SUMMARY

• Over 7 years of experience in Network Engineering/Security, design, install, support, troubleshoot including a broad range of LAN/WAN/MAN, enterprise networks and service provider systems.
• Extensively worked on Cisco Routers, Switches, and Load Balancers & Firewalls.
• Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2Kseries, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500 and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches
• Experience working on ASR Cisco routers and 7600 series, also Cisco Catalyst Series 3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000, 7000 series switches.
• Experience in working with cisco nexus Switches and Virtual Port Channel configuration.
• Experienced in networking concepts such as DNS, DHCP, Email, HTTP, SSL, OSI Model and TCP/IP Protocols and application.
• Expert in configuration and deployment of dynamic routing protocols OSPF, EIGRP & BGP over Cisco Routers.
• Good knowledge of OSI Model and TCP/IP networking standards with protocols such as SNMP, FTP, ICMP and IPv6.
• Experience in troubleshooting both connectivity issues and hardware problems on Cisco-based networks.
• Experience with Load Balancer (f5) for administrating and monitoring global & local traffic.
• Hand on experience in Migration of network devices (Routers& switches) from one zone to other.
• Experience in converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS
• Expert knowledge of Juniper SRX and Cisco ASA 5500 series, Palo Alto Firewalls.
• Experience in virtual Firewalls such as checkpoint VSX, IDS, IPS as well as encryption techniques.
• Experience in Performed Manual Test execution, Defect logging, Tracking the defect fixes, Updating Test results and generating Test reports.
• Network automation using python scripting.
• Conversion of native network configurations to OpenConfig compliant configuration using Apache Freemarker/JSON/REST tools.
• Experience in conversion process of native network configurations of different vendors like Cisco, Juniper, Arista to Openconfig compliant configuration.
• Enterprise routing and troubleshooting experience using protocols such as Static, RIP, EIGRP, OSPF and BGP.
• Extensive Knowledge in configuring and troubleshooting Layer 3 interior Gateway Routing protocols such as Link-State routing protocols (OSPF and IS-IS) and Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP).
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunk, VTP, Ether channel, STP, RSTP and MST.
• Expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Expert in Configuration and troubleshooting of Virtual Local Area networks (VLANs) using Cisco routers and multi-layer Switches supporting STP, RSTP, PVSTP, MSTP and IEEE 802.1q, inter VLAN routing and VLAN trunking
• Expert Level Knowledge about IP Addressing, Sub netting, VLSM, ARP, OSI and TCP/IP models.
• Experience in troubleshooting with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system such as Remedy Ticketing System.
• Experience in designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP.
• Proficiency with Microsoft SharePoint & Microsoft Project.
• Excellent communication skills, Enthusiastic, and a team player.

TECHNICAL SKILLS

LAN Technologies: Workgroup, Domain, HSRP, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks, PVST, RSTP, 802.1x

WAN Technologies: Frame Relay, VPN (L2F, PPTP, L2TP, GRE), ISDN, PPP, ATM, MPLS, IPv6, HLDC, Channel & Leased Lines

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP, VRRP, and GLBP

Network Security: NAT/PAT, VPN, Filtering, Load Balancing, IDS/IPS, IPsec, ACL

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTP

Firewalls: PIX 500 Firewall, ASA 5505 Firewall, FWSM, CISCO CSM, ACL- Access Control List, IPS/IDS, NAT, PAT, CISCO ACS, Check point, RSA Secure ID, SRX, SSG series Firewalls.

Routers: CISCO Routers ASR, 7600, 7200, 7500, 7300, 7200, 4300, 4500, 3945, 3800, 3900, 3845, 3745

Switches: Nexus 5548, 5596, 6000, 7009, 7018; Cisco catalyst 6508, 6509, 4928, 4948, 4507, 4510, 3750, 3560, and 2960

Load Balancers: F5, CSS, CSM, ACE, GSS, Bluecoat proxy, A10

Monitoring Tools: Wireshark, SolarWinds, PRTG Packet Sniffer, Smart bits, CSM, ASDM, RSA

Management Tools: WebEx, and MS Office applications; Word, Excel, Visio, PowerPoint

PROFESSIONAL EXPERIENCE

Network Engineer

Confidential, Philadelphia, PA

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers like ASR, 7600, 7613, 7201, and 3945E.
• Worked on OSPF, BGP and EIGRP routing protocols, sub-netting, NAT, DNS, LDAP, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP, RTSP & Multicasting protocols.
• Smart Network Platform (SNP) is fully focused on automating the management of Confidential network by providing a multi-tenant and generic platform for device and network service’s lifecycle management.
• The platform will standardize configurations by encapsulating vendor specific interfaces and help to abstract network-configuration complexities across Confidential ’s backbone, datacenters, and CRANs.
• Working to increase network visibility, by centralizing data collection and providing a single programmatic entry point for network data-inventory, operational state, and topology.
• Working on platform, which will correlate events across the network to pinpoint the incident epicenter, reducing the noisiness of our monitoring tools via meaningful and actionable alerts. By identifying trends and platforms, the platform can then actively remediate evolving issues and reduce overall network outages.
• Analysis of service provider residential network configurations.
• Conversion of native network configurations to OpenConfig compliant configuration using Apache Freemarker/JSON/REST tools.
• Using Jira Service Desk to monitor the conversion process of native network configurations of different vendors like Cisco, Juniper, Arista to Openconfig compliant configuration.
• Providing connectivity to labs and Video backoffice and management, and support upgrade with Arista platform.
• Confidential network comprises of backbone, regional and national data centers, residential/commercial regional area networks and enterprise.
• Network Programming/Automation using python scripting, created automation application using python like SSH connection using TCP protocol.
• Created chatbot server using multithreading, DHCP simulator and subnet calculator using python scripting.
• Experience using Identity Authentication technologies, including Active Directory, LDAP, RADIUS TACACS, RSA, 802.1X, NAC, and token-based systems.
• Implementation of Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls
• Configure various LAN switches such as Cisco catalyst 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Maintained and created scripts in Python that assisted in pulling in the necessary data into Splunk to meet audit and reporting requirements
• Testing and Verification of Cisco core routers CRS-1 and GSR-12000
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces
• Conducted on site QOS testing and prepared reports for the engineering team on ways the networks could be improved
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.

Environment: Cisco 7600, 7200, 3800 series routers, ASR 9K, XR-12k and Cisco 2950, 3500, 5000, 6500 Series switches, WAN routing from OSPF to BGP, Active Directory, AD-DS, catalyst 6500 to Nexus 2k,7k, VLANs, PIX firewall to ASA firewall, BIG IP (F5), Frame Relay, WAP, OSPF, IGRP, RIPv2, EIGRP, Static, MPLS, site-to-site IP sec VPN tunnels, MED, AS-PATH.

Sr. Network Engineer

Confidential, Eatontown, NJ

Responsibilities:

• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Dealt with implementation of Cisco ASA 5585 devices and Juniper SRX 550 devices to apply security policies on it.
• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Experience working with Nexus 9k, 7K, 5K and 2K.
• Replaced the Legacy 3750 stack wise with Juniper EX 4200 switches in the LAN Environment.
• Experienced in configuring and maintaining Security Policies, NAT policies, IPSEC tunnels on various firewalls like Palo Alto, Cisco ASA/ Firepower, Checkpoint firewalls and SIEM solutions like LogrRhythm and McAfee.
• Involved in finalizing the design for Corporate Wireless Network Access for NAC Solution, comprising of Cisco ISE Appliances in all WAN Consolidation Points, and Data Centers.
• Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018, FCOE using Cisco nexus 5548.
• Configuring ASA Firewall and accept/reject rules for network traffic. Configured ASA 5555 to ensure high-end security on the network with ACLs and Firewall
• Worked on providing management connectivity, HA configuration, license and updates management, VSYS support, L3, aggregate ethernet and sub interfaces configuration, configuration of ECMP- OSPF on both Nexus and Palo Alto, moved several Server VLANs (SVI) interfaces from Brocade core to Palo Alto
• Removing old unused ISP ACL’s from the routers on MX 960'S and ASR 9K.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair. Configured new Meraki MX400 to the existing network.
• Worked on wild fire advanced malware detection using IPS feature of Palo Alto.
• Worked on Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Design for Guest Network and Mobile Access Network for NAC Solution, comprising of a Wireless LAN Controller solution in DMZs/Internet Gateways with Cisco ISE Appliances for NAC.
• Monitored infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc. Resolution of tickets fresh & pending.
• Worked on Cisco ISE v2.1, ACS for providing secure network access.
• Configured virtual servers, nodes and load balancing pools on the F5 LTM 6400, 6800, Viprion devices for various medical/biomed applications and their availability
• AAA authentication using ASC server to access the network by only the authenticated users.
• Experience using Identity Authentication technologies, including Active Directory, LDAP, RADIUS TACACS, RSA, 802.1X, NAC, and token-based systems.
• Implementation of Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls
• Configure various LAN switches such as Cisco catalyst 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Maintained and created scripts in Python that assisted in pulling in the necessary data into Splunk to meet audit and reporting requirements
• Testing and Verification of Cisco core routers CRS-1 and GSR-12000
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces
• Conducted on site QOS testing and prepared reports for the engineering team on ways the networks could be improved
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.

Environment: Cisco Routers 7613, 7201, 3800, 3700, 2800, Cisco Catalyst switch series 6500, 4500, 3500, and 2900, Active Directory, AD-DS, frame relay, MPLS, Meraki MX400 Cloud, NAT’ing, subnetting, also including DNS, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, VLAN, STP, RTSP, Cisco ASA 5520, ACL’s, PVSTP+, MST, LTM & GTM (F5), Nexus 5K, 2K, 7K.

Network Administrator/Engineer

Confidential, Irvine, CA

Responsibilities:

• Successfully responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Worked on OSPF, BGP and EIGRP routing protocols, sub-netting, NAT, DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP, RTSP & Multicasting protocols
• Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Cisco 3800 series routers
• Worked on Cisco ASA 5580, Juniper NS5400, SRX550
• Deploy and support network load balancers, such as F5 LTM/GTM and configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Configuration and troubleshooting of EIGRP, OSPF, BGP, CSM, integration with ASA devices
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS.
• Migrated existing on-premises applications to AWS
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Provided proactive threat defence with ASA that stops attacks before they spread through the network.
• Configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
• Configured Virtual servers, pool, pool members, worked on load balancing methods for LTM
• Configuration, troubleshooting of Palo Alto Firewalls - PA200, PA 2K, PA 3K, PA 4K and PA5K series as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Creating the VLAN's, configuring the STP & Implementing Inter VLAN routing to assist the client to communicate with other VLAN's and configuring ADSL, MPLS and GLBP.
• Created VSYS Builds from ASA to Palo Alto Panorama Database Zone, Access Zone.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Monitoring and configuring Cisco 7600 routers and replaced old 6500 and WAN routers from DR testing site at data centre.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (802.1q and ISL), Ether channel and IPSec & GRE Tunneling.
• Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP).
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Involved in Firewall Policies implementation to meet access requirements of various teams. Worked on Cisco ASA/Juniper SRX Firewalls primarily with tasks involving policy changes, policy management as per vendor/client requirements add/design policies
• Built B2B VPN connections to 3rd party vendors for access to branch facility and Data Center applications.
• Implemented Security Policies using ACL traffic filters, IPSec, SSL, VPN, DMVPN, AAA (TACACS+ & RADIUS).
• Used Fluke tool for monitoring WAN (both MPLS & ST) traffic and Wireshark for LAN traffic.
• Working Knowledge on wireless devices (5508, 7500 WLC Controllers and 2500,3600,3700 Access points.
• Worked on Solar winds Orion for analysis and monitoring purposes.
• Performing SIP protocol packets flow using Wireshark.
• Maintaining and troubleshooting SAN backup networks.

Environment: LAN-WAN, CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches, IPSec, Site-to-Site VPN, Ping, Trace route, Active Directory, AD-DS, VLSM, Point-to-Point, Frame Relay, T3, ATM, ACLs, NAT-PAT, EIGRP, OSPF and OSPF areas, BGP, TCP/IP, SSH.

Network Engineer

Confidential, Woodland Hills, CA

Responsibilities:

• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall
• Deploying Cisco routers and switched such as 7200, 3800, 3600 and 3500, 4500, 5500.
• Implemented TCP/IP, TFTP and related services like DHCP/DNS/WINS
• Check for DNS issues by pinging the server’s name. Experience with Wireshark, Test TCP& OPNET
• Escalating customer problems to management and support groups utilizing standard escalation model.
• Provided installation and initial user configuration of Nexus switches at the data center and providing IP addressing and different user session priorities on the switch.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• Correlates call issues with WAN performance for advanced troubleshooting
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices
• Configured and maintained SSL VPN, IPSEC VPN on ASA, Palo Alto and SRX series firewalls, Site-to-Site VPN between ASA Firewall and router
• Responsible for Data Center Migrations and its operations.
• Secure authentication, redundancy and troubleshooting issues on BIG-IP LTM, ASM, APM and edit policies on F5 network access control.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experienced in configuring Cisco ASA firewalls in various contexts and modes to have the network secure.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN.
• Experience in migration from Cisco infrastructure to Juniper MX routers and switches such as EX and QFX-3500, QFX-5100
• Implement changes to the firewall rule base, network routing tables and ACL to allow only authorized users to access the servers.
• Implemented Authentication Authorization and Accounting (AAA) protocol TACACS+.
• Created security policy according to user’s requirement in Cisco ASA-5580, Juniper-SRX-5800 and ISG-1000 Fire-wall using CLI & GUI.
• Experience in F5, Cisco ACE 4710 Load balancers, Aruba wireless access points and controllers.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a data center access architecture
• Installed Juniper firewalls to replace existing Firewalls which increased network uptime.
• Experience in Layer 3 Routing protocol configurations: EIGRP, OSPF, BGP.
• Worked as senior engineer with Avaya System PHI migration, merging Voicemail system, custom dial planning.
• Monitoring and analysing the load balancing of network traffic using Wire shark and Solar Winds and Net flow.
• Designed and deploy various network security & High Availability products like Cisco ASA other security products
• Coordinate and perform VPN Lan2Lan as well as Remote VPN and Firewall security policies as well as NAT Configurations.
• Implemented Security policy by Configuring PIX firewalls.

Environment: Arista 7K, Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches, BGP WAN, OSPF areas, VTPs, Trunking, NAC product, inter-VLAN routing, port fast, uplink fast, Frame Relay WAN, IGRP, RIPv2, EIGRP, Static, MPLS migrations, site-to-site IP sec VPN tunnel, BGP attributes such as Local Preference.

Network Engineer

Confidential

Responsibilities:

• Performed technical planning, system integration, verification and validation, evaluates alternatives including cost and risk, supportability and analyses for total systems.
• Part of the troubleshooting and production support team, involved in monitoring 200 servers, supported data centre migration.
• Worked as part of a team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
• Involved in configuring and implementing of Composite Network models consists of Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Worked on conversions to BGP WAN routing, which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) that involves new wan links.
• Replaced branch hardware with new 3900 routers and 2960 switches.
• Configured firewall switch module on Cisco 6506 distribution layer switches, configuring VTPs, Trunking, NAC product, inter-VLAN routing, port fast, uplink fast, backbone fast on access layer switches.
• Planned and installed Frame Relay WAN links to the branch offices.
• Maintained wireless access points at various locations in the company.
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Configured and troubleshot OSPF routing protocol on the corporate network.
• Tested and implemented various BGP attributes such as Local Preference, MED, AS-PATH, Community, Extended community using route-maps.

Environment: BGP WAN, OSPF areas, VTPs, Trunking, NAC product, inter-VLAN routing, port fast, uplink fast, Frame Relay WAN, IGRP, RIPv2, EIGRP, Static, MPLS migrations, site-to-site IP sec VPN tunnel, BGP attributes such as Local Preference, MED, AS-PATH, PIX firewall to ASA firewall

Jr. Network Engineer

Confidential

Responsibilities:

• Worked on configuring Site-to-site and remote access VPN solutions
• Worked with team to design and implement two-tier network with collapsed Distribution/Core and Access-layer for campus Network.
• Worked on implementing and maintaining security systems: Firewalls, IPS and VPN solutions (Palo-Alto, Cisco)
• Configured Catalyst 3750-x Switches for Access layers and Catalyst 6509-E for Distribution.
• Physical / hands-on support in corporate Data Centres
• Configured and installed wireless access points (WAP) at various locations in the company.
• Troubleshot LAN/WAN by using routing protocols EIGRP, OSPF, & BGP.
• Configured QOS for Traffic priority, policing and shaping and congestion management.
• Upgrade of Cisco IOS and troubleshooting of network connectivity.
• Configuration and commissioning of the MPLS circuits for various branch offices.
• Implement Access lists and policy-based routing in Cisco routers and Layers 3 switches.
• Perform IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN environment.

Environment: NAC product, inter-VLAN routing, port fast, uplink fast, Frame Relay WAN, IGRP, RIPv2, EIGRP, Static, MPLS migrations, site-to-site IP sec VPN tunnel, BGP attributes such as Local Preference, MED, AS-PATH, PIX firewall to ASA firewall