Professional Documents
Culture Documents
RashmiKant - Tetration Linux
RashmiKant - Tetration Linux
House No. 354, 3rd Floor Prem Nagar, Gurugram, Haryana-122001 · +91-9500029273
rashmikant.chauhan@outlook.com · LinkedIn
PROFESSIONAL CERTIFICATIONS
Cisco Certified Specialist – Data Center Core, Mar 2021, Cisco ID: CSCO12554139
Palo Alto Certified Network Security Engineer (PCNSE), Credential ID#: 4S0XR3B1DFFEQVG8
Juniper Networks Certified Associate, Security (JNCIA-SEC), Jun 2020
Aviatrix Certified Engineer – Multi-Cloud Network Associate, Jun 2020
Oracle Cloud Infrastructure 2019 Certified Architect Professional, Jul 2020
TECHNICAL SKILLS
Routing: OSPF, BGP, EIGRP, VRF, QoS, URPF, MPLS, Multicast -PIM, PBR, RSVP-TE, Anycast routing, ECMP
Switching: VLANs, VTP, RSTP, Port-Channel, DHCP Snooping, Dot1Q tunneling, VPC, VDC, VXLAN
Hardware (R&S): Cisco Routers 1800, 2600, ASR1002, ISR 4000 etc., Cisco Catalyst 6500 series, Nexus 5k,
6K, 7K, 9K, 1000V, Juniper QFX5100, QFX10002 Switches, Juniper MX 240/480/960 routers, Aruba
switches, Cisco ACI leaf and spine, riverbed steelhead CX-3070, CX-5070, cascade etc.
Firewall: Cisco ASA, Juniper SRX, Palo Alto, NSX & Checkpoint
Proxy: Bluecoat proxy SG-900, SG-9000, Cisco Ironport WSA & Netskope Cloud proxy
Load Balancer: F5 LTM, GTM, APM, Viprion Chassis & Big-IQ, Nginx
NAC: Aruba ClearPass using Dot1X, MAB authentication, Radius, AAA, TACACS
Protocols: TCP, IP, FTP, SFTP, SSH, SMTP/S, LDAP/S, HTTP, HTTPS, SIP, Netconf, SSL, HTTP2
VPN: GRE, IPsec, MPLS VPN, F5 APM remote access, Global Protect, VDI, PKI
Cloud: AWS (VPC, ENIs, Elastic IP, EC2 instances & AMIs, Route Tables, NAT Gateways, Network ACLs,
NLB, ELB, Flow logs, Cloud Watchdog, Private Link, AWAF, Direct Connect & Transit Gateway), Arturo
(CI/CD Pipeline), NSX-V & NSX-T, OCI (VCN, IGW, NAT Gateway, DRG, IAM instance principals, VPN
Connect, Fast Connect, OKE, Compartment Quota etc.)
Scripting/Automation: Bash Shell Scripting, TCL, Python (beginner), YAML, Ansible, JSON, XML, Rest API
Tools: Wireshark, TCPDUMP, Fiddler, iperf, ssldump, Git, Bitbucket, Bamboo, Thousand Eyes, Kibana etc.
PROFESSIONAL EXPERIENCE
AUG 2019 – TILL DATE
MANAGER, Macquarie Group
AWARDS: Won COG Award & People’s Choice Award 2020 (250 AUD cash prize) for project
delivery.
Successfully completed Axway MFT AWS direct connect circuit provisioning, underlying
network connectivity LLD & configuration in Sydney and BCP testing
Updated DNS forwarders and migrated 5 legacy GTMs to Virtual Platform.
Participated in Sydney and London Data Center BCP testing for all business applications.
Successfully upgraded 20 F5 LTM/APM/GTM software to v12.1.6 & v14.1.4.1 hotfix 38.4
Implemented Palo Alto Global Protect solution in Gurugram and Shanghai location.
Successfully completed storage unity array & backup servers’ migration to ACI
Supported multiple per-app VPN (F5 APM) onboarding for applications like Confluence,
JIRA, People app, iLevel etc.
Worked on NSX-V to NSX-T migration in Sydney Staging environment.
Worked on AWS Direct Connect implementation in regional cloud exchanges.
Working in capacity of technical lead/SME on F5, Palo Alto, Ironport, Netskope cloud
proxy technologies and providing L4 support during critical triages and service requests.
Performed Rolling Infoblox/Internal DNS BCP testing in all regions.
Performing MACD (Move, Add, Change, Delete) operations on Palo Alto, NSX, F5 &
Ironport/Netskope proxy on day-to-day basis.
Configuring SSL inspection exemption on F5 LTM, Palo Alto, proxy and steelhead devices
as required.
Converting HLD architecture to LLD and implementing for new projects e.g., Axway MFT
Creating new EPGs, BDs, DHCP helper, VXLAN based EVPN stretches for layer2/3 VLANs
on Sydney ACI for on-prem to ACI migration project
Performing Monthly UAR (User Access Review) for 6 direct reports.
Supported multiple client and clientless VPN services e.g., Windows, Mac client-based
VPN, MOBVPN, per-app VPN, Macquarie Anywhere/Connect (VDI solution), AirWatch
browsing, iOS native email, O365, PingFed services on F5 APM.
Configuring cert-based authentication for various SaaS applications on F5 PingFed based
on SAML, WS-Fed, OAuth specifications and Ping Federate protocol endpoints.
Working on NSX firewalls migration and health-checks on ESGs & DLRs during ESXi host
scheduled patching activities.
Checking flow logs in AWS console to troubleshoot issue, configure ingress/egress
security rules to allow the traffic
Whitelisting various O365 tenants on global proxies as and when required.
Performing stack roll and content update on AWS cloud virtual PAs on weekly basis.
Configured User-ID, custom URL category, DAG using Firewall Sync (REST based service in
2
AWS), App-ID, EDLs based security and decryption rules in Palo Alto firewalls deployed in
multi-vsys mode.
Reviewing vulnerability release notes for F5 & Palo Alto and taking remediation steps.
Doing traffic analysis, pattern matching and deriving meaningful insights for business
using Splunk logs analysis during high data plane, BW utilization issues.
Working on network and security infrastructure support for various Oracle Public Cloud
services offering such as SaaS, PaaS, IaaS, BDCS, Fast Connect etc. across 30+ data
centers across the globe.
Worked on regular upgrades, replacements of Nexus switches, SRX firewalls and F5 LTMs
Configure security policies, NAT, rectify asymmetric routing on SRX firewall and MX
router
F5 VIP, pool, client-server SSL profile, health-monitors, irules configuration.
Managing and troubleshooting complex routing environment involving OSPF, BGP, VRF,
MPLS, GRE and IPSEC tunnels.
Worked on site-to-site VPN tunnel provisioning and troubleshooting on SRX firewalls.
Initiate, implement change request, provide RCA and prepare SOP for standard changes.
Working knowledge of devices integration with authentication protocols such as LDAP,
IWA, SSO, Radius, TACACS.
Day-to-day work involves troubleshooting incidents using wireshark, tcpdump, fiddler,
SRX trace-options, ssldump etc. packet capture utilities.
Worked on DDOS mitigation using Arbor, Neustar netflow analyzer tools.
Worked on monitoring tools like Thousand Eyes, Kibana, Netbrain to t-shoot latency
issue
Configuration changes in Leaf and Spine Architecture through GIT bash, Bit Bucket,
Bamboo, automation process in AD environment.
3
Troubleshooting customer HTTP/HTTPS/FTP access issues within Proxy environment
using whitelisting, Authentication bypass, Interceptions exceptions and various changes
in CPL.
Capturing and analyzing policy trace and packet capture on proxy and checkpoint
firewalls for troubleshooting and escalating to L3 team for complex issues.
Configuring security & NAT rules on checkpoint firewalls.
Projects Delivered:
Maintain, Configure and Troubleshoot 3500+ network equipment including but not
limited to Cisco Nexus 9k, 7k, 5k ,6500, 4500,3750, 3850 series switches, HP Enclosure
Switches, Cisco ASR1002, 7206, 3925, 3945 ,3800,2800 Routers.
Provided level1 and level2 support for network trouble tickets troubleshooting.
Troubleshoot and resolve day to day issues related to DNS, LAN, Wireless and PA
firewall.
Managed and configured 21 QIP integrated internal DNS remote servers and 4 external
DNS servers running on Unix platform.
Prepared and provided monthly Network availability report to client.
Troubleshooting and configuring point P2P serial lines (E1/E2, T1/T3, DS3, POS,
Multilink),
Worked extensively on Cisco 6500, 4500 series switches on Cat-OS and IOS both, Nexus
5k/7k/9k switches (5548, 5672, 7709,9396), FEX, VPC configuration and troubleshooting.
Provided on call 24 x 7 support on weekends.
Worked on Cisco CSM load balancer and Big IP-1500, 2500 and 4000 F5 LTM and GTM.
Handled Riverbed CX5055 for pass-through/bypass rules for WAN optimization.
ACADEMIC PROFILE
AUG 2012
4
B. TECH (EEE), Dr. M.g.r. university chennai, 9.65 CGPA (91.41%) – 1 st Rank
JUL 2007
12TH, PT. R.p.m. Inter College Kanpur, u.P. STATE Board, 89.8% - 12 th RANK
REFERENCES
[Available upon Request]