- 8 years of experience in Network design, Security, Tier support of Networks in various environments.
- Experience working with security devices such as Firewalls, VPN switches and Intrusion Detection Systems.
- Extensive experience working on Cisco and Confidential routers/switches in complex environments with multiple ISPs.
- Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols ( EIGRP, OSPF, BGP), WAN technologies (Frame relay, IPSec, VPNs, MPLS), QoS.
- Experience working on Cloud Computing Virtualization using VMWare ESXi 4.0 and Windows Hyper - V.
- Experience on Network Monitoring & Testing tools such as Wireshark/Ethereal, Cisco Works, and IXIA.
- Good understanding of VoIP implementation and protocols such as H.323, RTP, and SIP.
- Experience in troubleshooting NAT configurations, Access-Lists (ACL), and DNS/DHCP related issues within the LAN network.
- In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
- Good understanding of cable management such as CAT3/4/5, Fiber-Optic (Multi & Single mode fibers).
- Knowledge of Subnetting IPv4/IPv6 addresses and IP address management.
- Experience in configuring HSRP and redistribution between routing protocols troubleshooting them.
- Familiar with security products such as Cisco ISE
- Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy.
- In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
- Cisco Confidential /Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
- Hands-on experience with TCP/IP, LANs, WANs, and WLANs (WiFi) Cisco VPN Concentrators, Confidential Fire pass SSL VPN, 6509 Core Datacenter designs.
- Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
- Worked on Palo Alto Firewall
- Worked on Cisco Confidential 5500 series firewalls.
- Worked on Cisco Nexus 5010 Switch.
- Experience in Confidential, Cisco ACE 4710 Load balancers.
- Exposure to Cisco WAAS, WCS.
- Expert Level Knowledge about TCP/IP and OSI models.
- Familiar with security products such as Cisco ISE
- Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
- Excellent communication skills to interact with team members and support personnel and also can act as a mentor to less experienced personnel
- Working knowledge of security products such as Cisco ISE
- Advanced proficiency with Cisco Wireless ( APs, Controllers, ISE, Prime)
Operating Systems: Windows (Server 2003/2008, Vista, Windows 7), Linux OS
Routers: Cisco GSR12016, ASR1001,1004, 2900, 3900, 7200, 7600, ASR9000 ASR9001, ASR 9006, Nexus 7010, 3900, 7206VXR.
Switches: Cisco 3750, 4507, 4510 & 6500 series switches, Nexus 7010, 5548, Nexus 9372px-E, Nexus 5010, Nexus 5548, Nexus 5020, Nexus 5596.
Routing: MPLS, OSPF, EIGRP, BGP, RIP-2, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing
Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.
Network security: Cisco ( Confidential, PIX) 5510, Palo Alto, Confidential, ACL, IPSEC VPN, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS
Load Balancer: Confidential Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer
LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.
WAN: Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing. Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP Management
Confidential Architecture: TACACS+, RADIUS, Cisco ACS
Network Management: SNMP, Solar Winds, HP open view, and Wire shark, Netscout NGenius-one, HP OVO and Node Manager,Cacti,Cascade, Datadog and Newrelic(for application monitoring short term), Splunk (Log monitoring).
Confidential, Glenside, Philadelphia
Sr. Network Engineer
- Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and 9000 Core with VPC and 3172 TOR.
- Most of the work included deployment, Migration, Security (managing the firewall, VPN and proxy’s) and operational.
- Provide Cloud migration support to AWS, GCP and Netbond. By Helping setup VPC through direct connects and help configure the servers to be a part to company private network.
- Implemented SNMPv3 on all of Confidential online network space.
- Configuration and troubleshooting of Cisco ASR 9910, Confidential MX-960, MX-480, MX-104 routers in the data center and branch sites
- Work on VDC based routing on Nexus.
- Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
- Configured and troubleshoot multi trust-zone SRX firewalls and VPN devices.
- Configure and maintain various Confidential load balancer modules like BIG IP 3900 GTM, BIG IP PB200,Viprion 4300, BIG IP 8900, BIG-IP 4200.
- Configure site to site VPN to Vendors and business partners like Azure and Financial partners for secure connectivity.
- Configured Cisco Confidential 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs)
- Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco Confidential Firewalls
- Monitor and respond to network intrusions and vulnerability alerts raised by automated detection systems, internal and external reports and manual investigation, using tools such as: Solar Winds Network Monitoring, Source Fire IDS, Palo Alto Firewall Administration.
- Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration Troubleshoot packet flow and memory leak issues on SRX 5800 and 1400 alongside vendor and customer.
- Maintain firewalls and replace SPC and FPC cards and help clear micro fabric chip alarms on srx5800.
- Cleanup memory issues on firewall and upgrade Clustered SRX5800 firewalls using ISSU from 12.1.to 12.3x48D30.
- Implemented Cisco IWAN at 25 sites till now. Worked on turning a site into IWAN involving provision of two circuits, one for MPLS, other for Internet, activating these circuits, forming DMVPN over MPLS and DMVPN over Internet with our IWAN-MPLS and IWAN- INET head end routers at Datacenters.
- Configure firewall rules for business partner VPNs.
- Update Proxy rules on proxy sg900 through Confidential director and perform URL whitelists on Virtual Policy Manager (VPM) through web management console.
- Create new SNATs on Proxy for expansion subnets in the network for new business applications.
- Backup and restore proxy configuration and Perform upgrade on Confidential proxy SG to keep and update Confidential web filter database locally.
- Mitigate high CPU utilization issues on Proxys during peak moments and update health monitors.
- Perform Curl tests for proxy rules for user ad troubleshoot with user and bypass SSL if necessary.
- Configure VIPs and WAN profiles for customers.
- Train Business Units on Confidential VIP creation process and write KB articles on the VIP creation process and Cert request process. Reset routes when a OSPF bug is triggered due to addition or removal of pool members or monitors for a VIP.
- Synchronize load balancers and create dashboard monitors on Confidential for critical applications to monitor https transactions and gather data when Confidential card issue is triggered during peak utilization period.
- Perform blade replacement on Big-IP Viprion 4300 chassis and perform end user diagnostics (EUD) to find out any system and hardware failures on the chassis.
- Extract QKview and create UCS archives as backup and extract core files in an event of blade failure or reboot.
- Analyze qk-view files on i-health to see possible logs that may help determine the Confidential for a failover or reboot event on the load balancers.
- Create customized health monitors for nodes and pools.
- Create GTM WIPs for users for global load balancing as disaster recovery/redundancy.
- Troubleshoot and search for missing configuration of VIPs throughout the network from Big-IP enterprise manager.
- Deploy and troubleshoot Layer 3 Vlans, configure STP an d HSRP. Investigate fex oversubscription issues in the network.
- Upgrade Nexus switches 5k access layer switches from os version 5.2 to 7.0 as per company standards and cisco recommendation to address some software bugs.
- Troubleshoot BGP on the core layer ASR 9006 to check route advertisement. Check MPLS circuit utilization and maintain the circuit.
- Update and create documentation for future reference and create KBs for training.
- Incident and change management through Service Now (SNOW) ticketing system.
- Co-ordinate and create shift rotation schedule for the team.
- Participate in 24x7 On-call rotation.
Confidential, Sacramento, CA
- Primary responsibilities include performing move changes to network following standard ITIL ticketing process, design, implement & troubleshooting of networks.
- Created Operational, Standard & Emergency Changes for network design, raised demands, worked on tickets of various levels (P1, P2, P3) for troubleshooting user issues.
- Responsible for configuration and troubleshooting of Cisco 4331, 4431, 3945, 1941 and similar routers, Cisco 3650, 3560, 2960 and other switches. Configurations involved routing protocols like OSPF, BGP, and EIGRP, DMVPN, IWAN, QoS, Static routes, Vlans, VRFs etc.
- Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco Confidential Firewalls, NAT and Confidential MX Routers / SRX firewall.
- Creating or Modifying Firewall rules on Cisco 5555, 5520, Confidential SRX 345 and Palo Alto VM-300 devices
- Administrating PaloAlto Network Firewalls using Panorama Centralized Management System and troubleshooting firewall rules to prevent system problems.
- In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-protocol Label Switching (MPLS)
- Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches by enabling networked devices to communicate effectively
- Migration and implementation of Palo Alto Next-Generation Firewall series PA-500, PA-3060, PA-5060, PA-7050, PA-7080
- Built, deployed and maintained Cisco Wireless Access Points. Created Networks, Implemented Firewall Policies, Defined Access, Formed Tunnels and maintained all devices on Confidential Cloud in separate networks with their respective SSIDs.
- Built, deployed and maintained Cradlepoints for Internet access to various sites using Confidential 4G. Managed all the Cradlepoints on Confidential ECM portal. Built some of them as main Internet providers, some to provide Internet offload and many others to work with Cisco ASAs to provide secure 4G VPN offload.
- Built Site to Site VPN tunnels between Cisco ASAs at required sites to the main hub ASAs at our Datacenters. Configured access lists, NAT statements, DHCP scopes, allowed the subnets on our main Checkpoint Firewall, redistributed these subnets on our main Nexus switches.
- Built, configured and maintained PRTG Network monitoring probes. Deployed probes with VMWARE-ESXi OS and communications established with main PRTG servers at Datacenters. Uploaded sensors for various applications like OTM, Salesforce, EDX, Hyperion, O365 etc. to monitor traffic utilization, latencies.
- All PRTG network monitors managed and maintained on the main PRTG server. Reports pulled out regularly when a change is made to a site to monitor the network performance.
- Worked on Checkpoint Firewalls to monitor traffic drops, implemented NAT rules to allow specific subnets on specific ports. Checked logs to monitor traffic hits, worked on failover to secondary firewall, troubleshooting of various bugs and fixes.
- Monitored & managed all Cisco network devices at Univar on Solarwinds. Cradlepoints, UPSs, Riverbeds and other devices are monitored as well. Pulled out utilization reports, error reports etc. regularly for required sites, Voice systems monitored separately and percentage of traffic utilized is closely observed.
- Designed and built a number of sites to work on site to site VPN. Configured the core switch to have separate VLANs for different Wireless SSIDs, Data, Voice and Spare networks and traffic being routed to Confidential . Underlying downstream switches connected to core using fiber.
- Designed sites to have just MPLS or just Internet where DMVPN is established. Cradlepoints are designed to work alongside MPLS or Internet connections to provide offload.
- Design, Build & Troubleshoot networks for Univar locations and its acquisitions. Network Diagrams.
- Monitor nodes and troubleshoot any issues, TACACS, Cisco ACS, Cisco Prime, Cisco WCS, and Amazon Web Services.
- Work with Cisco switches and routers, HP switches, Confidential and magnablend devices, Riverbed systems, Phone systems, Cisco Confidential, Checkpoint firewalls, UPS systems, cradlepoints and PRTG network monitors, Opengear out of Band devices.
- 2960, 2950, 3560, 3650 cisco PoE & Non PoE switches. 1941, 3945, 4431, 4331 cisco routers, nexus 5k, 7k switches, riverbed 555 series, cisco Confidential 5505,5506, Siemens phone system, Avaya phone systems
- IWAN deployment, MPLS & Internet circuit activations and configurations, cabling process, orders and quotes.
- Cisco Confidential configuration and cloud management. Configuration of APs, Firewall & Traffic Shaping, ACLs, Radius Server and wireless networks.
- Configuration and deployment of Cradlepoints for internet offload
- Configuration and deployment of PRTG network monitors using VMWare EsXi and vSphere.
- DNS Management (NS, A, PTR records), DHCP management, IPAM. Licenses and IOS of devices, TFTP Servers.
- Request and implement Operational, Standard & Emergency changes, raise and resolve incidents (High, Medium & Low Priorities), Raise Demands, ITIL ticketing system.
- Participated with the deployment and operation of information security systems, including integration, testing, troubleshooting, and updating/upgrading of various security tools and appliances such as antivirus, IPS, malware detection tools.
- Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for Confidential .
- Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
- Configured Panorama web-based management for multiple firewalls. Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco Confidential to Palo Alto in Confidential .
- Configuration and maintenance of Cisco ASR routers such as ASR 1013, 1009-X, 1006, 1006-X,1004, 1002-HX, 1002-X, 1001-X routers.
- Implemented IPSec VPNs on firewalls for site-to-site VPN Connectivity.
- Responsible for the global design, engineering and level 3 support of existing network technologies services and the integration of new network technologies/services.
- Installing, configuring and troubleshooting of ACL's and firewall filters on Cisco routers.
- Has experience in working on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
- Configuring VLAN, Spanning tree (STP), SNMP on Cisco series switches.
- Performed OSPF, EIGRP routing protocols administration and provided redistribution.
- Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series, routers and Cisco 2950, 3500, 5000, 6500 Series switches.
- Configured and deployed VPC for the pair of Nexus 7010 and Nexus 5596, 5548 switches.
- Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox).
- Configured various routing protocols including OSPF (Single Area, Multi Area) BGP, MP-BGP.
- Adding and modifying the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms.
- Involved in Complete LAN/WAN Development which includes IP address planning, designing, installation, configuration, testing, maintenance, troubleshooting etc.
- Experienced in managing and using different security controls (Firewalls, IDS/HIDS, Antivirus, etc.)
- Configured Client VPN technologies including Cisco's VPN client via SSL
- Setting up VLANs and configuring Inter-VLAN, Trunking, STP, PVST, RSTP, Port aggregation & link negotiation on Ethernet channel between switches.
- Manage Cisco Routers and troubleshoot layer 2 and layer 3 technologies for customer escalations.
- Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
- Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
- Design, Implement & troubleshooting of Confidential switches, routers and Firewalls
- Involved in configuring Confidential SSG-140 and Check point firewall
- Design, Implement & troubleshooting of Confidential switches, routers and Firewalls
- Experience in configuring Vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
- Upgraded the data center network environment with Cisco 5520. Configured ACL’s on Cisco Switches as well as configured routers as terminal servers
- Experience with setting up IPSEC VPN on Confidential SRX 3600 Firewalls towards the multiple Customer sites as backup path to the datacenter.
- Implementing new/changing existing data networks for various projects as per the requirement.
- Experience in working and designing configurations for VPC, VPC Domian, Vpc peer-gateway, VPC peer-switch, auto-discovery, VPC single sided, VPC double sided, NX-OS, Vfr, Otv, fabric path.
- Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
- Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
- Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.
- Write test cases from a variety of documentation types; business requirements, system requirements & design documentation.
- Executes and update test cases.
- Logs and triages defects and test multiple mobile devices across multiple applications.
- Tests & Quality assurance of web client and service level software delivering unified messaging, address contacts and digital media experience to mobile device &webtop subscribers.
- Applies test expertise and experience to craft & execute test plans, conduct negative/exception tests, verification, performance and regression testing of RIA, HTML, AJAX, Mobile Web client, integration services, enablers & platformsf5
- Facilitated the up-gradation of 10G throughout the NLD network.
- Tracked the rearrangement of the channel as per the requirement of the customer.
- Addressed the problem related to DCN network which included Routers & Switches.
- Involved in DWDM ring upgradation & channel upgradation activity.
- Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
- Working with Confidential JUNOS on M and MX series routers
- Reviewing, analyzing, approving and executing all changes in the network. All Configurations of Cisco Routers and Switches.
- Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
- Involved in the modification and removal(wherever necessary) of BGP from the MPLS routers.
- Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
- Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
- Hands on Knowledge/experience on Confidential load balancers, its methods, implementation and troubleshooting on LTMs and GTMs
- Responsible for procurement and installation of Hardware, network drives and other IT infrastructure. Documented the design, implementation and troubleshooting procedures with Method of Procedure (MOPS).
- Documented all the work done by using Visio, Excel & MS word
- Implement Cisco IOS Firewall IDS using 2600 series router
- Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
- Configured and debugged policy based routing for special traffic, route filtering with route maps, route redistribution.
- Configured VLAN Trucking 802.1Q, STP, and Port Security on Catalyst 6500 switches.
- Performed OSPF, BGP routing protocol administration.
- Router memory & IOS upgrade with TFTP.
- Network Assessment and Documentation (including technical, operational, and economic assessment)
- Responsible for designing and implementation of customers network infrastructure
- Help negotiate hardware, software, and circuit contracts for customers
- Redesign customers office copper and fiber cable plant for scalability
- Build and maintain Visio documentations for Clients
- Was Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
- Ensured network, system and data availability and integrity through preventative maintenance and upgrade.