SUMMARY:

• CISCO Certified with 8 Years of experience in networking and security, hands on experience inDesign, implementation, and support. Routing, switching, firewall technologies, and troubleshooting of complex network systems.
• Designing, implementing and troubleshooting Cisco 3750, 3550, 3560, 2924, 6509 - V-E, 6513, 6504, 6503, 6506, 6500 series switches and ARISTA (7100, 7500) Series switches.
• Designing, implementing and troubleshooting Cisco routers (800, 2800, 2600, 3800, 7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Cisco PIX & ASA devices.
• Experience in Cisco security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
• Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Experience in installing and configuring DNS, DHCP server.
• Troubleshooting & implementation of V lan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Working knowledge of frame relay, MPLS services, NATing, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
• Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system like Remedy Ticketing System.
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, VLSM, TCP/IP, NAT, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
• Responsible for Check Point and Cisco ASA &Palo Alto Firewalls environment.
• Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Working Knowledge of Cisco IOS, Junos & basic Nexus (7K, 5K&2K).
• Expertise in installing, configuring and troubleshooting Juniper Routers (J, M and MX-series)
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Hands on experiences on McAfee EPO with deploying and removing agent on client’s machine, removing virus and manually updating DAT files.
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco Prime infrastructure to support Network Operation Center.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

TECHNICAL SKILLS:

Routing Protocols: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, STP,RSTP,VLANs,VTP,PAGP,LACP,MPLS HSRP,VRRP,GLBP,TACASS+, Radius, AAA

CISCO Routers: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Huawei AR Series Routers

Antivirus & Endpoint protection: Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC, SSM, FWSM, FortiGate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, and Juniper Netscreen firewall, Windows Patch Management (WSUS).

LAN Technology: Workgroup, Domain, RSTP, VLAN, STP, VTP, Ethernet, Fast Ethernet, Gigabit Ethernet&10 Gigabit Ethernet,802.1q

WAN Infrastructure: Leased Line, ISDN/Dial-Up, and Frame Relay circuits, Metro Ethernet.

WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPsec-VPN.

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Operating Systems & Tools: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server

Network Security: ACL, IPSec, VPN, Port-security, AAA, Zone-Based Firewalls, IOS based router security firewalls, IDS/IPS, Palo Alto firewalls.

Network Technologies: MANET, SONET, TDMA, FDMA, CDMA. DSL, POP3

PROFESSIONAL EXPERIENCE:

Confidential, Secaucus, NJ

Network Engineer

Responsibilities:

• Maintained a network lab with more than 30 routers (3600 series), 50+ switches (2900 series), firewall and other network devices like DHCP, DNS servers and VPN concentrators.
• Experience working with ASR 9000 series switches with IOS-XR.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Experience in vSphere Infrastructure.
• Helped the network team to install new switches and routers and configure the IOS according to the requirement which included VLAN, OSPF, Subnetting, EIGRP, BGP, VTP, PaGP, spanning - tree, IP Sub netting, wireless access points, T1 circuits and PIM-SM using auto RP.
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Assisted in backing up, restoring and upgrading the Router and Switch IOS.
• Assisted campus for VOIP network management and troubleshoot.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
• Experience with convert PIX rules over to the Cisco ASA solution.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Responsible for Cisco ASA firewall administration across our global networks.
• Worked with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP.
• Design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000.
• Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
• Experience of VMware ESXi and VMware Infrastructure.
• Hands-on experience with McAfee EPO deploying agent either with EPO.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Implementing, configuring and troubleshooting routing protocols such as RIPv2 HSRP, GLBP
• Installation & configuration of Microsoft Proxy Server 2.0 & Blue Coat Proxy.
• Configured, installed, & managed DHCP, DNS, & WINS servers.
• Provided front-end on-call network support 24x7x365 for all network infrastructures in the co-operation.

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505, 5510), FortiGate Firewall 80C, 100d, 1240b on Forti OS5.2.

Sr. Network Engineer

Responsibilities:

• Involved in the activity of DATA-Center migration of regular Cisco catalyst switches with the new Nexus 2148, 2224T, 5548, 6018, 7010 using F3/M3 line-cards with 10GE & 40GE interfaces and Supervisor 2E.
• Configuring Palo alto policies and setting different device configurations.
• Configured Firewall logging, DMZs& related security policies & monitoring
• Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog. Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
• Involved in the troubleshooting aspects of complex network infrastructure using routing protocols like EIGRP, OSPF and BGP. Configuring Palo alto policies and setting different device configurations.
• Configure legacy route map configurations using the new Cisco IOS XR Routing Protocol Language (RPL).
• Monitoring threats on firewall and changing policies to prevent attack.
• Responsibilities also included placing order for new SFP’s, implementing inline capabilities for home agents and running network cables from Palo Alto direct to required firewall.
• Configuring Palo Alto’s for inline use and Adding signature attacks on prevention lists.
• Created new policies for CDE and syncing the same policies in all the Data Centers.
• Auto Tuning Palo Alto Signatures and syncing between the data centers, working on PCI’s and managing it during peak if needed.
• Applied ACLs for Internet access to the servers using Cisco 5550 ASA firewall and performed NAT.
• Dealing with Cisco ASA 5550 providing advanced application-aware firewall services with identity-based access control, denial of service (DoS) attack protection all built upon market-proven Cisco PIX Security Appliance technology.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Configure and Install F5 New Virtual Servers, Profiles, I Rules, Pools, Nodes, Generate CSR Certificate, SSL Certificates Etc.,
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Performed Security operations in terms of pushing new policies and deploying new rules. Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
• Supported in giving access the User machines and partners exterior to the network using IPsec VPN tunneling and SSL.
• Dealt with the service providers in the case of WAN outages.
• Responsible for simulating network operations with the usage of packet analyzer like Wire shark, and use to resolve tickets whenever there is an issue.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.

Network Engineer

Responsibilities:

• Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS, static routing and policy based routing.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Upgraded Cisco ASA 5510 firewalls using 6500/7600 catalyst modules for enhanced performance, security and reliability. Security policy review and configuration in Palo Alto and Juniper SRX Firewall in Datacenter. Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router: 7705 SAR 8 and 7750 service router.
• Experienced in working with BIG-IP Edge Portal and BIG-IP Edge Client
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs& trouble-shooting of routing protocols like static, dynamic
• Provided on-call support for installation and troubleshooting of the configuration issues.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Implemented site to site VPN in Juniper SRX as per customer.
• Regular upgrade and maintenance of Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
• Monitoring and troubleshooting network issues between client site and 85 remote sites with legacy switches and routers
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• IOS upgrade 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series Cisco routers using TFTP.
• Migrated IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), NAT64, DS-Lite and DNS64.
• Involved in troubleshooting of DHCP and other IP conflict problems.
• Configured ACLs (Standard, Extended and Named) to allow users all over the company to access different applications and blocking others.
• Participated in on call support to troubleshoot the configuration and installation issues.
• Configured switches with port security and 802.1x for enhancing customers security.

Network Engineer

Responsibilities:

• Managed 5000 user accounts and group policies for users belonging to various accounts such as Citibank using Active Directory server. Also managed Internet Information Services (IIS), Mail servers, File servers, DNS and DHCP servers.
• Worked with Network Operations Center (NOC) by managing and monitoring LAN/WAN network services. Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Responsible for Configuring SITE TO SITE VPN on Cisco Routers between Head Quarters and Branch locations
• Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
• Experience with Info lox technologies.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Created Virtual Machine templates for Windows server 2003/2008 using VMware vSphere and cloned them.
• Performed switching related tasks such as implementing VLANS, VTP, RSTP and Port security.
• Implemented security measures using ACL and configured NAT according to the connectivity requirement.
• Provided 24/7 rotational on call supports for branch offices.
• Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy based routing, infrastructure and configured the entire network Infrastructure devices including network printers.
• Plans, coordinates, implements and supports the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.
• Troubleshoot Frame Relay; T1, T3, IP and OSPF related router and circuit issues.

Jr. Network Engineer

Responsibilities:

• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured and installed Cisco routers 2500, 2600, 3601 and 4000 series.
• Configured EIGRP for Lab Environment.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Network Requirements.
• Designing solutions for frozen requirements using Cisco Routers and Switches.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter-Vlan routing with Multilayer Switching.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall.
• Worked along with the team in ticketing issues.
• Performed administrative support for RIP, OSPF routing protocol.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Real time monitoring and network management using Cisco Works LMS.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Monitoring network performance to improve the backup strategy using Net rep, Solar winds.