- Professional with over 5 years of progressive technical experience in project/implementations, support/ticket resolution, documentation, administration, analysis, and troubleshooting of various technologies which includes proficiency in routing, routing protocols, switching, security, firewalls, voice, wireless, and data center technologies.
- Implemented VLAN Trunking Protocol to reduce administrative overhead and to control VLANs and VXLANs using NX - OS to ensure virtual and flexible subnets that extend farther across the network than previous generation of switches.
- Implemented port-profiles in NX-OS for multiple ports and port-types to reduce errors and improve readability.
- Enabled encryption of system passwords and privileged administration to prevent unauthorized IOS user access.
- Implemented frame-relay point-to-point and multipoint WAN links between sites to establish connectivity between four sites. Established frame-relay point-to-point connections between three sites to create a full mesh network. Implemented hub and spoke network between three sites with the main office as the hub for redundant connections.
- Implemented EIGRP routing for point-to-point and Non-Broadcast Multi-Access networks. Prevented neighbor adjacencies forming and sending/receiving routing updates on unnecessary interfaces. Implemented EIGRP MD5 between sites to prevent unauthorized insertion of routes into the domain. Implemented manual EIGRP route summarization to reduce demand on CPU resources, memory, and bandwidth used to maintain the routing tables.
- Implemented multiple-area OSPF routing and totally stubby areas to lower the system resource utilization of devices. Implemented NSSA area to allow injection of external routes into the area and propagation into the OSPF domain.
- Implemented backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and restore startup-commit file for the DR.
- Configured e/iBGP peering using directly connected networks and loopbacks with OSPF, eBGP multihop, and Route Reflectors to provide routing information with debugging diagnostic commands to monitor Confidential events.
- Implemented an IPSec Site-to-Site VPN between the Cisco ASA 5505 at small office location and Cisco 1841 ISR with a security IOS image at the main office.
- Implemented VPNs for IKE Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, a transform set using esp-des esp-sha-hmac for traffic protection, crypto map to configured elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint.
- Implemented of Zone-Based Policy Firewall on the Cisco 1841 ISR for three zones, applying class-maps as traffic crosses a zone-pair, policy maps to apply action to the class-maps’ traffic, zone-pairs, and application of policy to zone pairs.
- Implement a Clientless SSL VPN (WebVPN) to allow users to establish a secure, remote-access VPN tunnel to the Cisco ASA 5505 using a web browser. Prepared the Cisco ASA with necessary configurations for self-signed certificate generation. Generated a general-purpose RSA key-pair for certificate authority identification. Configured certificate authority trustpoint for the WebVPN using self-enrollment, and configured CA trustpoint interface association.
- Utilized Cisco ASA 5505 Modular Policy Frame-Work to configure and manage layer 3/4 interface service policies, applied inspection and connection limits to services, and applied inspection and QoS policing to HTTP traffic. Configured HTTP inspection policy to block restricted sites and file downloads.
- Implemented Unity Voicemail on the Cisco Unity Express Network Module. Configured dial-peer on a Cisco 2811 ISR to define attributes of packet voice network connections to Cisco Unity Express Network Module. Enabled call forwarding on busy/no answer. Implemented Message Waiting Indicators and Voicemail access via SMTP.
- Implemented a wireless network infrastructure providing access to wired LANs to increase mobility and productivity on Cisco WLC 2106, Cisco 3550 switch, Cisco 1130AG and 1121G series APs. Created wireless LANs and configure interface association, security parameters, and radios used. Managed the wireless network through the WLC web GUI.
TECHNICAL SKILLS DETAIL:
Routing/Switching Technologies: Cisco Routers ASRs/ISRs, Cisco Catalyst/Nexus, Juniper, Citrix, H3C and HP Routers & Switches, WAN, LAN, TCP/IP, Cisco IOS, Spanning Tree Protocol, BPDU, CDP, ACL, NAT, PAT, OSPF, EIGRP, Confidential, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN Trunking, VXLANs, Multicast Routing, HSRP, SVI, CEF, Etherchannel, Portfast, VSS, VPC.
Security/Firewalls Technologies: Cisco ASA 5500 Series Firewalls, Cisco Security Manager Suite, Cisco FWSM, Cisco IPS/IDS, Cisco ISE, Cisco ASA, Checkpoint Firewall, Juniper SRX Series, Palo Alto, AAA - TACACS+/RADIUS, SSH, VPN, IPSec, SSL/IPSec, Port Security, MAC Address Filtering.
Wireless/Voice Technologies: Cisco WLC, IEEE 802.1x & 802.11, WLAN, WAP, AP, SSID, LWAPP, Aironet - Voice Over Internet Protocol (VoIP), VoIP/SIP, CUCM, UCCX, RSTP, STP, Quality of Service (QoS), PoE.
Monitoring/Data Center/Servers/APPS: Wireshark, Cacti, Nagios, SolarWinds, Cisco Security Manager Suite, Remedy - VMWare, F5, Citrix NetScaler, Microsoft Windows Server NT, 2000, 2003, Exchange, Cisco Prime, Meraki, SNMP, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, PTP, SFTP, RDP, AWS.
LAN/WAN Professional Network Contractor
- Member of a team responsible for onsite LAN/WAN support, deployment, and configurations of routers, switches, wireless, firewalls, and related LAN/WAN technologies at both data center, corporate, and branch locations.
- Proficiency in Cisco Routers, Cisco Catalyst Switches, Cisco ASA, Cisco Nexus 1k, 2k, and 5k, Juniper, F5 Big IP, Cisco UCM, Cisco Unity, Cisco WLC, Cisco Aironet, Palo Alto Firewall, Nagios, Solar Winds Orion, Cacti, and Wireshark.
- Lead member of a team of engineers responsible for installation, configuration, administration, and troubleshooting of various technologies based on stated SLA and following proper change management processes & MOPs.
- Additional responsibilities included maintaining/revising MOPs, validating technical configurations, acting as SME to fellow engineers and other professionals, and providing timely verbal & written reports to key stakeholders.
Onsite Engineer / Analyst
- Lead member responsible design, implementation, testing and validation of critical technologies to meet specific client needs and ensuring that key performance and operational metrics are met.
- Specific activities included conducting needs analysis, creating technical schematics, devising implementation plans, personally handling implementation/configuration activities, and handling proper knowledge transfer.