PROFESSIONAL SUMMARY:

• Over 8+ years of experience as Network Engineer in Routing, Switching and Firewall Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/Data Center communication systems.
• Expert level hands on experience in configuration & troubleshooting of routing protocols and deployment of OSPF, EIGRP, BGP, HSRP and PBR, PFR on Cisco Routers.
• Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
• Experience with designing, deploying and troubleshooting LAN, WAN, Frame-Relay, and Ether-channel.
• Installation of ISR routers, IOS upgrades, racking and stacking.
• Experience working with High performance data center switch like nexus 7000 series
• Have Extensive knowledge of OSI and various network protocols (DNS, DHCP, TCP/IP, FTP, TFTP, UDP, ICMP, IPv4/IPv6, NFS, HTTP, SMTP etc.).
• Having knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Configuration and troubleshooting L3 switches with VLAN, STP, SPAN, ETHERCHANNEL, HSRP, VRRP and GLBP.
• Hands on experience on troubleshooting Cisco Wireless LAN controllers and Wireless Access points.
• Understanding the JUNOS platform and worked with IOS upgrade of Juniper devices
• Extensive knowledge and hands-on experience with the latest version 13.3 of JunOS-Space
• Experience securing and managing remote access using various VPN technologies like IPsec, SSL, and GRE.
• Experience with design and implementation of Data center migration.
• Designed and implement security strategies with Cisco and Palo Alto firewalls.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Implementation, Configuration and Support of Checkpoint NGX R65, R70 and R71, Cisco Firewalls ASA 5505, 5506-X, 5585, Palo Alto Networks Firewall models PA-2k, PA-3k, and PA-5k and Juniper SRX100, 110 and Juniper ISG1000, ISG2000 Series Firewall. .
• Having knowledge on Virtualization, VM ware and bluecoat proxy.
• Hands on experience with Cisco, Brocade, Bluecoat, Juniper, Checkpoint and Palo Alto devices
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Experience deploying BIG-IP F5 LTM and GTM Load Balancers for load balancing and traffic management of business application.
• Working and update all the existing and new process documents and NOC day to day activities.
• Experienced on different network monitoring and administrative tools like HP node manager, SolarWinds, Net flow, Netscout, Splunk and Wireshark.
• Troubleshoot network and application performance with tcpdump, Wireshark, Gigamon and net flow.
• Utilizing management tools cisco works, solar winds, HP, IMC, Riverbed/mazu, Visio, Sniffer and Network Analyzer.
• Experience with Cisco ACI (Application Centric Integration) technology implementation.
• Experience with IP Address Management (IPAM) systems such as Infoblox, Solarwinds.
• Working experience with SERVICENOW, REMEDY for ticket change management process
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

TECHNICAL SKILLS:

Routing Protocols: RIP v1/v2, EIGRP, OSPF, BGP, Static route.

Cisco Routers: 7600, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series.

Cisco Switches: Nexus 5548, 5596, 6000, 7009, 7018;

Cisco Catalyst: 6506, 6509-V-E, 4928, 4948, 4507, 4510, 3750, 3560, and 2960.

LAN Technologies: Ethernet, Fast and Gigabit Ethernet, LWAPs.

WAN Technologies: HDLC, PPP, ISDN Frame Relay, VPN.

F5 load balancers: (LTM & GTM) configuration, administration and troubleshooting.

Juniper: EX 2200, EX 4200, EX 4500, MX-480, M Series, SRX210,SRX240.

Switching Technologies: VLANs, InterVLAN routing and Port Channels, VTP, Cisco OTV,SPBM, Spanning

Network Security: Cisco ASA and PIX 525 Firewalls, ACL, IPsec.

Redundancy Protocols: HSRP, GLBP, VRRP.

VPN Technologies: GRE Tunneling, Remote Access VPN, Site-to- Site VPN.

Network Management: Wireshark, Cisco works, solar winds, Cisco ACS, Cisco NCS.

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Palo Alto Firewalls: PA-2K, PA-3K and PA-5K

Network Tools:: IXIA, Bugzilla, Wireshark, Ethereal.

Switches:: Catalyst 6500, MSFC, MSFC2, 7600, 3700, 3500

Routing Protocols:: IGRP, EIGRP, OSPF, BGPv4, MP-BGP,RIP

WAN Protocols:: HDLC, PPP, MLPPP

Tunneling Protocols:: L2TP, IPsec, PPPoE, GRE, MPLS, IEEE 802.1Q

Authentication Protocols:: PAP, CHAP

Cisco ASAX Firepower: Platforms 5515, 5525, 5545, 5585

WORK EXPERIENCE:

Network Engineer

Confidential, Thornton, CO

Responsibilities:

• Design, migrate, operate, maintain and administer a Global Data Communications Network
• Configure, design and implement Palo Alto firewall platform
• Create access control policies, rules and software upgrades on firewalls
• Perform network monitoring, risk analysis, protecting data and systems from attacks
• Provide network troubleshooting assistance and maintenance of network hardware and software backups using NETSAS
• Engineer and configure Virtual Server, Pools, iRules, Profiles, Persistence and monitor on F5 LTM, GTM and A10 Load balancers
• Configure DNS Server, DNS Entries, DNS and DHCP Maintenance and Support
• Design and support various WAN technologies such as MPLS, Metro-Ethernet, Wave, Internet and SDWAN; Implement QoS policies.
• Migrate from Velocloud to VERSA SD-WAN, operations support for deploying and maintaining Versa HO devices.
• Supporting Extreme Switches to DELL migration and Extreme Wifi APs to RUCKUS APs.
• Taking care of outages and interruptions following up with NOC, support and operations to minimize impact.
• Implement, administer SSL-VPN and ZSCALER Internet Access (ZIA) for Remote site and users
• Implement, configure, maintain, hands and feet support for network devices like routers, switches, specialized gateways, Network taps, and Out of Band devices in the data center and site location

Envinronment: F5 BIG-IP (GTM, LTM), A10 LOAD BALANCERS, CISCO ROUTERS, SWITCHES ( EXTREME, AVAYA and DELL), PALO ALTO FIREWALLS, REMOTE ACCESS (SSL-VPN, PULSE SECURE), SD-WAN ( VELOCLOUD AND VERSA) RADIUS, ZSCALER, NETWORK MONITERING (WIRESHARK, SOLAR WINDS, PRTG, SCRUTINIZER)

Network Security Engineer

Confidential, Chattanooga, TN

Responsibilities:

• Deploying, migrating, troubleshooting and supporting enterprise level networks and Data Centers.
• Application Delivery experience using F5 BigIP.
• Experience managing, configuring, deploying and troubleshooting F5 BigIP LTM and DNS (GTM), and iRules.
• Worked with application teams to recommend and configure optimal TCP settings, persistence, and load balancing methods.
• Configure and deploy Cisco Firewalls. Creating Access control policies and rules on Firewalls.
• Strong understanding of Layers 4-7 of the OSI model.
• Understands Layer 2-3 networking principles required to enable load balancing including routing, interface, VLANs, and media types.
• Network Analysis - Ability to use network traces to analyze and diagnose application and network problems and behavior. Includes expertise in TCP, HTTP, DNS, DHCP.
• Experience with Wireshark, tcpdump preferred.
• Understanding of SSL/TLS protocol, use of s, fields and authority paths.
• Experience using scripting languages, Python.
• Experience using Splunk to troubleshoot and diagnose issues.
• Experience managing corporate DNS infrastructure utilizing IPcontrol, DNS console or similar.
• Strong understanding of DNS fundamentals terminology, resolution path, record types, zone transfers, zone delegations. Understanding of DNS protocol and can troubleshoot DNS-related issues.
• DHCP understanding the service and the use and configuration of DHCP options.
• Providing network troubleshooting assistance regarding VPCs, routing, STP, fabric connectivity, and layer 4 - 7 content services
• Worked on Microsoft Azure, involved in configuring virtual machines, storage accounts, resource groups.
• Configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing.
• Worked on User Defined Routes with custom route tables for specific cases to force tunnelling to the Internet via On-premise network and control use of virtual appliances in the customer's Azure environment.
• Setup Azure Virtual Appliances (VMs) to meet security requirements as software based appliance functions (firewall, WAN optimization and intrusion detections).
• Migrating and Implementing Palo Alto firewall platform.
• Designing and Modeling L2/L3 LAN/WAN QoS Policies
• Implementing of 802.1X - Cisco Identify Services Engine
• Implementing, configuring, & maintaining - routers, switches, etc.

Environment: F5 BIG-IP (GTM, LTM. APM), CISCO ROUTERS, SWITCHES AND FIREWALLS, REMOTE ACCESS (SSL-VPN, BIG-IP EDGE CLIENT, CISCO ANY CONNECT), NAC (FORESCOUT), RADIUS (CISCO ACS AND ISE), NETWORK MONITERING (WIRESHARK, SOLAR WINDS).

Network Solutions Engineer

Confidential, Chattanooga, TN.

Responsibilities:

• Experience in communicating with different vendors, IT teams in gathering the details for the project.
• Conducted site surveys and installation of wireless Area network.
• Worked with External DNS providers (UltraDNS and NS1) to provide a solution for load balancing the VPN traffic.
• Worked on F5 GTM for GSLB.
• Familiarity with Cisco wireless, F5 LTM, VMware NSX, DNS, DHCP
• Working on Configuring and Managing F5 GTM for Data Centers, DNS Management and Integrated with DNS Vendors for DNS Security Management.
• Designed enterprise Wireless networks with Ekahau, Wireless planning and Management Tools like Aruba Airwave and Cisco Prime Infrastructure.
• Working on Wi-fi expansion and upgrade project.
• Predictive surveys using Ekahau for WI-FI expansion at different locations. knowledge on the overall IWAN design.
• Identify and categorize equipment issues, responding to calls-for-service to maintain NOC effectiveness.
• Worked on IWAN to provide DIA (Direct internet access) to remote locations.
• Designed a Decentralized solution for the guest traffic at each branch location to provide better user experience.
• Worked with CenturyLink ANS to provide cloud security to the guest traffic.

Environment: cisco 1001-x routers, Cisco WLC (5508, 5520), Firewalls (cisco 5555, 5545), Switches ( 5505, 3850, Nexus 5k and 7k), Cisco Aps( 3503, 3802, 1132, 3602), Ekahau site survey, Cisco Prime infrastructure, CSM.

Confidential, Scottsdale, AZ

Sr. Network engineer

Responsibilities:

• Designed, installed, and maintained various WAN technologies and applications connecting remote sites to corporate headquarters.
• Configured, implemented, and troubleshoot routers and switches with various account settings, permissions, and parameters including security firewalls.
• Installed various network hardware including concentrators, bridges, and hubs to establish communication connections with remote locations.
• Configured multiple domain name services (DNS), email services (Exchange Server), web, and file transfer protocol services (FTP) for various platforms including line leasing through DHCP servers.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital s, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Design, procure parts and implement networks for LAN & WAN (IPSec, MPLS, Frame Relay, ISDN, and T1/ E1/T3/E3 Lease Line)
• Worked extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches.
• Implemented Cisco Overlay Transport Virtualization (OTV) on Nexus 7k in the Data centers.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment
• Configured IPSec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
• Optimized performance of the LAN network consisting of Cisco 3850/4500/6800 switches by configuring VLANs
• Integration of services appliances to Cisco ACI fabric that includes storage, Load balancers, application delivery controllers and firewalls.
• Cisco ACI deployments (Multi pod and stretched fabric).
• Development of a migration strategy to ACI from the exiting fabric path design.

Environment: Cisco 6506/4948/4510 switches, Cisco 3660/3845/7609 Routers, Cisco ASA, Cisco ACI, Palo Alto, F5 Load Balancers, OSPF, BGP, MPLS, HSRP, Juniper MX 960, Nexus 2K, 5K, 7K.

Sr. Network Engineer

Confidential, St. Louis, MO

Responsibilities:

• Responsible for installation, troubleshooting of firewalls (Cisco firewalls, Checkpoint R 70.50-75.50 firewalls) and related software, and LAN/WAN protocols.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Provided proactive threat defense with Checkpoint firewall that stops attacks before they spread through the network.
• Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
• Reengineered the LAN to provide more reliable services and to reduce the latency, analyzed the NT domain in the Austin office to determine all the problems
• Configured and maintained the networks consisting of Cisco 2800 and 3800 routers, and catalyst 2950, 3560, and 3750 switches.
• Configure and troubleshooting HA Cluster on Checkpoint and Palo Alto Firewalls.
• Analyze logs and make necessary network report using panorama, Palo Alto firewall and smart reporter console application.
• Provide second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Responsible for developing and deploying Solar Winds which includes WAN/LAN and server monitoring, reporting, and alerting and Configure Orion alerts.
• Implemented inter-VLAN routing (on Juniper EX 3300 and EX 3400 switches) among the VLANs to allow communication on larger internetworks.
• Implemented extended ACLs on Juniper SRX and 3750 to allow communication between the required networks, and to restrict other communications.
• Configuration of security policies for security infrastructure using proper change management process.
• Maintaining corporate firewalls and Analysis of firewall logs using Security Analytics.
• Providing technical support for service request issues, customer engagement and internal projects.
• Monitoring performance of network devices using Spectrum.
• Implementing Proxy requests, maintaining Proxy incidents and troubleshooting proxy issues using McAfee web gateway.
• Responsible for installing pair of Palo Alto Firewalls for branch site in Vwire mode. Reviewed Palo Alto Configurations using Panorama 5.x.
• Used Provider 1 and Smart Domain Manager to migrate Checkpoint R71 and R75 firewalls rules for the new DMZ.

Environment: Cisco 7600/7200/3800 routers, Cisco 2950/3500/5000/6500 switches, Cisco ASA Firewall 5510/5520, Juniper SRX100,5600, 3400, OSPF, BGP, EIGRP, RIP, VLAN, LAN, WAN, VPN, F5 BIG-IP LTM 8900, Nexus 5K/7K, VOIP, Bluecoat proxy.

Network Administrator

Confidential

Responsibilities:

• Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
• Configured, managed and troubleshot networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
• Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.
• Monitored, troubleshot, tested and resolved Frame Relay, ATM, MLPPP, PPP, and Dial-up.
• Configured/Troubleshot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN.
• Installed and configured various types of Personal Computers and Printers. Installed different operating systems on Intel based PC's.
• Configured VLAN'S, VTP's, and enabling trunks between switches.
• Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
• Planed, coordinated, implemented and supported the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.
• Prepared Engineering documents and Network diagrams in Microsoft Visio.
• Delivered Departmental Efficiency through advanced engineering, technical support, and documentation procedures.

Environment: Cisco 2990/3550/6550 switches, Cisco 7200/3845/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels, and Sniffer, Data center

Jr. Network Engineer

Confidential

Responsibilities:

• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF and BGP.
• Configured RIP and EIGRP on 2600, 2900 and 3600series Cisco routers
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches and routers.
• Provided IP address management applying SUBNETING and VLSM.
• Configured VLANS, implemented inter Vlan routing.
• Implemented redundancy using STP protocol in switched Network
• Assisted Network Engineer in the installation and configuration of firewalls.
• Performed on-call support for installation and troubleshooting of the configuration issues.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment
• Developed network drawings and documentation utilizing Visio, Word, and Excel programs
• Maintained an overview of network addressing schemes and documentation
• Responsible for special functions as directed by management and other duties as assigned.

Environment: Cisco Routers 2900, 2600, 3600; Cisco Switches 1900, 2900, 3500, 3700 and 450 Series; LAN/WAN: Frame relay, NAT, DHCP, TCP/IP