PROFESSIONAL SUMMARY:

• CCNP certified professional with more than 7 years of extensive experience in network design, implementation, troubleshooting, engineering, managing and providing security which includes designing, deployment and providing network support
• Hands on experience of Cisco IOS/IOS - XR/NX-OS, Juniper JUNOS for configuration & troubleshooting various protocols of networking layers
• In-depth expertise with F5 GTM/LTM 8950 and VIPRION configuration/installation/support
• Experience on PIX firewalls, ASA (5540/5550) firewalls. Implemented security policies using ACL, firewall, IPSEC, SSL, VPN, IPS/IDS, AAA(TACACS+ & RADIUS)
• Experience on load balancers by implementing all required policies and to convert the changes depending on day to day usage.
• Experience working on Cisco service router 1000V series for traffic redirection and in data centers
• Experience working on F5 load balancer in order to reduce the burden on the network
• In-depth knowledge and hands-on experience in Tier II ISP routing policies, network architecture, IP sub-netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits
• Hands on experience on Palo Alto firewalls, writing rules, configuring, troubleshooting the polices
• Hands on experience working on Cisco ASR series routers in delivering fast IPv6 services
• Experience in Juniper product line for configuring and troubleshooting EX-2200, EX-4200, EX-4500 switches, SSG 550M, ISG 2000, SRX-210, SRX-240, SRX-650, SRX-1400, SRX-5800 series Firewalls
• Experience in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems
• Experience on working scripting languages Python and PERL for code upgrades and configurations of devices
• An in depth experience in writing down the documents as Proof of concepts related to configurations and deployment
• Experience in implementing and troubleshooting routing protocols RIP, RIPv2, EIGRP, OSPF, ISIS and BGP to avoid delays and congestion in network
• In-depth experience in areas related to L2 technologies which include VLAN’s, VTP, STP, RSTP
• A high relative experience working with active directory while dealing with windows server at work location
• Experience working with high performance data center switch like Nexus 7010,7018, 7009, 5020, 2148, 2248
• Experience in layer-3 routing and layer-2 switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches)
• Extensive use of Remedy Ticketing System to deal with escalation problems for routing, switching and WAN connectivity issues
• A hands on experience on various threat management tools as part of security schemes
• Working with Cisco, Juniper, F5, for opening TAC case and resolving issues to meet project deadlines
• Working knowledge with monitoring tools like SolarWinds, Zenoss and network packet capture tools like Wire-shark
• An efficient and adoptable person who follows an organized and well planned approach for troubleshooting engineering issues
• A good team player and compatible to the system of company, who is ready to take up any responsibility given at any time

TECHNICAL SKILLS:

NETWORKING PROTOCOLS: HTTP, FTP, DHCP, DNS, TCP, UDP, ARP, SNMP, ICMP

ROUTING PROTOCOLS: RIP, IGRP, EIGRP, OSPF, IS-IS, BGP

REDUNDANCY AND MANAGEMENT: HSRP, RPR, NSF/NSR

NETWORK MONITORING: Wireshark, SolarWinds, TCP dumps

LAN TEHCNOLOGIES: Ethernet, Fast -Ethernet, Giga -Ethernet, VLANS

WAN TECHNOLOGIES: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

NETWORK SECURITY: NAT/PAT, Cisco ASA Firewalls 5580-20, Cisco ASA Firewalls 5580-20, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, ACL, IOS Firewall features, IOS Setup and Security features

CISCO EQUIPMENTS: Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series) Cisco Catalyst switches (6500, 4900, 3750, 4500, 2900 series), PIX Firewall (506/515/525/535 ), Cisco ASA Firewall (5505/5510), Cisco ASR 9000 series, Cisco ACE load balancers

OPERATING SYSTEM: Confidential XP/Vista/7, UNIX, Linux (Redhat, Ubuntu, Fedora)

SCRIPTING TOOLS: Python, Perl

PROFESSIONAL EXPERIENCE:

Confidential, Bellevue, WA

Network Engineer

Responsibilities:

• Reviewing and creating firewall rules and monitoring the logs as per the security standards in Checkpoint
• Writing method of procedure (MOP) on a daily basis as per the customers requirement for firewalls
• Using of Check Point SmartConsole tools (SDM) to check the rules of all the firewalls created and ensuring that new rules do no overlap or change the existing rules
• Troubleshooting firewall when customers face issues with the existing rules and also interact with them so that the issues are resolved at the earliest
• Reviewing rules for the load balancers and monitoring the logs as per the architecture using SecureCRT
• Writing Method of Procedure (MOP) by taking the necessary information such as member IPs, member ports, VIP ports and VIP FQDN from the requester and finish MOPs for A10 load balancers in LTM configurations
• Writing Method of Procedure (MOP) for F5 load balancers for GTM configurations by gathering necessary information such as WideIP, VIP FQDN, pool members, ports and the load balancing methods
• Deducing the best possible network configuration for the customer on the existing architecture using their specifications
• Troubleshooting and resolving issues if any on the load balancers at the earliest
• Configuring F5 LTM/GTM and A10 LTM solutions which includes configuring Wide IP, VIP and SNAT pools
• Have a clear understanding of Layer 3 architecture of Confidential USA, Inc. using Confidential Visio diagrams
• Documentation of all the daily tasks performed and use these whenever it requires troubleshooting to be done

Confidential, Redmond, WA

Network Engineer

Responsibilities:

• Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, and access-list addition using python script and on Linux platform based on tickets generated by customers
• Worked on Automation tool called Autopilot an internal tool used for code upgrades and configuring of new devices at different data centers
• Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 3K, 7K, Juniper MX-960 routers
• Working on configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between different data centers
• Implementing IPv6 addressing scheme for routing protocols, VLANs, sub-netting and mostly during up gradation of Cisco routers and switches
• Assigning RADIUS and TACAS for new deployments in production environment. AAA for users to implement changes on production devices. Most of these devices are Cisco propriety
• Worked along with Confidential operation center for monitoring traffic on the devices going to up-links and divert traffic on to different routes after traffic level reaching threshold value
• Generating audit reports by running automated scripts on various devices in order to check the layer 2 issues like errors on the links, port flapping
• Analyzing the Audit report and work along with Data center teams to check the optics and troubleshoot issues
• Coordinating along with Global data center teams located at different locations and work along with them for troubleshooting layer 2 issues
• Assisting off-shore teams located in India in upgrades, VLANs configurations, in troubleshooting layer 3 issues and routing protocol issues mostly BGP
• Documentation of various changes made on devices and submit them for approvals and work along with alerts team and intimate them the changes to be made

Confidential, Bloomington, IL

Network security Engineer

Responsibilities:

• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls, installing and configuring new juniper SRX series firewalls to meet day to day work
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements
• Worked load balancers like F5 GTM to troubleshoot and monitor DNS issues and traffic related to DNS and avoid DDoS
• Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol based services
• Configured network access servers and routers for AAA security (RADIUS/ TACACS+)
• Troubleshooting of protocol based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow
• Worked on DNS server involving configuration and resolving DNS related issues
• Writing rules for NAC servers as per the authentication and authorization of systems within the company.
• Monitoring the network traffic with the help of IBM QRadar and Cisco IPS event viewer
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place
• IPv6 is implemented at a larger scale using Cisco ASR 9000 series routers delivering flexible service
• Installing and configuring new Cisco equipment including Cisco 2900, 3900 series routers, Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company
• Worked on regular troubleshooting of BGP, EIGRP routing protocols
• Adding and modifying the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms
• Managing and providing support to various project teams with regards to the addition of new equipment such as routers, switches and firewalls to the DMZs
• Working closely with Data center management to analyze the data center sites for cabling requirements of various network equipment

Confidential, Napa, CA

Network Engineer

Responsibilities:

• Experience with Firewall administration, Rule analysis, Rule modification
• Experience on F5 load balancer in order to maintain balance in the network system with application specific usage
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Installing and configuring juniper M series router along with juniper switches QFX series
• Configured and resolved various OSPF issues in an OSPF multi area environment mostly on IPv4 and to some extent on IPv6
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team
• Hands-on experience with WAN (ATM/Frame Relay), routers, switches, TCP/IP, routing Protocols (BGP/OSPF), and IP addressing
• Configured CIDR IP RIP, PPP, BGP and OSPF routing
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms
• Deployed 7613 as PE and CE router and configured and troubleshoot the edge routers
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12
• Configured egress and ingress queues for ISP facing routers using CBWFQ
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP open view) and experience with developing complex network design documentation and presentations using VISIO
• Estimated project costs and created documentation for project funding approvals

Confidential

Network Engineer

Responsibilities:

• Worked on Cisco routers 7200, 3700 and Cisco switches 4900, 2900
• Key contributions include troubleshooting of complex LAN/WAN infrastructure
• Configured firewall logging, DMZs, related security policies and monitoring
• Creating private VLANs & preventing VLAN hopping attacks and mitigating spoofing with snooping & IP source guard
• Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco PIX Firewall
• Enabled STP enhancements to speed up the network convergence that include Port-fast, Uplink-fast and backbone-fast
• Other responsibilities included documentation and change control
• Responsible for Configuring SITE-TO-SITE VPN on Cisco routers between headquarters and branch locations
• Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems
• Used various scanning and sniffing tools like Wire-shark
• Hands on experience working with security issue like applying ACL’s, configuring NAT and VPN
• Documenting and Log analyzing the Cisco PIX series firewall
• Configured BGP for CE to PE route advertisement inside the lab environment