshootASAconnection issuesusing packet tracer feature in ASDM and keep track of real time logs using ASDM log viewer.  Configure and troubleshoot DNS, DHCP, NTP and syslog servers.  Administer and troubleshoot OSPF, EIGRP and BGP routing protocols on Cisco routers.  Prevent loops from being formed when switches are interconnected via multiple paths using STP.  Configurelayer 2 security featureslikePortsecurity,DHCP snooping,IPsourceGuard and dynamic ARP inspection in Cisco switches.  Perform network maintenance activities with proper change management approvals with scheduled downtime window.  Upgradenetwork and security devicesto keep the devices up to datewith latestfeatures and fixingknown vulnerabilities to ensure no security flaws.  In depth understanding of latest attack strategies like Advanced Persistent Threats (APT), Polymorphic attacks, blended threats, phishing & social engineering.  Wideknowledgeon cisco Iron port for URL filtering based on categories and for http & https traffic redirection via cisco IronPort.  Extensive knowledge on FIREEYE product which is Next Generation Threat Protection (NGTP) solution that provides automated threatforensicsand dynamic malwareprotectionagainstadvanced cyber threats, such as advanced persistent threats and spear phishing.  Training juniors in Network routing & switching, Network security and assisting them in their respective projects. Feb 2010 to Jan 2013, IBM India Pvt. Ltd. Bangalore as Operations Professional  Deploying and troubleshooting dynamic routing protocols such as RIP, OSPF, and EIGRP etc…  Configuringand troubleshootingNAT,Modular policyframework (MPF),advanced protocol inspection of FTP, HTTP, IM, DNS etc…  Configuringvirtual firewallsin cisco ASAfor network traffic isolation,troubleshootingand configuring high availability with Active/active & active/standby failover.  Deployingsiteto siteIPsec vpn,managing Certificate Authority server for PKI based authentications, Configuring Remote Access IPSEC VPN using cisco VPN client.  Proactivenetwork monitoring with cisco IPS sensor.IPS sensor initialization with deployingin promiscuous,inline& inlinevlan pairmodes.  IPS signaturetuning based on customer requirements to avoid malicious traffic.CustomHTTP, Atomic IP & String TCP Signatures creation to block unnecessary traffic.  Blockingand rate limitingnetwork traffic based on Application ResponseController (ARC) feature in cisco IPS.  ImplementingACL’s on IOS routers and ciscoASAfirewall to filter certain traffic.Deep packetinspection using MQC filtering tool.  Securing dynamic routing protocols using authentication & route filtering.  Mitigating against different attack vectors such as Fragmentation attacks, port security, VLAN hopping attacks, DHCP snooping, IP spoofing etc…  Plan,schedule,and implementnetwork upgrades,implementations, and migrations in a timely manner, and during times that will have the minimum impact on the users of the affected networks & systems.  Be available, on-call, to rapidly troubleshoot any problems resulting from the changes.  Relevant professional experience including working knowledge of the following technologies: a) TCP/IP networking including IP classes, subnets, multicast, NAT b) DNS and DHCP Network troubleshooting. c) Microsoft OS and Server technologies d) Mitigating attack vectors such as CAM table overflow, BPDU guard etc…
TECHNICAL PROFICIENCY ASA: ASA configuration,NAT(static,dynamic and policy Natand Nat exemption) Access Control Lists,Failover (Active-Active and Active-Standby), Security Contexts, Configuration of Modular Policy framework, Configuring transparentfirewall. VPN: Implementation of IPsec Site-to-Site VPN, GRE over IPsec,DMVPN, Remote Access VPN, SSL VPN (clientless and Anyconnect), Easy VPN, GET VPN. Identity Management: Security Protocols (TACACS+ AND RADIUS), Cisco ACS Configuration,Authentication Proxy, Cut-through Proxy and DownloadableACL. Web Security Appliance: Cisco WSA configuration such as web traffic redirection,BlockingURLs ISE: ConfiguringAAA with ISE, Integration with AD, MAB with VLAN authorization,Configurewired and wireless 802.1x,CWA for wired and wireless etc... IPS: Inlineand Promiscuous Modeconfiguration,InterfacePair,Vlan Pair. Tuningexistingand configuringnew custom signature. WLC: Configuration and troubleshootingof WLC, ManagingAP from Wireless LAN controller. Routing Protocols: Configuringand troubleshootingStatic, RIP,OSPF, EIGRP, Default Route, Summarization, Authentication, Route Filtering,Distribution List, and BGP Basic. Switching Protocols: Configuringand troubleshootingVLAN, and PRIVATE VLAN, VLAN Trunking (IEEE 802.1Q and ISL) VTP, STP (SpanningTree Protocol) security mechanism(BPDU guard, ROOT guard, BPDU filter) and Ether Channel,Switch Port Security, DHCP Snooping. HSRP, VRRP, GLBP configuration. Advanced security & Mitigating Network attack Control Planeprotection, Broadcastcontrol,TCP intercept, uRPF, IP, ARP, Mac Spoofing attacks,Fragmentation, , Smurf, Syn, Mac flooding,VLAN Hopping attack. Operating Systems: Windows XP/2003/2008/Vista/7. Windows server 2003/2008 (Worked on AD & Exchange server 2003 & 2007). Certifications Cisco Certified Internetwork Expert Security (Lab & Written) 39816 Microsoft Certified Systems Engineer (MCSE 2003) Microsoft Certified Technology Specialist (MCTS – SharePoint server 2010 configuring) Professional Courses (I) Microsoft Certified Systems Engineer (MCSE) (II) Cisco Certified Network Associate (CCNA) (III) Red Hat Certified Engineer (RHCE) (IV) Checkpoint Firewall administration.
2009 Bachelors of Engineering from Sir M Visveswaraya Institute of Technology Bangalore Date of Birth : 30th December 1987 Address : #13, 18th Street, Kanakanagar,RT Nagar post, Bangalore – 560032 CCIE Security v4 number : 39816 Languages known : English,Hindi,Kannada,Telugu Passportnumber : JF682226 Date of Expiry : 20.02.2021 I hereby declare that the above written particulars are true to the best of my knowledge and belief. Place: Bangalore Santosh K L

Recommended

Nagabhushana Rao P
Nagabhushana Rao PNagabhushana Rao P
Nagabhushana Rao P
Nagabhushan rao
 
Descripcion Tecnica del Barracuda NG Firewall
Descripcion Tecnica del Barracuda NG FirewallDescripcion Tecnica del Barracuda NG Firewall
Descripcion Tecnica del Barracuda NG Firewall
rivefapy
 
Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015
Silva_2
 
Palo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New FeaturesPalo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New Features
lukky753
 
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
LiveAction Next Generation Network Management Software
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-review
Rayan Darine
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 

Recommended

Nagabhushana Rao P
Nagabhushana Rao PNagabhushana Rao P
Nagabhushana Rao P
Nagabhushan rao
 
Descripcion Tecnica del Barracuda NG Firewall
Descripcion Tecnica del Barracuda NG FirewallDescripcion Tecnica del Barracuda NG Firewall
Descripcion Tecnica del Barracuda NG Firewall
rivefapy
 
Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015
Silva_2
 
Palo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New FeaturesPalo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New Features
lukky753
 
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
LiveAction Next Generation Network Management Software
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-review
Rayan Darine
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld
 
Biswajeeban
BiswajeebanBiswajeeban
Biswajeeban
Biswa Padhy
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
Laurent Daudré-Vignier
 
Manjesh cv
Manjesh cvManjesh cv
Manjesh cv
Manjesh N
 
Cloud Security:Threats & Mitgations
Cloud Security:Threats & MitgationsCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations
IndicThreads
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wan
DATA SECURITY SOLUTIONS
 
Arun Resume 2017
Arun Resume 2017Arun Resume 2017
Arun Resume 2017
Arun j
 
Why choose pan
Why choose panWhy choose pan
Why choose pan
Achmad Yudo
 
PAN PA4000
PAN PA4000PAN PA4000
PAN PA4000
Altaware, Inc.
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
Dr. (Engr.) OLUGBENGA BABATUNDE(FBCS,CPMP,FCIPM,FIPMA,FIMC,CMC,MNSE)
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto Networks
Harry Gunns
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
Belsoft
 
Strong Authentication & SMS / skyguide Project
Strong Authentication & SMS / skyguide ProjectStrong Authentication & SMS / skyguide Project
Strong Authentication & SMS / skyguide Project
Sylvain Maret
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Erin Sweeney
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
MOHAMMEDELALAM1
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bell
Cisco Canada
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation Firewalls
AlgoSec
 
AnyConnect Secure Mobility
AnyConnect Secure MobilityAnyConnect Secure Mobility
AnyConnect Secure Mobility
Cisco Canada
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
Belsoft
 
Naitik resume Feb2022
Naitik resume Feb2022Naitik resume Feb2022
Naitik resume Feb2022
NaitikBhatt3
 
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 YrsFinto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 

More Related Content

What's hot

VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld
 
Biswajeeban
BiswajeebanBiswajeeban
Biswajeeban
Biswa Padhy
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
Laurent Daudré-Vignier
 
Manjesh cv
Manjesh cvManjesh cv
Manjesh cv
Manjesh N
 
Cloud Security:Threats & Mitgations
Cloud Security:Threats & MitgationsCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations
IndicThreads
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wan
DATA SECURITY SOLUTIONS
 
Arun Resume 2017
Arun Resume 2017Arun Resume 2017
Arun Resume 2017
Arun j
 
Why choose pan
Why choose panWhy choose pan
Why choose pan
Achmad Yudo
 
PAN PA4000
PAN PA4000PAN PA4000
PAN PA4000
Altaware, Inc.
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
Dr. (Engr.) OLUGBENGA BABATUNDE(FBCS,CPMP,FCIPM,FIPMA,FIMC,CMC,MNSE)
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto Networks
Harry Gunns
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
Belsoft
 
Strong Authentication & SMS / skyguide Project
Strong Authentication & SMS / skyguide ProjectStrong Authentication & SMS / skyguide Project
Strong Authentication & SMS / skyguide Project
Sylvain Maret
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Erin Sweeney
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
MOHAMMEDELALAM1
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bell
Cisco Canada
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation Firewalls
AlgoSec
 
AnyConnect Secure Mobility
AnyConnect Secure MobilityAnyConnect Secure Mobility
AnyConnect Secure Mobility
Cisco Canada
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
Belsoft
 

What's hot (20)

VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
 
Biswajeeban
BiswajeebanBiswajeeban
Biswajeeban
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
 
Manjesh cv
Manjesh cvManjesh cv
Manjesh cv
 
Cloud Security:Threats & Mitgations
Cloud Security:Threats & MitgationsCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wan
 
Arun Resume 2017
Arun Resume 2017Arun Resume 2017
Arun Resume 2017
 
Why choose pan
Why choose panWhy choose pan
Why choose pan
 
PAN PA4000
PAN PA4000PAN PA4000
PAN PA4000
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto Networks
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 
Strong Authentication & SMS / skyguide Project
Strong Authentication & SMS / skyguide ProjectStrong Authentication & SMS / skyguide Project
Strong Authentication & SMS / skyguide Project
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bell
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation Firewalls
 
AnyConnect Secure Mobility
AnyConnect Secure MobilityAnyConnect Secure Mobility
AnyConnect Secure Mobility
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
 

Similar to Network Security

Naitik resume Feb2022
Naitik resume Feb2022Naitik resume Feb2022
Naitik resume Feb2022
NaitikBhatt3
 
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 YrsFinto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Resume
ResumeResume
Resume
varun bhatia
 
My Resume
My ResumeMy Resume
My Resume
Faheem Ansari
 
TIANQIANG_Carl_Network_Security
TIANQIANG_Carl_Network_SecurityTIANQIANG_Carl_Network_Security
TIANQIANG_Carl_Network_Security
carl yu
 
MOSTAFA AHMED KHATTAB-
MOSTAFA AHMED KHATTAB-MOSTAFA AHMED KHATTAB-
MOSTAFA AHMED KHATTAB-
Mostafa Khattab
 
Jatinder Singh
Jatinder SinghJatinder Singh
Jatinder Singh
Jatinder Virk
 
Network Engineer
Network EngineerNetwork Engineer
Network Engineer
varma ksn
 
Waqas Latif NE
Waqas Latif NEWaqas Latif NE
Waqas Latif NE
Waqas Latif Ch
 
Abhishek_Resume
Abhishek_Resume Abhishek_Resume
Abhishek_Resume
Abhishek Rao
 
Gaurav security profile_5_years_experience
Gaurav security profile_5_years_experienceGaurav security profile_5_years_experience
Gaurav security profile_5_years_experience
gaurav sharma
 
Resume_ejaz dt. 2.2.15
Resume_ejaz dt. 2.2.15Resume_ejaz dt. 2.2.15
Resume_ejaz dt. 2.2.15
Ejaz Ahmad
 
KIRAN UPDATED CV
KIRAN UPDATED CVKIRAN UPDATED CV
KIRAN UPDATED CV
kirankumar saraswatula
 
KRISHNAMOORTHI_NW
KRISHNAMOORTHI_NW KRISHNAMOORTHI_NW
KRISHNAMOORTHI_NW
Krishnamoorthi R
 
Samer_Sammour_CV_NEW_OCT_15
Samer_Sammour_CV_NEW_OCT_15Samer_Sammour_CV_NEW_OCT_15
Samer_Sammour_CV_NEW_OCT_15
Samer Sammour
 
Resume mohammed ahmed awad (1)
Resume mohammed ahmed awad (1)Resume mohammed ahmed awad (1)
Resume mohammed ahmed awad (1)
Mohammed Abdelwahed
 
Southern Cross Computer System
Southern Cross Computer SystemSouthern Cross Computer System
Southern Cross Computer System
Công Trần Minh
 
628577
628577628577
628577
Hayat Azizi
 
Igor lakhman net_res_v1
Igor lakhman net_res_v1Igor lakhman net_res_v1
Igor lakhman net_res_v1
Igor Lakhman
 
Resume Of Ifthekharul Islam_2016_V1.5
Resume Of Ifthekharul Islam_2016_V1.5Resume Of Ifthekharul Islam_2016_V1.5
Resume Of Ifthekharul Islam_2016_V1.5
Ifthekharul Islam
 

Similar to Network Security (20)

Naitik resume Feb2022
Naitik resume Feb2022Naitik resume Feb2022
Naitik resume Feb2022
 
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 YrsFinto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
 
Resume
ResumeResume
Resume
 
My Resume
My ResumeMy Resume
My Resume
 
TIANQIANG_Carl_Network_Security
TIANQIANG_Carl_Network_SecurityTIANQIANG_Carl_Network_Security
TIANQIANG_Carl_Network_Security
 
MOSTAFA AHMED KHATTAB-
MOSTAFA AHMED KHATTAB-MOSTAFA AHMED KHATTAB-
MOSTAFA AHMED KHATTAB-
 
Jatinder Singh
Jatinder SinghJatinder Singh
Jatinder Singh
 
Network Engineer
Network EngineerNetwork Engineer
Network Engineer
 
Waqas Latif NE
Waqas Latif NEWaqas Latif NE
Waqas Latif NE
 
Abhishek_Resume
Abhishek_Resume Abhishek_Resume
Abhishek_Resume
 
Gaurav security profile_5_years_experience
Gaurav security profile_5_years_experienceGaurav security profile_5_years_experience
Gaurav security profile_5_years_experience
 
Resume_ejaz dt. 2.2.15
Resume_ejaz dt. 2.2.15Resume_ejaz dt. 2.2.15
Resume_ejaz dt. 2.2.15
 
KIRAN UPDATED CV
KIRAN UPDATED CVKIRAN UPDATED CV
KIRAN UPDATED CV
 
KRISHNAMOORTHI_NW
KRISHNAMOORTHI_NW KRISHNAMOORTHI_NW
KRISHNAMOORTHI_NW
 
Samer_Sammour_CV_NEW_OCT_15
Samer_Sammour_CV_NEW_OCT_15Samer_Sammour_CV_NEW_OCT_15
Samer_Sammour_CV_NEW_OCT_15
 
Resume mohammed ahmed awad (1)
Resume mohammed ahmed awad (1)Resume mohammed ahmed awad (1)
Resume mohammed ahmed awad (1)
 
Southern Cross Computer System
Southern Cross Computer SystemSouthern Cross Computer System
Southern Cross Computer System
 
628577
628577628577
628577
 
Igor lakhman net_res_v1
Igor lakhman net_res_v1Igor lakhman net_res_v1
Igor lakhman net_res_v1
 
Resume Of Ifthekharul Islam_2016_V1.5
Resume Of Ifthekharul Islam_2016_V1.5Resume Of Ifthekharul Islam_2016_V1.5
Resume Of Ifthekharul Islam_2016_V1.5
 

Network Security

  • 1. Santosh K L Contact No.: +65 8236 8734, +91- 9686263949 E-Mail: kl.san20@gmail.com To seek challenging assignment and responsibility, with an opportunity for growth and career advancement as successful achievements.  An astute, multifaceted, results-oriented leader with an experience of 6+ years in Technical services, Process Management, Team Management & Client Servicing.  Been associated with IBM India Pvt. Ltd, Bangalore as Operations Professional & Sr. Systems engineer with Larsen & Toubro InfoTech.  Proficient at managing & leading large teams for running successful process operations & experience of developing procedures, service standards for quality excellence.  A thorough professional with a proactiveattitude, capableof thinking in and out of the box, generating new design solutions and ideas.  An exemplary team leader with proven abilities in resolving critical escalated issues of team members.  Possess excellent interpersonal, communication and organizational skills with proven abilities in team management, customer relationship management and planning. Process Management  Mapping client’s requirements & coordinating in developing, implementing the required service specified by the client.  Creating & implementing workflows to facilitate structured support in relevant areas and issues.  Sending reports to top management and maintaining agreed SLA with customers & thereby focusing on maximizing customer satisfaction with quality adherence. Team Management  Identifying and implementing strategies for building team effectiveness by promoting a spirit of cooperation between team members.  Creating and sustainingan environment that fastens development opportunities and motivating the employees for enhancing the existing performance levels.  Maintaining the attrition levels and developing career progression plans. Professional Experience Dec 2016 till present, Curvature Singapore as Technical services engineer  Workingas Technical services engineer supportingmainlyCisco products suchasSwitches, Routers, ASA, Firepower, ISE, IPS etc…  Performhardwarediagnosticsfor customer queries suspectinghardwareissues and raiseRMAaccordingly for replacement.  Configuringvirtual firewallsin cisco ASAfor network traffic isolation,troubleshootingand configuring high availability with Active/active & active/standby failover.  Deployingsite-to-siteIPsec vpn,managingCertificate Authority server for PKI based authentications, Configuring Remote Access IPSEC VPN using cisco VPN client.  Proactivenetwork monitoring with cisco IPS sensor.IPS sensor initialization with deployingin promiscuous,inline& inlinevlan pairmodes.
  • 2.  Configuring and troubleshooting dynamic routing protocols OSPF, EIGRP and BGP.  Configuring and troubleshooting VLANs, VTP, STP, RSTP, etherchannel etc…  Perform day-to-day operations for managing and network and security devices in a complex multi -vendor environment.  Implement next-generation identity and accesscontrol platform,which enablesenterprises to enforcecompliance, enhance infrastructure security and streamline service operations using Cisco ISE, which uses RADIUS and TACACS+ protocols.  Manager VPN sessions, interface throughput, configure HA, IPsec site-to-site VPN etc... Using ASDM.  TroubleshootASAconnection issuesusing packet tracer feature in ASDM and keep track of real time logs using ASDM log viewer.  Configure and troubleshoot DNS, DHCP, NTP and syslog servers.  Administer and troubleshoot OSPF, EIGRP and BGP routing protocols on Cisco routers.  Prevent loop occurrence when switches areinterconnected via multiple paths using STP.  Configurelayer 2 security featureslikePortsecurity,DHCP snooping,IPsourceGuard and dynamic ARP inspection in Cisco switches. Mar 2015 till Dec 2016, Dimension Data Bangalore as Senior Network Engineer-Security  Working as Senior Network Security TAC engineer supportingmultiplevendor products such asCheckpointR77 firewall, Palo Alto firewall, Bluecoat ProxySG, Cisco ASA, Cisco ISE, Infoblox IPAM.  Administration & troubleshooting ProxySG 510 which includes policy management using VPM, web caching, content filtering, authentication & access logging using Reporter toolkit & HTTPS traffic interception.  DeployingPalo Alto firewall rightfrominstalling on VMware platform to configuring the necessary features as defined by customer.  RegisteringPANfirewall for downloading regular updates for antivirus, URL filtering and PAN OS updates for keeping the firewall up to date for protection against threats.  ConfiguringZones to isolate the security levels to inside, outside and DMZ networks as part of basic security of network.  Create multipleVirtual Routersto routedifferentcustomer traffic based on routing information in virtual routers which is similar to VRF in Cisco terminology.  Setting up dynamic routing in PAN firewall using OSPF.  Design security policies on PAN firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.  ConfigureOutbound SSL decryption on firewall, URL filtering for blocking malicious websites based on categories or the content.  Deploy Global Protect (Client VPN) for secure access over internet with encryption and site to site VPN tunnel using VTI.  Organise Captive portal for the end users to authenticate before establishing connection to internet.  Experience in configuring & troubleshooting dynamic routing protocols like OSPF and EIGRP.  OSPF route filtering based on Route-type, advertising router, interface, next-hop etc…  Optimizing OSPF by tuning Hello-interval, Dead-interval and retransmit-interval.  Worked on Checkpoint R76 & R77 GAIA platform which includes administration of checkpoint components such as Smartdashboard, SmartviewTracker and SmartUpdate etc...  Hands on experience in troubleshooting MDS (Multi Domain Server) & DMS (Domain Management Server) for managing complex network security infrastructure using Checkpoint firewall which includes VSX & clustering.  Active/standby failover setup on all the DMZ, security & vpn zones firewalls.  Failover & redundancy setup for internet facing routers with HSRP protocol & QOS for priority based traffic routing.  Configuring and troubleshooting dynamic routing protocols OSPF, EIGRP and BGP.  Configuring and troubleshooting VLANs, VTP, STP, RSTP, etherchannel etc…  Deployingsiteto siteIPsec vpn,managing Certificate Authority server for PKI based authentications, Configuring Remote Access IPSEC VPN using cisco VPN client.  Managing end user authentication using AAA services with Cisco ISE integrated with Active Directory. Sep 2013 to Mar 2015, L&T InfoTech Bangalore as Systems Engineer Chevron Texaco Corp, Singapore  As senior systems engineer I’mexposed to a complicated setup of network security infrastructurewhich includes more than 1000+ firewalls across globe.  Identify and control users regardless of IP address,location or device usingPalo Alto (PA) firewall.
  • 3.  Perform day to day operations for managing and network and security devices in a complex multi -vendor environment.  Implement next-generation identity and accesscontrol platformwhich enables enterprises to enforce compliance, enhance infrastructure security and streamline service operations using Cisco ISE which uses RADIUS and TACACS+ protocols.  Manager VPN sessions, interface throughput, configure HA, IPsec site-to-site VPN etc... Using ASDM.  TroubleshootASAconnection issuesusing packet tracer feature in ASDM and keep track of real time logs using ASDM log viewer.  Configure and troubleshoot DNS, DHCP, NTP and syslog servers.  Administer and troubleshoot OSPF, EIGRP and BGP routing protocols on Cisco routers.  Prevent loops from being formed when switches are interconnected via multiple paths using STP.  Configurelayer 2 security featureslikePortsecurity,DHCP snooping,IPsourceGuard and dynamic ARP inspection in Cisco switches.  Perform network maintenance activities with proper change management approvals with scheduled downtime window.  Upgradenetwork and security devicesto keep the devices up to datewith latestfeatures and fixingknown vulnerabilities to ensure no security flaws.  In depth understanding of latest attack strategies like Advanced Persistent Threats (APT), Polymorphic attacks, blended threats, phishing & social engineering.  Wideknowledgeon cisco Iron port for URL filtering based on categories and for http & https traffic redirection via cisco IronPort.  Extensive knowledge on FIREEYE product which is Next Generation Threat Protection (NGTP) solution that provides automated threatforensicsand dynamic malwareprotectionagainstadvanced cyber threats, such as advanced persistent threats and spear phishing.  Training juniors in Network routing & switching, Network security and assisting them in their respective projects. Feb 2010 to Jan 2013, IBM India Pvt. Ltd. Bangalore as Operations Professional  Deploying and troubleshooting dynamic routing protocols such as RIP, OSPF, and EIGRP etc…  Configuringand troubleshootingNAT,Modular policyframework (MPF),advanced protocol inspection of FTP, HTTP, IM, DNS etc…  Configuringvirtual firewallsin cisco ASAfor network traffic isolation,troubleshootingand configuring high availability with Active/active & active/standby failover.  Deployingsiteto siteIPsec vpn,managing Certificate Authority server for PKI based authentications, Configuring Remote Access IPSEC VPN using cisco VPN client.  Proactivenetwork monitoring with cisco IPS sensor.IPS sensor initialization with deployingin promiscuous,inline& inlinevlan pairmodes.  IPS signaturetuning based on customer requirements to avoid malicious traffic.CustomHTTP, Atomic IP & String TCP Signatures creation to block unnecessary traffic.  Blockingand rate limitingnetwork traffic based on Application ResponseController (ARC) feature in cisco IPS.  ImplementingACL’s on IOS routers and ciscoASAfirewall to filter certain traffic.Deep packetinspection using MQC filtering tool.  Securing dynamic routing protocols using authentication & route filtering.  Mitigating against different attack vectors such as Fragmentation attacks, port security, VLAN hopping attacks, DHCP snooping, IP spoofing etc…  Plan,schedule,and implementnetwork upgrades,implementations, and migrations in a timely manner, and during times that will have the minimum impact on the users of the affected networks & systems.  Be available, on-call, to rapidly troubleshoot any problems resulting from the changes.  Relevant professional experience including working knowledge of the following technologies: a) TCP/IP networking including IP classes, subnets, multicast, NAT b) DNS and DHCP Network troubleshooting. c) Microsoft OS and Server technologies d) Mitigating attack vectors such as CAM table overflow, BPDU guard etc…
  • 4. TECHNICAL PROFICIENCY ASA: ASA configuration,NAT(static,dynamic and policy Natand Nat exemption) Access Control Lists,Failover (Active-Active and Active-Standby), Security Contexts, Configuration of Modular Policy framework, Configuring transparentfirewall. VPN: Implementation of IPsec Site-to-Site VPN, GRE over IPsec,DMVPN, Remote Access VPN, SSL VPN (clientless and Anyconnect), Easy VPN, GET VPN. Identity Management: Security Protocols (TACACS+ AND RADIUS), Cisco ACS Configuration,Authentication Proxy, Cut-through Proxy and DownloadableACL. Web Security Appliance: Cisco WSA configuration such as web traffic redirection,BlockingURLs ISE: ConfiguringAAA with ISE, Integration with AD, MAB with VLAN authorization,Configurewired and wireless 802.1x,CWA for wired and wireless etc... IPS: Inlineand Promiscuous Modeconfiguration,InterfacePair,Vlan Pair. Tuningexistingand configuringnew custom signature. WLC: Configuration and troubleshootingof WLC, ManagingAP from Wireless LAN controller. Routing Protocols: Configuringand troubleshootingStatic, RIP,OSPF, EIGRP, Default Route, Summarization, Authentication, Route Filtering,Distribution List, and BGP Basic. Switching Protocols: Configuringand troubleshootingVLAN, and PRIVATE VLAN, VLAN Trunking (IEEE 802.1Q and ISL) VTP, STP (SpanningTree Protocol) security mechanism(BPDU guard, ROOT guard, BPDU filter) and Ether Channel,Switch Port Security, DHCP Snooping. HSRP, VRRP, GLBP configuration. Advanced security & Mitigating Network attack Control Planeprotection, Broadcastcontrol,TCP intercept, uRPF, IP, ARP, Mac Spoofing attacks,Fragmentation, , Smurf, Syn, Mac flooding,VLAN Hopping attack. Operating Systems: Windows XP/2003/2008/Vista/7. Windows server 2003/2008 (Worked on AD & Exchange server 2003 & 2007). Certifications Cisco Certified Internetwork Expert Security (Lab & Written) 39816 Microsoft Certified Systems Engineer (MCSE 2003) Microsoft Certified Technology Specialist (MCTS – SharePoint server 2010 configuring) Professional Courses (I) Microsoft Certified Systems Engineer (MCSE) (II) Cisco Certified Network Associate (CCNA) (III) Red Hat Certified Engineer (RHCE) (IV) Checkpoint Firewall administration.
  • 5. 2009 Bachelors of Engineering from Sir M Visveswaraya Institute of Technology Bangalore Date of Birth : 30th December 1987 Address : #13, 18th Street, Kanakanagar,RT Nagar post, Bangalore – 560032 CCIE Security v4 number : 39816 Languages known : English,Hindi,Kannada,Telugu Passportnumber : JF682226 Date of Expiry : 20.02.2021 I hereby declare that the above written particulars are true to the best of my knowledge and belief. Place: Bangalore Santosh K L