We provide IT Staff Augmentation Services!

Principal Network Engineer Resume

Southborough, MA

SUMMARY:

  • Twelve (12) years of experience in Network Engineering and Systems Administration.
  • Over Eight (8) years of Hands on Experience in various NAC Products - Confidential NAC, ISE (Identity Service Engine) and Forescout CounterACT NAC Solutions
  • Expertise in Confidential Wireless LAN Solutions and Security PEAP/WPA, LEAP/WEP.
  • Expertise in Radius Solutions Confidential ACS, Juniper Steel Belt, Radiator and Confidential ISE RADIUS & TACACS.
  • Five (5) years Hands on Experience in Installation and configuration of VMware ESXi 4.2/5.1/5.5/6 Environments, VMware VSphere, VMware Workstation 8, VMware view, Virtual Desktop Interface.
  • Five (5) years of F5 Load Balancer Hands on Experience in Deploying and Operational support.
  • Over five (5) years of Hands on Experience in Installation and Configuration of Checkpoint Firewall UTM Series and Virtual Checkpoint Firewalls - Firewall, Application & URL Filtering blades.
  • Management of Checkpoint Firewall Clusters from Central Management (CMA) and Service Provider interfaces.
  • Hands on Experience in installation and configuration of NetOptics and Gigamon TAPs for traffic capture and feeding into Network monitoring tools.
  • Hands on Experience with Confidential Wireless Control System (WCS), Confidential Network Control system (NCS) v1.1/1.2 and Confidential Prime Infrastructure v2.1/2.2/3.
  • Good knowledge in Confidential Web Filtering (WSA) & EMAIL (ESA) filtering technologies using Confidential IRON PORTS.
  • Hands on Experience in implementing and deploying Confidential Iron Ports - Web Security Appliance 7.7/7.7/8.0 and WCCP proxy web redirection on Confidential 6500 Switches.
  • Hands on Experience on deploying solutions for MDM (Mobile Device Management) using AirWatch and XenMobile.
  • Enterprise deployments in Confidential Unified Communications Cluster and Contact Center infrastructure Operations related to Confidential Call Manager, UCCX, UCCE, Unity Connection, Presence and CER.
  • Hands on experience on installations, Configuration, administration and Maintenance of Microsoft Windows 2003 and Windows 2008 Standard, Enterprise Servers and Small Business Servers and Latest Windows 2012 Servers
  • Hand on experience in configuring VPN Server (Routing & Remote access) DNS and DHCP servers on Windows 2003 and 2008 Standard R2 and Enterprise Server and Confidential ASA 5500s
  • Expert Hand-on-Experience in configuring 802.1x supplicant (Native Supplicant, Confidential AnyConnect Supplicant & Secure W2 client supplicant) configuration on various End Client Devices-Windows, Apple Macintosh and Linux platforms.
  • Expertise in planning, design, Cost Analysis, BOMs validation, SOWs.
  • Good Knowledge about ITIL and Data Security Laws and Regulations such as SOX (Sarbanes-Oxley Act) and the Peripheral Component Interconnect and Payment Card Industry (PCI) Networks and HIPPA Standards.

TECHNICAL SKILLS:

  • Checkpoint, and Sophos Firewall Solutions
  • Web/EMAIL Security (WSA/ESA) Solutions
  • RSA 2 Factor Management Solutions
  • F5 Load Balancer Solutions
  • Virtualization Technologies with VMware ESXi and Confidential Storage Technologies.
  • McAfee ePO and AV Solutions
  • BigDATA Analytics (SIEM - Splunk, ArcSight)

PROFESSIONAL EXPERIENCE:

Confidential, Southborough, MA

Principal Network Engineer

Responsibilities:

  • Working as Principal Network Engineer in planning and designing our Clients global network for Network Access Solution.
  • Designed, Implemented and Maintenance of Forescout CounterACT NAC Solution across Wireless, SSL-VPN and Wired Networks.
  • Worked extensively on policy design and implementation for NAC solution and integrated NAC with various Network infrastructures for successful deployment of NAC solution.
  • Designed and Implementation of 802.1x Wired User Authentication using Juniper Steel Belted RADIUS Servers across two Domains.
  • Designed & Deployed Confidential ISE 1.2/1.3/2.0 for Enterprise RADIUS Authentication with Active Directory, RSA SecurID, Proxy Radius Services to Confidential ACS, Juniper Steel Belted Radius and Radiator Radius.
  • Configuration & Maintenance of Confidential ISE for Certificate based authentication for BYOD and Corporate Mobile Device Authentication using Xenmobile MDM and AirWatch MDM and SAP Afaria MDM Mobile Device Management) Solutions
  • Worked extensively on Confidential Catalyst Switch 6500s, 4500s, 3750, Nexus 7000s, and Confidential ISE 3300 Appliances and 1.0.4/1.1/1.2/1.3/1.4 and 2.0 Confidential ISE on VMware’s.
  • Provided comprehensive guest access management for Confidential ISE administrators, sanctioned sponsor administrators using BYOD & Guest Management Portal Configuration.
  • Endpoint compliance by providing comprehensive client provisioning measures and assessing the device posture for all endpoints that access the network, including 802.1X environments.
  • Experience in configuration of Confidential Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC., etc.
  • Pilot Testing on advanced enforcement capabilities including TrustSec through the use of Security Group Tags (SGTs) and Security Group Access Control Lists (SGACLs)
  • Hands on Experience in Installation and Configuration of Checkpoint Firewall UTM Series, NGX Series Nokia Appliances and Virtual Checkpoint Firewalls and management of network security policies which includes Firewall Rule policies, Application & URL Filtering.
  • Management of Checkpoint Firewall Clusters from Central Management (CMA) and Service Provider interfaces.
  • Configured Confidential ISE for Domain Integration and Active Directory Integration.
  • Configured Confidential ASA 5510 for VPN Network Access Control integration with Confidential ISE (Inline PEPs).
  • Configured and performed software upgrades on Confidential Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Confidential ISE.
  • Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Confidential ISE and AD mapping with various attributes and levels of authorizations and Network Access.
  • Configuration of Confidential IP phones (7900s, 6961s, 9900s) for device profiling and Confidential Call Manager phone registration via Confidential ISE, Printer Profiling, Mobile device profiling etc.,
  • Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, Applying downloadable ACLs through Confidential ISE, and Configuring Standard and Extended ACLs.
  • IP addressing and design schemas for a variety of IP Pools using DHCP scope or local IP pools for NAC Controls.
  • Design for Guest Network and Mobile Access Network for NAC Solution, comprising of an Anchor Wireless LAN Controller solution in DMZs/Internet Gateways with ForeScout CounterAct NAC Appliances for NAC.
  • Involved in finalizing the design for Corporate Wireless Network Access for NAC Solution, comprising of ForeScout CounterAct NAC Appliances in all WAN Consolidation Points, and Data Centers.
  • Worked extensively on Network Traffic SPANS and TAPS for monitoring Network traffic, and Virtual Firewall ACL rules and policies in CounterAct NAC Appliances for Network Access Controls.
  • Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies and Rules for Checking the devices coming onto Network, Remediation Process, Access and Controls, and Segmenting the Global Networks for NAC Solutions for both Confidential and Forescout NAC Appliances.
  • Expert Hand-on-Experience in configuring 802.1x supplicant (Native Supplicant, Confidential AnyConnect Supplicant & Secure W2 client supplicant) configuration on various End Client Devices-Windows, Apple Macintosh and Linux platforms.
  • 802.1x Authentication for User Authentication and Machine Authentication with Microsoft Active Directory involving multiple Domains and Active Directory with machine and user objects, and with different Organizational Units,
  • Active Directory group policy objects configuration and processing for 802 1x EAP(PEAP)-TLS Protocols for installing certificates and configuring supplicants
  • Actively worked alongside with ForeScout Team for setting up the CounterAct NAC Appliances for design build out sessions, POC, and for Production Deployments.
  • HTML Coding and Webpage development and SAP BI Programming for Big Data Analysis
  • Worked extensively on designing PKI Infrastructure for EAP-TLS Protocol using certificate based authentication.
  • Hands on Configuration to RSA Certificate Authority Server for ROOT/Intermediate Issuance of certificates, securing the certificate exportability.
  • Configured Wireless networks on WLC 5508 series Wireless LAN Controller and management using Confidential WCS, NCS and Confidential Prime Infrastructure.
  • Configured and deployed Confidential Iron Ports - Web Security Appliance 7.7/7.7/8.0 and WCCP proxy web redirection on Confidential 6500 Switches.
  • Deployment of virtual Confidential Web Security Appliance on Confidential ASA and Confidential Email security appliance 8.0.5.
  • Extensively worked on Microsoft Certificate Authority Server for ROOT/Intermediate Issuance of certificates, securing the certificate exportability.
  • Configuration of Android & iOS Mobile devices for supplicant Certificate based authentication.
  • MS SQL Database administration and MySQL DB for JAMF Casper and CounterACT Control Fabric Technologies.
  • Confidential CUCM 8.6/10.5/11.5 (Publisher & Subscriber), Confidential Unity Connection 11.5 (Voice Messaging), Confidential Unified Contact Center Express 10.6 (UCCX), Confidential Unified Presence Server 11.5 (Instant Messaging and Presence), CUPS 11.5, Confidential Unity Express CUE 8.6.4
  • Enterprise deployments in UC Cluster and Contact Center infrastructure Operations related to Confidential Call Manager, UCCX, UCCE, Unity Connection, Presence and CER
  • Contact Center and CUCMs Clusters Installation and Upgrades, Prime Collaboration and CVP/UCCX/UCCE, and other unified messaging applications integration, solutions and services
  • Experience in installing SQL 2005 Database server and Internet Information Server (IIS) 6.0 on Windows 2003 and Internet Information Server (IIS) 7.5 on Windows 2008 Server.
  • Installed SAP R/3 4.7 and ECC 6.0 Systems, performance tuning and monitoring of the SAP (4.7, ECC 6.0) on Oracle 10g as the database.
  • Provided support in Up-gradation from 4.6C to ECC 6.0 and Post upgrade activities. Performed User Administration (Creating & maintaining SAP users) and assigning authorizations to users, lock /unlock users.
  • Supported R/3 modules: CO, BC, BW, WM, FI, MM, PP, SD SCM: DP, SNP. Installed SAP router and created route permission reports on USER and ROLE violation with and without exclusion.
  • Configured RSA SecurID authentication manager 8.x for Two Factor 8021x Authentication, On-Demand & Risk Based Authentications.
  • Hands on Experience in configuring McAfee ePOLICY ORCHESTRA (ePO) and McAfee Suite.

Confidential, San Jose, CA

Network Engineer Consultant

Responsibilities:

  • Worked as ISE Network Engineer in planning and designing Confidential ISE 1.3 Deployment for Confidential Internal Wireless Connectivity (Blizzard & Hurricane).
  • Worked extensively on policy design and implementation for ISE solution various Network infrastructures for successful wireless, extranet and VPN Connectivity.
  • Configuration & Maintenance of Confidential ISE for Certificate based authentication for BYOD and Corporate Mobile Device Authentication using SAP Afaria MDM
  • Authentication, authorization, accounting (AAA), posture, and profiler configuration and implementation using Confidential ISE 1.1/1.2/1.3.
  • Provided comprehensive support for guest access management for Confidential ISE administrators, sanctioned sponsor administrators using BYOD & Guest Management Portal Configuration.
  • Authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies.
  • Experience in configuration of Confidential Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC., etc.
  • Expert Hand-on-Experience in configuring 802.1x supplicant (Native Supplicant, Confidential AnyConnect Supplicant & Secure W2 client supplicant) configuration on various End Client Devices-Windows, Apple Macintosh and Linux platforms.
  • Confidential ISE for Domain Integration and Active Directory Integration for 8021x authentication for Confidential ’s Internal IT Wireless Networks.
  • 802.1x Authentication for User Authentication and Machine Authentication with Microsoft Active Directory involving multiple Domains and Active Directory with machine and user objects, and with different Organizational Units,
  • Active Directory group policy objects configuration and processing for 802 1x EAP(PEAP)-TLS Protocols for installing certificates and configuring supplicants

Confidential - Braintree, MA

Network Security Consultant

Responsibilities:

  • Performed as a Network Security Engineer in fine tuning the ForeScout CounterACT NAC Deployment.
  • Provided Best Practice consulting services for deploying ForeScout CounterACT in securing the IT Infrastructure.
  • Provided services in deploying the Guest Network access using ForeScout CounterACT Guest Management for their Wireless and Wired Infrastructure.
  • Fine-tuned NAC policies for the Wired Deployment and Posture Compliance on all Corporate Devices.
  • Used Threat Prevention Feature in Forescout to run daily vulnerability scans and remediate the identified systems.
  • Design and deploy Confidential ACS for Radius Authentication for Wireless & VPN Deployment
  • Network design and deployment as for HIPAA standards

Confidential, Benton Harbor, MI

Network Architect

Responsibilities:

  • Performed as a Network Engineer in planning and designing Confidential ’s major network refresh and redesign of their global network.
  • Designing and configuration of Local Area Networks consisting of Confidential Catalyst Switches 6509E, 4500s, 3750, 3560 Wired Switches, Wide Area Networks consisting of Confidential Routers, 3900s, 2951s, and Wireless LAN Networks using controllers of Confidential 5508s with Confidential APs 3502Es
  • Planning, Design and configuration of Firewalls ASA 5580 with software version 8.0
  • Working closely with Confidential and Confidential Global Network teams for Cost Analysis planning and Bill of materials (BOMs) build and the High Level Design templates and Network drawings.
  • Analysis of the current environment and also recommending a proposed network solutions for Confidential ’s Global regions - EMEA, NAR, LAR, APAC, LAR.
  • Generated CDP discovery output in Excel, Region-wise site summary for users/network devices (with A/B/C categorization) in the Excel for Local Area Networks (LAN), Wide Area Networks (WAN) and Wireless LAN Network WLAN).
  • Standard Netformx Templates and sample drawings provided initially for EMEA/NAR/LAR/AR sites (for A/B/C types) for Cost Analysis and Bill of materials (BOMs) generation.
  • Provided guidelines for creating the A/B/C types of their Global Networks and generated the Visio and BoMs (using NX/DX)
  • Planned for Confidential IPS 4200 Systems.
  • Extensively utilized the Network Design Tools Netformx/Designxpert, Visio, and Excel for creating the required output, and WebEx Connect shared space.
  • Worked with Netformx tool for capturing and analyzing an accurate baseline of existing IP and SNMP devices in the networks.

Confidential, Chicago IL

Sr. Network Engineer

Responsibilities:

  • Performing as a NAC Engineer in leading the Confidential Network Admission Control (NAC) Guest Server Project
  • Confidential Network Admission Control (NAC) Layer 3 OOB Wired NAC implementation Planning, Design, and Deployment Services for the Verizon Customer New Meadowlands Stadium LLC.
  • NAC Readiness Assessment, Planning and Design, Design Build-out Sessions, Phased NAC Deployment (Phase 1 - Pilot, Phase 2 - Production, Phase 3 - Optimization and Knowledge Transfer)
  • Review Customer’s network topology, Bill of Materials (BOM) validation, Cost Analysis and selected Customer device models/code versions, Gather and review Customer’s policies and procedures
  • High-level Designing and Low Level Designing of NAC Network Design for Global Network based in EMEA, NAR and APAC and coordination with global teams in delivering the proposed solution successfully.
  • Provided leadership and Project management in gathering requirements, review requirements, readiness assessment and confirmation, task planning, implementation, testing and deployment of Confidential NAC Guest Server Unified Wireless Solution consisting of Confidential Wireless LAN Controllers 4400 & 5500s.
  • Planned and provided the captive portal and enforcement point for guest access alongside Confidential NAC Appliance.
  • Guest Services via the Lobby Ambassador and NAC’s Guest Server planned out and configured for Sponsor Authentication.
  • Installed and configured hardware for Wireless Deployment using Confidential Wireless LAN Controllers (WLCs) 4400 and 5500 Series with software version 6.0 and 4.0 and Confidential Wireless Control System 5.2 and 6.0
  • Installed and configured the High Availability redundancy pairs for Confidential Wireless LAN controllers and NAC Guest Servers for load balancing and failover services over the L2TP tunnel across the secure internet gateways of private MPLS WAN.
  • Reconfigured Wireless LAN Controllers mobility groups so that they include the new ‘Guest Networks’ SSIDs.
  • Configured Wireless LAN Controller Interfaces, WLANs, RADIUS attributes, AAA Server configuration for wireless network connections, SNMP Settings and SNMP Community setting for Trap controls.
  • Configured Mobility groups for Anchor and Foreign Wireless LAN Controller Functionality for Layer 2 functionalist using Ethernet over IP (EoIP) tunnel establishment over Layer 3 routing.
  • Installed and Configured NAC Guest Server and Integrated with the Wireless LAN Controllers for Unified Wireless Guest Network Access over the enterprise networks.
  • Configured and integrated ACS Server with NAC Guest Servers and Wireless LAN Controllers for RADIUS Authentications and Lobby Ambassador features.
  • Provided support on Firewall configuration for policy rules on NAC Appliances with Confidential ASAs 5500s and PIX 500s firewalls.
  • Hands on Experience in Installing and configuring Confidential ACS 4.2/5.3 for 802.1x, TACACS and RADIUS (AAA) Authentications.
  • Configured Confidential ACS 5.x for user authentication with External Database as Active Directory.
  • Experience in configuration of Confidential Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC., etc.
  • Firewall Port openings and ACLs configuration on Confidential ASA 5500s.
  • Documentation the entire deployment notes and policy sets.
  • Conducted workshop training for end user employees and provided helpdesk training and facilitated the handover of NAC Project to the Verizon managed services provider.
  • Setup of a Customer’s Confidential NAC appliance manager, NAC appliance Server, and NAC Profiler with an initial high availability (HA) configuration.
  • Configure appropriate policy to allow required UDP/TCP traffic under unauthenticated to support Active Directory (AD) Single Sign-on
  • Setup a functional NAC Layer 3 OOB, VPN Network environment. The design will consist of NAC Manager, NAC Server, NAC Profiler with support for two (2) Customer VRF network environments, Corp and POS, with Layer 3 OOB in-scope and NAC Profiler
  • Development of test plans and success criteria to support the Customer’s Layer 3 OOB and NAC Profiler deployment
  • Configure Customer’s NAC Appliance General setup for Web and Agent Login for Customer’s employee roles by operating system (Windows OS)
  • Configure Customer’s NAC appliance Rules and Requirements per Customer security policy.
  • Setup Employee checks for Customer AV, Check for Customer AV definitions (less than 7 days, this can be changed by customer policy)
  • Configure or provide Customer information to configure (based on Customer preference) Active Directory Domain Controller/Controllers, the service account and procedure to run KTPASS utility to allow CCA/AD single-sign on
  • Configure one new Active Directory SSO Server on the Clean Access Manager and assign that to the Employee Role
  • Configure or provide Customer information to configure (based on Customer preference) Customer’s Confidential ACS, the parameters to add the Customer’s Confidential NAC Appliances as Radius Accounting Servers, if applicable
  • Configure Customer’s primary NAC appliance Server/Servers (Layer 3 OOB CAS) under authentication/Windows Authentication, the AD Server Configuration for an AD environment and enable Agent based Windows Single Sign-on with AD (Kerberos)
  • Experience in configuration of Confidential Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC., etc.
  • Expert Hand-on-Experience in configuring 802.1x supplicant (Native Supplicant, Confidential AnyConnect Supplicant & Secure W2 client supplicant) configuration on various End Client Devices-Windows, Apple Macintosh and Linux platforms.
  • Confidential ISE for Domain Integration and Active Directory Integration for 8021x authentication for Confidential ’s Internal IT Wireless Networks.
  • 802.1x Authentication for User Authentication and Machine Authentication with Microsoft Active Directory involving multiple Domains and Active Directory with machine and user objects, and with different Organizational Units,
  • Active Directory group policy objects configuration and processing for 802 1x EAP(PEAP)-TLS Protocols for installing certificates and configuring supplicants
  • Work with Customer to add policy based routing/VRF/Access control lists to forward unauthenticated traffic to the un-trusted interface of the Customer’s NAC appliance Server/Servers.
  • Test functions of Customer’s NAC, to include Active Directory Single Sign-on authentication, posture checking and remediation services per requirements gathered during the Design and Planning tasks.
  • Review Customer logs for policy violations and tune rules as appropriate.
  • Configured policy rules on Juniper 600c IDP devices.
  • Extensively utilized Microsoft’s Visio 2007 for designing and analysis and Project 2010 for task planning and assignment. Microsoft’s Project 2007.

Confidential, El Segundo, CA

Network Engineer

Responsibilities:

  • Performed as a Project Manager in taking the ownership of the Confidential Network Admission Control Project (C-NAC) and Wireless Security Upgrade Project (Global) and acted as a liaison between Confidential ’s Global IT Security and Global Infrastructure Teams.
  • Provided leadership in the Confidential NAC Project including requirements definition, task planning, research, testing, implementation and management.
  • High-level Designing and Low Level Designing of NAC Network Design.
  • Provided advice and guidance to Network Management Team in Confidential for implementing Confidential NAC Project under Data Security Laws and Regulations such as SOX (Sarbanes-Oxley Act) and the Peripheral Component Interconnect/Payment Card Industry Data Security Standard (PCI DSS) Networks.
  • Reviewed the customer requirements and design of the desired NAC Appliance Deployment in the existing Network Infrastructure and proposed the design for Confidential NAC deployment..
  • Configuration of Authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies.
  • Experience in configuration of Confidential Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC., etc.
  • Reviewed the existing Network Design and client requirements for Bill of Materials validation, cost analysis and proposed the implementation plan for NAC Deployment under three stages. (Pilot Phase, Pre-Production and Post-Production Implementations).
  • Planned, Prepared, Designed and Implementation of Confidential NAC Appliances in the Network comprising of Access, Distribution and Core Layers (All Confidential Catalyst Switches 6500 Series-6506, 6513 v 12.3 IOS and CAT OS Release 7.5)
  • Provided Hands on Support for the deployment of Confidential NAC implementation. Planned and Designed the NAC Appliances in Layer 2 INBAND (IB) & OUT of BAND (OOB) and Layer 3 OUT of BAND (OOB) deployments.
  • Planned, Designed and Installed the NAC Appliances for VPN Users, Wired (LAN, WAN) and Wireless Networks (WLAN).
  • Installed and Configured the Confidential NAC Appliances in Virtual Gateway mode - Central Deployment Mode with Clean Access Manager 3355 and Clean Access Server 3355-3500, Clean Access Server 3315-500 of release 4.7.0 and 4.7.2
  • Installed and Configured the Confidential NAC Profiler 3350 Server 3.1.1 Release.
  • Multiple implementations for NAC profiler involving multiple profiling criteria and active profiling.
  • Installed, Configured and Implemented NAC Guest Server 3315 2.0.2 release to provision guest access on Confidential ’s Network.
  • Planned and provided the captive portal and enforcement point for guest access alongside Confidential NAC Appliance.
  • Guest Services via the Lobby Ambassador and NAC’s Guest Server planned out and configured for Sponsor Authentication. This is the part of the template in WCS to push out to the Wireless LAN Controllers Globally for C-NAC Guest Services Deployment.
  • Planned and Designed process for NAC Authentication using Confidential NAC Agent and/or Web Agent.
  • Planned and enforced policies on each segment of Wired and Wireless Networks including LAN, WAN, VPN and WLAN.
  • Created roles for Employee, Contractors and Vendors and Guest Visitors and planned authentication strategy via Clients Windows Active Directory.
  • Configured Single Sign-On (SSO) for Windows Login, Remote Login (VPN users) and Wireless Users using Active Directory and Mapped users for their respective roles with LDAP.
  • Installed and configured the High Availability Design and Load Balancing for NAC Appliances.
  • Installed and configured hardware for Wireless Deployment using Confidential Wireless LAN Controllers (WLCs) 4400 Series and Confidential Aironet 1200 Series Access Points (LWAPs) and Confidential Wireless Control System 5.2
  • Upgraded and configured the ‘ Confidential ’ SSID with PEAP/WPA from LEAP/WEP in Confidential Wireless Control System (WCS) and push that template out to the Wireless LAN Controllers (WLC) throughout the world.
  • Reconfigured Wireless Control System 5.2 (this is the centralized management application) templates and mobility groups so that they include the new ‘ Confidential ’ SSID.
  • Experience in configuration of Confidential Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC., etc.
  • Expert Hand-on-Experience in configuring 802.1x supplicant (Native Supplicant, Confidential AnyConnect Supplicant & Secure W2 client supplicant) configuration on various End Client Devices-Windows, Apple Macintosh and Linux platforms.
  • Confidential ISE for Domain Integration and Active Directory Integration for 8021x authentication for Confidential ’s Internal IT Wireless Networks.
  • 802.1x Authentication for User Authentication and Machine Authentication with Microsoft Active Directory involving multiple Domains and Active Directory with machine and user objects, and with different Organizational Units,
  • Active Directory group policy objects configuration and processing for 802 1x EAP(PEAP)-TLS Protocols for installing certificates and configuring supplicants
  • Configured Wireless LAN Controller Interfaces, WLANs, RADIUS attributes, AAA Server configuration for wireless network connections, SNMP Settings and SNMP Community setting for Trap controls.
  • Conducted and performed Radio Frequency (RF) Site survey for the deployment of wireless Network and discovering the RF Coverage Areas, Checked for RF Interference and determined appropriate placement of wireless devices including LWAPs and Confidential 7925G Wireless Phones.
  • Troubleshoot issues related to Wireless Setup that includes RF issues like multipath distortion and hidden node problems.
  • Performed various VLAN Assignments, Inter-VLAN Communication, dot1q trunking, spanningtree portfast, ACLs, and SNMP settings. Defined strings for SNMPv2C existence
  • Configured and executed Protocols like OSPF, BGP and EIGRP on Confidential Routers 7600s, 7200s, 2800s
  • Worked Extensively with Windows Team on integration of Active Directory SSO.
  • Performed Pilot Test on Confidential Nexus Data Center Switches 7000s for compatibility issues, Confidential Carrier Routing System (CRS), Confidential Aggregation Service Routers and Confidential 12000 GSR.
  • Troubleshoot for Windows Login Scripts existence by introducing delay scripts and automating GPO updates.
  • In depth troubleshooting of NAC agent, web agent, ADSSO, VPNSSO, LDAP role mappings, mac authentication bypass.
  • Design and configuration of Firewalls ASA 5505, 5510 and PIX 500s with software version 7.0 & 8.0 for Confidential 5510 ASAs and 6.3 for PIXs 500s.
  • Management and monitoring of Confidential ASAs through ASDMs 5.2 and 5.3
  • Provided support on Firewall configuration for policy rules on NAC Appliances with Confidential ASAs 5500s and PIX 500s firewalls.
  • Firewall Port openings and ACLs configuration on Confidential ASA 5500s
  • Hands on experience on Confidential firewall ASA 5500s Web-VPN Configuration and upgrade from PIX 500s to ASA 5500s
  • Provided assistance in configure policies and documented the entire deployment notes and policy sets.
  • Provided helpdesk training and facilitated the handover of NAC Project to the managed services provider.
  • Extensively utilized Microsoft’s Project 2007 (project plan) for Enterprise Project Management and Solarwinds ORION for Network Management and IP address Management.
  • Extensively utilized Microsoft’s Visio 2007 for design analysis and project planning.

Confidential

Computer Systems & Network Administrator

Responsibilities:

  • Involved in designing, configuring, implementing, maintenance and troubleshooting issues relating to routers and switches in LAN, WLAN and WAN.
  • Designed and deployed networks as per the company’s requirement. Handled different tasks such as network address assignment, assignment of routing protocols, etc.
  • Handling the network infrastructure LAN/WAN, migration & configuration of network client workstations. Addressing performance bottlenecks & ensuring maximum network efficiency and uptime.
  • Planning designing, Installation, configuration and maintenance of 802.11a/b/g Wireless Networks and Wireless Access points.
  • Configured Wireless Control System 5.0 for Wireless Networks.
  • Installed and Configured Wireless LAN Controller 4402 and 1200s (LWAP) Confidential Access Point .
  • Configured Secured Authentication using LEAP/WEP and PEAP/WPA & WP A2.
  • Installed and configured active Directory Single Sign On feature for Windows Wireless User logins.
  • Implemented, Monitored and troubleshoot the protocols RIPv1, RIPv2, OSPF and Static Routes.
  • Configured and executed Protocols like BGP and EIGRP on Confidential Router2600s, 2811.
  • Configuration and Installation of Confidential PIX 500 and ASA 5520 firewalls.
  • NAC Appliance design and implementation experience involving centralized Real IP - Gateway, Virtual Gateway, InBand and OOB deployments.
  • Wireless and wired NAC deployments in a high availability cluster.
  • Provided Hands on Support for the deployment of Confidential NAC implementation. Planned and Designed the NAC Appliances in Layer 2 INBAND (IB) & OUT of BAND (OOB) deployments.
  • Planned, Designed and Installed the NAC Appliances for Wired (LAN, WAN) and Wireless Networks (WLAN).
  • Installed and Configured the Confidential NAC Appliances in Virtual Gateway mode - Edge Deployment Mode with Clean Access Manager 3355 and Clean Access Server 3315-500 of release 4.7.0
  • Installed and configured NAC Guest Server for visitors.
  • Planned and enforced policies on each segment of Wired and Wireless Networks including LAN, WAN, VPN and WLAN.
  • Planned and Designed process for NAC Authentication using Confidential NAC Agent and/or Web Agent.
  • Hands on Experience in Installing and configuring Confidential ACS 4.2/5.3 for 802.1x, TACACS and RADIUS (AAA) Authentications and upgrade/migration process for Confidential ACS 4.2 to 5.1 and from Confidential from 5.3.
  • Worked extensively on lab build for POC and pilot on migrating/upgrading Confidential ACS 5.x to Confidential ISE 1.0.1/1.2 for TACACS+ and 802.1x Authentication on Network Devices.
  • Experience in configuration of Confidential Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC., etc.
  • Configuration and maintenance of Voice Processing Systems (VOIP) including PBX for Panasonic KX-TVA-50 VPS and KX-TDA 200 - Console/GUI/connections for daily office usage.
  • NAT, VPN and Traffic filter implementation in Confidential Firewall.
  • Installation, Management and Maintenance of VPN Servers for Remote access, Site to Site VPN access and Dial up VPN access .
  • Implemented traffic filters using Standard and Extended Access Control lists. Handled Route-map, Re-distribution list & access-list configurations.
  • Access distribution and core layer switching architecture, created VLANS, Firewall Services Module (FWSM) and STP configuration.
  • Installation of Confidential CUCM 8.6 (Publisher & Subscriber), Confidential Unity Connection 8.6 (Voice Messaging), CUPS 8.6, and Confidential Unity Express CUE 8.6.4
  • Troubleshoot voice issues in a centralized Confidential voice environment and assisting end-users with phone related questions and issues.
  • Installation of CUCM 8.5, Unity voice mail and Configuration of SIP, H323, SCCP and MGCP protocols for Confidential CUCM Voice Deployment
  • Ability to provide basic design features in a CUCM environment (hunt groups, advanced call routing, etc).
  • Addressing issues like routing problems, route announcements/advertisements, and security access issues.
  • Used tools Wireshark, Packet Sniffer and Microsoft Network Analyzer for monitoring Local Area Network connections (LAN’s) and Wide Area Network Connections (WAN) for Network connection and failure issues.
  • Administrative responsibilities including the installations, additions, updates and changes to Microsoft Windows 2003 and Windows 2008 servers.
  • Installed SQL 2005 Database server and Internet Information Server (IIS) 6.0 on Windows 2003 and Internet Information Server (IIS) 7.5.
  • Administering the Microsoft Windows Servers and managing disk space, user profile creation and user rights management .
  • Implementation of Windows 2003 domain infrastructure, VMware and Windows Active Directory 2003 setup
  • Maintain and create user accounts and policies within Active Directory, Configure/maintain Internet filtering and security on public access pc’s.
  • Configuration and maintenance of DNS & DHCP servers .
  • Firewall Port openings and ACLs configuration on Confidential ASA 5500s
  • Installation and configuration of Firewalls ASA 5505, 5510 and PIX 500s with software version 7.0 & 8.0 for Confidential 5510 ASAs and 6.3 for PIXs 500s.
  • Management and monitoring of Confidential ASAs through ASDMs 5.2 and 5.3
  • Planned Data Recovery, Drive/Disk Imaging and Backup process and procedures .
  • Maintained accurate network documentation for moves, adds, changes, and deletes. Properly documentation of problem situations and resolutions.
  • Documented policies and procedures for resolving customer issues.
  • Installed and configured Confidential NSS 3000 Network storage System for critical back up data locally for users.
  • Configured Role-based administration that supports Confidential UCS collaboration and auto discovers allowing Confidential UCS manager to detect, inventory, manage and provision any system component that is added or changed.
  • Assisted in the support of physical and virtual machine mobility, High availability configuration when two fabric inter-connects are used.
  • Provided support in enhancing the virtualization support of Confidential UCS manager implementation of VN-Link technology enabling policy based virtual machine connectivity.
  • Experience in configuration of Confidential Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC., etc.
  • Expert Hand-on-Experience in configuring 802.1x supplicant (Native Supplicant, Confidential AnyConnect Supplicant & Secure W2 client supplicant) configuration on various End Client Devices-Windows, Apple Macintosh and Linux platforms.
  • Confidential ISE for Domain Integration and Active Directory Integration for 8021x authentication for Confidential ’s Internal IT Wireless Networks.
  • 802.1x Authentication for User Authentication and Machine Authentication with Microsoft Active Directory involving multiple Domains and Active Directory with machine and user objects, and with different Organizational Units,
  • Active Directory group policy objects configuration and processing for 802 1x EAP(PEAP)-TLS Protocols for installing certificates and configuring supplicants

Confidential

Computer Systems & Network Administrator

Responsibilities:

  • Network Planning and implementation between the Main Head office and branch offices located across USA and India. Design and Implement Remote access management and VPN access between the sites.
  • Configured T1 interface and Channelized T1 interfaces between Confidential 2800, 2400 and 2500 series routers. Confidential IOS upgrades on routers.
  • Create end-user VPN accounts with appropriate access. Installed and configured for VPN IPSEC and VPN Dial-up connections for remote users.
  • Installation, Maintenance and Troubleshoot DNS, DHCP Servers and System issues. Managed and maintained DNS, DHCP protocols and Active- Directory Infrastructure.
  • Configuration and installation of wireless networks using access points, and Wireless LAN cards of Wi LAN, Dlink, Linksys, and Confidential AG APs.
  • Installation, Configuration and maintenance of Network Printers.
  • Disaster Recovery, backup and restoring Data using R-TT Disk Imaging Software.
  • Providing End-user support for configuration and troubleshooting of hardware, software and Windows operating systems related issues, Network connectivity issues, Remote access setup and Management issues, and VPN connection issues.
  • Implementation of Windows 2003 domain infrastructure and windows Active Directory 2003 setup
  • Experience in installing SQL 2005 Database server and Internet Information Server (IIS) 6.0 on Windows 2003 and Internet Information Server (IIS) 7.5 on Windows 2008 Server.
  • Installation of SAP R/3 4.7E, ECC 6.0 System and hosting remote access management to the server for employees based in USA.
  • Installed SAP R/3 4.7 and ECC 6.0 Systems, performance tuning and monitoring of the SAP (4.7, ECC 6.0) on Windows 2003 with Oracle 10g as the database.
  • Provided support in Up-gradation from 4.6C to ECC 6.0 and Post upgrade activities. Performed User Administration (Creating & maintaining SAP users) and assigning authorizations to users, lock /unlock users.
  • Supported R/3 modules: CO, BC, BW, WM, FI, MM, PP, SD SCM: DP, SNP. Installed SAP router and created route permission reports on USER and ROLE violation with and without exclusion.
  • Involved in Database performance tuning. Worked extensively on SAP system logs.
  • Involved in installing and configuring of the SAP system .Created users and activity groups which went through complete phase from designing the activity group, supporting unit and integration testing, going live and post to live support.
  • Checking user login information using SM04 and AL08 Printer spool setup and administration Administering Background jobs. Setting up Transport Management System and transported change requests among DEV, QAS and Production systems.
  • Performance of daily operational checks on various systems and maintaining the system Health, applying OSS notes and Background Job monitoring.
  • Configured RFC connections between the systems in the landscape using SM59 Created users along with assigning roles, profiles and authorizations by performing user administration with the help of transaction SU01.
  • Performed daily activities involving System Monitoring, Database Monitoring and Network Monitoring using transactions AL01, AL02 and AL03, Performed daily SAP System checks and logs (SM21).
  • Actively provided desktop configuration and phone support for software and hardware related issues. General end user desktop and laptop support.
  • Back up policies on Confidential Network storage systems.

Confidential

Field-Service Network Engineer

Responsibilities:

  • Installation, maintenance, and troubleshooting Internet/Network (IP) Based Access Control Systems, Building Automation Systems, and Fire Access Systems for their clients based in Hyderabad. Clients include, Wipro, Accenture, Infosys, Green Building corp., Genpact, etc.
  • Hands on experience in Installing IP-Network based Home-Alarm, IP Based Intrusion & CCTV Systems, and Access control Systems, Building Automation Systems.
  • Integration, Networking and programming of Internet Based IP DVR systems through switches, and Routers using TCP/IP suites.
  • Systems trouble shooting Windows 98/2000, windows XP, Server Administration, and Basic Network Administration procedures and policies.
  • Disaster Recovery, system planning and implementation of security access systems & intrusion alarm systems.
  • Providing 24/7 Technical Support on phone, mail support on Network, Hardware, software & security problems supporting multiple organizations.

Hire Now