PROFESSIONAL SUMMARY:

• Over 7+ Years of experience in networking and security, hands on experience in Design, implementation, and support. Routing, switching, firewall technologies, and troubleshooting of complex network systems.
• Experience in installation, configuration, troubleshooting of CISCO routers 2800, 3750, 2900, 7301, 7600, 12410, ASR1k. Catalyst 6509, 4507 and Data center switches like 9k, 7k, 5k and 2k of nexus, and Arista 7k .
• Expertise in configuring, troubleshooting network topologies which includes OSPF, BGP, HSRP, VRRP & STP.
• Expertise in L3 Protocols: BGP, OSPF, EIGRP, IGRP, RIP, CEF, MPLS, MPLS Layer 3 VPN's, VRF - Lite, and PFR.
• Experience in Implementing Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75, R77, Cisco ASA -5500, 5505 and 5585, Palo Alto PA-200, PA-3000 and PA-5000.
• Configuring and troubleshooting IPv6 protocols: OSPFv3, EIGRPv3, Tunneling techniques (GRE, v4tov6 and v6tov4).
• Installed, configured, and maintained with vendors C isco, Juniper, Alcatel-Lucent, Arista, Brocade, Riverbed, Enterasys, Fortinet networking and wireless technologies and protocols.
• Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis.
• Experience in configuring all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Performed software upgrades on Cisco devices by SCP servers.
• Experience in building and configuring most network hardware appliances especially Cisco routers, switches, VoIP telephony products, and Avaya networking/switching appliances such as the telephony gateways, IP Office Telephony switches, and the enterprise server platforms.
• Experienced Administration and Production support in ServiceNow and Remedy environments.
• Network Services: NTP, GLBP, WCCP, NAT, DNS, DHCP, DHP snooping and Subnetting.
• Redundancy Technologies: Virtual Scale (CISCO VSS), VCP, Virtual Link Trunking (VLT), VRRP, HSRP.
• Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Design, setup and configure complex wireless networking that supports open or secured access and the ability to support voice and video applications.
• Experienced working with Nexus OS, IOS, JunOS, CATOS and Nexus 9k, 7K, 5K & 2K Switches.
• Configured static NAT, dynamic NAT, dynamic NAT overloading.
• Ensure that all system in the domain have McAfee Antivirus Protection Installed.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Fire Eye, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Experience on load balancing strategies/techniques, expertise in application switching/traffic management, knowledge of persistence and SSL certificates.
• Supported enterprise environment including: Aruba controllers, Airwave and APs/Cisco wireless controllers.
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Experience in implementing Next Generation Firewalls (NGFW) such as Bluecoat ProxySG and other vendors such as Palo Alto networks NGFW for URL filtering.
• Extensive hands on support of F5 Products including AFM, ASM, LTM, GTM, WOM and APM.
• Experience in product engineering and network quality assurance across OPNET's Network Configuration & Management products (SPGuru Network Planner, NetMapper, AppResponse Xpert, and Sentinel) which are used for Network Planning, Auditing, Diagramming and Maintenance.
• Experience with Blue Coat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
• Experience in Configuring and implementing VLAN, VTP domains, LAN switching and STP/RSTP, STUN and TURN.
• Worked extensively on Palo Alto, Juniper Net screen, Sonic wall and SRX Firewalls.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Comprehensive understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP).
• Well versed in TCP/IP, DPI (Deep Packet Inspection), P2P (Peer-To-Peer) Detection, with good knowledge of Datacom, Firewall and NAT.
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Experience through Hand-on Experience with configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay.
• Configured and managed Nexus 2k fabric extender, 5K and 7K switch network at the client's location.
• In-depth knowledge and experience in WAN technologies including OC3, E3/T3, E1/T1, Point to Point, MPLS and Frame Relay.
• Experience securing and managing remote access using various VPN technologies like IPSec, SSL.
• Experience in configuring and supporting VPN on Cisco VPN concentrators and 2811 routers.
• Responsible for simulating network operations with the usage of packet analyzer like Wire shark, and use to resolve tickets whenever there is an issue.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers with Site-Site VPN, and firewalls.
• Knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.

TECHNICAL SKILLS:

Cisco Routers: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Huawei AR Series Routers

Cisco Switches: 1900, 2900, 3500, 4500, 6500, Nexus 3000/5000/7000/9000 Series, Cisco s Application Centric Infrastructure (ACI) implementation (Nexus 9K, APIC)

Routing Protocols: IGRP, EIGRP, OSPF, BGPv4, MPBGP, HSRP, IPv6, WLAN, 802.11/e, WEP, POP3 LADP, VRRP, GLBR, LACP

LAN Protocols: VLAN, VTP, Inter-VLAN routing, STP, Domain, HSRP, Trunks

WAN Protocols: HDLC, PPP, MLPPP, ISDN, ATM, Channel & Leased Lines

F5 load balancers: (LTM & GTM) configuration, administration and troubleshooting.Have good experience working on both 9.x, 10.x and 11.x versions, F5 BigIP 1500, 3400, 6400 8900 LTM, GTM 5, and F5 3DNS Load balancer GTM

Servers: AD/DC, DHCP, DNS, VPN, NAP, WSUS, Email Server, Software Deployment Server, BHS, GC Server, Windows Deployment Service, Proxy Servers, Print Servers, Application servers, FTP Servers

Network Monitoring: Logic Monitoring (LM), LMS, Cisco Secure ACS, Tcpdump, Netbrain, Wireshark, Cisco Prime Infrastructure, NetMRI, Nagios, Zabbix, NetScout, Opnet, Solarwinds

Security & VPN: PIX 500 Firewall, ASA 5505, 5585 Firewall, AIP SSM, CSC, SSM, FWSM, FortiGate, Cisco CSM, ACL-Access Control List, IPS/IDS, NDLP, NAT, PAT, Cisco ACS, and Juniper Netscreen firewall, Windows Patch Management (WSUS).

PROFESSIONAL EXPERIENCE:

Confidential, Anaheim, CA

Sr. Network Engineer

Responsibilities:

• Installation and Implementation of next generation firewall NGFW - Palo Alto/ASA, Juniper SRX Firewalls, Sourcefire IPS/IDS, Cisco Identity Services Engine (ISE), VPN, working with Palo Alto Firewall with Panorama Servers to create / modify rules and policies.
• Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA firewall.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server.
• Installation and management of overall administration of LAN, WAN, systems involving design of network layouts, configuration and maintenance, Commissioning Routers & Switches, IPS and ensuring maximum uptime during site deployment to VoIP.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Administration and Production support in ServiceNow environments.
• Expert level knowledge on configuring Aruba Mobility controller, Airwave, Aruba Clear pass, Cisco Prime Infrastructure, Cisco APIC-EM IWAN APP, WCS/NCS, ISE & MSE. Worked extensively configuring Security over Wireless by Implementing Cisco ISE and Aruba Clear Pass at many client locations.
• Configured Switches and Routers, Policy provisioning, access to specific segments of the network through Cisco ISE.
• Researching, analyzing and understanding the syslog (LogLogic) reports from security and networking devices such as firewalls, routers, radius, TACACS and Kerberos servers.
• Installed and implemented Forescout CounterACT which used for discovering devices connected to network and monitoring them.
• Responsible for investigating security softwares, reported bugs to vendor for updated versions like Cisco IOS, Juniper JunOS, NexOS.
• Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds and OpNet.
• Interfacing and troubleshooting issues of the following Brocade hardware: CER-2024f, ICX775048F, VDX674, ICX6610’s in stacked and standalone configurations along with BNA
• Documenting the New Infrastructure information using standard Microsoft Visio templates.
• Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using Tcpdump and smart view tracker.
• Managed a Citrix XenApp 5 farm consisting of 7 servers. Installed and published server applications, created policies and performed server upgrades.
• Helping them to set up point to point OSPF connection on their cisco and juniper routers, also MX, ISR, ASA, QFX devices with their current network.
• Integrate VoIP with PSTN and setup voice Gateway ensuring QOS for Cisco based Voice over IP and CDR for voice call Accounting.
• Installed FireEye tools to provide network security, end point security, detecting threats and preventing from threats.
• Excellently used Splunk to research and monitor incident management and incident resolution issues.
• Analyzed and monitored incident management and incident resolution issues exploitation Splunk.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Evaluate, Plan, Test, and Deploy migration of DNS and DHCP to Infoblox Appliances.
• Successful configuration of the Infoblox system to meet client needs also calls for an ability to quickly grasp client-specific current solutions for DNS, DHCP, and IPAM (DDI).
• Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the IP addresses from subnet.
• Experience in using Session Traversal Utilities for NAT(STUN) and Traversal Using Relays around NAT (TURN) in obtaining public IP address and port number for UDP application.
• Worked on Bluecoat proxy server, Tipping point Intrusion Protection System management.
• Experience with network based F5 Load balancers with software module GTM & Checkpoint.
• Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer.
• Configuring, Administering and troubleshooting MPLS, Solaris and ASA firewall.
• Hands on experience in Cisco ASA 5505, 5510, 5520, 5540, 5506, 5545-x, & 5585 with firepower, 5550 series firewalls, Cisco Source fire Amp IPS and Cisco ACS.
• Supporting Service OAM (802.1ag & Y.1731) Deployment for Cell Backhaul and Ethernet services.
• Configure and deploy network security i.e. ASA 5508x, Sonic wall and support IDS/IPS SourceFire/ Cisco FireSight management.
• Installation, maintenance, administration, and monitoring of RedHat Enterprise Linux Systems. Deployed the switches in high availability configuration with HSRP.
• Upgrade/replaced Enterasys 1850 Routers with Cisco ISR 4451's Routers Support Complex 6500 /5500 Series Switches.
• Installed and implemented Digital guardian DLP(Data Loss Prevention), network DLP and Data visibility and control.
• Configured Qualys Guard IP Scanner Project which scans internal IPs through Qualys information security center for Vulnerability scan.
• Installed AppDynamics APM (Application Performance Management) and monitored applications end-to-end, gained visibility of distributed applications.
• Experience with Using LTM F5 component to provide 24"7 access to applications.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) solution, as well as the Cisco Nexus 9k, 7k, 6k, 5k, 4k, & 2k.
• Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA Secure ID, Proxy Radius Services to Cisco ACS.
• Worked on different networking concepts and routing protocols like BGP, EIGRP, OSPF, VRFS, Tunnels, L2TP, and VPLS and other LAN/WAN technologies, Implemented WAN connectivity to test and turn-up IWAN link.
• Technically supported in configuring, troubleshooting and analysis of customer’s networks related to Cisco Identity Services Engine (ISE).
• Configuration and Monitoring IBM Q Radar, Rapid7 and vulnerability management to deliver superior threat detection.
• Operate network monitoring and management tools Tools analysis software suites such as CA Spectrum, Cisco Prime LMS, NetScout, NetMRI, Cisco Prime Infrastructure, Cisco APIC EM IWAN, SevOne, NetBrain, HP Network Automation, Nagios and Orion, Live Action to diagnose problems, restore service for network systems.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Configuration of Fortinet 60D, Fortigate 3700D, 1500D, & 800D firewalls and Cisco WLAN controllers and deployed them into the production network, monitored, superior visibility and policy management using FortiManager FMG-2000E, Fortisandbox FSA-3000E.
• Involved in improving the Wide area network performance by delivering optimization (WAN optimization) using the Riverbed technology. working with riverbed steelhead appliance to bring WAN optimization to reduce latency, and also eliminated unnecessary traffic between application and users. used steel central controller for steelhead to monitor the status of application rollout.
• Deeper service health understanding; utilize Xpert to monitor live site health, performance, utilization, and trends.
• Experience working in DMZ environments with good understanding of hardware load-balancing, firewalls, multi-tiered architectures.
• Deploying SDN/NFV POC's for application team for migrating the high reality network for latest technology.
• Worked on latest cisco switches like Nexus 9000, 7018, 5548, 5020 and 5010, implemented advanced features like VDC, VPC (Virtual Private Cloud), OTV (Overlay Transport Virtualization) and configured top of the row Fabric Extenders 2248 and 2232.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Designed and implemented VMware vSphere platform for providing performance, availability and efficiency of deployed applications and Monitored, managed health & performance using Operations Management tool.
• Build Site to Site IPsec based VPN Tunnels between various client and business partner sites.
• Manage over 40 checkpoint Firewalls split through multiple CMA's and administer using provider.
• Created new installation packages for Symantec Endpoint Full Disk Encryption and Symantec Removal Storage software for use in desktops and laptops.
• Testing and implementing updated any newer version of Symantec Endpoint software. Testing of Symantec Endpoint Encryption software for uses on newer model laptops.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Administer and support Juniper Firewalls Using NSM (Net screen and ISG firewalls).
• Troubleshooting connectivity issues with in the server zones of the Data center (between application servers, database and web servers) as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
• Running vulnerability scan reports using Nessus tool.
• Monitored network operations, performance, operations automation, inventory management, service provisioning, Reporting using Cisco EMAN tool.
• Performing network monitoring, analysis using various tools like HP Openview, Q Radar, NetQos, Wireshark, & Solarwinds, Dynatrace, Extrahop tool helped for tracking root cause problems.
• Actively use, smart view tracker, and Checkpoint CLI (to security gateways) for troubleshooting.
• Perform advanced troubleshooting using Packet tracer and TCP dump on firewalls.
• Worked on the security levels with RADIUS, TACACS+.
• Implement Cisco Secure Access Control Server (ACS) for TACACS+.

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Arista 7k, Brocade, NetScout, Nagios, Riverbed, Nexus (9k, 7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), NetMRI, VMware vSphere, Enterasys 1850, Tcpdump, Dynatrace, Firepower, Firesight, switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505, 5510), TACACS+, SDN, NFV.

Confidential, Santa Clara, CA

Network Engineer

Responsibilities:

• Assist in data center Cabling-UTP, Fiber, circuit, tracking and update inventories and Racking and Stacking.
• Worked in lab environment running tests on Switches using IXIA hardware.
• Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Accountable for SAN migrations, LUN creations, and masking removal; Citrix XenApp, XenServer, and XenDesktop design and implementation; and Citrix NetScaler configurations and maintenance.
• Migrated edge Cisco ASA 5545 services to Palo Alto firewalls.
• Worked on the redesign and upgrade of the corporate/datacenter backbone to 10G DWDM on Cisco ONS, Cisco POTN, and Nexus Class infrastructure.
• Transport 10Gig and 1Gig Optical connections and fiber paths with in data center and all over the plant using DWDM.
• Installed and implemented Digital guardian DLP(Data Loss Prevention), network DLP and Data visibility and control.
• Designed/implemented remote site Palo Alto, Riverbed, and Brocade switches.
• Performed configuration and maintenance of Brocade ICX 6450 and 7450 switches in the network.
• Configuration of Fortinet 60D, Fortigate 3700D, 1500D, & 800D firewalls and Cisco WLAN controllers and deployed them into the production network, monitored, superior visibility and policy management using FortiManager FMG-2000E, Fortisandbox FSA-3000E.
• Installed FireEye tools to provide network security, end point security, detecting threats and preventing from threats.
• Monitoring Network infrastructure using SNMP tools HP NNM, Dynatrace, Solar-winds and OpNet.
• Implementation of Spine leaf architecture, and configured Equal cost multi-path Routing.
• Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, applying downloadable ACLs through Cisco ISE, and Configuring Standard and Extended ACLs.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Implemented and managed Firewall rules in Palo alto PA 5000 series using Panorama.
• Configuration, firmware upgrade, and deployment of Enterasys B-Series stackable access switches and C-Series aggregation switches.
• Analyzed and monitored incident management and incident resolution issues exploitation Splunk.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• I used LogLogic to collect logs and events from network devices, servers, databases, operating systems and applications.
• Configure and deploy network security i.e. ASA 5508x, Sonic wall and support IDS/IPS SourceFire/ Cisco FireSight management.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Installed Splunk Enterprise for troubleshooting, monitoring, and security investigations.
• Configured and maintained S2S, IPSEC and SSL VPN's on Palo Alto Firewalls.
• Worked on ports such as FC (Fiber Channel), FCoE and mainframe switches.
• Configured and Installed server ports and FC uplinks for UCS 6100 Fabric Interconnects.
• Configured, repaired, maintained, fine-tuned and upgraded Cisco hardware and software operating systems, checkpoint/juniper firewalls, f5's and riverbed. Configured WAN traffic optimization using Riverbed.
• Installed Riverbed interceptor appliance and Steelhead mobile controller are to bring more performance of steelhead appliances, and leads edge optimization and productivity of applications. used steel central controller for steelhead to monitor the status of application rollout.
• Worked on 4500 Catalyst switches for the purpose of LAN requirement and for troubleshooting LAN issues.
• Installed and configured switching protocols on Alcatel-Lucent Core switches 9900, 9000E and 6900, and access switches are 6250, 6350, & 6450 and Omni Switches 10k.
• Responsible on Configuring a IPS device on a Tipping point project.
• Installed and configured F5 BIG-IP, Brocade ADX to provide load balancing for server across multiple data center.
• Successful configuration of the Infoblox system to meet client needs also calls for an ability to quickly grasp client-specific current solutions for DNS, DHCP, and IPAM (DDI).
• Responsible for implementation of security policies on SRX 240, SRX 550 series of NGFW firewalls at branches and datacenter.
• Worked on latest cisco switches like Nexus 9000, 7018, 5548, 5020 and 5010, implemented advanced features like VDC, VPC (Virtual Private Cloud), OTV (Overlay Transport Virtualization) and configured top of the row Fabric Extenders 2248 and 2232.
• Deployed physical and virtual servers (Hyper V and ESXi), manage and maintain the server with the latest updates, drivers and firmware.
• Installed APC and Liebart UPS systems for providing maximum efficiency data center design, high power capacity and power distribution unit.
• Installed and implemented Forescout CounterACT which used for discovering devices connected to network and monitoring them.
• Excellently used Splunk to analyze and monitor incident management and incident resolution problems.
• Provided firewall policy configuration and services with Juniper SRX 240 & 650 series.
• Installed upgrades or hotfix to further Brocade ADX, & F5 load balancing versions.
• Layout network diagrams using MS Visio and record changes and update NAGIOS monitoring tool.
• Performed Switching Technology Administration including VLANs, inter-VLAN Routing, Trunking, STP, RSTP and Port Aggregation on Cisco catalyst devices and Arista 7K.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515, Deployed LTMs and GTMs in DMZ environments with FIPS solutions.
• Configured Wireless networks on WLC 5508 series Wireless LAN Controller and management using Cisco Prime.
• Used Cisco Prime services; IPAM, & DHCP and configured services enterprise network.
• Configured and managed Nexus 2k Fabric extender, 5K, 7K and 9k switch network at the client's location.
• Configured RSTP, LACP and VTP on Nexus devices.
• Network consists of Heavy Cisco equipment such as Cisco 2500, 2600, 3640, 3945, 7200 series Routers, Cisco 6500, 4500, 3560, 2950, 2924 Switches, Cisco Pix firewall 500 series and Wireless Access points Cisco 1230.
• Performed RIP & OSPF Routing Protocol Administration.
• Proficient with NetScout infinistream sniffers and Nokia CheckPoint firewall to isolate network issues.
• Advanced troubleshooting features such as Tcpdump, FW Monitor, Packet Capture sniffing and export them using CLI and Wireshark as well as debug on the appliances for network connectivity issues.
• Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backup paths for the packet prioritization and EIGRP tuning.
• Ability to configure and monitor security tools such as security information and event management (SIEM) Q Radar, ArcSight.
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500, 5585 PIX security appliance, Failover DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design.
• Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP.
• Handling network devices such as Switches (Cisco Catalyst 2900 and 3500 series), Routers (Cisco 2600, 2800 and 7200 series), Firewalls, Load balancers etc.
• Configuration of OSPFv3, BGPv6 on Juniper M and J Series Routers.
• Design and implementation of multiple Cisco technologies. Cisco ISE, ISR/ASR Routers, Nexus/Catalyst Switches, Firepower, S2S, ASA Firewalls, VMware/vSphere.
• Designed and implemented VMware vSphere platform for providing performance, availability and efficiency of deployed applications and Monitored, managed health & performance using Operations Management tool.
• Deployed VPLS for DCI for spanning the VLANs across the datacenters to provide support for low latency and critical applications.
• Worked on Bluecoat proxy server, Tipping point Intrusion Protection System management.
• Configuration of checkpoint firewall per client topology.
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access.
• Worked on Source Fire, Tipping Point IPS/IDS Systems, vulnerability assessment tools like Nessus, Qualys, and SIEM tools like Arcsight, Rapid7, NetQos, splunk and packet capture tools like wireshark, tcpdump.
• Monitored network operations, performance, operations automation, inventory management, service provisioning, Reporting using Cisco EMAN tool.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Experienced working on cisco firewalls - cisco ASA 5520 & 5585 series, Sonic wall and configuring security levels on RADIUS and TACACS+.
• Configured and implemented EAP user based authentication for RADIUS AAA server.
• Maintained Corporate Firewalls & Analysis of firewall logs using various tools. Configured and troubleshooting of HSRP on Cisco routers.
• Worked with SolarWinds Orion software (Network Performance Monitor & Net flow), AppDynamics, and Extrahop tool provided visibility.
• Engage with ISPs and PSTN providers globally to resolve related issues.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.
• Designed and configured the commands for QoS and Access Lists for Nexus 9k, 7K and 5K.
• Involved in New Branch Network Systems. Resolved Network Issues and Prepared Network Documentation.
• Monitored performance of Network and Servers to identify potential problems and bottleneck.

Environment: Cisco 6500/4500/3560/2950/2924 switches, Juniper Ex Switches (Ex2200, Ex2500), Aruba, NetScout, Fortinet 60D, Brocade, Nagios, Enterasys, Riverbed, VMware vSphere, Alcatel-Lucent, Arista 7k, Cisco 7200/3945/3640/2600/2500 routers, Tcpdump, EIGRP, RIP, VTP, RSTP, OSPF, TFTP, Cisco EMAN, Firesight, Firepower, Nexus 5k and 7k switches.

Confidential, Farmington Hills, MI

Network Engineer

Responsibilities:

• Implemented traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Run scripts and perform desired configuration changes on Fortinet 60D, Fortigate 3700D, 1500D firewalls.
• Create, modify and monitor Fortinet firewall and IDS policies and logs.
• Configuration of Fortinet 60D firewalls and Cisco WLAN controllers and deployed them into the production network.
• Troubleshooting several scenario based and complex networking as well as VoIP related issues.
• Assisted with configuring Fortinet for Guest WIFI coach stores in laboratory environment.
• Deployment of Palo Alto firewall into the network, Configured and wrote Access-list policies on protocol based services.
• Installed FireEye tools to provide network security, end point security, detecting threats and preventing from threats.
• Project work for Riverbed Professional Services that require expertise with the SteelCentral/Opnet network modeling and application performance products.
• Regular upgrade and maintenance of Juniper Routers and Next Generation Firewalls NGFW, Nexus 9k, 7k, 5k & 2k, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
• Installed riverbed steelhead appliance to bring WAN optimization to reduce latency, and eliminated unnecessary traffic between application and users, used steel central controller for steelhead to monitor the status of application rollout.
• Cisco ACI (Application Centric Infrastructure) deployed, monitored, and managed in a way that benefits different teams in the IT organization including SDN Network, Cloud and DevOps, and Security.
• Provided second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Configured the Dynatrace, Nagios XI monitoring tool to monitor routers and switches and cusisetomized its dashboard.
• Planning and deployment of Cisco Identity Service Engine Solution, HP OpenView, Riverbed Opnet, SIEM Qradar, ArcSight, Solarwinds, Rapid7, SNMP, WFM, Infoblox, SOAP, SourceFire, Cisco UCS, Symantec, ACI, ITSM, ITIL, COBIT, ITAR, SAFE, NIST and RMON.
• Installed and configured switching protocols on Alcatel-Lucent Core switches 9900, 9000E and 6900, and access switches are 6250, 6350, & 6450.
• Configure and deploy network security i.e. ASA 5508x, Sonic wall and support IDS/IPS SourceFire/ Cisco FireSight management.
• Accountable for SAN migrations, LUN creations, and masking removal; Citrix XenApp, XenServer, and XenDesktop design and implementation; and Citrix NetScaler configurations and maintenance.
• Design and implementation of multiple Cisco technologies. Cisco ISE, ISR/ASR Routers, Nexus/Catalyst Switches, Firepower, S2S, ASA Firewalls, VMware/vSphere.
• Installation and Configuration of Cisco Wireless LAN Controllers on Branch ISR G2 Service Ready Engines (SRE) and Virtual Wireless LAN Controllers for Central Office Infrastructure.
• Successful configuration of the Infoblox system to meet client needs also calls for an ability to quickly grasp client-specific current solutions for DNS, DHCP, and IPAM (DDI).
• Planned and coordinated wired/wireless installations/augmentations/refreshes including wireless network design, utilization/capacity, involving configuration of Cisco and Aruba switches/wireless controllers and testing of Configurations, Security, Applications and clients across the wireless network.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Efficient at use of Microsoft Visio/Office as technical documentation and presentation tools.
• Experience with Synchronous Optical Networking (SONET) over optical fiber.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Configuring, Installing and troubleshooting on Check Point Devices.
• Configured IPSEC VPN on SRX series firewalls, Policy using IDP.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring using Dynatrace.
• Knowledge on multiplex techniques such as DWDM.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper NetScreen firewalls.
• Provided secured internet using Microsoft Forefront Threat Management Gateway (MS TMG).
• Implement and configure Cisco ISE into the enterprise network environment.
• Provided support in building, and troubleshooting wireless networks related to Cisco identity Services Engine (ISE) authentication and authorization.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of Firewall logs using various tools.
• Successfully installed Palo Alto PA-3060 Firewalls to protect Data Centre and provided L3 support for routers/switches/Firewalls.
• Installed APC and Liebart UPS systems for providing maximum efficiency data center design, high power capacity and power distribution unit.
• Monitoring the network traffic with the help of Q Radar and Cisco IPS event viewer.
• Knowledge and experience to deliver end-to-end methodologies within ServiceNow, which includes architecting technical implementation of IT Infrastructure Library (ITIL) processes, organizing and prioritizing development effort, interfacing with vendors and management, and coordinating effort of administrators.
• Run scripts and perform network automation tasks using NetMRI.
• Monitored network operations, performance, operations automation, inventory management, service provisioning, Reporting using Cisco EMAN tool.
• Monitored network availability and performance using SolarWinds Orion, NetQos, AppDynamics, and Extrahop.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured policy based routing for BGP for complex network systems.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer's Site.

Environment: Cisco 6500/5000/4500/3500/2950 switches, Arista 7k, Fortinet 60D, Cisco 7600/7200/3800 routers, EIGRP, RIP, VTP, RSTP, OSPF, TFTP, Tcpdump, NetMRI, Wireshark, Cisco EMAN, NetQos, Firesight, Firepower, Alcatel-Lucent, Nagios, Nexus 5k and 7k switches.

Confidential

Network Engineer

Responsibilities:

• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches.
• Router/ Microsoft VPN Server in order to access certain limited network resources from customer locations.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Performed RIP and OSPF routing protocol administration.
• Managed rules on Cisco checkpoint NGX firewall.
• Supporting EIGRP and BGP based company network by resolving level 2 & 3 problems of internal teams and external customers of all locations.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480, and M Series, SRX210, SRX240.
• Configured OSPF and BGP on Juniper M and MX series Routers.
• Racking, Stacking, configuring, Nexus 5K and 2K and 7K.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Configuring ACL on ISE for making policies.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Scripting experience with Perl.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Installation, Configuration and troubleshooting Cisco switches and Firewall on multi-mode context based environments.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured policy based routing for BGP for complex network systems.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer's Site.

Environment: CISCO routers and switches, Routing (RIP, OSPF, EIGRP, BGP), Access Control Server, Nexus (2k,5k, & 7k), VLAN, Trunk Protocols, STP, Ether-channel, Cisco ASA Firewall, Server environments (DHCP, DNS)

Confidential

Responsibilities:

• Configuring and troubleshooting multi-customer ISP network environment.
• Involved in network monitoring, alarm notification and acknowledgement.
• Implementing new/changing existing data networks for various projects as per the requirement.
• Troubleshooting complex networks layer 1, 2(frame relay, ATM, Point to Point, ISDN) to layer 3 (routing with BGP, EIGRP, OSPF and RIP protocols) technical issues.
• Working on creating new load balancing policies by employing BGP attributes including Local Preference, AS-Path, and Community, MED.
• Installing and maintaining Windows NT Workstations and Windows NT Server.
• Providing technical support to LAN & WAN systems.
• Monitoring performance of network and servers to identify potential problems.
• Performing RIP, OSPF, BGP, EIGRP routing protocol administration.
• Preparing feasibility report for various upgrades and installations.
• Other responsibilities included documentation and support other teams.

Environment: LAN & WAN, frame relay, ATM, Point to Point, ISDN, Windows NT Workstations, NT servers, RIP, OSPF, BGP, and EIGRP.