- Over 5+ years of experience as Network Engineer in Routing, Switching and Firewall Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/Data Center communication systems.
- Hands on experiences in Cisco Routers, Cisco Switches, Load Balancers & Cisco Firewalls.
- Strong knowledge in Routing, Switching, Wireless, Load Balancing, and Security concepts.
- Exposure to LAN/WAN setup, installation, configuration and troubleshooting.
- Solid understanding of OSI and TCP/IP model.
- Experience in troubleshooting, implementing of static and dynamic routing protocols such as IGRP, EIGRP, OSPF, RIP and IS-IS, EGP protocols such as BGP.
- Strong Knowledge in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay.
- Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP and ping concepts.
- Hands on experience in setting up enterprise level Wi-Fi Networks and IP telephones.
- Good knowledge in configuring redundancy protocols like HSRP, VRRP.
- Good knowledge in IP services like DHCP, DNS, and ARP.
- Good knowledge in configuring Site-to-site IPSec, and Remote SSL VPN on router IOS platforms and firewalls.
- Implemented IPv4 migration to IPv6 (NAT-PT, Tunneling, etc.).
- Performed backup of device configuration by using TFTP server and ARCSERVE tape backup.
- Managed firewall policies that employ NAT, application layer gateways, and policy-based VPNs.
- Hands on experience in switching concepts VTP, STP, port aggregation, stacking and VLAN’s.
- Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
- Has done the Configuration on BIG IP (F5) Load balancers and also monitored the Packet Flow in the load balancers.
- Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
- Strong hands on experience on PIX Firewalls, ASA Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
- Extensive experience using Microsoft suite like Word, Visio, Excel, PowerPoint.
- Experienced in troubleshooting various network related problems by using sniffing tools.
- Experience on Monitoring tools like Wire shark, Solar winds, TCP Dump, Nagios, Open NMS, PRTG, Remedy, OPNet, VMware, Riverbed, SNMPv2, SNMPv3.
- Developed Perl and Shell scripts for upload of data feed into database.
- Familiar with 802.11 a/b/g and 802.1 Q standards and RF technology.
- Strong written and verbal communication skills, self-motivated, self-managed, result oriented, practical, always looking to learn and contribute.
- Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills.
Switches: Cisco Nexus 7K, 5K, and 2K, Catalyst 6500, 4500, 3850, 3650, 2900Juniper EX 2200, 4550, and EX 4600
Routers: Cisco (ASR 9k, 1000, 7200 VXR, ISR 4000, 3900, and 3800) Juniper (ACX 500, ACX 1000, PTX 1000)
Firewalls: Cisco (ASA 5510, 5520, 5540), Fortinet (3040B, 900D), Palo Alto (PA3020, PA3050, PA 3060), Juniper SRX and Net screen PIX, Watch guard, ASDM, CSM, Checkpoint
Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400, F5 APM, Citrix Net scalarF5 GTM
LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, 10G, Token ringVLAN, VTP, Inter-VLAN routing, STP, RSTP, PVST, 802.1x
WAN technologies: Frame relay, ISDN T1/E1, PPP, ATM, MPLS, Channel & Leasedlines, DSL modems.
IP Telephony: VOIP, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager Express.
Carrier Technologies: MPLS, MPLS-VPN
Switching protocols: VTP, STP, RSTP, PVSTP, PAGP, and LACP
Routing Protocols: RIP, OSPF, EIGRP, BGP
Security Protocols: IKE, IPSec, SSL, AAA, Access-lists, NAT/PAT, prefix-lists.
Redundancy Protocols: HSRP, VRRP, GLBP
Network Management: Wire shark, SNMP, Solar winds, HP Open view. Q radar, TCP dump
McAfee: SIEM, SSH, TELNET, SSL, ICMP
Operating Systems: Windows Vista/XP/NT/2003, MS DOS, UNIX, Linux
Infrastructure Service: DHCP, DNS, SMTP, POP3, FTP, TFTP
Ticketing tools: CA service desk, Remedy, JIRA, Service Now
Confidential. Church, VA
- Provides support for existing network technologies/services & integration of new network technologies/services.
- Frontline support for network related issues.
- Resolving network performance and connectivity issues on the wireless and wired network.
- Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
- Experience with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP.
- Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
- Experience working with Nexus 7010, 7018, 5020, 2148, 2248 devices.
- Configured, installed, &managed DHCP, DNS, & WINS servers
- Implement and configured VRRP/GLBP (on distro/core switching), Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in network environment.
- Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
- Convert Campus WAN links from point to point to MPLS and to convert encryption from IPSec/GRE to Get VPN.
- Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls, Fortinet.
- Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
- Performing network monitoring, providing analysis using various tools like TUFIN, Fortinet, Firemon, Riverbed, Solar winds and Syslog.
- Proficiency in configuring Cisco ASA 5540, 5580, AAA authentication, Palo Alto Firewall
- Managed F5 BigIP LTM appliances to load balance server traffic in critical serval access silos.
- Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
- Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
- Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-Trunking, deployed port security when possible for user ports.
- Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
- Experience with configuring BGP in the data center and also using BGP as a WAN protocol and manipulating BGP attributes.
- Experience with design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000.
- Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010.
- Integrated the Cisco Unified Wireless IP Phones (792X series) with Cisco Unified Communications Manager and Cisco Unified Communications Manager Express using IEEE 802.11 over a Cisco access point.
- Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
- Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, Tuning (Configuration), make standardization for the topology.
Environment: Nexus 2K/5K/7K, F5 Big-IP LTM-6400 load balancer, Checkpoint R75, Cisco ASA 5500 LAN, WAN, HSRP, RIP, OSPF, BGP, EIGRP, VLAN, MPLS, STP, RSTP, TUFIN and Fortinet.
Confidential, St. Louis, MO
Network Security Engineer
- Responsible for maintaining and ensuring the proper functioning of all network devices (i.e. Juniper routers/switches, Cisco Routers/Switches, Juniper Netscreen firewalls, Cisco ASA firewalls, and load balancers (LTM)).
- Configured and provided support for Cisco ASA firewall and FWSM modules.
- Configured and provided support for juniper Net screen firewalls.
- Have performed extensive server deployments, including File/Print, SQL, Application, WWW/FTP servers, Terminal Servers and Domain Controllers.
- Migration of network connections from unsecured connections to secured connections.
- Configuration and support for OSPF and BGP protocols on routers.
- Configured site-to-site VPN connection for each major office.
- Configured SSL VPN connections for third parties connecting to client offices.
- Works closely with international carriers and local admins for troubleshooting the network.
- Build Check Point Security Gateways and Cisco ASA Firewalls from Ground.
- Perform Check Point Security Gateway Upgrades including VSX environment with Virtual firewalls.
- Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
- Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
- In depth knowledge of Cisco ASR 9k, MPLS, IS-IS, OSPF, MP-BGP, VRFs and Multicasting.
- Experience on Multicast in a campus network by using IGMP and CGMP on Catalyst switches.
- Experience converting Cat OS to Cisco IOS on the Cisco 6500 switches.
- Installation, Configuration and Administration of ADS, DNS, DHCP and Web proxy (ISA) server.
- Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, building Fortigate High Availability using Fortigate Clustering Protocol (FGCP).
- Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
- Managed the F5 Big IP GTM/LTM appliances to include writing I Rules, SSL offload and everyday task of creating WIP and VIPs.
- Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).
- Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
- Performing vulnerability assessments and checks for patch & anti-virus.
- Installation of Cisco ASA 5500 series firewalls, Cisco 3500, 4500, 6500 series switches.
- Provisioned and troubleshoot HLR, VLR, SGSN/GGSN registrations, and IP address assignment, DHCP services, Domestic/Roaming GSM/GPRS, Wi-Fi, Voice Mail and features.
- Installed and maintained routers and switches in various network configuration supported VLANs, QOS, VoIP and advanced access-Lists.
- Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).
- Responsible for Check Point, Cisco ASA and Palo-Alto firewalls configuration and administration across global networks.
Environment: LAN, WAN, Cisco 7200, Juniper ACX 1000, PTX 3000, Juniper Netscreen, Cisco ASA, Bluecoat Proxy, Cisco catalyst 6509, 4510, 4506, 2900 series switches, IPSec VPN, SSL VPN, Site-Site VPN, Access-Lists, and NAT.
- Analyzed logs in Syslog server generated by IDS, IPS, firewall, router and switch devices.
- Worked on troubleshooting network security issues related to address translations, connectivity, application access, routing issues, and low latency networking.
- Worked on incidents/changes/Problems and provided resolution with in SLA time frame.
- Configured & maintained IPSec VPN in Cisco ASA, Palo Alto firewalls.
- Worked on Change Control tickets, prepared knowledge base for all the incidents, change and problems resolved.
- Implemented TACACS+ for administering user accounts.
- Managed the Internet and intranet firewalls (Cisco ASA 5520 and 5550), F5, Net IP, ASM.
- Managed third party connections using Cisco ASA 5520, 5550 and Palo Alto firewalls.
- Create and test Cisco router and switching operations using OSPF routing protocol.
- Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
- Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
- Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
- Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
- Implemented various EX, SRX & J series Juniper devices.
- Experience in adding firewall rules, Network address Translation and also in creating multiple security contexts (virtual firewalls).
- Maintained a Network with more than 600 Network devices, some 25,000 end hosts, and the other Network devices like DHCP, DNS servers, Firewall servers.
- Dealt with monitoring tools like (Solar Winds, Cisco Works), network packet capture tools like Wire shark.
- Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, F5 Load Balancer.
- Configured VLANs, Private VLANs, VTP and Trunking on switches.
- Performed switching technology administration including VLANS, inter-VLAN routing, and Trunking & Ether- channel.
- Responsible for managing & operations of Cisco 2600 series, 2800 series router, as well as 2900 series, 3500 series Cisco switches.
- Configured STP for loop prevention and VTP for Inter-VLAN Routing.
- Configured 802.1 x authentications in switch ports.
- Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
- Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
- Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
- Used TFTP server to backup Cisco configuration files.
- Implementation of TCP/IP & related Services-DHCP/DNS/WINS.
- Provided technical support on hardware and software to remote production sites.
- Implemented static routing, routing protocols (OSPF, and BGP), switching (VLANS, VTP Domains, STP, and Trunking).
- Implemented migration project of updating Cisco ASA firewalls to Fortinet firewalls.