- Experienced in design, implementation, trouble shooting, development and maintaining enterprise data network systems by dealing with Cisco routers, Cisco Catalyst Switches and Load Balancers in a Day - to-Day Schedule.
- Installing & configuring firewalls like Checkpoint, Cisco ASA, Palo Alto and Juniper SRX/SSG firewalls.
- Planning, Designing & Implementing VPN connections using Checkpoint, ASA, Cisco PIX, and Cisco Routers using site-to-site VPN’s.
- Executing change requests to the firewall rule base.
- Executing changes to the authentication configuration established at the user, client, and session levels.
- Planning and executing changes and upgrades to firewall software, per licensing agreement(s).
- Planning and executing changes and upgrades to the operating systems of servers directly supporting firewall components and functionality.
- Installing, Configuring and troubleshooting of network devices CISCO Routers and CISCO Switches.
- Experience with working on Juniper Routers like, M320 and MX80, MX960, MX480 -configure OSPF and route policies.
- Extensive knowledge and experience of routing protocols RIP, OSPF, EIGRP and BGP.
- Expertise experience in implementing and troubleshooting VLANs, VTP, STP, RSTP and 802.1Q.
- Implemented redundancy with HSRP, VRRP, GLBP, and Ether Channel technology.
- Expertise experience in designing, implementing and maintaining network devices, application and services: Cisco WAN/LAN routing and switching.
- Redistribution of routing protocols, Route-maps (Policy Based Routing), ACL, NAT.
- Excellent in troubleshooting issues on NAT configuration and access lists.
- Implement Cisco Secure Access Control Server (ACS) for Tacacs+/Radius
- Have an intense knowledge of working and security aspects of OSI and TCP/IP model.
- Implementing and designing L2VPN services and encryption system and other VPN with IPSEC based services.
- Dealt with SNMP tools for monitoring the network infrastructure.
- Network Monitoring tools like Cisco Network Assistant, Solar winds, HP open view.
- Extensive experience taking copy of Cisco IOS on TFTP server and loading back on routers.
- Excellent problem solving, troubleshooting, and written documentation skills.
- Implementation of HSRP, VRRP protocol on routers.
- Efficient in preparing Technical Documentation using Microsoft VISIO/Office and also in preparing some presentations.
Cisco router platforms:: 2500, 2600, 2800, 2951, 3600, 3700, 3800, 3925E, 7200, 7609.
Routing Protocols:: RIPv2, OSPF, EIGRP, and BGP.
Cisco Switch platforms:: 2600, 2950, 2960, 3560, 3750, 4500, and 6500.
Switching Protocols:: VTP, STP, RSTP, MST, VLANs
Security Protocols:: IKE, IPsec.
Firewalls:: Checkpoint(Provider-1,R60,R70,R75, R77Gaia), IPSO, Secure Platform (SPLAT), Cisco ASA(5510,5520,5550), FWSM, Cisco PIX(525,535), Juniper SRX and SSG, Palo alto Pa-200, 2k, 3k series, Panorama
Load Balancer: F5 LTM/Big-IP, GTM, Citrix NetScaler
LAN Technologies:: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT.
Operating Systems: Windows 2000/XP/Vista, Linux, Unix, IPSO, SPLAT, IOS 8.x, 9.x, Screen OS, Jun OS, Pan OS
Network management Tools: Cisco Network Assistant, Tufin Secure Track, Firemon, PICCASSO, Tcpdump, HP NAS, HPSM
Confidential, Com Austin, TX
Network Security Engineer
- Configure firewall policies using Checkpoint R77 Gaia, R75, VSX, Provider-1, SPLAT, Crossbeam and Checkpoint Smart dashboard.
- Worked on the data center consolidation project and taken care of all the incoming firewall request which are assigned.
- Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
- Good Knowledge on Access Control Lists, Juniper SRX and Cisco Firewalls - ASA and FWSM.
- Implementing and managing Security solutions using NSM and ASDM.
- Migrated from Cisco PIX 525 to Cisco ASA 5540 series firewalls and configured syslog messages.
- Worked on the migration of Juniper SSG firewalls to SRX model.
- Installation, Configuration and Administration of Cisco ASA 5520 series firewalls.
- Involved in implementing VPN connectivity for new sites, includes client and site-to-site VPN’s.
- Designed a reliable and fully redundant network implementing routing protocols OSPF and BGP.
- Upgraded the data center network environment with Cisco ASA 5520. Configured Access Control Lists on Cisco Switches.
- Managed and configured HSRP, VLANs, VTP, port security and 802.1Q trunking on Fast Ethernet channel between switches. Designed schemes for IP Addressing and subnetting.
- Configured Site-to-Site GRE over IPSEC VPN using Cisco SDM feature for easy deployment at various locations
- Configured and implemented security policies on Firewalls FWSM.
- Implementation and configuration of F5 Big-IP LTM-6400 load balancers.
- Implemented the Cisco Secure Access Control Servers for AAA security to offer centralized command and control for all user authentications.
- Implemented redundancy paths by using HSRP protocol.
- Responsible for layer 2 security, securely managed all switches and routers and deployed a syslog server to allow proactive network monitoring.
Confidential, New Castle, DE
Network Security Engineer
- Implementing and troubleshooting firewall rules in Checkpoint R77.20 Gaia, Cisco ASA 5540, 5580 Implementing and troubleshooting firewall rules in Juniper SRX 5400, 550, 5600 Checkpoint R77.20 Gaia and VSX as per the business requirements.
- Worked on Juniper SRX Versions 300, 3400, 3600, 220 implementing new and additional rules on the existing firewalls for a server refresh project.
- Python scripting code automation with a focus on networking monitoring and application monitoring.
- Upgrade of Juniper firewalls and management servers from SRX 240 to SRX 5400.
- Established IPSec VPN tunnels between branch offices and headquarter using Juniper SRX Firewall.
- Services expert responsible for effectively communicating, educating, and positioning Infoblox service programs within the partner community and customer base.
- Responsible for all Juniper SRX firewalls consisting of SRX 3560, 1400, 550. Using CLI and/or Junos Space Security Director for management. Install, upgrade, troubleshoot, design, etc.
- Installation and maintenance of Cisco Layer 3 switches 3750, 4500X, 6500 and Cisco 3550/4500/6500 switches in multi VLAN environment.
- Responsible for Check Point, Cisco ASA and Palo-Alto firewalls configuration and administration across global networks for providing IPS/IDS.
- Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
- Implemented Cisco ISE for delivering consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections.
- Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
- Configured Citrix NetScaler ADC for load balancing and assigned virtual server IP (VIP) address to virtual servers.
- Adding Websites to blocked list on the bluecoat proxies based upon business requirements.
- Provide support and for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo-Alto firewalls.
- Configuration of Checkpoint R77.20 series firewalls and implementation for outbound traffic via blue coat proxy server.
- Configured Citrix NetScaler responder policy and to maximize the performance and availability of all applications and data, and also provide secure remote access to any application from any device.
- Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed.
- Worked with level-2 team on migration project of CMA's from one Provider-1 to other Provider-1.
- Worked on changing global objects and global rules to local objects and local rules for migration project
- Installation and Configuration of Cisco routers 2600 series, 2800 series, 3600 series, 3800 series
- Installation and Configuration of Cisco Switches 2950, 3500, 3750 and 4500.
- Experience in routing protocols like OSPF, BGP, and standby protocols like HSRP and VRRP application in the routers
- Designed VLAN’s, access lists (ACL), troubleshooting IP addressing issues and Updating IOS images and other hardware installations.
- Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
- Dealt with NAT configuration and its troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.
- Involved in Configuration of Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity.
- Provisioning and troubleshooting Ethernet services, Gigabit networks and Connectivity issues with WAN types (T1, E1, DS3, and Frame relay) data circuit debugging
- Dealt with the escalation problems from Leve1, Leve2 & level 3 for routing, switching and WAN connectivity issues using ticketing system Remedy
Network Support Engineer
- Level II Network & Security support team on 24x7.
- Configuration and support Cisco based Routers, Switches and firewalls.
- Experience in security consulting, support and/or engineering, security architecture, planning, design and implementation of Cisco security products
- Basic Firewall Access list configurations and support.
- Primarily responsible for proactive, incident and problem management.
- Configuring switch ports for various Vlans in the network.
- Responsible for designing and securing the entire network for the India operations center, including designing of VLAN, inter VLAN routing, firewall with multiple DMZ's on Cisco PIX Firewalls.
- Cisco CSS Load balancing support for various website hosted at the Data center.
- Layer 2 and Layer 3 support using Cisco routers and Switches
- Built IPSec based Site to Site VPN tunnels between various client locations.
- Frame Relay, T1, multilinking T1, Fractional DS3, WAN troubleshooting.
- Debugging abilities at L1, L2, L3, and L4 protocols in an Internet-centric environment. Troubleshooting Active Directory, DNS, and DHCP related issues.
- Assist internal project teams by determining rules that need to be added to the firewalls and identifying the proper routing and addressing for new devices in managed DMZs
- Trouble shooting Network related problems
- Monitor bandwidth utilization, analyze traffic patterns and volume