- Very Passionate Sr Network Engineer having worked in projects that include Data Center refresh, Campus Redevelopment, Firewall and F5 Installations, with 8 years of experience in routing, switching, Network Security - Next-Gen Firewalls, Load Balancers, Wireless and VOIP systems design, administration and troubleshooting. Excellent communication skills with the ability to interface Confidential all levels. A proactive team player who also can work independently.
- Experience working in large-scale environments on L1/L2 troubleshooting, Network Design, IDF and MDF architecture, Datacenter Architecture, Spine Leaf Architecture and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.
- Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network security with perimeter and VPN firewalls, Load balancing and Access policies management in F5 and Wireless LAN Controllers.
- Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data Center Environment.
- Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
- Experience in VSS, VRF, VPC, and VDC technologies. Experience working on Gateway redundant protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution and Core Layer Architecture and Spine Leaf Architecture in Datacenter.
- Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k) and Juniper Routers (E, J, M, and T-series).
- Experience and high-level technical knowledge in OSPF, EIGRP, RIP and BGP routing protocols. L1/L2 troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on upgrading Edge routers, failing over ISP circuits for maintenance. Knowledge in EVPN, VXLAN, VTEPS. Experience with Cisco ACI.
- Configured F5 LTM, series 5000 series for the corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix. Experience with APM and ASM modules.
- Worked on APM module with integration with RADIUS server and RSA secure ID for applications that require 2-factor authentications.
- Proficient in using Solarwinds Network Management tools like Network Performance Monitor (NPM), NetFlow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
- Proficient using the F5 based profiles, monitors, VIP’s, pools, SNAT, SSL offload, iRules, virtual Servers, IAPPS. Migration experience from ACE to F5.
- Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
- Extensive Knowledge of the implementation of Cisco ASA 5500 series - 5505, 5510, 5512-X with Firepower module. Palo Alto firewall policies, panorama and Checkpoint firewalls NG, NGX. Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
- Experience with Bluecoat and McAfee Web Gateway Proxies. For URL filtering and SSL Decryption, traffic flows from trust to untrusty and vice versa.
- Experience with PA 200, 500, 3020 and VM series firewalls for both Internet and internal traffic filtering. Experience with Panorama M100 series and maintaining up to 23 firewalls in large networks.
- Experience working with Aruba and Cisco Wireless LAN controllers, Configuring and Provisioning AP’s, Virtual AP’s, RTLS, Wireless SSID’s, remote and campus AP’s, upgrading WLC, worked in Active/Active local Controllers and Master controller. (Aruba 6000, 7200 controller, Aruba AP65, 70, 124, 85, 125) system.
- Worked on Solarwinds NPM, NCM, IPAM, Windows DHCP and DNS. Infoblox as DHCP and DNS server.
- Experience working with Avaya and Cisco VOIP environments with assigning VOICE VLANS, troubleshooting call quality and basic level proficiency in QoS. Worked on DSCP code markings for VOIP traffic.
- Involved in troubleshooting network traffic and its diagnosis using tools like ping, trace route, Gigaton, Wireshark, TCP dump and Linux operating system servers. Implementing, maintaining and Troubleshooting & implementation of VLAN, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
- Enhanced level of knowledge with, PPP, ATM, T1 /T3 Frame-Relay, MPLS. Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
- Experience with H.323 and SIP, Voice VLANS, DSCP marking for VOIP traffic.
- Hands on experience with Juniper SRX series firewalls 500 series.
- Experience with NAT/PAT, static and dynamic NAT, access lists, security zones, policies on SRX firewalls.
- Experience with next gen firewall technology like URL Filtering, SSL Forward Proxy, APP ID, Threat ID etc. on Palo Alto and checkpoint firewalls.
- Experience with creating virtual servers and application load balancing, upgrading software versions, redirect rules on NetScaler and experience migrating from NetScaler’s to F5.
Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).
Routing Protocols: RIP, IGRP, EIGRP, OSPFv2, OSPFv3, IS-IS, BGP v4, MP-BGP
WAN Protocols: HDLC, PPP
Circuit switched WAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).
Security Technologies: Cisco FWSM/PIX/ASDM, Palo Alto, Cisco ASA, Checkpoint, Blue Coat proxy server. Port Security, DHCP Snooping, IP Source Guard (IPSG).
Cisco Routers: Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki vMX 100.
Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, STP, Wireshark, SolarWinds, SNMP
Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)
Layer 2 technology: VLAN, VXLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)
Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)
Switches: Catalyst 9400, 3850, 3650, 2960; Nexus 2k, 3k, 5k, 7k, 9k
Load Balancers: F5 LTM, GTM, iRules
Operating Systems: Microsoft XP/Vista/7, Windows Servers 2003/2008, Windows MS-Office, Microsoft project server 2013
Confidential, Dallas, TX
Sr. Network Engineer
- Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy ). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Successfully installed PA-5000 series firewalls in Data Center as perimeter Firewalls.
- Migration of ASA firewalls to PA next gen Firewalls using migration tool in PA. Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.
- Experience working on Cisco ASR 9K, Nexus 7k and 9K. Configured and designed OSPF, EIGRP and BGP Confidential Distribution and Core layers. Configured OTV layer 2 connection between Data centers on Nexus.
- Worked on Juniper devices like M, MX, T routers on advanced technologies like MPLS VPNs, TE and other service provider technologies.
- Troubleshooting of Linux and Unix servers for application delivery servers. Install Dockers, Cisco -and HP servers.
- Maintain shell scripts for RedHat Linux servers and performed patch upgrades for RedHat Linux servers.
- Experience with configuring BGP, OSPF in Juniper M and MX series routers. Worked on several BGP attributes like MED, AS-PATH, Local Preference for route optimization. Worked on Route-Reflector, Route-Redistribution among routing protocols.
- Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240
- Managed AD Domain Controller, DNS and DHCP Servers and configurations.
- Worked on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.
- Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network (QIP) using Solarwinds IPAM and Infoblox DNS and DHCP servers. Experience with DHCP scopes, IP reservations, DNS host entries, pointers, delegations, Zones, DNS Sec etc.
- Provides expert level security and networking knowledge in the planning, researching, designing, and testing of new networking technologies for perimeter firewall security, Intrusion Prevention/Protection System (IPS), DNS and DMZ security, and Internet Security in support of established Info Security program initiatives for the next 3 years.
- Implemented, analyzed and recommended appropriate system for the out of band management monitoring. utilizing Solarwinds for primary and disaster recovery site.
- Monitored and responded to network anomalies utilizing Solarwinds/Orion's software and recommended appropriate network solutions for issues.
- Hands on experience in deployment of projects for network monitoring software like SolarWinds and WhatsUp Gold.
- Maintained, and expanded current Solarwinds deployment.
- Proactive monitoring of network and store environments using SolarWinds.
- Provided operational support for network topologies and connections TCP/IP, ATM, VOIP(Voice-over-IP) and UCCE.
- Supported the telephony specialist in the phased migration from PBX based systems to VOIP(Voice-over-IP).
- Configured separate VLAN for VOIP to implement QoS and security for VOIP(Voice-over-IP).
- Analyze and provide courses of action on current as well as emerging security threats like ransomware attacks by research and recommendation of other security solutions to help mitigate network security threats while preventing their outbreak across the network.
- Worked on network design improvements involving BGP, EIGRP, OSPF, IP metric tweaking and load balancing.
- Designing, configuring, and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border Controllers, Voice Gateways, Voice circuits IP /TDM, Cisco Telepresence Infrastructure, QoS, NAT, PAT, and multicast.
- Design, implement, and develop network designs for applications used in TMO.
- Worked on Checkpoint Firewall to create new rules and allow connectivity for various Applications. Checkpoint is used as an internal firewall for application security in Kodiak network.
- Implemented Firewall rules and Nat rules by generating precise methods of procedure (MOPs) . Responsible for packet capture analysis, syslog and firewall log analysis.
- Experience with F5 load balancers LTM and GTM and reverse proxy design and setup. Migration from A10 to F5.
- Experience in F5, Cisco ACE 4710 Load balancers. Migration Experience from ACE to F5 and Net Scalers to F5. Worked on critical applications on Layer 4 and layer 7 load balancing. Experience with Virtual server, Pool, Node, Profiles - TCP, http, https, ftp, fastl4, Persistence - Source IP, SSL, Cookie, SNAT, iRules, iAPPs, SSL offloading.
- Experience with F5 GTM and in-depth knowledge of DNS, Global level load balancing, Wide IP’ s, Zones, Prober pools, Delegation from Windows DNS server to listener IP.
- High-level network troubleshooting and diagnostic experience using Packet capture tools like Wireshark .
- Configured network using routing protocols such as RIP, EIGRP, BGP and OSPF and troubleshooting L2/ L3 issues .
- Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2960, 3500, 7600, 3750, 3850 series, 6500 series) Cisco Routers (4800, ASR 9K, 800) , Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP , Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
- Worked on Riverbed steelhead appliance to troubleshoot delay, jitter issues. Captured traffic and analyzed for root cause. Wrote policies and rules in steelhead.
- Adding and modifying the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms
- Assist in creating network design standards for hardware and software. Developing and maintain Network Documentation ( Visio diagrams, Excel spreadsheets, Word documents, etc .) Configure and troubleshoot network elements in a test/dev environment.
- Worked on Orion (Solar Winds) for mapping network diagrams, updated Orion with commissioned and decommissioned network devices.
- Experience with configuration of Cisco call manager, Installing and worked on ICM management
Environment:: Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), switches (6500/3750/ /2950 ), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, Voice Gateways, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE), Shell Scripting.
Confidential, Palo Alto, CA
Sr Network Operations Engineer
- Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, and access-list addition using python script and on Linux platform based on tickets generated by customers.
- Worked on Automation tool called Autopilot an internal tool used for code upgrades and configuring of new devices Confidential different data centers.
- Migration and implementation of Palo Alto Next-Generation Firewall series PA-500, PA-3060, PA-5060, PA-7050, PA-7080 from Cisco PIX and ASA.
- Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper MX-960 routers and cisco ASR routers.
- Installed and maintained production servers for client services (web, DNS, DHCP, mail). Experienced on working with Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc.
- Coordinated with the Application Teams to develop effective Application validations involving F5 LTM and GTM components
- Managed Solarwinds to work with various network equipment to monitor, alert, and save network configurations
- Worked with the Network planning team on IP allocation scheme for the routers, switches, workstations, phones, APs and various other devices. Used Infoblox, Net MRI, Solarwinds IP monitor and various tools.
- Designed and Implemented Overlay Network Management Network to manage all our production devices with syslog, Solarwinds NPM
- Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPSEC
- Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco Routers and Switches like Cisco 3750, 3750 Gig, 6500, Nexus 7k, ASR 9k etc.
- Helping Team members to build a new cloud platform for existing legacy application using Azure technologies. Part of Designing the new architecture.
- Worked on migration project - XenApp 4.5 to XenApp 6.5 - Server 2003 (Legacy) to 2008 R2 (Gen 2) environment.
- Experience in Cisco Unified Communication Manager (CUCM), Call Manager Express (CME), Cisco Unity Connection (CUC), Unified Contact Center Express (UCCX), Unified Contact Center Enterprise (UCCE), IM and Presence, SRST and Voice Gateways.
- Managed Cisco call manager, Cisco Voice Mail Unity servers. Worked with in Cisco Routing and switching background w/QOS.
- Worked with Cisco UCCE, IPIVR, Cisco Unified Communication System. Configure and implement voice gateways (H323/MGCP/SIP), SRST for remote sites Developed MTS software plug-in for Multimedia over Coax Alliance (MoCA) configuration capability on DOCSIS cable modem and gateway products.
- Worked in team environment Developing new UCCE / UCCX applications and maintaining legacy applications
- Configuring firewall rules in Juniper SRX firewall using cli and NSM.
- Extensively worked in backend development using Python.
- Developed entire frontend and backend modules using Python on Flask Web Framework
- Implementing IPv6 addressing scheme for routing protocols, VLANS, subnetting and mostly during up gradation of cisco ISR routers 2800/2900/3800/3900 and switches.
- Managed Cisco call manager and supported cisco call center.
- Configuration and deployment of cisco ASA 5540 firewall for internet Access requests for servers, Protocol Handling, Object Grouping.
- Worked on Cisco wireless LAN technologies and Switching. Configured Virtual server, service groups, Session persistence, Health monitors and Load balancing methods in new F5 and A10 LTMs. Configured WIDE IP and WIDE IP pool on F5 GTM’s to support load balancing between data centers.
- Installation & configuration of Microsoft Proxy Server 2.0 and Infoblox DNS, DHCP and IP Address Management
- Worked on Infoblox to update the DNS host and A records to assist the part of the migration
- Security configuration on Wireless LAN using protocols PEAP, EAP-FAST.
- Assigning RADIUS and TACAS for new deployments in production environment. AAA for users to implement changes on production devices. Most of these devices are cisco propriety.
- Worked along with Microsoft operation center for monitoring traffic on the devices going to up-links and divert traffic on to different routes after traffic level reaching threshold value.
- Generating audit reports by running automated scripts on various devices to check the layer 2 issues like errors on the links, port flapping’s.
- Analyzing the Audit report and work along with Data center teams to check the optics and troubleshoot issues.
- Coordinating along with Global data center teams located Confidential different locations and work along with them for troubleshooting layer 2 issues.
- Migration from NetScaler’s to F5 without any downtime.
- Assisting off-shore teams located in India in upgrades, VLANs configurations, in troubleshooting layer 3 issues and routing protocol issues mostly BGP.
- Documentation of various changes made on devices and submit them for approvals and work along with alerts team and intimate them the changes to be made.
Environment: Routers (Nexus 1K, 5K,7K, Juniper MX-960), switches (6500/3750/ /2950 ), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, BGP, VPN, Unified Contact Center Enterprise (UCCE), MPLS, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE, UCCX), Citrix.
Confidential, Columbus, OH
- Implementing security Solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20 Gaia and Provider-1/MDM.
- Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
- Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
- Deploy, configure, and support Aruba wireless controller and AP devices globally, also a direct escalation path for all wireless issues.
- Enterprise and Public Safety Wireless LAN/WAN (802.11, Mesh).
- Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
- Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
- Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
- Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
- Exposure to wild fire feature of Palo Alto.
- Routers: Cisco (IOS and IOS-XR), Juniper MX Series routers and Nokia (Alcatel 7750, 7950).
- Administered Cisco AMP endpoint security infrastructure and monitor endpoints for threats.
- Exposure to design and implementation experience primarily on Cisco WSA proxy.
- Configuration and Maintenance of Cisco ASA, ASA 5540, ASA 5520, ASA 5510 series firewalls.
- Configure Syslog server in the network for capturing and logs from firewalls.
- Provided tier 3 support for Check Point and Cisco ASA Firewalls to support customers, Backup and restore of checkpoint and Cisco ASA Firewall policies.
- Experience configuring and managing Cisco Web Security Appliance (WSA) in an enterprise environment
- Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
- Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
- Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
- Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third party connectivity.
- Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
- Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
- Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations.
- Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
- F5 BigIP iRules programming and troubleshooting.
- Worked on F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
- Configuring SNAT, High Availability on F5 BIG-IP appliances SSL termination and initiation, Digital certificates
- Worked with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
- Configure and Monitor Cisco Sourcefire IPS for alerts.
- Provided operational support for network topologies and connections TCP/IP, ATM, VOIP(Voice-over-IP) and MPLS.
- Performs router configurations on Dedicated Internet Access (DIA) and VOIP(Voice-over-IP) products.
- Supported the telephony specialist in the phased migration from PBX based systems to VOIP(Voice-over-IP).
- Configured separate VLAN for VOIP to implement QoS and security for VOIP(Voice-over-IP). Administered network operating infrastructure (broadband, VoIP (Voice-over-IP), MPLS) and managed services (virtual servers, firewall, data storage, and cloud-based voice)
- Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
- Worked on VPN configuration, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
- Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel
- Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
- Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
- Strong understanding of Cisco networking technologies: ASA, IPS, WSA, ACS, VPN.
Environment: Cisco ASA 5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, IEEE 802.11Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco WSA, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.
Confidential, Denver, CO
- Worked on Cisco routers 7200, 3700 and Cisco switches 4900, 2900.
- Key contributions include troubleshooting of complex LAN/WAN infrastructure that include.
- Configured firewall logging, DMZs, related security policies and monitoring.
- Creating private VLANs & preventing VLAN hopping attacks and mitigating spoofing with snooping & IP source guard.
- Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco PIX Firewall.
- Enabled STP enhancements to speed up the network convergence that include Port-fast, Uplink-fast and backbone-fast.
- Other responsibilities included documentation and change control.
- Responsible for Configuring SITE-TO-SITE VPN on Cisco routers between headquarters and branch locations.
- Implemented the security architecture for highly complex transport and application architectures addressing well. known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls.
- Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall.
- Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
- Used various scanning and sniffing tools like Wire-shark.
- Hands on experience working with security issue like applying ACL’s, configuring NAT and VPN.
- Troubleshoot problems on a day to day basis & provide solutions that would fix the problems within their Network.
- Part of Network Operation Center NOC offshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
- Schedule changes and work through maintenance requests over weekends.
- Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
- Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
- Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
- Hands on experience in Cisco Routers and Switches.
- Configuration of CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches.
- Creating groups, users and policies in Active Directory.
- Troubleshoot and support Cisco Core, Distribution and Access layer routers and switches.
- Built IPsec based Site-to-Site VPN tunnels between various client locations.
- Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
- Managed the IP address space using subnets and variable length subnet masks (VLSM).
- Point-to-Point, Frame Relay, T3, ATM, WAN troubleshooting.
- LAN cabling in compliance with CAT5 standards.
- Troubleshooting Active Directory, DNS, and DHCP related issues.
- Environment: Cisco 2600/2800 routers, Cisco ASA, TCP/IP, VLSM, AD, DNS, Switching/Routing.
- Documenting and Log analyzing the Cisco PIX series firewall.
- Configured BGP for CE to PE route advertisement inside the lab environment.
Network Operations Engineer
- Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
- Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
- As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
- VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
- Responsible for Firewall upgrades as well as Troubleshooting, Security Configurations, IPsec VPN. Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
- IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
- Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.
- Configured Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.
- Install Windows Server 2003, configure IP addresses, network printers and configure Client Access for PCs.
- Work with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.
- Administer and support Cisco based Routing and switching environment.
- Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
- Deployed a Syslog server to allow proactive network monitoring.
- Implemented VLANS between different departments and connected them using trunk by keeping one VLANS under server mode and rest falling under client modes.
- Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
- Configured Firewall logging, DMZs and related security policies and monitoring.
- Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
Environment: PIX, CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.