SUMMARY

• 8years of experience in networkRouting, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
• Experience working with Nexus 9k, 7K, 5K and 2K.
• Experience in site - to-site and remote access VPN solutions.
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, ATM, bridges, routers, hubs and switches.
• Worked on Juniper Netscreen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200.
• Implementation of Juniper Firewall, SSG Series, Netscreen Series ISG 1000, SRX Series.
• In-depth knowledge and experience in WAN technologies including OC3, E3/T3, E1/T1, Point to Point, MPLS and Frame Relay
• Experience in Configuring and implementing VLAN, VTP domains, LAN switching and STP/RSTP
• Experience in QOS on multicast VPN
• Experience on Wide area application services
• Experience in Cisco: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, BGP)
• Proficiency in configuration of VLAN setup on various CISCO Routers and Switches.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Experience in implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Strong hands on experience in installing, troubleshooting, configuring of Cisco ASR, 7200, 3900, 3800, 2900,2800, and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches
• Extensive hand on experience with complex routed LAN networks, CISCO Routers and Switches.
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Experience through Hand-on Experience with configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay and VOIP (Voice-Over Internet Protocol).
• Experience with Change management process and Project documentation tools like Excel and VISIO.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and RIVER BED and Wireshark.Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
• Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Excellent communication skills, enthusiastic, motivated and a team player.
• Experience in installing and configuring DNS, DHCP server
• Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Worked on Palo Alto Firewall
• Worked on Check Point Firewalls
• Worked on Cisco ASA 5500 series firewalls.
• Worked on Cisco Nexus 5010 Switch.
• Experience in F5, Cisco ACE 4710 Load balancers.

TECHNICAL SKILLS

Operating Systems: Windows (Server 2003/2008, Vista, Windows 7), Linux OS

Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000

Switches: Cisco 3750, 4507, 4510 & 6500 series switches, Nexus 7010, 5548

Routing: MPLS, OSPF, EIGRP, BGP, RIP - 2, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Network security: Cisco (ASA, PIX) 5510, Palo Alto, juniper, ACL, IPSEC VPN, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPSLoad Balancer F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.

WAN: Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing. Various Features & Services IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Management: SNMP, Solar Winds, HP open view, and Wire shark

Reports and Network Diagrams: Microsoft (Visio pro.)

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

Sr. Network Engineer

Responsibilities:

• Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 3925E and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production network.
• Maintain, upgrade and commission of branch and campus sites connectivity into data centers and create a seamless network hardware standard across all North American branches.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server
• Serve as part of a team of network engineers responsible for base wide network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches.
• Design, implement and administer IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers.
• Worked on Juniper MX 480, MX960
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Worked on Bluecoat Advance threat protection, content analysis, malware analysis, mail threat defense
• Implemented Access lists and policy mapping onJuniperrouter installed in each branch across all the states
• Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the Organization.
• Installation and deployment of new Server farms in multiple silos.
• Design, Install and consolidation of local server farms in multiple branch locations with Cisco 4500-X at distribution and 4948’s replacing the 3750’s at access level.
• Experience in installing and configuring Checkpoint NGX R60.
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Experience in configuring VPC(Virtual Port Channel), VDC(Virtual Device Context) in Nexus 7010/7018
• Experience with configuring FCOE using Cisco nexus 5548
• Configured Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Provided Layer-3 redundancy by implementing HSRP and GLBP for High availability
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Implementation of L3 MPLS-VPN and Migration of branches to the new MPLS cloud4.
• Managing and providing support to various project teams with regards to the addition of new equipment such as routers switches and firewalls to the DMZs.
• Configuring Static, BGP and OSPF Routing Protocols on Cisco Routers.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
• Configured inside ACL, outside ACL, inside, outside interfaces.
• Configured NAT and PAT policies.
• Configuration and troubleshooting of EIGRP, OSPF, BGP.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Experience in migration of VLANS.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• Configured EBGP load balancing and Ensured stability of BGP peering interfaces
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Worked on F5 BIG IP LTM 3600 load balancers to configure Nodes, Pools and VIP’s on a need basis.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Designed and implemented DMZ for Web, Mail & FTP Servers using Cisco ASA5500 Firewalls.
• Worked extensively on Cisco ASA 5500(5510/5540) and experience with deploying rules to the Cisco ASA solution.
• Building the VPN tunnel and VPN encryption.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Updated documentation as necessary.
• Preformed IOS upgrades on Cisco routers and switches
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Propose network redesign based on client hardware guidelines, network policies and individual site’s unique characteristics.

Confidential, Phoenix, AZ

Sr. Network Engineer

Responsibilities:

• Experience in configuring routing protocols like EIGRP,RIPv2, OSPF & BGP and Cisco ACS protocols like
• RADIUS and TACACS
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS And IOS on CAT6500 in a complex data centre environment
• Coordinated with senior engineers with BGP/OSPF routing policies and designs, worked on implementation
• Strategies for the expansion of the MPLSVPN networks
• Working knowledge of Firewall service module FWSM UPGRADE, FWSM RULESET conversion
• Converting access-lists to Firewall rule sets on FWSM module with 6509-E Catalyst switches
• Involved in setting up Voice VLANs on distribution switches, and configuring access switches ports for AVAYA IP PHONES
• Experience with deployment of Palo Alto firewalls for different NAT, Skype traffic
• DesigningF5 solutions/support for migration work of applications and websites from Cisco CSS LoadBalancers to the F5 BigIP Load Balancers.
• Installed and Configured the F5 BIG-IP LTM, Configure virtual servers and associate them with pools for Internal web servers
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data Environment Network security including NAT/PAT, ACL, and ASA Firewalls
• Experience with Cisco Data Center Network Manager (DCNM) for the management of Cisco Nexus series switches.
• Hands-on Experience with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms.
• Working on as security devices ASA, routers, switches.
• Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version
• Worked with Cisco Data Center Network Manager (DCNM) for the management of Cisco Nexus 5k and 9k switches for the data center.
• Configure and troubleshoot Juniper EX series switches and routers
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server
• Migrated Juniper EX series switches to Cisco 3500 series and 6500 series switches
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst switches
• Configuring PAGP and LACP protocol along with BFD link detection protocol
• Experience with hybrid CatOS to Native Cisco IOS code migration involving Catalyst 6503 to Catalyst 6504 switches
• Upgrading IOS on 2960 and using 2960 switch as a PAGP between VSS
• Working knowledge of PPP Protocol with Enhanced Flex WAN module on 6500 catalyst switch
• Involved configuring ppp multilink group, dialer group, PPP authentication protocols like PAP, CHAP
• Working knowledge of Terminal server and the configurations
• Installation of L3 Switching Engine policy Feature Card & Distributed Forwarding Card DFC3C
• Experience with design and implementation of Data center migration at NBC Universal
• Data center migration was involved in Access, Distribution and Core layers.
• Working knowledge with 10 gigabit Supervisor Engine 720 on 6500 catalyst switches
• Implementing 3750 Rack/Stack switches using Cisco Stack Wise technology
• Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 catalyst switches.
• Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS
• Working knowledge of configuring VOICE VLANS on core, Distribution layer switches
• Configured Access ports with Voice VLANS and Service Policy for VOIP Phones
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000series to provide a flexible Access Solution for a datacenter access architecture.
• Hands on experience installing Sup720 for Cisco 6509-E series and its Gigabit Ethernet port deployment in the core network

Confidential, Southlake, Texas

Network Engineer

Responsibilities:

• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480 and M Series, SRX210 and SRX240
• Installed and Configured the F5 BIG-IP LTM, Configure virtual servers and associate them with pools for internal web servers along with their health checks.
• Managed traffic through the F5 load balancer using IRules and other persistence profiles
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
• Serve as part of a team of network engineers responsible for network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches across multiple offices.
• Design, implement and administer enterprise network infrastructure utilizing Juniper routers across locations.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1)
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches
• Involved in designing GRE tunnels for encryption of data flow from source to destination
• Experience in migrationof Frame-relay based branches to MPLS based technology using multi layer stackable switch like 6500 series and 2800 series router
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Involved in configuring IP Quality of service (QoS)
• Have experience with Cisco Works LAN Management Solution
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works &Netinfo, Infoman Virtual Change) and experience with developing network design documentation and presentations using VISIO
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology

Confidential

Network Engineer

Responsibilities:

• Involved in redesign of traffic anomaly system to increase the detection method and algorithm efficiency.
• Capturing data in the kernel stack and analyze the packets in various locations on the network stack
• Hands on experience with firewalls, firewall rules & Tool NetCool
• Worked in Configuration and extension of VLAN from one network segment to other segment between different vendor switches (Cisco, Juniper)
• Distributed denial-of-service (DDoS) attacks on public servers have recently become more serious. A detection and defense mechanism against SYN flood Attacks has been proposed in previous work.
• Experienced in WAN environments, installing and troubleshooting data circuits (OC, T1, E1, T3, MUXES)
• Experience with SONET Multiplexing protocols and DWDM technologies.
• Working on as security devices ASA, routers, switches
• Worked on ASA firewalls and F5 load balancers
• Understanding current vulnerabilities attacks and counter measures, assessing the impact of traffic on customer networks, conducting research on emerging security threats.
• Mentoring and training security analysts, creating and maintaining documentation for Traffic anomaly Sys.
• Experience testing of a prototype Traffic Anomaly system that monitors TCP/IP network traffic. Each network packet is characterized by the (source host, Source port, destination host, Destination port, Flag). The system monitors the network for the occurrence of mismatch, which represent unusual traffic patterns within the network.
• Experience installing & configuring of Cisco PIX, ASA & FWSM(Firewall service module)
• Evaluate, Analyze & Implement firewall policies to meet business requirements
• Experience in creating and maintaining firewall configurations, updating documentation and log analysis.
• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Assist internal project teams by determining rules that need to be added to the firewalls and identifying the proper routing and addressing for new devices in managed DMZ*s.
• Experience in troubleshooting of complex BGP and OSPF routing problems
• Experienced in SYSLOG analysis & Proxy servers

Confidential

JR Network Engineer

Responsibilities:

• Used TFTP server to backup Cisco configuration files.
• Provided technical support for expansion of the existing network architecture to in corporate new users.
• Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company
• Configured STP for loop prevention on Cisco Catalyst Switches
• Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
• Worked in setting up inter-VLAN routing, redistribution, access-lists and dynamic routing.
• Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
• Implemented various Switch Port Security features as per the company’s policy
• Configured OSPF, and EIGRP on 2901 and 3925 Cisco routers.
• Configured VLANS to isolate different departments
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configured IPSEC VPN on SRX series firewalls
• Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches
• Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems.
• Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
• Performed replacements of failed hardware and upgraded software
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Implementing Routing and Switching using the following protocols; OSPF, BGP on Juniper M series routers.
• Involved in Local Area Network (LAN) implementation, troubleshooting, and maintenance as per company’s requirements.