PROFESSIONAL SUMMARY:

• Very Passionate Sr. Network Engineer having worked in projects that include Data Center refresh, Campus Redevelopment, Firewall and F5 Installations, with 7+ years of experience in routing, switching, Network Security - Next-Gen Firewalls, Load Balancers, Wireless & VOIP systems design, administration and troubleshooting.
• Excellent communication skills with the ability to interface at all levels.
• A proactive team player who also can work independently.
• Configured F5 load balancer and Citrix NetScaler to monitor the network, load balancing and also GLBP, creating a site for web interface for the internal clients.
• Experience working in large-scale environments on L1/L2 troubleshooting, Network Design, IDF and MDF architecture, Datacenter Architecture, Spine Leaf Architecture and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.
• Experience working in complex environments which include Switching, Routing, Network security with perimeter & VPN firewalls, F5 Load balancing & Access policy management, and Wireless LAN Controllers.
• Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data Center Environment.
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
• Working on setup Cisco ASA 5555-X firewall on IPsec VPN, Palo Alto IPsec VPN and Global Protect VPN
• Experience in VSS, VRF, VPC, and VDC technologies. Experience in Gateway redundant protocols HSRP, VRRP, and GLBP. Experience with Access, Distribution & Core Layer Architecture.
• Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k), Arista and Juniper Routers (E, J, M, and T-series).
• Experience in OSPF, EIGRP, RIP and BGP routing protocols. L1/L2 troubleshooting skills in Routing in complex environments. Worked with MPLS over BGP. Worked on upgrading Edge routers, failing over ISP circuits for maintenance. Knowledge in EVPN, VXLAN, VTEPS. Experience with Cisco ACI.
• Configured F5 LTM, series 5000 series for corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Experience with upgrading software and hotfix. Experience with APM and ASM modules.
• Worked on APM module integration with RADIUS server & RSA secure ID for 2-factor authentication.
• Proficient in using Network Management tools like Solarwinds Network Performance Monitor (NPM), NetFlow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
• Proficient using the F5 based profiles, monitors, VIP’s, pools, SNAT, SSL offload, iRules, virtual Servers, IAPPS. Migration experience from ACE to F5.
• Troubleshooting fortigate CPE 80 series firewalls and Fortinet manager. Also maintain the reports and relative dashboard implementations using fortigate and the fortigate manager.
• Experience with manipulating various BGP attributes such as Local P, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Extensive Knowledge on the implementation of Cisco ASA 5500 series firewalls - 5505, 5510, 5512-X with Firepower module. Palo Alto firewall policies, panorama and Checkpoint firewalls NG, NGX. Experience with converting Checkpoint VPN rules over to the Cisco ASA solution.
• Experience with Bluecoat and McAfee Web Gateway Proxies for URL filtering and SSL Decryption, traffic flows from trust to untrusty and vice versa.
• Experience with PA 200, 500, 3020 and VM series firewalls for both Internet and internal traffic filtering. Experience with Panorama M100 series and maintaining up to 23 firewalls in large networks.
• Experience working with Aruba & Cisco Wireless LAN controllers, Configuring & Provisioning AP’s, Virtual AP’s, RTLS, Wireless SSID’s, remote & campus AP’s, upgrading WLC, worked in Active/Active Local Controllers and Master controller. (Aruba 6000, 7200 controller, Aruba AP65, 70, 124, 85, 125)
• Worked on Solarwinds NPM, NCM, IPAM, Windows DHCP and DNS. Infoblox as DHCP and DNS server.
• Experience working with Avaya & Cisco VOIP environments - assigning VOICE VLANS, troubleshooting call quality and basic level proficiency in QoS. Worked on DSCP code markings for VOIP traffic.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, trace route, Gigamon, Wireshark, TCP dump and Linux servers. Implementing, Maintaining, Troubleshooting & Implementation of VLAN, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Knowledge of Cisco Meraki Cloud managed Switches (MS250, MS350, MS410) and SD-WAN (MX 65, MX100, MX400).
• Enhanced level of knowledge with, PPP, ATM, T1 / T3 Frame-Relay, MPLS. Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
• Experience with H.323 and SIP, Voice VLANS, DSCP marking for VOIP traffic.
• Hands on experience with Juniper SRX series firewalls 500 series.
• Experience with NAT/PAT, static & dynamic NAT, access lists, security zones, policies on SRX firewalls.
• Experience with next gen firewall technology like URL Filtering, SSL Forward Proxy, APP ID, Threat ID etc. on Palo Alto and checkpoint firewalls.
• Experience with creating virtual servers and application load balancing, upgrading software versions, redirect rules on NetScaler and migrating from NetScaler’s to F5.

TECHNICAL SUMMARY:

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).

Routing Protocols: RIP, IGRP, EIGRP, OSPFv2, OSPFv3, IS-IS, BGP v4, MP-BGP

WAN Protocols: HDLC, PPP

Circuit switched WAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).

Security Technologies: Cisco FWSM/PIX/ASDM, Palo Alto, Cisco ASA, Checkpoint, Blue Coat proxy server. Port Security, DHCP Snooping, IP Source Guard (IPSG).

Cisco Routers: Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki vMX 100.

Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, STP, Wireshark, SolarWinds, SNMP

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, SONET (POS)

Layer 2 technology: VLAN, VXLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)

Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Switches: Catalyst 9400, 3850, 3650, 2960; Nexus 2k, 3k, 5k, 7k, 9k

Load Balancers: F5 LTM, GTM, iRules

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, Gigamon, Security Device Manager (SDM), Cisco Works; TCP Dump & Sniffer

Scripting: Python, Ansible and TCL(F5)

Ticketing Tools: JIRA, CA Service Now

Operating Systems: Microsoft XP/Vista/7, Windows Servers 2003/2008, Windows MS-Office, Microsoft project server 2013

PROFESSIONAL EXPERIENCE:

Confidential, Farmington, CT

Sr. Network Engineer

Responsibilities:

• Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy ). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Successfully installed PA-5000 series firewalls in Data Center as perimeter Firewalls.
• Migration of ASA firewalls to PA next gen Firewalls using migration tool in PA. Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.
• Knowledge of Cisco Meraki Cloud managed Switches (MS250, MS350, MS410) and SD-WAN (MX 65, MX100, MX400).
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Worked on issues with IPS/IDS servers, Zscaler and bluecoat proxies.
• Worked on Juniper M, MX, T routers on MPLS VPNs, TE and other advanced service provider technologies.
• Troubleshooting of Linux & Unix application delivery servers. Install Dockers, Cisco and HP servers.
• Maintained shell scripts for RedHat Linux servers and performed patch upgrades for RedHat Linux servers.
• Experience with configuring BGP, OSPF in Juniper M and MX series routers. Worked on several BGP attributes like MED, AS-PATH, Local P for route optimization. Worked on Route-Reflector, Route-Redistribution among routing protocols.
• Worked on Zscaler Cloud proxies, Implementation of Policies, PZen Configuration, GRE tunnels to Cloud, PAC file configuration, DLP policies.
• Worked on Internet Web Security Proxies which includes Cisco Iron Ports, Bluecoat Proxies, Zscaler Cloud Proxies.
• Maintained the reports and relative dashboard implementations using fortigate and the fortigate manager.
• Installed and configured firepower management center with in new core network.
• Installed and configured firepower IDS/IPS and came up with the baseline configuration for organization.
• Worked on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.
• Maintained network documentation on Visio.
• Configured and implemented cisco firepower service with ASA 5500 X advance security defence.
• Implemented Citrix Access Gateway & Advance Access Control, web interface into Msft Share point portal.
• Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network (QIP) using Solarwinds IPAM and Infoblox DNS and DHCP servers. Experience with DHCP scopes, IP reservations, DNS host entries, pointers, delegations, Zones, DNS Sec etc.
• Provides expert level security & networking knowledge in the planning, researching, designing, and testing of new technologies for perimeter firewall security, Intrusion Prevention/Protection System (IPS), DNS, DMZ, and Internet Security in support of established Info Security program initiatives for the next 3 years.
• Configured, troubleshoot, and upgraded Checkpoint Firewalls for Manage clients, which included network and/or resource access, software, or hardware problems.
• Used App-Volumes Application to provide efficient solutions for Horizon, Citrix- XenApp and Xen-Desktop, and RDSH virtual environment.
• Opened, resolved, or updated Tier II Support tickets for Manage Firewall clients.
• Provided Manage Firewall Clients' with regular status reports of their trouble tickets.
• Experience with working on Amazon Web Service (AWS) environment for cloud computing
• Analyze and provide courses of action on current as well as emerging security threats like ransomware attacks by research and recommendation of other security solutions to help mitigate network security threats while preventing their outbreak across the network.
• Worked on network design improvements using BGP, EIGRP, OSPF, IP metric tweaking and load balancing.
• Designing, configuring, and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border Controllers, Voice Gateways, Voice circuits IP /TDM, Cisco Telepresence Infrastructure, QoS, NAT, PAT, and multicast.
• Implemented Firewall rules and Nat rules by generating precise methods of procedure (MOPs) . Responsible for packet capture analysis, syslog and firewall log analysis.
• High-level network troubleshooting and diagnostic experience using Packet capture tools like Wireshark .
• Configured network using RIP, EIGRP, BGP and OSPF protocols and troubleshooting L2/ L3 issues .
• Regular upgrade & maintenance of Infrastructure, Installing, configuring Cisco Switches (2960, 3500, 7600, 3750, 3850 series, 6500 series) Cisco Routers (4800, ASR 9K, 800) , Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP , Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
• Assist in creating network design standards for hardware and software. Developing and maintain Network Documentation ( Visio diagrams, Excel spreadsheets, Word documents, etc .) Configure and troubleshoot network elements in a test/dev environment.
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Assisted in IT security audits for clients/customers. Configured and supported Cisco 7500 and 4500 routers.
• Experience with configuration of Cisco call manager, Installing and worked on ICM management

Environment: Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), switches (6500/3750/ /2950 ), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, Voice Gateways, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE), Shell Scripting, Citrix, Visio.

Confidential, Chattanooga, TN

Sr Network Operations Engineer

Responsibilities:

• Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, access-list addition using python scripts and on Linux platform based on tickets generated by customers.
• Used Python scripting for network sniffing and managed parameters for pool of servers and updated, automated and migrated different services and software by means of Ansible
• Configured Cisco Meraki MS220 Switches
• Configure Cisco Meraki AP's and troubleshot any issues, such as RF signaling and cloud connectivity.
• Design and Building Software-Defined Data Center environment, including Vmware, VCenter, NSX and Cisco ACI.
• Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud. Installed and configured Cisco Meraki (MR66, MR74, MR84) wireless Access points
• Worked on Autopilot, an Automation tool used for code upgrades & configuring new devices at data centers.
• Migration of Palo Alto PA-500, PA-3060, PA-5060, PA-7050, PA-7080 from Cisco PIX and ASA.
• Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper MX-960 routers and cisco ASR routers.
• Supported Forescout technology deployment on CDM team. Responsible for deployment, acceptance, and operations/maintenance (O&M) services for CDM platform solutions incorporating Splunk, RES, BigFix, RSA Archer, and ForeScout. Served as ForeScoutSME enabling clients to rapidly deploy HWAM capability leveraging automated tools for implementation and ongoing compliance.
• Development of Forescout solutions based on Agency infrastructure including TAPS or SPAN port deployment. Deployment planning included interrogation of ARP and CAM tables, NAT device detection, network/OS scanning fingerprinting, DHCP analysis.
• Configure, update and manage ForeScout appliances CTR, CT-1000 and CT-2000. Implement and control policies for ForeScout appliances.
• Installed and maintained production servers for client services (web, DNS, DHCP, mail). Experienced on working with Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc.
• Managed syslog, Solarwinds on various network equipment to monitor, alert, and save network configurations
• Worked with the Network planning team on IP allocation scheme for the routers, switches, workstations, phones, APs and various other devices. Used Infoblox, Net MRI, Solarwinds IP monitor and various tools.
• Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPSEC
• Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco Routers and Switches like Cisco 3750, 3750 Gig, 6500, Nexus 7k, ASR 9k etc.
• Configured and implemented cisco firepower service with ASA 5500 X advance security defence.
• Devised new VPN solution utilizing cisco firepower and cisco any connect.
• Troubleshot, documented and installed variety of equipment Arista switching fabric, Fortinet firewall.
• Working on setup Cisco ASA 5555-X firewall on IPsec VPN, Palo Alto IPsec VPN and Global Protect VPN, and AWS VPN solution.
• Configured AWS multifactor authentication in IAM.
• Configured network architecture on AWS with VPC, Subnet, gateway, NAT and routing.
• Used Statseeker for monitoring network, Stateseeker Netflow for reporting.
• Worked on migration - XenApp 4.5 to XenApp 6.5 - Server 2003 (Legacy) to 2008 R2 (Gen 2) environment.
• Managed Cisco Voice Mail Unity servers. Worked in Cisco Routing & switching background w/QOS.
• Developed entire frontend and backend modules using Python on Flask Web Framework.
• Implementing IPv6 addressing scheme for routing protocols, VLANS, subnetting and mostly during up gradation of cisco ISR routers 2800/2900/3800/3900 and switches.
• Worked on Cisco wireless LAN technologies and Switching. Configured Virtual server, service groups, Session persistence, Health monitors and Load balancing methods in new F5 and A10 LTMs. Configured WIDE IP and WIDE IP pool on F5 GTM’s to support load balancing between data centers.
• Installed & configured Microsoft Proxy Server 2.0 & Infoblox DNS, DHCP and IP Address Management
• Assigning RADIUS and TACAS for new deployments in production environment. AAA for users to implement changes on production devices. Most of these devices are cisco propriety.
• Generating audit reports through scripts on various devices to check the L2 issues - link errors, port flapping.
• Analyzing the Audit report and work along with Data center teams to check the optics and troubleshoot issues.
• Migration from NetScaler’s to F5 without any downtime.
• Configured windows cluster, NLB, H/W load balancer(F5 and netscaler), deployed, configured and troubleshoot runtime errors.
• Documentation of various changes made on devices and submit them for approvals and work along with alerts team and intimate them the changes to be made.
• Worked on ClearPass Access Management for Whitelisting of Aruba devices.
• Worked on ClearPass Captive portal for guest authentication and authorization.
• Hands on experience on Aruba Activate, Aruba Airwave, Analytics and Location Engine (ALE), ClearPass Access Management & ClearPass Captive portal servers etc.

Environment: Routers (Nexus 1K, 5K,7K, Juniper MX-960), switches (6500/3750/ /2950 ), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, BGP, VPN, Unified Contact Center Enterprise (UCCE), MPLS, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE, UCCX), Citrix.

Confidential, Holmdel, NJ

Network/Security Engineer

Responsibilities:

• Implementing security solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20 Gaia and Provider-1/MDM.
• Worked on ClearPass Access Management for Whitelisting of Aruba devices.
• Worked on ClearPass Captive portal for guest authentication and authorization.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
• Enterprise and Public Safety Wireless LAN/WAN (802.11, Mesh).
• Assist in development of the architecture, designs, and deployment plans for edge network devices such as DOCSIS Cable Modem and Wireless devices, as well as other web and network applications and capabilities important to the delivery of a next-generation broadband service.
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Configured & maintained IPSEC and SSL VPN's, implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto.
• Administered Cisco AMP endpoint security infrastructure and monitor endpoints for threats.
• Exposure to design and implementation experience primarily on Cisco WSA proxy.
• Configuration and Maintenance of Cisco ASA, ASA 5540, ASA 5520, ASA 5510 firewalls.
• Working on setup Cisco ASA 5555-X firewall on IPsec VPN, Palo Alto IPsec VPN and Global Protect VPN
• Configure Syslog server in the network for capturing and logs from firewalls.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
• Creating object, groups, updating access-lists on Check Point, apply static, hide NAT with smart dashboard.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• Worked on F5 solutions/support for migration work from Cisco CSS to F5 BigIP Load Balancers.
• Configured SNAT, HA on F5 BIG-IP appliances SSL termination and initiation, Digital s.
• Worked with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
• Provided support for network topologies & connections TCP/IP, ATM, VOIP(Voice-over-IP) and MPLS.
• Performs router configurations on Dedicated Internet Access (DIA) and VOIP(Voice-over-IP) products.
• Supported telephony specialist in the phased migration from PBX based systems to VOIP(Voice-over-IP).
• Configured separate VLAN for VOIP to implement QoS and security for VOIP(Voice-over-IP). Administered network operating infrastructure (broadband, VoIP (Voice-over-IP), MPLS) and managed services (virtual servers, firewall, data storage, and cloud-based voice)
• Provide support to help desk for complex network issues. Build rules for apps across f5EC VPN tunnel.
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT material, and interpret regulations.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response. Configure and Monitor Cisco Sourcefire IPS for alerts.
• Strong understanding of Cisco networking technologies: ASA, IPS, WSA, ACS, VPN.

Environment: Cisco ASA 5580/5540/5520 , Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, IEEE 802.11Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco WSA, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Charlotte, NC

Network Engineer

Responsibilities:

• Worked on Cisco routers 7200, 3700 and Cisco switches 4900, 2900.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include configuring firewall logging, DMZs, related security policies, monitoring, documentation and change control.
• Create private VLANs, prevent VLAN hopping attacks, mitigate spoofing with snooping & IP source guard.
• Installed & configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN.
• Enabled STP enhancements to speed up network convergence using Port-fast, Uplink-fast and backbone-fast.
• Configured SITE-TO-SITE VPN on Cisco routers between headquarters and branch locations.
• Implemented the security architecture for highly complex transport & application architectures addressing well known vulnerabilities and using access control lists on their core & failover firewalls.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall. Documenting and Log analyzing the Cisco PIX series firewall.
• Troubleshooting of DNS, DHCP and other IP conflict problems. Used various sniffing tools like Wire-shark.
• Hands on experience working with security issue like applying ACL’s, configuring NAT and VPN.
• Troubleshoot problems on a day to day basis & provide solutions for problems within their Network.
• Part of Network Operation Center NOC offshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
• Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Configuration of CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches.
• Creating groups, users and policies in Active Directory.
• Troubleshoot and support Cisco Core, Distribution and Access layer routers and switches.
• Managed the IP address space using subnets and variable length subnet masks (VLSM).
• Point-to-Point, Frame Relay, T3, ATM, WAN, Active Directory, DNS, and DHCP troubleshooting.
• Configured BGP for CE to PE route advertisement inside the lab environment.

Environment: Cisco 2600/2800/3700/7200 routers, Cisco ASA, TCP/IP, VLSM, AD, DNS, Switching/Routing.

Confidential

Network Operations Engineer

Responsibilities:

• Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
• As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support.
• VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
• Worked in a dynamic routing enterprise network environment - OSPF & BGP for external connectivity.
• Configured Switches with proper spanning tree controls and BGP routing for business partners using community and as path prepending attributes.
• Installed Windows Server 2003, configured IP addresses, network printers and Client Access for PCs.
• Administer and support Cisco based Routing and switching environment.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.

Environment: PIX, CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.