SUMMARY:

A US citizen with over twenty years of experience in project planning, cost analysis, designing and implementing complex cloud network infrastructure where high performance, absolute reliability, and comprehensive security are vital requirements. Specialized in enterprise network routing, switching, wireless network, voice/video over IP, and security firewall. Founder of WLAN Research. Earned Master of Science degree in Electrical Engineering. Currently pursuing Confidential certification.

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Cloud Infrastructure Network Architect

Responsibilities:

• Designing, implementing, and securing Virtual Computing Environment (VPE) using Cisco ASA IPS modules, Sophos UTM, and Brocade Vyatta.
• Designing and implementing Virtual Private Cloud (VPC) and Virtual Private Network (VPN) using Cloud Computing Services, VMware, and Linux Proxy (Squid and SOCKS) based access.
• Designing and implementing Amazon Web Services (AWS) Infrastructure including Load Balancer, Auto Scaling, virtual routers, virtual switches, virtual firewall, VPN, Availability Zone, Route 53 DNS, and Direct Connect.
• Designing, deploying, and managing large and complex sensitive ISP network and Data Center comprising Cisco ASR routers, Cisco Nexus switches, and firewalls (Cisco ASA, Palo Alto, Blue Coat) with Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), and Border Gateway Protocol (BGP) routing protocols.
• Designing and deploying large - scale Multi-Protocol Label Switching (MPLS) Layer-3 VPN using Multi-Protocol BGP (MP-BGP), Label Switched Path ( Confidential ), OSPF, and Virtual Routing and Forwarding (VRF) Confidential the core Provider/Provider-Edge Routers.
• Deploying and managing large and complex sensitive ISP network using Dynamic Multipoint VPN (DMVPN), Generic Encapsulation (GRE) tunnel, and IPSec VPN routing and forwarding (VRF) security features.
• Performed multi-vendor product selection, cost analysis, and testing for designing, and deploying Cisco Network Admission Control (NAC) in highly secured nationwide network.

Confidential, Pentagon, VA

Lead Network Architect

Responsibilities:

• Analyzed cost and recommended best method for integrating multi-vendor equipment in highly secured Wide Area and Data Center networks comprising Cisco routers (7500, 3600, 2600), Cisco Catalyst switches (6500, 5500, 4000, 3500, 2900), Cisco Nexus Switches (5020, 2248), and Juniper routers and switches.
• Performed product selection, and testing for designing and deploying enterprise Source Speci c Multicast (SSM), Bidirectional (Bidir), Anycast RP PIM, and Multicast Source Discovery Protocol (MSDP).
• Recommended best practice method for controlling BGP and EIGRP traffic path in order to optimize bandwidth utilization, and to reduce the delay of VoIP and Multicast applications.
• Performed product selection, and testing for designing and deploying QoS (Class-Based WRED (CBWRED), Traffic Policing and Shaping) for enterprise VoIP application.
• Pilot tested Cisco Nexus 7000 features of Overlay Transport Virtualization (OTV) for both Multicast and Unicast modes, Virtual Device Context (VDC), Virtual Port Channel (vPC) for Data Center Design.

Confidential, Newington, VA

Principal Network Engineer

Responsibilities:

• Reviewed architecture design for upgrading the network infrastructure of several dozen Field Offices and Remote sites with main objective of achieving highly redundant network.
• Designing, deploying, and managing large and complex sensitive ISP network comprising Cisco routers (7500, 3600, 2600), Catalyst switches (6500, 5500, 4000, 3500, 2900), and firewalls (PIX and Cisco Firewall IOS) with Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), and Border Gateway Protocol (BGP) routing protocols.
• Deploying and managing large and complex sensitive ISP network using Dynamic Multipoint VPN (DMVPN), Generic Encapsulation (GRE) tunnel, and IPSec VPN routing and forwarding (VRF) security features.

Confidential, Sterling, VA

Lead Network Architect

Responsibilities:

• Performed project planning, multi-vendor product selection, cost analysis, and testing for designing, and implementing Cisco Network Admission Control (NAC) in enterprise environment supporting 2500 users.
• Performed project planning, designing, and implementing Cisco ASA 5500 Series Adaptive Security Appliance for highly redundant firewall and VPM functions.
• Performed project planning, designing, and implementing Cisco Clean Access (CCA).
• Performed project planning, cost analysis, designing, and deploying network infrastructure using Cisco routers (7500, 3600, 2600), Catalyst switches (6500, 5500, 4000, 3500, 2900), and firewall (PIX and Cisco Firewall IOS) with Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF) routing protocols.
• Performed project planning, designing and deploying Cisco Catalyst 6513 switches equipped with Supervisor Engine 720 modules for large-scale and highly redundant Data-Center application.
• Recommended best practice method for designing and deploying Internet WAN (OC-3, T3, T1, ATM) using BGP with load-sharing technique to several ISP’s.
• Performed project planning, product selection, cost analysis, and testing for designing and deploying highly redundant online transaction using F5 BigIP 6400 load-balancers and SSL accelerators.
• Designing and implementing Cisco Intrusion Detection System (IDS) using the IDSM-2 module for Cisco Catalyst 6513 switch.
• Designing and deploying Cisco PIX and IOS Context-Based Access Control (CBAC) firewalls supporting highly complex security access policy.
• Designing and implementing IPv6 using Dual-Stack, Tunneling, and Translation techniques in Unicast, Anycast, and Multicast environment.
• Designing and deploying Cisco Wireless LAN Solution Engine (WLSE) with primary objective to detect rogue Access Points as part of enterprise Wireless LAN (WLAN) security policy.
• Designing and deploying Cisco Secure ACS (TACACS+, RADIUS) servers supporting comprehensive multi-level security access policy.
• Evaluating the Cisco Security Agent (CSA) to be used for UNIX and Windows2000 platforms.
• Designing and deploying Cisco 3620 Multimedia Conference Manager (MCM) for H.323 Gatekeeper and Proxy applications supporting Videoconferencing and VoIP.
• Deploying HP OpenView and CiscoWorks as the enterprise management tool for all Cisco routers and switches.
• Evaluating the feasibility of deploying Multiprotocol Label Switching (MPLS) network for 200 network locations in order to support Voice and Data.
• Evaluating the implementation of VPN using Cisco VPN 3000 Concentrator, Cisco PIX firewall, AirFortress wireless Link Layer Security (wLLS), and IPSec clients in WLAN environment with extreme security requirement.
• Evaluating the implementation of Cisco WLAN using IEEE 802.1X, Wired Equivalent Privacy (WEP), Extensible Authentication Protocol (EAP), Light Extensible Authentication Protocol (LEAP), and Cisco Secure ACS (TACACS+, RADIUS).
• Designing, implementing, and supporting VoIP using Cisco Call Manager 3.0(8), H.323 Gateway (3600), MGCP Gateway (VG200, 3600), Skinny Gateway (Catalyst 6000 X6608-T1/E1, DT-24/30+), IP Phones, QoS (CoS, ToS), IP IVR (Auto-Attendant), IPCC (ICM, ACD), Sun Solaris, Windows 2000, and Survivable Remote Site Telephony (SRST) for enterprise environment.
• Performing evaluation and feasibility of migrating H.320 based videoconferencing to H.323 standard using Cisco, Lucent, and VTEL equipment.
• Implementing and supporting Cisco IPTV in an IP multicasting environment.

Confidential, Alexandria, VA

Senior Network Engineer

Responsibilities:

• Analyzed and recommended best method for designing and evaluating the feasibility of building global Data Center.
• Designing and implementing network infrastructure (Cisco Routers and Catalyst Switches, Cisco IOS firewall, Firewall-1, Solaris RADIUS AAA, Radware WSD-Pro, NAI RouterPM, HP Openview) for Confidential Headquarters Campus.
• Configuring and maintaining the Confidential website, which comprise of WindowsNT, Solaris, Radware WSD-Pro, Firewall-1, Cisco routers and Catalyst switches.

Confidential, Washington, DC

Senior Network Engineer

Responsibilities:

• Designing and implementing network infrastructure (Cisco Routers and Catalyst Switches, Cisco IOS firewall, Solaris Firewall-1, Wireless Networks, DNS, DHCP, WINS, Concord Network Health, NAI RouterPM, HP Openview) for Confidential Headquarters.

Confidential, Tysons Corner, VA

Senior Consultant

Responsibilities:

• Designing Data Center and WAN for Network Access Solutions (NAS). Performed network and security assessment for NAS infrastructure. Documenting/analyzing the network infrastructure, baselining, security probing (Intrusive Detection Systems).
• Performing network and security assessment for SUMMA Health infrastructure. Designed and implemented WindowsNT DNS and WINS. Documenting/analyzing the network infrastructure, baselining, Y2K testing, analyzing NMS, security probing, and proposing proactive enhancement and future infrastructure were the objectives.
• Performing LAN and WAN analysis for National Air and Space Museum (NASM) of Smithsonian Institution in order to solve the network congestion, propose solution, and propose network blueprint for future anticipated growth. Firewall security was also proposed.
• Redesigning DSS backbone infrastructure accommodating optimized WAN and secured Intranet and Internet. The WAN was Frame-Relay, and the security firewall was Cisco IOS 12.0.
• Implementing VPN using Cisco PIX and IPSec clients.
• Designing and implementing enterprise wide data network for Excel/Telco using Cisco routers (7500, 4700, 2500), Cisco Catalyst 5000 LAN hubs, Cabletron MMAC-Plus, and PIX firewall.
• Implementing Lucent/Livingston RADIUS on Solaris 7 as enterprise AAA server.

Confidential, Herndon, VA

Internetworking Engineer

Responsibilities:

• Migrating Confidential & Confidential Internet customers from Confidential network to the new Confidential & Confidential internal network. Configuring Cisco routers and firewalls is the main responsibility.
• Designing and implementing PRI/BRI ISDN network for Sprint/Globalone international clientele using Cisco routers.
• Designing and testing an enormous wireless service application for Nextel where heterogeneous Cisco router connectivity, stringent security using PIX firewall, elaborate DNS configuration, complex network management using HP OpenView, and advanced SUN system were the basis.
• Evaluating and testing large-scale client/server application (developed using Power Builder) for WinStar in LAN/WAN environment. Recommending the best method for deployment is the key objective.
• Performing analysis and testing between HP OpenView and Visio drawing compatibility for Confidential . The goal was to produce network drawings using Visio from OpenView's database.

Confidential, Bethesda, MD

Senior Network Infrastructure Engineer

Responsibilities:

• Designing and building comprehensive Data Center hosting mission critical applications.
• Designing and administrating TCP/IP, SPX/IPX, and NetBIOS LAN/WAN using Cisco routers (7500, 4500, 2500), Cisco Switch Hubs (Catalyst 5000, Catalyst 1200), and Cabletron Hubs (MMAC-M8FNB, MicroMMAC).
• Implementing Network Security using Check Point FireWall-1 in a complex security environment.
• Designing and installing DNS, DHCP, WINS, RAS, Syslog, HTTP-Web, and Tftp Servers using WindowsNT and Sun Solaris platform for Enterprise Client/Server Architecture.
• Implementing TACACS Server for monitoring access to Cisco routers.
• Implementing Intranet Web using MS WindowsNT 4.0, IIS, Index Server, and FrontPage 97.
• Constructing Web database connectivity using WindowsNT ODBC driver to MS Access and Excel database.
• Performing Network Baseline using HP OpenView, Cabletron Spectrum, DDDV RouterPM, and Network General Sniffer.
• Providing Expert/Third Level Support for Help-Desk and System Administrators (CNE and MSCE).
• Performing Project Manager duty on highly technical assignments.

Confidential, Vienna, VA

Senior Open Systems Engineer

Responsibilities:

• Designing three-tier Client/Server architecture where application partitioning and accessing heterogeneous database are crucial for On-line Transaction Processing (OLTP) and On-line Analytical Processing (OLAP) systems.
• Integrating Network Management Systems, Middleware, Data Warehouse or OLAP tools, and MISSI for DoD’s Defense Information System Network (DISN).
• Performing analysis comparison between HP OpenView and CA Unicenter for large-scale DISN network comprising of N.E. Confidential . IDNX switches, Bay Networks, and Cisco routers.
• Managing LAN/WAN Services and Help-Desk group.
• Designing/administrating Confidential (4.x, 3.12, 3.11) LAN and HTTP Web Server.

Confidential, Washington, DC

Senior Network/System Engineer

Responsibilities:

• Designing and administrating Confidential (4.1, 3.12, 3.11) LAN in 10BASE- Confidential and Token Ring environment to support DOS/Windows, WindowsNT, Macintosh, and OS/2 workstations.
• Designing and administrating Internetwork or WAN using Bay Networks WELLFLEET Routers, Cisco Routers, dedicated T1 links, and Frame Relay to support TCP/IP, IPX, SNA (3270 Gateway), and AppleTalk protocols.
• Integrating Middleware, NetWare, Lotus Notes, OS/2, DOS/Windows, and TCP/IP platforms for Confidential database systems.
• Implementing OLTP SQL Database via WAN where WinSock TCP/IP, UNIX, WindowsNT, and SYBASE are the platforms. PowerBuilder 4.0 and MS Visual C are the primary tools.