IT professional with experience in configuration, administration, escalation support for various technologies for medium to global enterprise environments and include proficiency in routing, switching, security, and wireless.
TECHNICAL SKILLS DETAIL:
Network Hardware: Cisco Routers (3900, 2900, 1900, 800), Cisco Catalyst Switch (6500, 5500, 4900, 4500, 3000, 3100), Cisco Nexus 5k and 7k Series, Cisco ASA 5500 Series, Cisco WLC, Juniper devices.
Routing/Switching: WAN, LAN, TCP/IP, Spanning Tree, BPDU, CDP, Frame - relay, PPP, ACL, Network Address Translation (NAT), Port Address Translation (PAT), Access Control List, RIP, OSPF, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN Trunking, Multi-Area OSPF, VLAN, VTP, HSRP, SVI, CEF, Ether channel, Port fast.
Security Technologies: AAA, IPS/IDS, TACACS+, RADIUS, SSH, VPN, Cisco ACS, Data Loss Prevention, IPSec, Data Management Zone, Pretty Good Protection (PGP), Public Key Infrastructure (PKI), Internet Key Exchange Policy, Port Security, MAC Address Filtering, IPS/IDS.
Wireless Technologies: Computer Telephony Integration (CTI), VoIP, CUCM, QoS, PoE, H.323, SIP, MGCP, RTP, SCCP, SRTP, UCCM, UCCX, IEEE 802.1x & 802.11 a/b/g/n, WLAN, WAP, AP, SSID, LWAPP, CSMA/CA, Bluetooth, HomeRF, MMDS, LMDS, Aironet, CCK, DSSS.
Monitoring Tools/Hardware: Finisar, Wire shark, Remedy, Openview, Cacti, Nagios, VMware, Solarwinds, F5, Cisco Works, LogicMonitor, Cisco Security Manager Suite, DNS Servers, DHCP Servers, NTP Server, TFTP Server, Exchange Server, Blade Servers, Web Servers, Syslog, FTP, SFTP.
Operating Systems & Apps: WIN2003/2008 Server, Sun Oracle, Dell Poweredge, DEC Alpha Server, IBM
SUMMARY OF PROFESSIONAL EXPERIENCE:
- Member of a team responsible for installation, configuration, administration, escalation support and troubleshooting of LAN/WAN infrastructure and ISP network connection.
- Testing new Network Infrastructure, building test cases and scenarios based on policies and guild lines.
- Technical responsibilities include installation, upgrade, configuration, escalation support and troubleshooting of various LAN /WAN hardware and software to ensure network availability and integrity of the network security.
- Additional technical responsibility includes performing network address assignment, routing protocols such as BGP, OSPF, and EIGRP and configuration of authentication and authorization of directory services
- Member to a team of professionals responsible for the day-to-day administration of client relation/support, documentation, auditing, configuring and troubleshoot mission critical, and followingpolicies and procedures.
- Technical responsibilities included, but were not limited to, the installation, configuration, administration, and troubleshooting of various enterprises LAN/WAN technologies, hardware/software, 2nd/3rd level and support.
- Escalation support activities included 2nd/3rd level support for various LAN/WAN issues for edge routers, VoIP, and customer premise equipment to investigate, troubleshoot, reconfigure, resolving issue in a timely manner as needed& technical support
- Member to a team of professionals responsible for the day-to-day administration and maintenance of the LAN/WAN infrastructure to include onsite administration and support, scheduled installation, configuration and troubleshoot activities utilizing various monitoring tools and Cisco network devices.
- Technologies handled by the team include but not limited to local area network (LAN) technologies, wide area network (WAN) technologies, server and enterprise applications and desktop technologies.
- Professional responsibilities including project coordination, administration, following corporate policies and procedures, documentation, and scheduling as needed reports to management.
- Configure secure privileged administrative access to the Cisco IOS system. Enable the encryption of system passwords to prevent unauthorized users access to passwords in the system configuration.
- Configure secure access to the console and vty ports, and set the interval that the EXEC command interpreter waits until user input is detected on the Console and vty ports. Also, configure the console and vty ports log messaging to not interfere with active device configuration.
- Configured and administrated VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switchports following Layer 2 security best practices.
- Configured VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switchports following Layer 2 security best practices.
- Administrated Local VLANs based on department function, and configure ports with static VLAN assignment, static 802.1Q trunks, and dynamic ISL trunking using PAgP for layer 2 forwarding. Utilize VLAN Spanning-Tree in conjunction with PVST+ for compatibility between Cisco and Juniper switches. Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays. Modify spanning-tree parameters for manual root bridge assignment. Implement ether-channels between each switch using PAgP for negotiation. Modify ether-channel load balancing method.
- Integrated WAN links between sites using frame-relay point-to-point and multipoint connections to establish connectivity between each of the four sites as required. Establish two frame-relay point-to-point connections between a central site and two remote sites. Configured multipoint connections between three of the sites forming a full-mesh.
- Configured EIGRP MD5 Message Authentication between sites to prevent unauthorized insertion of routes into the domain. Integrate manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain the routing table.
- Configure and administrated OSPF routing with multiple areas for networks between sites. Implement OSPF MD5 Authentication between each OSPF enabled subnet to prevent unauthorized insertion of routes into the domain.
- Integrated static NAT/PAT to provide access to services located on a server in the private network to the public network. Implement standard and extended access-lists to filter network traffic.
- Configured backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-config file for disaster recovery.
- Configured and administrated an IPSec Site-to-Site VPN between the Cisco ASA5505 at small office location and Cisco 1841 ISR with a security IOS image at the main office. Implementation of the VPN includes the following configurations: Internet Key Exchange Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmacto define how the traffic is protected, crypto-map to associate the previously configured elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint.
- Configured and administrated Zone-Based Policy Firewall on the Cisco 1841 ISR with the following components: three zones, class-maps specifying traffic that must have policy applied as it crosses a zone-pair, policy maps to apply action to the class-maps’ traffic, zone-pairs, and application of policy to zone pairs.
- Administrated a wireless network infrastructure providing access to wired LANs to increase mobility and productivity utilizing the following network elements: Cisco Wireless LAN Controller (WLC) 2106, a Cisco 3550 switch, a Cisco 1130AG series Access Point, and a Cisco 1121G series Access Point. Create wireless LANs and configure interface association, security parameters, and radios used. Utilize the Wireless LAN Controllers web GUI to configure and manage the wireless network. Configure internal DHCP scopes for WLANs.
- Prepare configuration for AP registration on same subnet as management VLAN and for AP registration on different subnet. Implement option 43 for DHCP where necessary. Configure AAA AP policies to allow Self Signed s for APs shipped without a Manufacturer Installed . Implement AP Grouping to ensure WLAN SSIDs are only broadcast by the APs desired.