Ashifkhan Makrani

• Configure, Manage and Monitor Palo Alto & FortiGate firewalls.
• Implement advanced Palo Alto Firewall features like URL filtering, User-ID, App-ID, Content-ID on both inbound and outbound traffic.
• Leveraged Palo Alto Networks' Wildfire inspection engine to prevent Zero-Day attacks.
• Configured, Troubleshoot and maintained firewall policies on Palo Alto and FortiGate firewall including Security, NAT Policy definitions, application
filtering, regional based rules, URL filtering, User based policies.
• Manage multiple Palo Alto and FortiGate firewalls centrally through Palo Alto Panorama and FortiManager centralized Management appliance.
• Utilize FortiManager and FortiAnalyzer to maintain and optimize Fortigate Firewalls.
• Implement the Global protect VPN, IPSEC VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity.
• IPS IDS / Application Filter / Web Filter Configurations, IDS/IPS Signature for various vulnerability.
• Utilize Intrusion Detection & Prevention (IDS / IPS) to monitor malicious activities on the network. Analyze firewall logs, IPS and IDS logs to uncover
malicious activity going on within the network. Initiate and recommend corrective actions to the team.
• Monitoring and analyze infrastructure traffic, IPS alerts and logs for the threats
using Cisco IPS, FireEye IPS, Crowd strike EDR, Attivo deception and Vectra NDR.
• Installing Webproxy rule on Zscaler and Bluecoat Webproxy as per business user requests.
• Replacing Bluecoat proxy with Zscaler and worked on implementing Zscaler proxy in production.
• Created URL category, URL policies, Cloud App policies, SSL
bypassed/Inspection, Advanced threats, Malware protections, DLP and firewall control policies in Zscaler.
• Configured location based forwarding profiles for each sites in Zscaler.
• Deploy configure, troubleshoot, and support Zscaler Internet Access.
• Performed system upgrades, regular product updates, emergency patch applications, and maintenances.
• Daily Crowd strike tasks include endpoints detections and incident: Assess Alerts that are displayed within the Crowdstrike Console.
• Worked with our infrastructure team to deploy the Crowdstrike agent to all assets.
• Managing Email security solutions and maintain email rules and filtering.
• Managing Symantec SSLV, created SSL inspection policies and configured SSL inspection bypass for particular internal sites
• Performing backups time to time on F5 BIG IP WAF and Monitor WAF connections.
• Performed trouble-shooting using Nslookups, protocol analyzers, etc. to fix internal and external DNS problems.

• Manage and configure Barracuda firewall using a central management control
center.
• Perform device upgrades, configuration changes, tuning, analysis and
troubleshooting on barracuda firewall and FortiGate firewall
• Configure and troubleshoot IPsec VPN and Barracuda TINA VPN site to site
tunnel.
• Monitoring the network using PRTG monitoring Tool.
• Barracuda IPS alerts Monitor and analyze
• Network device hardening and firmware upgrade of the Network Devices.
• Work on ticket and change management system in BMC.