SUMMARY:

• Cisco Certified Network Engineer with 7+ years of experience in testing, troubleshooting, implementing, optimizing, migrating and maintaining enterprise data network and service provider systems.
• Hands - on experience in installing, configuring, and troubleshooting IP networks with wide range of routers including (Cisco: ASR 9k,1000, 7200 VXR, ISR 4000, 3900, 3800, and 2800 and Juniper: ACX 500, ACX 1000, PTX 1000) and Switches including (Cisco: Nexus 7K and 5K, 2K, Catalyst 6500, 4500, 3850, 3650, and 2900 and Juniper: EX 2200, EX 4550, and EX 4600).
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering.
• Implementing and Working knowledge of Frame relay, PPP, ATM, MPLS services, NAT, sub-netting, DNS, WINS, LDAP, DHCP, HTTP/HTTPS, TCP/IP, UDP, SNMP, IPsec, PPTP, VLAN, VTP, STP (Spanning tree Protocol), Tunneling and Access Control Lists.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Provide NSX Micro-Segmentation Security for ASW Data Center.
• Experience in Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480).
• Extensive understanding of networking concepts, (IE.Configuration of networks, router configuration and wireless security, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
• Experience of working on Static routing, Default routing and dynamic routing protocols like EIGRP, OSPF, RIP, BGP and MPLS.
• Excellent knowledge and experience on multi-vendor platforms like Cisco, Juniper, Checkpoint, F5 Big-ip LTM load balancers, Bluecoat, Riverbed, Citrix, and VMware
• Integrating Symantec DCS with NSX , providing server hardening. .
• Extensive experience in upgrade, backup and password recovery of Cisco IOS.
• Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
• Knowledge on AAA authentication servers such as TACACS+ and RADIUS.
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM & GTM.
• Experience on installing, maintaining and troubleshooting Check Point R75, R77.30 Gaia.
• Demonstrated experience in developing, implementing, auditing Checkpoint firewall (R77.30) configurations and analyzing, optimizing rule sets.
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Checkpoint firewalls.
• Working knowledge of Network monitoring/management tools like Wireshark, TCP Dump, Cisco Prime, Net Flow, Solar Winds and Riverbed.
• Understanding of JUNOS platform and worked with IOS upgrade of Juniper devices.
• Worked on Palo Alto firewall and used panorama for centralized control of all the firewalls.
• Managed firewall policies that employ NAT, application layer gateways, and policy-based VPNs.
• Good knowledge in configuring Site-to-site IPsec, and Remote SSL VPN on router IOS platforms and firewalls.
• Maintain firewalls and logs to protect the client infra from un-ethical attempts.
• Content filtering and management of Controlled access to the Internet as per the company IT Security policy. Provide Conditional & specific Internet access to specified groups and users using Bluecoat Proxy.
• Maintain secure access to client infra from internet using SSL VPN integrated with two factor authentications.
• Created and design network layout and documented network system design with detail information using Visio software. Vendor co-ordination for hardware issues and assessment management.
• Worked in a Data center environment. Handled critical outages and developed different ideologies to reduce the network downtime.
• Worked on Cisco ACE load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experience in designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Expert level knowledge on configuring Aruba Mobility controller, Airwave, Aruba Clear pass, Cisco Prime infrastructure, WCS/NCS, ISE &MSE . Worked extensively configuring Security over Wireless and Voice Over Wireless.
• Expertise in installing, configuring and troubleshooting Juniper Routers (E, J, M and T-series)
• Good team player with excellent communication, strong analytical and creative problem-solving skills along with presentation and reporting skills
• Design & administer public wireless using Cisco 5500 WLC and Cisco Prime for network monitoring and configuration.
• Efficient designing of IP Addressing Scenario using VLSM and Sub netting.
• Having Knowledge on Design, deployement and provided operational support forCisco FirePOWER NGIPS solution.
• Having good knowledge onShell Scripting and Unix.
• HarnessedAMP (Advanced Malware Protection) to detect, store and alert on malicious files of various types; utilized file hash values (SHA-256) to fingerprint specific malware artifacts.
• Audit IT infrastructure to review the compliance controls are in place, Provide statistical data and reports to support the client for security assessments.

TECHNICAL SKILLS:

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3925, 7200,7201, 7600, 7613, 9000), Juniper routers (M320, MX960, 480)

Switches: Cisco switches (2900, 3750, 4500, 6500) Nexus (3000, 5548, 6000, 7010)

Firewalls: Cisco ASA 5520, 5550, 5540, Juniper SRX 240, 5400, 5600, 5800, Juniper Net screen 6500, 5400 Palo Alto PA-3060/2050, Check point Firewalls NGX R75, R76 and R77.

Load Balancers: F-5 BIG-IP LTM (6400 and 8900)

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems and Fiber optic circuits

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI.

Routing Protocols: RIP, OSPF, EIGRP, BGP, Route Filtering, Redistribution, Summarization, and Static Routing

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAGP, and LACP.

IP Telephony: SIP, RTP, H.323, Voice gateways, CCM.

Wireless Technology: Cisco AP, LWAP, Access Points, WCS, Aruba

VOIP Devices: Cisco IP phones, Avaya.

IPSEC/VPN Configuration: PIX to Router, Router to Router, PIX to VPN wildcard client, Router to VPN wildcard client, PIX to PIX, fully meshed configurations

Network management: SNMP, CiscoWorks LMS, HP Open View, Solar winds, Ethereal, Wireshark

Ticketing tool: Remedy system, connect wise

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN.

Load Balancing: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

Applications: Microsoft Office, MS Visio.

Languages: Unix, Turbo C / C++, basics in Perl and Shell scripting.

Antivirus: Symantec Endpoint Protection, McAfee

Vulnerability Management: Nessus, Qualysguard

PROFESSIONAL EXPERIENCE:

Confidential, Minneapolis, MN

Sr. Network Engineer

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT', DNS, LDAP, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
• Hands on experience with Juniper EX-Series Ethernet Switches.
• Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900 along with Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Actively involved in switching technology Administration including creating and managing VLANS, Port security - 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco switches.
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review, evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication & HSRP authentication.
• Troubleshooting and problem resolution of Virtualization (vSphere 4.1\5.1\5.5) Infrastructure.
• Responsible for Data Center Migrations and its operations including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 5k and 7k.
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
• Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Installed wireless access points (WAP) at various locations in the company.
• Created dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA.
• Configured Voice ports and Dial peers on the call manager for the VOIP call to reach remote destination.
• Worked on physical and virtual networks to provide functionality on additional layers on VMware NSX.
• Worked on configuration and commissioning of the MPLS circuits for various branch offices.
• Provided Daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
• Hands on experience and good working knowledge with Checkpoint Firewall policy provisioning.
• Upgraded the data center network environment from Cisco ASA 5520 to Checkpoint R77 firewalls.
• Performed routine monitoring of Checkpoint firewall from security perspective and also troubleshooting the connectivity issues.
• Involved in configuring Checkpoint (R77) Firewall rule base and objects as per the requirements.
• Troubleshooting checkpoint firewall connectivity related issues using Smart view tracker.
• Experience in reviewing and recertification of rule sets and also involved in creation, validation and maintenance of enterprise check point(R77.30) firewall policies.
• Configured ACL's in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT
• Daily exposure to IP based network security protocols with Juniper SRX firewalls, Operating Systems and security configurations LAN/WAN/Security solutions.
• Established IPsec VPN tunnels between branch offices and headquarter using Juniper SRX firewalls.
• Managed the F5 BigIP GTM/LTM appliances to include writing rules and everyday tasks of creating WIP and VIPs.
• Experience in deploying, configuring & maintaining F5 3DNS (Global traffic Manager) Controller and BigIP -LTM (local traffic manager) for wide area load balancing and global redirection using VPN and Proxy load balancing techniques.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.
• Ensure that the clients are enforced with the EPS policy configuration.
• Management of quarantine and prevent the other systems from getting infected.
• Virus removal on the infected systems by automated or manual process.
• Advice to desktop and server team on virus detection and procedure for cleanup.
• Implementing rules in Visual policy Manager to allow and restrict access as per customer requirement.
• Packets capture using bluecoat proxy and analysis the packets and communicating them with vendor for further investigation.
• Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds and Opnet.
• Coordinating with Security team for NAT configuration and troubleshooting issues related to access lists and DNS/DHCP issues within the LAN network.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Configured and deployed VDC and VPC between Nexus 7018 and Nexus5596, 5548 switches along with FEX2248. Have a good understanding of Fabric Path.
• Has the ability to build deployment, build scripts and automated solutions using scripting languages like Shell scripting (kasha, Bash), Python, Ruby, PHP.
• Working as Network Engineer in planning and designing our Clients global network for Network Access Solution.
• Technology support for: Cisco ACI, NSX, Open Source solutions, AWS/Azure VPC, ATT Netbond, Arista VTEP &VxLAN, Hitachi UCP, and many more.
• Implement new Active Directory sites and Domain controllers as per the growing organizations infrastructure need.
• Configured automatic updates for network clients by using Group Policy.
• Executed Customer Infrastructure on Cisco Nexus device and Cisco UCS B & C series and Installed VMware ESXi 4.0/5.0/5.5/6.0 and build VMs with Windows 7/8/2003/2008/2012 R2 OS and Centos/Linux 5, 6.0 OS.
• Working knowledge on LAN virtualization by VMware NSX and good understanding on vSphere and Citrix Xenserver.
• Installed and configured HyperV - VMware ESX (4.0), ESXi , and VSphere 4 environments with Virtual Resource Management- Configuring VMware HA, VMware DRS Clusters for load balancing.
• Design for Guest Network and Mobile Access Network for NAC Solution, comprising of an Aruba Wireless LAN Controller solution in DMZs/Internet Gateways with Fore Scout Counter Act NAC Appliances for NAC .

Environment: Cisco Routers, Cisco Switches, Nexus 7k/5k/2k Routing protocols, F5, Load Balancer HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, SIP, RTP, RADIUS, TACACS+, Juniper SRX 240, ASR 9000, Catalyst 6500, Wireshark, Check point R77, Blue coat proxy server, Symantec Endpoint protection.

Confidential, Austin, TX

Sr. Network Engineer/ F5 Engineer.

Responsibilities:

• Maintained a Network with more than 600 Network devices, 20,000-end hosts, and the other Network devices like DHCP, DNS Servers, and Firewall Servers
• Performed IOS upgrades on Catalyst 3750, 2950, 1900 switches, and 3600, 2600 and 2500 routers.
• Installed and configured DHCP, DNS Server.
• Responsible for Cisco ASA 5540 administration and checkpoint firewall provider-1 across our global networks
• Good experience with like checkpointVSX, IDS, IPS as well as encryption techniques.
• Experienced of network monitoring and management utility: Tcpdump and Wireshark
• Troubleshooting and installing of ISR, ASR9000 and Nexus devices.
• Deployment of NSX in Mission Critical Data-Center and engagements with C-Levels, Stakeholders and IT Executive Enterprise and Federal Sectors.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
• Experience working with Nexus 7010, 5020, 5548, 2148, 2248 devices
• Worked on Checkpoint firewalls in creating and implementing the policies required by the company.
• Configured address objects and service objects on Palo Alto PA 2050.
• Migrated legacy Cisco ASA firewalls to Checkpoint firewalls using migration tools in the enterprise environment.
• Great exposure to SDN and network function virtualization (NFV) technologies like Cisco ACI.
• Experience in WAN technologies like T1/T3, DS3, STM1 and STM4 circuit types
• Scripting for automation of processes for Windows Servers. Familiarity with main script languages like Power Shell, PHP, Shell, Perl, Python.
• Hands-on experience in the network management of circuits using TDM and Frame Relay network
• Installed and configured Routers, Bridges, Terminal Servers and CSU/DSU have to support WAN links.
• Configured F5 GTM solutions, which includes WideIP, Pool Load Balancing Methods and monitors.
• Implemented SNMP on Cisco routes to allow for network management.
• Cisco IPT Migration Projects from legacy PBXs with Nortel.
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers .
• Upgraded F5 load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
• Hyper-V virtualization design build project to manage the Agencies 270+ server farm.
• Enterprise administrator/Virtualization solution developer/administrator (MicorsoftHyperV 2, HyperV 3, vSphere, Citrix).
• SSL offloading, Cert management and Troubleshooting experience on F5 using TCP and SSL dumps and Wireshark analysis.
• Working experience with F5 Load balancer LTM like 3900, 6900, 4200V over various environments.
• Capable enough to work independently with minimal supervision and multitasking.
• Configuration, migrations, upgrades of F5 Big IP LTM 3400, 6400, 8900 running v4.x to 10.2.x, Active/Standby.
• The configuration of Backup and Restore of NSX Manager and Data.
• Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Troubleshoot and solve network outages that are escalated by Tier 3 NOC Engineers.
• Used Network monitoring tools to ensure network connectivity and Protocol analysis tools to assess and pinpoint networking issues causing service disruption.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Worked on Data, VOIP, Security as well as wireless installations and technologies.
• Experience with Juniper SRX 240 Firewalls.
• Worked on Solar winds Orion for analysis and monitoring purposes
• Performing SIP call flow & other protocol packets flow using Wireshark.
• Authentication Mechanism to Citrix through RSA Server.
• Complete installation of hardware, software token on windows, android, iPhone, desktop, laptops.
• Monitoring logs and generating reports on expired tokens and providing them with new tokens.
• Inbound & outbound scanning of Emails for virus, Spam& other infections
• Content filtering solution to reduce the unwanted mail volume,
• Monitoring security logs to report events and provide utilization report.

Environment: Tcpdump, Wireshark, ASR series, Nexus devices, Juniper SRX, Checkpoint firewall, Palo alto, ASX, IDS, IPS, DHCP, DNS, Orion, ACL, PBX, Nortel, Juniper routers, Load Balancing, Routing Protocol, VLAN, Frame Relay, Trunk, VoIP, NAT, PAT, TCP/IP, Security, Vulnerability, Wireshark, TACACS, RADIUS, RSA Two Factor Authentication, E-mail Gateway (Tumbleweed), Nessus Vulnerability Management.

Confidential, Princeton - NJ

Sr. Network Engineer

Responsibilities:

• Planning and Implementation of VLSM Sub-netting to conserve IP addresses.
• Worked on configuring and troubleshooting DMVPN on Cisco 3925 router in our data center environment.
• Worked on installing, configuring and troubleshooting Juniper routers.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/NAT with firewalls as per the design.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches as well as Implemented ATM/Frame Relay between data centers.
• Commissioning & decommissioning, configuring, URL and Web filtering, SSL Certificates, monitoring, SNMP traps, logging, blocking on Palo Alto PA-3060, migrating from one network to other.
• Configured and maintained IPSEC and SSL VPN on Checkpoint Firewalls.
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Worked with telecom vendors in regards to network fault isolation.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Deployment of NSX in Mission Critical Data-Center and engagements with C-Levels, Stakeholders and IT Executive Enterprise and Federal Sectors.
• Configured CIDR IP RIP, PPP, BGP and OSPF routing.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Used IPsec VPN tunneling to provide access to user machines and partners in another network. Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Worked on the design and architecture team with creating network design, IP space allocation, procuring PO's for devices associated with the network infrastructure performed virtual lab based testing of network before deployment and implementation.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Configured and maintained IPSEC and SSL VPN on Checkpoint Firewalls.
• Configuring backup of checkpoint configuration, security policies, logs with policy package management, database revision controls, upgrade export and import, snapshot procedure on regular basis.
• Hands-on experience in the network management of circuits using TDM and Frame Relay network, performing configuration and provisioning management, fault management and performance monitoring.
• Worked on Solar winds monitoring tool for eliminating IP issues and managing DNS, DHCP and IP addresses.

Environment: Tcpdump, Wireshark, ASR series, Nexus devices, Juniper SRX, Checkpoint firewall, Palo alto, ASX, IDS, IPS, DHCP, DNS, Orion, ACL, PBX, Nortel, Juniper routers, Load Balancing, Routing Protocol, VLAN, Frame Relay, Trunking, VoIP, NAT, PAT, TCP/IP, Security, Vulnerability, Kiwi-Cat Tool, Wireshark, TACACS, RADIUS.

Confidential - Plano, TX

Jr. Network Engineer

Responsibilities:

• Performed Configuration and troubleshooting of multi-customer ISP network environment.
• Involved in network monitoring, alarm notification and acknowledgement.
• Implemented new/changing existing data networks for various projects as per the requirement.
• Performed troubleshooting of complex networks layer 1, 2(Point to Point, ISDN) to layer 3 (routing with MPLS, BGP, EIGRP, OSPF and RIP protocols) technical issues.
• Used Wireshark for network packet capture. Provided support to networks containing more than 2000 Cisco devices.
• Performed troubleshooting for IOS related bugs by analyzing past history and related notes.
• Carried out documentation for tracking network issue symptoms and large scale technical escalations.
• Managed the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.
• Performed Commissioning and Decommissioning of the MPLS circuits for various field offices.
• Prepared feasibility report for various upgrades and installations.
• Performed installation and maintenance of new network connections for the customers.
• Configured all the required devices and equipment for remote vendors at various sites and plants.
• Installed new equipment to RADIUS and worked with MPLS-L3VPN and TACACS configurations.
• Installed and maintained local as well as network printers.

Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960 6500 switches and Cisco 3640 /12000 /7200/ 3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA 500, F5 BIGIP LTM,RIP,OSPF,BGP,EIGRP,LAN,WAN,VPN,HSRP

Confidential

Network Support Engineer

Responsibilities:

• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured EIGRP for Lab Environment.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Network Requirements.
• Designing solutions for frozen requirements using Cisco Routers and Switches.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter- Vlan routing with Multilayer Switching.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed administrative support for RIP, OSPF routing protocol.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Real time monitoring and network management using Cisco Works LMS.
• Provided technical support on hardware and software related issues to remote production sites.
• Responsible for LAN and internet connection file and print server.
• Maintained and installed new internet connections for customers.
• Experience in installation of Windows NT Server and Windows NT Workstations.
• Co-ordinated the Tech Support as it relates to LAN & WAN systems

Environment: TDM, Frame Relay, Datacenter, WLAN, Nexus 5k/7k, WAP, Unix, Linux, Trunking, F5 Load Balancer, FTP, BPDU Guard, Wi-Fi, CDMA, Cisco IOS-XR, ASR9000 devices, Nexus 7k, 5k and 2k switches, Subnet, VLSM, Check point, Juniper routers.