SUMMARY:

• Network Engineer having 7 + Years of e experience in networking field which includes Cisco Routers and switches, firewalls, VPNs configuration and troubleshooting network problems in Enterprise Network.
• Experience with Cisco Network environment including Switching, Routing, firewall technologies and layer 2 troubleshooting.
• Experience with the escalation problems & point - of-contact for Routing, Switching and WAN connectivity issues using ticketing system Remedy.
• Experience with VLAN’s, Trunking, Spanning-Tree technologies, Ether Channels, Port Channels, HSRP and Access Lists etc.
• Deployment of Cisco Identity Service (ISE) in enterprise network
• Cisco ISE upgradation from Cisco ISE 2.2 to 2.6
• Knowledge of routing protocols such as RIP, EIGRP, OSPF, and BGP.
• Configured Palo Alto and migrated the Cisco ASA to Palo Alto firewall including configuring the Site-to-Site tunnel and IPsec tunnel.
• Troubleshooting issues on Cisco ISE such as high authentication latency, health status unavailable, CTS request errors, End Device authentication and authorization issues, Dynamic Profiling issues etc
• Configured the Cisco Catalyst switches such as 6500/4500/3750.
• Working experience on Cisco ASA (5505/5510) Firewalls.
• Integrate Active Directory with ISE for authentication via External Identity source
• Configure the ISE nodes on CIMC server via KVM console and Perform the various ISE operations via KVM console
• Experience in installing and configuring DNS, DHCP server
• Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700, 6500 series) Cisco Routers (2800, 2600, 2900).
• Working Experience on Cisco wireless technology including Wireless LAN Control (WLC).
• Troubleshooting the layer 2 issues such as STP misconfiguration, err-disabled interfaces and upgrading the IOS code of switches and firewall.
• Deployed and decommissioned Cisco switches and their respective software upgrades
• Monitoring Network infrastructure using SNMP tools, PRTG and Solar-winds.
• Troubleshooting and repair of local area network outages using Telnet, Sniffer, Ping, Trace Route and CLI.
• Maintained Cisco catalyst switches and configured VLAN's for readdressing entire enterprise network.
• Created and tested Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professionalism.
• Performed IOS Software upgrades on switches Cisco 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE
• Deployment of the Cisco ISE 2.2 in the current multi-vendor enterprise network to improve the port-security, for centralized monitoring and to manage the whole enterprise network.
• Established VPN tunnels between Cisco routers and Cisco Firewalls and Palo Alto Firewalls
• Experience in configuring VLANs, STP, VTP, PVST and 802.x authentication in access layer switches.
• Manages and configures VPN’s, NATing, Access Rules, Service polices and Object group-based ACL’s on Cisco ASA Firewalls.

TECHNICAL SKILLS:

Rsdgvbwrbve Routers: Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800, and 7200), Cisco ASR (1000 & 9000 Series), ISR

Switches: Cisco L2 & L3 Switches (2900, 3560, 4500, 5000 & 6500), Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series)

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port-channel, VLANS, VTP, STP, RSTP, 802.1Q, 802.1x

Firewalls and Load Balancer: Cisco ASA 5505, 5510, 5512-X, 5515-X, 5520, 5525-X. Palo Alto, F5 BIG-IP LTM 2000/4000/5000 series

Protocols/Services/Cloud: Routing Protocols (RIP v1 & v2, IGRP, OSPF, EIGRP, BGP), HSRP, VRRP, TCP/IP, load balancer, IPSec, MPLS, VPC, VDC, VRF, AWSSS

Network Management Tools: Wireshark, PRTG, Solar winds, Cisco ISE

Security Server Protocols: TACACS+, RADIUS

PROFESSIONAL EXPERIENCE:

Confidential Chicago, IL

Network Security Engineer

Responsibilities:

• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security
• Successfully completed the upgradation from Cisco ISE 2.2 to Cisco ISE 2.6 in the distributed deployment
• Troubleshoot the services related issues on the PSN node on Cisco ISE 2.2 and modify the profiling and policy for various endpoint during the cut-over from monitor mode to Enforcement mode
• Successfully installed various patches on Cisco ISE 2.2 and ISE 2.6 to remediate various authentication and authorization issues for 801.X issues.
• Core Network Migrations and Replacements for the devices with end-of-life and end-of-support, which also includes the Cisco ASA to Palo Alto firewall migration across multiple agencies
• Deploying Site to Site VPN’s, Cisco Any Connect VPN Clients and SSL based Citrix Clients is part of my daily activities
• Successfully completed the migration from Cisco ASA to Palo Alto firewall with HA pair
• Configure the authentication and authorization policy for various types of end devices such as work-stations, security devices, building maintenances devices etc
• Upgraded the Cisco ASA 5500 and 5500-X series firewalls with Active Standby failover and with Active-Active failover
• Configuring various ACLs on AWS based firewall to connect remote locations with Data Center.
• Accessing the current AWS deployment and configuring the carious instances to establish the connectivity between physical network with cloud.
• Perform patch installation and upgradation for Cisco Identity Service Engine (ISE) 2.X
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design.
• Experience with Cisco ISE installation from the scratch via CIMC servers and configured each node int eh distributed deployment in the enterprise network
• Configured the End point and logical profile for authentication and authorization for various end points such as bio med, security devices, IP Cameras, HVAC devices etc
• Created standard access lists to allow SNMP, NTP and logging servers
• Documented new VPN enrollments in a database and create standard procedures for further improvement
• Switching experience includes Cisco catalyst switches: Cisco 3750, 4500, 6500 series switches
• Perform patch installation on ISE nodes to resolve the bugs on PSN nodes
• Assisted in the architecture, evaluation and recommendations related to purchasing and installing hardware, software related to IP Networking.
• Setup the Lab Environment with the Cisco ISE 2.2 and ISE 2.6 testing for authentication and authorization operations
• Knowledge with scripting language such as Python
• Good understanding of basic security concepts - authentication, authorization, auditing
• Experience with Firewall Administration, Rule Analysis, Rule Modification.

Environment: Cisco ISE 2.2, Cisco ISE 2.6, Cisco 9300, 6500, 3850 switches, Cisco ASA 5500/5510/5540 firewalls, Palo Alto firewalls, F5 load balancer LTM, VPC, VDC, OSPF, AAA, RADIUS, Pulse Secure, AWS

Confidential Lake Forest, IL

Network Engineer

Responsibilities:

• IP migration on Catalyst switches such as Cisco Catalyst 6880 VSS, 6513, 4500-x, 2960 etc.
• Configured ACL’s on Cisco Switches and on Cisco ASA Firewalls.
• Configured ACL’s in Cisco 5510 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT
• Experience to configure various policy for the authentication in the low impact ISE deployment.
• Configured various policy groups on Cisco ISE for authentication and authorization
• Integrated Active Directory, DNS servers, NTP servers with Cisco ISE
• Performed troubleshooting with various platform along with Cisco platform such as Juniper, Palo Alto and Brocade.
• Plan, Design, and Assist in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Involved in Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter Vlan routing and LAN security.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers
• Working and Monitored the Cisco Wireless LAN Controller (WLC) and Aruba Lightweight Access point for wireless network.
• Worked on Racking, Stacking, configuring, Cisco Catalyst 6880 IA, 2960, 4500-X.
• Configured VSS on Cisco Catalyst 4500-x switch and configure from the scratch.
• Established VPN tunnels between Cisco routers and Cisco Firewalls and Palo Alto Firewalls.
• Maintaining the SSL s for various applications hosted on the F5s and servers on the hardware.
• Used Cisco ISE to grant authenticated users with access to specific segments of the network, or specific applications and services, or both, based on authentication results
• Worked with interfacing SIP trunks for call termination and perform all software, patch upgrades to voice network devices including IOS upgrades for Cisco 4500 L3 series POE switches.
• Configured Firewall logging, DMZs and related security policies and monitoring
• Documented workflow process, managing and implementing standard policy, method of procedures (MOP) and footprint for troubleshooting.

Environment: Cisco Catalyst 2960, 3560, Cisco Catalyst 4500-x VSS, Cisco Catalyst 6500, 6880, Cisco WLC 4404, VLAN, VTP, Firewall, NAT, ACL, VPN (Cisco AnyConnect, VPN Client), IPSec, Cisco ISE, STP, RSTP, PVST+

Confidential, Philadelphia, PA

Network Consultant

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
• Experience with design and implementation of Data center migration.
• Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review, evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Worked with Carrier to test and turn-up circuits.
• Used Cisco 5520 Wireless Controller to Support centralized, distributed, and mesh deployments
• Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Technical support for improvement, up-gradation & expansion of the network architecture as per business requirement.
• Worked on configuration and commissioning of the MPLS circuits for various branch offices.
• Responsible for Data Center Migrations and its operations including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 5k and 7k.

Environment:: Cisco 3560/4500//2960/6500 switches and Cisco 3640/ 0/3845/3600/2800 routers, Cisco Nexus 7K/5K/2K, Cisco ASA 5505/5510/5525, F5 BIGIP, LTM, OSPF, EIGRP, RIP, BGP, VLAN, VPN.

Confidential, Milwaukee, WI

Network Consultant

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201 and 3945E
• Involved in design and implementation of Data center migration
• Successfully migrated the Cisco legacy environment which consist of 6500, 4500 to Cisco Nexus 7k/5k/2k.
• Configured policy statements, routing instances, route manipulation on RIP, OSPF and BGP.
• Coordinating with Vendors for creating and modifying firewall and NAT rules and Maintaining Site to Site and SSL VPN
• Perform various scheduled maintenance tasks across numerous platforms and datacenters such as building VLANs and configuring switch ports on Cisco
• Configuring switch ports (VLAN tagging, switch port mode, Port Channel) at distribution and Access layers for new server builds and critical server movement as per requirement
• Infrastructure trouble shooting and TCP/IP Protocols Experience
• Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity
• Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, MLS, HSRP, VRRP, Spanning Tree Protocol etc.
• Good understanding on iRules

Environment:: Cisco switches and Cisco routers, Cisco Nexus 7K/5K/2K, Cisco ASA5510, Checkpoint, OSPF, EIGRP, RIP, BGP, VLAN, VPN, Checkpoint.

Confidential, Omaha, NE

Network Engineer

Responsibilities:

• Experience in configuring Site-to-site and remote access VPN solutions
• Installed and configured Cisco 7200 series router and Cisco 2950, 4500, 6500 Series switches
• Configured network using routing protocols such as RIP, OSPF and BGP and troubleshooting L2/L3 issues
• Worked on multiple projects related to Branch networks, Campus networks, extranet clients and Data Center Environments involving in data center migrations from one data center to another
• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
• Created data migration strategies to help with completion of migration of data center from one point to another.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Worked on Cisco Layer 2 switches (spanning tree, VLAN)
• Troubleshot Cisco hardware: Inspected devices, interior IOS upgrade, switch port configuration, port monitoring, watch over Flooding Control/Network port.
• Strategies include operating systems, virus protection, mail systems and Internet services.
• Updated the anti-virus, spam blockers, and other security software so that the systems are always secured.
• Resolved all computer related problems, monitored, and maintained system functionality and reliability by identifying ways to prevent system failures.
• Identifying technical problems and debugged hardware and software related to LANs/ WANs.
• Switching related tasks included implementing VLANS, VTP and configuring ISL trunk on Fast - Ethernet channel between switches.
• Develop and implement strategies to support the current and future needs of the company.
• Configured Cisco Catalyst Switches 2960, 3560 etc.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, F5 Load Balancer.