PROFESSIONAL SUMMARY:

• Cisco Certified Network engineer having 6 years of experience in configuration, troubleshooting and maintaining security is seeking to work with the progressive organization where I can utilize my experience to achieve corporate goals.
• Proficient with network hardware and technologies including routers, switches, firewalls, Ethernet, Fast Ethernet and Gigabit Ethernet.
• Assisted in setting up and configuring the infrastructure environment with Cisco equipment and ASA.
• Good at troubleshooting of NAT, PAT, DNS, DHCP and other IP conflict problems.
• Strong knowledge in configuration of Spanning Tree Protocol(STP), Per VLAN Spanning Tree(PVST), Rapid STP(RSTP) and Rapid per VLAN Spanning Tree Protocol(PVST+).
• Strong knowledge in troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as RIPv2, EIGRP, OSPF and BGP.
• Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 7k, 5K, 2K series, Cisco router models like 12k, 10k, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Experience in working with Cisco routers, switches and access points.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Protocols Awareness: OSPF, EIGRP, RIP, BGP, HSRP, ACL, VTP, NAT/PAT, CDP, SSH, HTTP, HTTPS, NTP, SNMP, ARP, STP (802.1D), SNMP, DNS & DHCP.
• Experience Knowledge of Redistribution of routing protocols and HSRP implementation on routers.
• Hands on experience on Checkpoint Firewalls, ASA (5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS). network
• Experience in Configuring BGP/OSPF routing policies and designs
• Extensive knowledge On juniper M, MX and T-series router
• Experience in Automation Using perl and python
• Hands-on experience of working on ALU 7705 SAR / 7750 SR, Cisco 2941 MWR/7609, ALU 7670 RSP, Tellabs 8860 and Ericsson equipment.
• Working knowledge of transport connectivity such as T1, CAT5&6 Ethernet, DS1, DS3, Fiber, OC3 and OC12, OC48.
• Troubleshooting of Enterprise application response problems & connectivity issues
• Troubleshooting problems related to firewalls, Different desktop VPN connectivity issues.
• Expertise in implementation and troubleshooting of protocols such as STP, RSTP, PVST, HSRP and VRRP.
• Expertise working on security policies likes NAT, PAT, VPN, Route-maps and Access Control Lists.
• Configuring and troubleshooting ASA and Checkpoint firewall (Basics).
• Providing daily Palo-Alto administration.
• Making reports on network productivity, plans and issues on management.
• Configuring, maintaining and troubleshooting LAN/ WAN modems.
• Involved in planning and implementing Firewalls other networking equipment.
• Ensuring the smooth working of network.
• Maintain and Configure Firewalls like Palo Alto (PA-3k, PA-5k), Cisco ASA 55XX.
• Configuring Policies in Palo Alto Firewalls & Analysis.
• Worked on Centralized management system to manage large scale firewall using Panorama
• Implemented application based policy and URL filtering, Threat prevention, Data filtering policies (Palo Alto, Cisco ASA).
• Manager Cisco ISE 1.4 and 2.0. ( Policy, Certificate, Check Logs for troubleshoot).
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication
• Configuration and Integration of Cisco Identity Services Engine (ISE) 2
• Consisted of ISE Deployment, Authentication with Active Directory.
• Assessed, Designed, Implemented and Configured Cisco Identity Services Engine (ISE v1.3)
• Cisco ISE implementation for 802.1x authentication.
• Cisco ASA deployment and configuration for nationwide VPN connectivity to business partners.
• Established IPsec-VPN tunnels with ASA firewalls between branch offices and headquarters.
• Efficient in Implemented security authentication using TACACS+ & RADIUS.
• Maintain and administer firewalls: Palo Alto, Cisco ASA.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
• Knowledge and hands on experience use of Network Monitoring Tool.

TECHNICAL SKILLS:

Routers: Cisco 7600, 7500, 7200, 4331, 3800, 3600, 2800, 2600, 2500, 1700

Switches: Cisco Catalyst 2960, 3560, 3650, 3850, 4500, 6500

Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP, SIP, H.323 voice gateways, LADP, LACP and Static routing.

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, VLAN, PVLAN and Optimized STP.

Firewall: Cisco ASA, Palo Alto Firewall.

LAN and WAN Technologies: Port channels, Ethernet, 802.1Q, HDLC, PPP, Frame Relay, VPNs channel, Cisco CUCM Ver. 10.5.2

Network Simulators: Cisco packet Tracer, GNS3, Putty, Wireshark

Authentication tool: Cisco ISE 1.4/ 2.x, Cisco Any connect

PROFESSIONAL EXPERIENCE:

Confidential, Dallas, TX

Network Data/ Security Engineer

Responsibilities:

• Configuring and troubleshooting link state routing protocols in multiple domains.
• Configured and managed Cisco access layer routers and switches.
• Performed STP for loop prevention and VTP for Inter- VLAN Routing.
• Establishing peer-ship with BGP protocol with the help of MPLS.
• Have experience working on ASDM for configuring and managing Cisco ASA.
• Configuring and installing DHCP server
• Configured and maintained Palo Alto Network firewalls
• Experienced in handling Panorama firewall management tool to administer Palo firewalls
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Well experienced in configuring and troubleshooting of Palo Alto, and their implementation.
• Experience in site-to-site and remote access VPN solutions.
• Configured and maintained IPSEC VPN's on Palo Alto Firewalls.
• Exposure to wild fire advance malware detection using IPS feature of Palo Alto.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Responsible for Cisco ASA Firewall administration across our global networks.
• Support customer with the configurations and maintenance of ASA Firewall systems.
• Configured VLAN trunking Palo Alto with interface.
• Implementation and maintenance of Cisco Application Control Engine (ACE).
• Configure Voice Gateways using the H323, SIP, and MGCP Protocols.
• Assisting in configuring Palo Alto firewall interface and implementing site-to-site VPN.
• Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding.
• Implementing number of security policy rules and NAT rules on Palo-Alto.
• Palo Alto SSL decryption installation and configuration on PA 3060,5060, and 7050.
• Installation and manager Cisco ISE 1.4 and 2.0.
• Design, installation and support of Cisco ISE, Identity Services Engine for use in Wireless environment and with LAN connected devices for 802.1x NAC authentication.
• Configured Cisco ISE for Wireless 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls
• Configured and Implemented Cisco Identity Services Engine (ISE) with connectivity to Microsoft Active directory for Authentication including Certificate Based Authentication.
• Provided client with options for further growth with the Cisco Bring Your Own Device (BYOD) campaign.
• Implemented and supported Cisco Identity Services Engine (ISE) with the Cisco ASA 5500 series for VPN connectivity.
• Redesign LAN infrastructure for various sites and perform configuration, installation and implementation.
• Responsible for maintenance and utilization of HSRP, VTP of the switched multi-layer backbone with catalyst switches.
• Implemented and configured routing protocols like EIGRP, OSPF and BGP.
• Maintained 2821/2921 Routers. Implemented T-1 circuits between corporate headquarters and remote locations.
• Experience in managing WANs as well as site-to-site and end-user's VPN
• Work with the following routing/switching protocols: BGP, OSPF, EIGRP, LDP, HSRP, VRRP, GLBP, VTP, 802.1d, 802.1q, ISL, VLAN's and Port-Channels.
• Verify the UDP ports are enabled on the customer firewall in case of shared backhaul connectivity for the internet traffic.
• Experienced in designing, implementing LAN/WAN configurations on Cisco 5K, catalyst 6500 switches.
• Managing cisco ISE Guest portal for entire Confidential, Inc.
• Create policy for different user to manager internet access.
• Adding BYOD device on ISE and manage policy as per requirement.
• Knowledge about authentication protocol EAP, PEAP.
• Install Certificate (Sha1 / Sha2) on ISE server for security reason.
• Blocking unauthorized IPs at the border of the web hosting firewalls.
• Implemented network security including NAT/PAT, ACL, VPN on Cisco ASA
• Involved in solving the IP conflict problems and troubleshooting of DHCP.
• Ensuring network connectivity and diagnosing the network issue with the help of monitoring tool such Wireshark.

Confidential, Camden, NJ

Network Data/ Security Engineer

Responsibilities:

• Configuring routing protocols such as RIP, OSPF, EIGRP, MPLS, static routing and policy based routing on cisco routers.
• Implementing ether channels with LACP and PAGP with troubleshooting of inter-VLAN routing.
• Performed troubleshooting on link state protocol like OSPF in single and multiple areas.
• Performed administrative support for OSPF routing protocols.
• Good knowledge in backup and restore Palo Alto and Cisco ASA Firewall Policies.
• Worked to provide intranet VPN solution using Cisco 2621 and IP Sec Tunnelling.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Configured ACLs to allow only authorized users to access service.
• Assisting in adding security rules and pushing the security policy on checkpoint.
• Worked on Cisco ASDM for implementing VPN on Cisco ASA firewall.
• Experienced in implementing and have knowledge in troubleshooting protocols and technologies in: BGP4, OSPF, IPv4 and Ethernet.
• Very good Knowledge of networking principles including TCP/IP protocol and IPV4.
• Responsible for maintaining Cisco Adaptive Security Appliances (ASA firewall) for LAN, WAN and Internet connectivity.

Confidential

Network Engineer

Responsibilities:

• Configuring large scale network environment using routing protocol OSPF, EIGRP and BGP with implementing Access Control List (ACL).
• Responsible for performing administration on BGP, OSPF routing protocols.
• Implemented the network designs including WAN, LAN, MPLS.
• Worked on supporting EIGRP and BGP for problems of L2/L3.
• Configured trunk groups, ether channels and spanning tree for planning Access and core layer switching architecture.
• Configured MD5 authentication for OSPF/BGP and TTL security for BGP.
• Configuring VLANs with 802.1q tagging.
• Worked on configuration of OSPF Summarization.
• Involved in network designing and routing.
• Configuring RIP and EIGRP on 2600, 2900 and 3600 series Cisco routers.
• Worked on LAN technologies: Inter- VLAN routing, VTP, STP and RSTP.
• Implemented route redistribution between OSPF and EIGRP.
• Implemented NAT with a pool of public IP addresses.
• Designed ACLs and VLANs.
• Access switch management configuring appropriate VLANS add move or changes.
• Configured OSPF and troubleshooting OSPF as internal Routing Protocol.
• Knowledge in installing PBX system and VoIP troubleshooting.
• Implementing sub-netting (VLSM) to conserve IP addresses.
• Have assisted in building SIP trunk and VoIP debugging and troubleshooting.
• Troubleshooting IP addressing and taking backup of the configuration on the switches and routers.
• Testing for network connectivity before and after installing or upgrading.
• Worked on physical cabling and Wide Area Network configuration while maintaining trouble ticket tracking.
• Responsible for making and maintaining documentations of network systems.
• Upgrading used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Worked on STP and VTP switching technologies.
• Troubleshooting BGP/OSPF routing issues.
• Troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.