Checkpoint firewall troubleshooting interview questions

Praharsha Kanna Muddana
Email: muddanakanna@gmail.com
Objective: Securing a position which will allow me the opportunity to display exceptional analytical, problem-solving and technical skills within Network and Information Security.

Technical Skills Summary:

Functional Areas

Endpoint Security Management, Network Security and Information Security Management, System Administration, Desktop Support, Active Directory, Help Desk Support, DNS.DHCP

Monitoring & ticketing tools

Remedy, Nagios, HP service manager, Tufin, Hp NNMI, Kibana, Easy IP

Routers & Switches

Cisco 3640, Cisco 3600, 3800, ASR, ACI

Catalyst 6500, 4500, 3700, 3500, Nexus 1k, 2k, 5k, 7k, 9k

Routing Protocols

RIP, IGRP, EIGRP, OSPF, BGP V4, MP-BGP.

Vulnerability management

Nessus 4.8, Splunk

Firewalls

Checkpoint (R75, R77), Cisco ASA, Palo Alto

Antivirus

Symantec Endpoint protection, MacAfee

Proxy Servers

Bluecoat

Load Balancer

F5 (BIGIP) LTM VIPRION

Programming Skills

C, C++, SQL, python, bash script, HTML

Others

RSA two factor authentications 7.1

Certifications:

· Cisco Certified Network Associate

· Checkpoint Certified Security Administrator

· Microsoft Certified Technology Specialist: Windows 7 Configuration

Academic Experience:

· Master’s in computer science 2015-2016

University of Alabama in Huntsville

· Bachelor of Technology in Computer Science 2008-2012

GITAM University

Experience Summary:

6+ years’ experience within Information Technology, specializing in Information Security and Network Administration, including both Professional and Academic applications.

Employer: Cardlytics

Designation: Network Engineer II

Period: September 2018 – Present

Responsibilities

• Designed and implemented BGP/OSPF based connectivity solutions for AWS and Extranet. • Maintain and manage ASA, Juniper SSG, FTD, Palo alto & Zone based firewalls. • Designed and implemented partner router setup for B2B IPSEC VPNs. • Manage Cisco Nexus & Juniper based data canters. • Designed and implemented Meraki wireless network solution for HQ and remote sites. • Lead a team of Engineers and generate reports to management. • Build and troubleshoot IKEv1/IKEv2 IPSEC and GRE tunnels. • Maintain Big-IP F5 LTMs & GTMs, NAC solutions- ISE & Forescout. • Currently working on ACI and Silver peak SD-WAN data centre build. • Escalation point for complex network issues and participate in on-call rotation.

Client: Capital one

Designation: Network and Security Engineer

Period: June 2016 – September 2018

Responsibilities

· Troubleshoot Routers and Switches Configuration and work on incident, problem and change management.

· Manage all Datacenter Network Operations.

· Write and implement scripts/configuration on network devices during fault incident, Service improvement Plan, Urgent maintenance activities.

· Maximizing network performance by monitoring performance, troubleshooting network problems and outages; scheduling upgrades; collaborating with network architects on network optimization.

· Troubleshoot the proxy servers and firewalls, Packet capturing to resolve operational issues.

· Troubleshooting network link/device/configuration issues, isolating the problem, fixing the problem.

· Ability to packet capture using tools such as Wireshark and tcp dump. Track the top talkers using riverbed tool.

· Ability to Prioritize, execute tasks and make sound decisions in high pressure situation.

· Undertake routine preventative measures and implement, maintain and monitor network security

· Configure, support, and troubleshoot Checkpoint firewalls and Palo Alto firewalls.

· Tenaciously manage network security environment to ensure it is operating at optimal levels through proactive monitoring.

· Configure, support, and troubleshoot Checkpoint firewalls and Palo Alto firewalls.

· Configure, support and troubleshoot F5 Local Traffic Manager (LTM).

· Configure, support and troubleshoot Blue Coat Proxy SG servers.

· Identifying whether a host is behind a firewall using scripts and other resources.

· Working on firewall traffic logs to determine whether a firewall is allowing or blocking traffic between any given hosts

· Using Tufin to analyse firewall policies to determine whether a firewall is allowing or blocking traffic between any given hosts

· Compare firewall policies from different dates to determine when a specific rule change occurred and who made the change

· Using Tufin Secure Track to compare firewall policies from different dates to determine when a specific rule change occurred and who made the change

· Working on firewall failover events and troubleshooting the issues that caused them and restore them.

· Using Splunk to solve firewall failover issues reviewing firewall system logs in Splunk

· Evaluating the severity of incidents and determining when and how to implement an emergency change to resolve the incident

· Performing all tasks on the Check Point High Severity Checklist

· Running tcpdumps on Check Point firewalls as per client requirements to solve issues.

· Performing firewall pre/post validations during network maintenances

· Opening a support case with Check Point

· Reviewing firewall & proxy traffic logs in Kibana to monitor the health of the company and troubleshoot the issues as per requirement

· Write iRules to assign certain behaviors to individual application-specific connections. iRules can search the content of a traffic, such as an HTTP request or response, and direct the traffic accordingly.

· Insert header data into application-specific requests, such as HTTP requests, and then direct the request based on that header data.

· Using the BIG-IP tools to configure session persistence, based on data such as HTTP cookies, source IP addresses, destination IP addresses, and SSL session IDs.

· Monitor the health or performance of servers in a pool.

· Implementing load-balancing algorithm to assess the current load on a server.

· Enhancing traffic-management performance by configuring the system’s traffic management microkernel service.

· Balancing traffic to tune and distribute server load on the network for scalability.

· Off-loading standard server tasks, such as HTTP data compression, SSL authentication, and SSL encryption to improve server performance.

· Monitoring the health and performance of servers on the network for availability.

· Establishing and managing session and connection persistence.

· Handling application-traffic authentication and authorization functions based on user name/password and SSL certificate credentials.

· Managing packet throughput to optimize performance for specific types of connections.

· Improving performance by aggregating multiple client requests into a server-side connection pool.

· Applying configuration settings to customize the flow of application-specific traffic (such as HTTP and SSL traffic).

· Content filtering management of Controlled access to the Internet as per the company IT Security Policy with Bluecoat Proxy

· Provide Conditional & specific Internet access to specified groups and users as per client requirements in Bluecoat Proxy.

· Inbound & outbound scanning of Emails for virus, Spam & other infections

· Content filtering solution to reduce the unwanted mail volume,

School: University of Alabama in Huntsville

Course: Master’s in computer science

Period: January 2015 – May 2016

Projects

· Computer Networks: Application to measure the sound levels of the things around us and transmit it to another device in the same network to show it graphically - spring 2016.

· Computer Security: Chat application to implement (RSA, DES) algorithms both build-in and programmer implementation - spring 2016.

· Database: An online shopping cart is an e-commerce web application which provides a platform for users to purchase a wide range of products online - spring 2015.

· Computer graphics: Developing a 2D drawing program which allows users to draw 2D objects, programing a 2D robot and animating its motion using 3D camera on OPEN GL and GLUT - fall 2015.

Company: Wipro Technologies

Client: Southern Water Services

Designation: Network and Security Administrator/ System Administrator

Period: June 2012 – December 2014

Responsibilities

· Management of NAV Primary server for Symantec Antivirus Server and updates.

· Ensure all clients are enforced with the EPS policy configuration with Symantec Antivirus

· Management of quarantine and prevent the other systems from getting infected with virus.

· Virus removal on the infected systems by automated or manual process.

· Advice to desktop and server team on virus detection and procedure for clean-up.

· Content filtering management of Controlled access to the Internet as per the company IT Security Policy with Bluecoat Proxy

· Provide Conditional & specific Internet access to specified groups and users as per client requirements in Bluecoat Proxy.

· Inbound & outbound scanning of Emails for virus, Spam & other infections

· Content filtering solution to reduce the unwanted mail volume

· Communicating to the users about new vulnerabilities and patches available

· Monitoring security logs to report events and provide utilization report.

· Authentication Mechanism to Citrix through RSA Server.

· Working on the issues on the RSA Server and resolving them.

· Assigning of RSA hardware tokens to user accounts.

· Complete installation of RSA software token on windows, android, iPhone, desktop, laptops.

· Monitoring logs and generating reports on expired tokens and providing them with new RSA tokens.

· Logging service requests with RSA and working with them to resolve the issue.

· Secure the network traffic over LAN & WAN and access to the applications through company firewall.

· Experience on installing, maintaining and troubleshooting Check Point R75, R77.30 Gaia.

· Demonstrated experience in developing, implementing, auditing Checkpoint firewall (R77.30) configurations and analyzing, optimizing rule sets.

· Hands on experience and good working knowledge with Checkpoint Firewall policy provisioning.

· Upgraded the data center network environment from Cisco ASA 5520 to Checkpoint R77 firewalls.

· Performed routine monitoring of Checkpoint firewall from security perspective and troubleshooting the connectivity issues.

· Involved in configuring Checkpoint (R77) Firewall rule base and objects as per the requirements.

· Troubleshooting checkpoint firewall connectivity related issues using Smart view tracker.

· Experience in reviewing and recertification of rule sets and involved in creation, validation and maintenance of enterprise check point (R77.30) firewall policies.

· Configured ACL's in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT.

· Good experience with checkpoint VSX, IDS, IPS as well as encryption techniques.

· Worked on Checkpoint firewalls in creating and implementing the policies required by the company.

· Migrated legacy Cisco ASA firewalls to Checkpoint firewalls using migration tools in the enterprise environment.

· Preparing and providing the Quarterly, Monthly reports.

· Managing Dashboard of vulnerability management tools like Nessus.

· Vulnerability analysis and reporting

· Secluding scans and implementing new scan templates

· Monitor IP address management, network utilization for routers and switches.

· Preparing and publishing network daily health Checks report on critical links.

· Well versed in Vendor Management on Logging WAN (ADSL, ISDN, IP-VPN, Leased Lines, PSTN) link faults/Service Requests, Hardware replacements on any failures.

· Experienced upgrading Firmware Versions of ADSL Routers.

· Administering network services & troubleshooting network problems

· Administering NetFlow Analyser on all the sites (ADSL, IP-VPN), by observing the traffic and accordingly publishing the report on high Bandwidth Utilization.

· Experienced with switching – duplex, speed changes, port-security requests, VLAN creation, addition & user moves, PCI compliance configurations changes, etc.

· Activating / deactivating ports as per the requirement.

· Providing WAN & LAN connectivity to new customer location.

· Cabling and Patching the PCs to the Network switches.