SUMMARY:

• Over 8 years experienced Network Engineer having worked extensively wif multiple Clients in Switching, Routing, Network Security (Firewalls and Proxies),
• Application Delivery Controllers, Autantication, Wireless environments.
• Experience in Campus and Data Center topologies in multi - vendor equipment. Very strong team member wif good communication and Documentation skills. Innovative to new ideas to enhance the workflow in Network Engineering.
• Experience wif legacy and high-end switching technologies in Campus and Data Center environments. Worked on Cisco, Juniper and Aruba/HP gear in campus environments. Worked on Cisco, Arista, Dell, Cumulus, Juniper gear in Data Center environment.
• Experience wif Interior and Exterior routing protocols that includes RIP, OSPF, EIGRP, IS-IS and BGP. Worked on Cisco, Juniper and Arista routers.
• Experience in Network Security that includes perimeter security for Internet, Extranet, DMZ, Internal Server farms, Web-traffic security wif Proxies, Web Application firewalls. Worked and migrated multi-vendor equipment and Next generation firewall technologies. Worked on ASA, Firepower, Checkpoint and Palo Alto firewalls. Experience on MWG, Bluecoat and Zscaler proxies.
• Experience and high-level understanding in application delivery controllers, local and global load balancing techniques, redundancy solutions, high availability options for mission critical internal, vendor and public facing applications. Experience wif F5 LTM, GTM, APM, NetScaler’s, Cisco ACE and A10.
• Worked on Campus Wireless environments wif 1000+ access points, Wireless LAN controllers, Anchor Controllers, Autantication policies, BYOD policies, Integration wif RADIUS. Experience wif Aruba and Cisco WLAN.
• Experience wif TACACS/RADIUS severs, migration from ACS and Aruba ClearPass to ISE. Experience wif windows and Infoblox DNS and DHCP servers, IPAM, internal and external grids.
• Experience wif WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPSec tunnels, ISP circuits, Customer Edge configurations. Experience wif SD-WAN solutions that include Viptella and Versa.
• Knowledge and operational experience wif SDN, Cisco ACI, VXLAN, VTEPS, VNI, Bridge Domain, Arista Cloud Vision, EVPN, MP-BGP, Spine and Leaf Architecture.
• Worked on Open software platform switches like Cumulus on Mellanox and Dell hardware in a POC. Basic Knowledge in Python and Ansible scripting for automation in configuration templates, back-ups etc.
• Experience wif Network Monitoring tools, SNMP, Log collectors, Splunk, ticketing tools and thorough understanding of workflows in corporate environments that include Financial, Healthcare, Retail clients.
• Very enthusiastic to explore and implement innovative ideas in Network Automation in configuration, documentation, troubleshooting, workflow integration, API integration wif multiple tools using Python and Ansible. worked on Juniper pulse setup in dmz and inside environment for remote ssl vpn.
• Worked on Juniper pulse config on srx firewalls gateway.
• Worked on application acceleration service on pulse and deploying pulse secure agent on clients machines.
• Worked on inside leg and DMZ leg for client traffic and outbound traffic respectively.
• Setup Routing Policies and acls for SSL vpn traffic on perimeter firewalls.
• Experience wif setting up AWS direct Amazon to S3, Amazon EC2,Amazon VPC.
• Experience working on security groups in AWS in VPC for traffic flowing between various virtual nets dev, prod and UAT instances.
• Experience wif Azure cloud connectivity using express routes.
• Configured express routes and Nsg in cloud.
• Experience wif azure AD for autantication to cloud apps using SAML.
• Experience wif Zsclar cloud proxies ZIA and ZPA.
• Worked on setting up tunnels to zscaler zens, zero trust network.
• Experience wif Palo Alto and checkpoint firewalls wif next gen firewall features that includes app id, threat id, url filtering, user id, ssl decryption.
• Experience wif f5 and avi networkd for application load balancing.
• Experience wif data center technologies that include spine leaf, ACI, Arista cloud vision.
• Strong analytical and organizational skills, wif passionate attention to detail.
• Effectively maintain Contact Center and CUCMs Clusters and its member nodes of CUCMs, Unity, Prime Collaboration and CVP/UCCX/UCCE, and other unified messaging applications integration, solutions and services.Experience in supporting Messaging & Collaboration Tools.o Voice Service technologies; Voice gateways, PBX, VMX, Call Center-IVR, Wireless o SIP circuit experience o Session Border Controller o Network routing and switching.
• Expert understanding of the following Cisco Unified Communication Products: Call Manager (up to and including 10.5), Unity Connection, WebEx T29 or higher, Jabber 9 or higher, CCA, Prime, Cisco Emergency Responder

TECHINCAL SKILLS:

Router and VoIP Platforms: Cisco Routers series ASR9k, 7300, 4000, 3800, 2000, 1900; Juniper MX, Arista 7000 series.

Routing Fundamentals and Protocols: Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, Policy-Based Routing, Redistribution, Port forwarding.

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K, 5K, 7K; Juniper EX, QFX, Aruba 2000, 3000 series.

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K) wif panorama 8.0, WAF

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, Security Device Manager (SDM), Cisco Works; TCP Dump and Sniffer SolarWinds Net Flow Traffic Analyzer, NetScout, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SAM, IP Address Manager, Additional Polling Engine.

Load Balancers and Proxies: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, Citrix NetScaler, MWG, Zscaler Proxies, Bluecoat Proxies.

WAN and SDWAN technologies: MPLS, ISP Leased Lines, SONET, Viptella, Versa.

Other Networking Protocols and Fundamentals: DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACAS+, PBX servers, SDN, IPV4, IPv6Operating Systems: Windows 10/7/XP, MAC OS, Linux, NX-OS, IOS XR, XE.

Wireless and Radius Technologies: Canopy Wireless Devices, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers, Prime Infrastructure, Ekahau, Air Magnet, AirWatch and WLC s (8510, 5508, 5706), Cisco AironetAP s (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE, Clear Pass 6.0,6.2,6.5, 802.11a,b,c,g,n,ac

Scripting: Python, Ansible and TCL (F5)

WORK EXPERIENCE:

Confidential

Sr Network Engineer

Responsibilities:

• Worked on SD-WAN implementation for remote site connectivity over MPLS. Worked on Viptella Solution in assisting architecture team in deploying vManage, vEdge, vBond and vSmart components.
• Worked on Fortigate firewalls. Worked on migration from cisco ASA to Fortigate Firewalls. Worked on deploying site to site VPN tunnels, Security policies, NAT policies, URL filtering, VDOM, Forti Manager, User ID based Security policies, SSL forward proxy, SSL decryption.
• Worked on Zscaler cloud proxies. Migration from Bluecoat Proxies to Zscaler cloud solution. Implemented GRE tunnels from Data Centers on F5 to Zcloud. Configuration of Policies, AD groups, Azure AD autantication, Whitelist, Blacklist and SSL inspection rules. Configuration and troubleshooting experience in Cloud based apps like office365, Box, WebEx, Workday, Service-now etc. Installation of Pzens for Source IP anchored traffic.
• Deployment and troubleshooting on Nexus 9k switches in Non-ACI mode. Configuration of OSPF routing, VPC, VDC, FEX on Nexus 5K and 2K in access layer. Worked on Juniper MX series router and cisco ASR. Configured BGP, Prefix lists, redistributions in to OSPF, ISP connections fail -over.
• Operations on F5 LTM, GTM, APM, ASM modules for internal and external load balancing of vendor based and proprietary applications. Worked on Netscalers for Citrix based applications like XenDesktop, Xenweb, VDI, remote access gateway.ICA proxy.
• Worked on Cisco WLAN controllers for configuration of AP profiles, Access points, RF parameters, 802.1x integration wif ISE, SSID, BYOD policies, wireless VLANs on Distribution switches.
• Worked on Infoblox DHCP, IPAM and DNS solutions. Worked on SolarWinds for SNMP monitoring and Scripting for Alert triggers, adding nodes, SNMP v3.
• Worked on Basic scripting in Python and Ansible for automating configuration templates and other process.
• Worked on traffic flows from onpremises to Aws, aws to internet via virtual palo alto firewalls for services that include PAAS and IAAS
• Worked on deploying AWS outbound proxy server wif domain services and content filtering services.
• Configure various linux and windows services to use proxy server for outbound traffic from aws vnets and logging enabled to aws cloud watch logs.
• Worked on Proxy services in aws include DNS based doamin whitelisting using SNI,URL whitelist and blacklist policies.

Confidential NJ

Role: Sr. Network Engineer - Deployment and Operations

Responsibilities:

• Worked as Senior Network Deployments and Operations Engineer. Worked in Life Cycle projects that include Data Center, Campus Switching and Routing Hardware upgrades. Installation of Cisco CAT 9K series, Nexus 9K, Nexus 5K and 2K in FEX, Arista 7k Series Routers. Worked on Cisco ACI wif VXLAN tunneling, Spine Leaf Architecture in DR Data Centers.
• Deployment of VPC, VDC, software upgrades of multivendor equipment, maintenance windows, on call rotation.
• Migration project that includes migration from ASA to Palo Alto Firewalls. Installation, configuration of Palo Alto Firewalls, Panorama, Vsys, Zones, Virtual routers, APP ID, User ID.
• Operational role wif F5 LTM, GTM, BIGIQ, APM and ASM. Troubleshooting various application traffic flows wif respect to http, https, TCP, SSL, connectivity, DNS, Autantication and security profiles.
• Assisted in projects related to Infoblox, ArcSight, Solarwinds, Viptella SD-WAN, Cisco Wireless, Cisco ISE in Design, Operations, Documentation and Troubleshooting.
• Reviewed and validated understanding of customer design requirements as well as recommended process changes.
• Wrote technical documentation on configuring UC features/functions and provisioning guides for CUCM, CUC, Exony & ICM.
• Managed day-to-day client and internal service requests and documented all services performed.
• Worked on design and implementation of Dial-plan for Inbound and Outbound calls in CUCM Clusters.

Confidential, WI

Sr Network Engineer

Responsibilities:

• Involved in DMZ redesign project wif complete Firewalls, Switching and routing gear. Migrated from ASA to Checkpoint perimeter firewalls wif DMZ, and Internet traffic segmentation on multiple distributions from WAN core. Configuration of BGP to ISP. WAN connectivity through MPLS circuits to Peer Data Centers.
• Worked extensively on OSPF and BGP routing protocols. Juniper MX Series routers in Core. Remote site Connectivity. Worked on Citrix NetScaler for application load balancing, ICA Proxy, VDI and remote access.
• Deployment of Zscaler Proxies in Cloud and Local DMZ. Worked on policies, logs, SSL inspection, ZAPP. Worked on test cases during deployment to test proxy connectivity from internal, outside (trusted device), PAC logic.
• Worked on Aruba Wireless, ClearPass. Configuration of 802.1X, Certificate based Autantication. Worked on Cisco VOIP environment wif Jabber, WebEx, Exchange, QOS policies.
• Worked on Juniper QFX series Fabric in Spine Leaf Architecture. Worked on Symmetric IRB Architecture wif VRFs for multiple tenants in the Data center.
• Configured mobility features such as mobile voice access, extension mobility, and remote destination profiles in CUCM.
• Configured route patterns, route lists, route groups for outbound call routing on CUCM.
• Configured translation patterns on CUCM so calls could be routed from gateway to endpoint.
• Upgraded Anchorage CUCM cluster from version 4 to version 7 wif zero user downtime
• Managed Cisco Unity voicemail, IPCC and Cisco Unified Communication system.
• Collaborated wif hardware provider to evaluate system design specifications.
• Facilitated project meetings to evaluate progress of scheme and compiled key points.
• Maintained and upgraded voice network records on regular basis.
• Troubleshooting of DNS, DHCP and other IP conflict problems .Used various sniffing tools like Wire-shark

Confidential, Charlotte NC

Network Engineer

Responsibilities:

• Remote site/Extranet Connectivity using IPSEC tunnels. Configuration of security rules on Cisco ASA. Worked on Switching and routing in Campus and Data Center environments. Worked on Campus refresh project. Worked on IDF/MDF refresh wif Cisco 3850, 2960 switches, 4500, 6500 and Nexus 7K.
• Exposure to WAN, MAN and MPLS circuits.
• Worked on Bluecoat Proxies. Manage polices on Bluecoat proxies, PAC file changes, traffic logs, Splunk, explicit proxy setup, group policies etc.
• Worked on ACE to F5 migration from scratch. Installation of F5 LTM in One arm and two arm architectures for internal and external application load balancing. Installation of F5 GTM in Data centers in sync group and integration wif Windows DNS.
• Worked on ISP connectivity, BGP, OSPF, STP, RSTP, HSRP, VRRP, SSL, DNS, DHCP, MPLS, IPSEC, ACL, NAT, GRE, Wireless.

Confidential Hartford CT

Network Engineer

Responsibilities:

• Installation and configuration of Cisco Routers 3600, 3900 and Switches3550, 3560, 3560E, 3750, 6500, 7200 routers for VLANs, Routing Protocols (OSPF, BGP), VPNs etc.Installed WAN and LAN access for internet and intranet access.
• Implemented Cisco ACS for wired and wireless user autantication utilizing certificates and MAB for all non company assets. Configuration of Dot1x for various switches and profiles in ACS for wired, wireless, printers, VOIP phone etc.
• Worked on Cisco AnyConnect SSL VPN. Worked on migrating from all over campuses, remote site setup wif access, distribution, ISP leased line connectivity to DC, Wireless setup wif access points.
• Worked on Data center operations supporting Server, Storage, Virtualization teams. Experience wif Vcenter, Esxi, VPLEX Metro, ISILON. Worked on multicast communication between Data Centers over OTV.
• Handled all calls received Confidential service desk related to voice network issues.
• Managed Cisco Unity voicemail, IPCC and Cisco Unified Communication system.

Confidential, NJ

Junior Network Engineer

Responsibilities:

• Monitored the performance of the network devices.Performed Troubleshooting and observed directing conventions such as OSPF, EIGRP & BGP.
• Installation and configuration of the Network of Cisco Router and Switches for EIGRP and VLANs etc.
• Worked on the Cisco switches 2950, 3560 and the Cisco routers 2500, 2600, 2800
• Initially involved in installations, technical support, troubleshooting and maintenance of network equipment.
• Good noledge in Configuring Access Control List (ACL).
• Configured VLANS on different impetus switches performed investigating on TCP/IP system issues, Administered Frame-Relay and systems.
• Configured IPv4 VPNs using IPSec VPNs.
• Worked on WAN and LAN infrastructure. Worked on Cabling in IDF/MDF and in Data centers wif Copper and Fiber.
• Managed system backup and restoration protocols.Escalating issue to higher network teams.