Manish Sharma

• Designed and implemented micro-segmentation using Illumio Core to minimize attack surfaces and prevent lateral movement.
• Performed application dependency mapping with Illumio tools and third-party data sources.
• Worked closely with application and infrastructure teams to define and enforce segmentation policies.
• Monitored policy performance, analyze traffic patterns, and optimize segmentation strategies.
• Managed and maintained Illumio PCE (Policy Compute Engine) infrastructure.
• Collaborated with network security and compliance teams to meet regulatory requirements and audit controls.
• Performed Troubleshooting segmentation-related issues and provide operational support.
• Prepared documentation and trained internal teams on Illumio best practices.
• Helped team in troubleshooting, configure and resolve the issues regarding Cisco, Juniper, F5 LTM/GTM, Palo FW, etc.
• Produced installation, troubleshooting and test documentation, for future purpose.
• Provided Respond, troubleshoot, identify root cause and remediate issues in a complete, documented and timely manner.
• Participated in team on-call rotation to provide support during project and operations related cutovers.
• Made recommendations on decommission of Hardware according to state standards (Network, UPS, Server, Firewalls, Door Controllers, Voice Gateways etc.)
• Analyzed service-to-service traffic & write firewall rules using Illumio
• Managed & updated firewall rules (Privilege Access, New Interfaces, DR, etc.)
• Coordinated rule enforcement during maintenance windows
• Export reports and support technical queries from IT Service Owners (ITSO)
• Provided Support deployment for Illumio VENs & troubleshoot installation failures
• Collaborated with cross-functional teams to finalize and validate rule sets.

• Provided Level 2/3 support to Network Operations for all LAN/WAN issues.
• Architected and designed the F5 Local Traffic Manager, also developed iRules and apply rules within the F5 appliances.
• Provided necessary network infrastructure support for day-to-day operations and appropriate disaster recovery procedures to support business continuity.

· Successfully installed Palo Alto PA-5000, PA-3000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls and configured and maintained IPSEC and SSL VPN's on Palo Alto firewalls.

· Worked on Palo Alto for Risky rules remediation using algosec.

· Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).

· Swiped old Palo Alto 220 Firewall with lost login credentials, to a new Palo firewall 220 and reconfigured the security policies, routes, Nat, policies and brought the IRS info back on track.

· Configure Amazon AWS infrastructure and configure connectivity to on-premises client’s networks.

· Performs AWS networking operations related to Direct Connect, VPC, route tables, subnets, gateways, ACLs, security groups, availability zones, Route 53, EC2, IAM, and CloudWatch.

· Good understanding of F5 products and technology (LTM, SSL offloading, GTM).

· Having good experience with Forigate and Checkpoint Firewalls.

· Configured Fortigate, checkoint and Palo Alto Devices.

· Having good experience with Tufin and Algosec for rules deployment on firewall

· Setting up Palo Alto firewalls as Cloud exchange firewalls between on-prem and cloud environments which include AWS, Azure

· Worked on AWS and Azure cloud configurations with respect to network connectivity and Security.

• Design, deployment and maintenance of security/network devices and datacenter of enterprise.
• Firewall rule base changes on Fortigate and Checkpoint firewalls,Palo Alto NG Firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Successfully installed Palo Alto PA-5000, PA-3000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls and configured and maintained IPSEC and SSL VPN's on Palo Alto firewalls.
• Worked on Palo Alto and fortigate for Risky rules remediation using algosec
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Blacklisting and Whitelisting of web URL on Blue Coat Proxy servers.
• Worked on design, configuring, and managing of Blue Coat Proxy Servers.
• Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Built and support VRRP/Cluster based HA of Checkpoint firewalls.
• Created Virtual Servers on F5 Load balancer.
• Used Akamai to protect websites and applications from various threats, including DDoS attacks, web application vulnerabilities, and other malicious activities.
• Writing i-Rules and i-Apps on the F5 Load Balancer and Renewing the Certificates.
• Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual servers.
• Worked with Akamai for edge computing capabilities, allowing businesses to deploy and run code at the network's edge.
• Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPsec, VPN etc

• Tracked and monitored incoming security complaints by using Service now ticketing tool
• Expertise in analyzing information system needs, evaluating Environment and Infrastructure requirements, custom designing solutions, based on and related to Client Business.
• Paloalto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
• Having team meetings with USA colleagues, taking approvals from CAB meetings
• Raising tickets with TAC team, arranging meetings with vendor for resolution on the tickets raised by customers.
• Participating with team for migration of the firewalls.
• Working on Checkpoint Firewalls for Deployment, Configuration and Troubleshooting
• Co-ordinated with Team for resolution of any P1/P2 issues.
• Weekly coordination with SOC team to work on new IOC’s to block malware IP’s/URLs on firewall
• Configuration including layer 2/3 troubleshooting, device replacements RMA support.
• Adding agents (IDS/IPS) at Host and Network level to Sentinel.
• Migration of Firewall from Checkpoint and Fortigate to Palo Alto

• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• PaloAlto devices upgradation
• Troubleshooting and maintenance of Cisco ISE nodes, adding new Mac address
• Created/modified necessary profiles that allowed authorized devices on to the network
• Configuration and troubleshooting on VPN (pulse secure)
• Pulse Secure VPN Gateway Upgrading to 9.1R4.2 (build 5035) from 9.0R3.4 (build 64053).
• Adding websites in Imperva and cloudflare(WAF)
• To remediate vulnerabilities on security devices
• Attending CAB meetings
• Upgrading Panorama and Log collectors
• Deployment and decommission of firewall devices
• Performed packet captures for troubleshooting
• Analyzed historical performance data collected by SolarWinds Orion to perform capacity planning and forecast future network resource needs.
• Optimized network configurations based on SNMP monitoring insights to improve performance and efficiency.

• Rule coding, Analyzing Logs on Checkpoint firewall and ,Fortigate firewall.
• Configuring, Administering and troubleshooting the Checkpoint ,FTD and Fortigate firewall.
• Maintaining virtual firewalls and creating new bongs for the checkpoint VSX cluster firewalls.
• Worked on R77.30 Gaia, R80.10 implementing new and additional rules on the existing firewalls for a server refresh project

• Working with international clients (U.S & U.K)
• Working in team to Migrate 20K+ server & application.
• Responsible for changes & troubleshoot issue during POC’s & Waves.
• Handle ARISTA Multilayer Switches 7280R-C36, 7500R-36CQ, 7160-48TC6, 7010T
• Responsible for implementing firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto Firewalls.
• Responsible for Palo Alto firewall administration across our global networks.
• Taking the Configuration Backups of all the Fortigate Firewalls, Routers and Switches on weekly basis.
• Configuring and upgrading on multiple Fortigate firewalls and integrating to Fortimanager and Fortianalyser.
• Cisco ASA/Fortigate and Paloalto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Rule coding, Analyzing Logs on Checkpoint firewall and Fortigate firewall.
• Configuring and troubleshooting IPsec VPN on ASA Firewall, Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Palo Alto Rule changes PA-2000/PA-4000 , templates, object creation, planning, configuration changes, OS upgrades, CLI troubleshooting, audits all single managed.
• Responsible for the planning, design, implementation, organization and operation of Palo Alto Firewalls based perimeter security network and network security devices including but not limited to 7000, 5000 and 3000 series FW’s.
• Implementing regulatory systems in accordance with IT security.
• Assisted various technical groups and resolved all issues that occurred in network and other systems.

• Experienced in Configuring Checkpoint Firewall (Version R75, R77) and CISCO ASA firewalls as Standard and Distribution deployment to have the network secure and maintained Site to Site VPN connection through the Firewalls.
• Experience on Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75,UTM and Cisco ASA 5505, 5510, 5540, 5500 series.
• Worked on F5 LTM like creation of VIP , Pool and Nodes. And joining troubleshooting calls related to application issues installed on F5 lb.
• Checking Logs and performing regular archives in F5 load balancers monthly.
• Working on maintenance related activities of webservers and keeping websites under maintenance with the help of BIG-IP.
• Worked on various platforms of Checkpoint like - Nokia, Checkpoint (SPLAT) and handled the migration to Checkpoint Provider 1 platform.
• Rule base verification and migration on Checkpoint firewalls, Performed PCI/SOX audits on firewall rule bases with compliance team.
• Worked on F5 LTM like creation of VIP , Pool and Nodes. And joining troubleshooting calls related to application issues installed on F5 lb.
• Perform SSL Offloading on F5 LTMs. Also, renewing certificates to ensure the security of websites.
• Check and take action on network latency, CPU utilization, load balances, Bandwidth utilization and address spoofing.
• VPN user creation in checkpoint firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Participation on Various troubleshooting calls related to firewall issues like Failover, Nat, Acl and connectivity issues.
• Participation with customer call for VPN connectivity establishment and for joint troubleshooting.
• Assist with resolving security issues, outages or compromises. Provide Customers with timely status update on service disruptions and issues.
• Responsible for solving Incidents and service requests raised in BMC Remedy.
• Provide ON-CALL support for critical incident (P0/P1) provide RCA.
• Working on Standardized network security setup to provide vulnerable free and stable network security
• Performing critical changes on Data center devices.