PROFESSIONAL SUMMARY:

• CCNA, CCNP, Palo Alto ACE certified professional wif 8 Years of experience in design, deployment and troubleshooting of routing, switching, Firewall networks.
• Experience in layer - 3 Routing and layer-2 Switching. Dealt wif Nexus 7K, 5K, 2K series and Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Expertise in configuration of routing protocols and deployment of OSPF, EIGRP, BGP and policy routing over Cisco routers.
• Experience wif designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, HSRP, Port Security, IP Routing Protocols - (RIPV2, OSPF, EIGRP and BGP), ACL's, NAT, PAT, VLAN, STP, VTP, QoS, Traffic Policing, Shaping.
• Proficient in Configuring Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along wif trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• Involved in Datacenter migration including subnet, VPNs migration, network and security device configurations.
• Experience working wif Cisco IOS-XR on teh ASR9000 devices for MPLS deployments. Installation, configuration and maintenance of Cisco ASR 9K, 7k, 3900, 2800, 2600, 2500 and 1800 series Router.
• Experience wif design and deployment of MPLS Layer3 VPN, MPLS Traffic Engineering.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Implemented redundancy wif HSRP, VRRP, GLBP, Ether channel technology (LACP, PAGP) etc.
• Implemented Security Policies using ACL, IPSEC, SSL, VPN, IPS/IDS.
• Worked on F5 LTM 8900,CitrixNetScalerconfigured profiles, provided and ensured high availability.
• Good noledge of CISCO NEXUS datacenter infrastructure wif 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Experience working on Palo Alto Firewalls, Check Point and Cisco ASA Firewallsenvironments.
• Experienced wif Juniper: EX-2200, EX-4200, EX-4500, MX-480, and M Series, SRX210, SRX240.
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls.
• Implemented Security Policies using ACL, IPSEC, SSL, VPN, IPS/IDS.
• Configured ASA 5520 Firewall to support Cisco VPN Client on Windows 7/XP/Vista. Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Designed & Implemented DMZ solutions for data center environment, build checkpoint firewall policies for teh same
• Excellent technical and project management skills combined wif strong communication skills.

TECHNICAL SKILLS

Operating Systems: DOS, Windows 95/98, Windows NT/2000/XP/Vista/7/8/10,MAC

IP Routing: RIPv1, RIPv2, BGP, OSPF, IGRP, EIGRP, TACACS+, Radius, AAA

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, RARP, PPP, HDLC and ISDN

Layer 2 technology: VLAN, VTP, VMPS, ISL, dot1q, DTP, Spanning-tree, PVST,SPAN

Layer 3 Switching: CEF, MLS, Port Channel.

Topologies: Frame Relay, ATM, T1, T2, T3, OC3, OC12, OC48, Ethernet, Cable Modem, xDSL and Wireless

Network Peripherals: Hubs, Cisco switches (2900, 2924, 2950, 3550, 3560, 4000, 5500, 6500, 6509, 6513,), Cisco routers (1921,2600, 2800,2911, 3640, 3700, 3825, 7200, 7204, 7206), Cisco PIX500 series, Cisco ASA 5500 series, Cisco 1200 Aironet Access Points, CSU/DSUs, network cards and Modems

Network Management Tools: Solarwinds, MRTG, HP Open view, Cisco WAN manager, Cisco works 2000

Sniffers: Etheiral (Wireshark)

Software: Microsoft Office 97/2000, MS Visio

Firewall Security: Cisco ASA, Juniper SRX, Checkpoint, Palo Alto, Fortinet.

Load Balancer: Cisco CSS, F5 Networks, Security wif Checkpoint and ASA’s

WiFi Elements: Cisco Access Points/RuckusZone Director, Cisco WLC.

WORK EXPERIENCE:

Confidential, Centennial, Co

Sr. Network Engineer

Responsibilities:

• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems. Mutual redistribution of OSPF and BGP routes using route maps. Troubleshoot connectivity issues involving VLAN's, OSPF, QoS etc.
• Worked in turning up teh Enterprise network which included Corp network and console network, generating teh configs and configuring teh QFX5100 junipers and turning up BGP and OSPF from parent to child DC’s wif teh CM’s.
• Implemented various OSPF scenarios on networks consisting of 7600 routers. Configuration 7609, 7606 wif OSPF and catalyst 6505, 4500, 3550 switches wif various VLAN.
• Creating private VLANs & preventing VLAN hopping attacks and mitigating spoofing wif snooping & IP source guard.
• Working on BGP configuration and turn up, adding teh networks to teh prefix list.
• Worked on Cisco 4506 E, 6509, 3650, 3850, Nexus 7k switches, adding them to teh management and making sure they are in compliance wif all teh rules.
• Complex troubleshooting to include network protocol and log analysis, raw data captures, and teh correlation of disparate events spanning multiple devices and platforms.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Worked on Migration of Cisco routers to new Amazon hardware in teh core team.
• Virtually Distributed Switch (VDS), NSX Edge Services Gateway and NSX distributed router.
• Performed basic security and ACL administration on Juniper SRX firewalls. That includes day to day rule deployment, troubleshooting using data flow analysis and packet capture.
• Experience working wif Juniper Routers (MX960, MX480, M320) and Switches (EX2400, QFX Virtual Chassis Switches) wif BGP, OSPF, VSTP, MST layer 2 and layer 3 Technologies
• Running teh CM’s and worked on improving teh process of Change Management.
• Part of teh Network Engineering and Implementation team, deploying teh network devices.
• Used Infoblox to create and manage newly created DHCP scopes.
• Responsible for teh deployment, implementation, and stability ofMerakiinfrastructure.
• Performed on staging of devices onMerakidashboard before deployment.
• MaintainedDNSsecurity viaDNSACLs and otherDNSsecurity measures. Implemented IP security measures and cured areas ofDNSvulnerability.
• Software Defined Networking (SDN) - VMware NSX, Cisco ACI
• Ensured data synchronization in teh QIP enterprise servers and teh remoteDHCPservers to ensure data compatibility between teh enterprise server and teh remoteDNS/DHCPservers.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Implemented Zone Based Firewalling and Security Rules on teh Palo Alto Firewalls. Integrated Panorama wif Palo Alto firewalls, for managing multiple Palo Alto firewallswif single tool.
• Testing Services SDN for Service Chaining, Virtual Home Gateway, Virtual Enterprise Gateways and L3VPN SDN Support
• Experience wif deploying and managing VMWARE including NSX.
• Designed of VMware installation and configuration to allow integration wif NSX.
• Performance monitoring and optimization ofDNS/DHCPservers wif respect to load sharing and traffic balancing.
• Integrating Panorama wif Palo Alto Firewalls, managing multiple Palo Alto Firewallusing Panorama. Provides updates and upgrades to teh Palo Alto Firewall and Panorama devices. Involved in upgrade of Panorama to version 7.1.5.
• Primary contact for maintenance and changes for teh Denver backupdata center
• Integration of IP v4 and IPv6 in theDHCPandDNSenvironments.
• Worked on FortiGate 5000-series security appliance to maintain SSL Inspection, Application control, Firewall and VPN management.
• Virtually Distributed Switch (VDS), NSX Edge Services Gateway and NSX distributed router.
• Extensive use of NSM (Network and Security Manager), Fort iOS 5 and CSM (Cisco Security Manager) for adding or modifying firewall policies for teh firewalls in use.
• Configuring and troubleshooting as well as creating Virtual Servers, Nodes, Pools and me Rules on BIG-IP F5 load balancer LTM for load balancing and traffic management in DC environment. Tests security measures to reduce and mitigate risk. Actively probes teh network for new threats and risks.
• Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs. Configured F5 GTM solutions, which includes Wide IP’s, Pool Load Balancing Methods, probers and monitors recreating Http and https redirect VIP's to provide secure resources to client from data servers.
• Understand teh JUNOS platform and worked wif IOS upgrade of Juniper devices.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
• Configured Citrix NetScaler responder policy and to maximize teh performance and availability of all applications and data, and also provide secure remote access to any application from any device.
• Configured Citrix NetScaler ADC for load balancing and assigned virtual server IP (VIP) address to virtual servers.
• In-depth noledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3, SONET POS OCX / GigE circuits, Firewalls. Hands on experience wif HP Tipping Point IPS
• Work wif teh server team to get teh DHCP scope created for Voice, Data and wireless networks for teh new Site setup at data center.
• Installed, configured and maintained Layer2/3 network devices such asISPRouters and switches
• Implemented, configured and troubleshotISP/Customer network protocols such as MPLS, EIGRP, BGP, GLBP, NTP, IPv6, Multicast routing, HSRP.
• Troubleshoot remote access services like Citrix NetScaler, Cisco VPN clients and for teh users to access their enterprise network.
• Efficient use of Microsoft VISIO/Office as technical documentation and presentation tools.

Confidential, Weston, FL

Sr. Network Engineer

Responsibilities:

• Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, and MST related issues coming in network environment.
• Plan, Design and assist in deploying network devices in Enterprise wide Network.
• Worked on different networking concepts and routing protocols like BGP, EIGRP, OSPF, DNS and other LAN/WAN technologies. NAT and PAT configuration and troubleshooting.
• Performed redistribution wif OSPF, EIGRP, RIP version 1 and 2 to enable communication wif backbone.
• Good understanding about how Service Provider network works, WAN Technologies in ISP, MPLS etc.
• Worked on migration, deployment, and break fix activities as and when required and worked on migration of LABS and Dev rooms and VLAN migration and installing new switches. Worked on Cisco 9k (9006) routers and its prefix lists.
• Experience in Cisco/Juniper Networking, Security that includes Designing, Deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols.
• Worked on MPLS for QoS, and to reduce traffic latency, jitter, down time and packet loss.
• experience in Cisco ACI Integrating Layer 2, Layer 3, L4-L7 and VMware wif ACI
• Decommissioning teh devices and removing them from monitoring tools and DHCP store and IP manager. Worked on TCP/UDP protocols, OSI layers, and access lists. Worked on code upgrades on Cisco 9006 and 9001 routers using ftp servers in MDF’s.
• Worked on DHCP store and DNS servers and worked on teh DHCP lease times of teh AP’s when we were swapping/upgrading teh Aruba 135 to 225 models and worked on WLANS and Aruba and cisco LAN controllers, provisioning teh AP’s.
• Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds etc.
• Assist in layer 2 issues wif teh senior engineer as well as monitor teh status of teh network wif Solarwinds for teh LAN/WAN andCiscoPrimefor teh wireless APs.
• Integrate Data Center technologies such as ASR, Catalyst, Nexus, UCS and Storage as well as Layer 4-7 devices including but not limited to Firewalls and Load balancers wifACI
• Fixing teh Wi-Fi and Access Point issues and troubleshooting teh AP’s on teh Wireless Controllers (WLC’s), Cisco Prime. Hard resetting teh AP’s.
• Worked wif Palo Alto FirewallsPA250, PA4050, PA3020 using Panorama, performing changes to monitor/block/allow teh traffic on teh Firewall.
• Executed changes on various Firewalls proxies and scripts over entire network infrastructure using Service Now ticketing tool.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and Checkpoint. Implemented Zone Based Firewalling and Security Rules on teh Palo Alto Firewalls.
• Managed rules on Cisco checkpoint NGX firewall.
• Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls.
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN.
• Hands on Experience wif blocking of IP's on Checkpoint that are suspicious. Responsible for Checkpoint firewall management and operations across our global networks.
• Extensive Packet level debugging and troubleshooting on Checkpoint Firewalls to resolve numerous network issues.Analyzed teh Policy rules, monitor logs and documented teh Network/Traffic flow Diagram of teh Checkpoint Firewallsplaced in teh Data Center wif MS Visio.
• Worked on adding teh switch management IP and static IP’s reservation in DHCP store and add a new scope on appropriate DHCP server (give teh name, starting and ending ip's) and configuring for fail over and activating teh scope and replicating them on to teh redundant servers.
• Worked on IPsec VPN tunneling, configuring teh tunnel on both teh end routers, Hub routers and event routers during Hackathon Events.
• Opening teh change requests (CR) and working on teh assigned tickets in teh SNOW requests and following up wif teh appropriate teams and has meetings wif them to solve teh tickets.
• Worked on Subnet move successfully and subnet decommissioning and assisting in network lab/dev moves and merging teh subnets when needed in IP Manager.
• Installing teh Bluetooth beacons in teh Aruba WAP’s at major MS buildings for teh location services successfully as per teh schedule.
• Worked on Cisco ASA writing teh ACL’s, Cisco IOS XS, and XR. ConfiguringCiscoASA and DeployingAnyConnectVPN client
• Checking for compliance on HPNA, taking teh snapshots whenever a new device added to teh network and update teh SNMP strings when possible.

Confidential, Sandy Springs, GA

Network Engineer

Responsibilities:

• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for teh expansion of teh MPLS VPN networks.
• Worked on teh cisco 2900 series router and upgrading teh software on it.
• Standard documentation of procedure, raised multiple change request, followed up for approval -technically (TCAB) and by management (DCAB) during change meetings.
• Implement LAN/WAN technologies in support of a data center implementation.
• WAN optimization techniques Deduplication, bandwidth throttling, bandwidth compression, web caching and redundancy.
• Worked on InfoBlox to change and create Secure DNS, DHCP and IPAM.
• Provide fault isolation and root cause analysis for technical issues and document them accordingly, troubleshooting issues related to DHCP, DNS, Multicast, and SNMP.
• Configuring, troubleshooting and maintaining Cradle point devices for backup.
• Worked on Riverbed WAN Optimization techniques for efficient transfer of data in hybrid WAN, thus reducing teh bandwidth consumption.
• Worked on QoS, Intelligent WAN and Riverbed devices and latency issues.
• Participate in teh meetings to discuss analysis of how new technology changes business and organizational relationships.
• Experience on teh tools that deliver on a virtualized architecture giving teh freedom to support collaboration services wif no compromising in security, flexibility and management, or application functionality.
• Supported teh deployment, testing and acceptance of Ruckus and Cisco Access Point as essential part of teh Wi-Fi infrastructure to support wireless products and services to be delivered via Wi-Fi.
• Designed and configured Core IP infrastructure to test teh new Access Points, which included qualification of Wi-Fi Core network elements comprising teh AAA, LDAP, Load Balancers (A10), and Cisco, based routers, aggregators and ISGs.
• Migrated application specific firewall rule while moving server from one Data Center to another.
• Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA successfully.
• Worked on CISCO ASA 5500 series Firewalls (5510, 5550, and 5585) for various application accesses for Application Vendors and Offshore implementation teams.
• Monitoring Traffic and Connections in Check Point and ASA Firewall.
• Manage project task to migrate from Cisco ASA Firewalls to Check Point Firewalls.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Creating and implementing security policies based on network traffic analysis for internet firewall.
• Performing teh ACL requests change for various clients by collecting source and destination information from them.
• Experience wif SNMP, Syslog, network alarming and performance monitoring protocols, Wireshark, NetScout.
• Regularly performed Firewall audits around Check Point Firewall-1 solutions.
• Using Smart Update, user management and authentication in Check Point Firewall.
• Migrations included and not limited to Cisco to Cisco and Cisco to Checkpoint and Checkpoint to Checkpoint.
• Adding security rules and pushing teh security policies on Check Point.
• Hands on experience and good working noledge wif Check Point Firewall policy provisioning. Worked on VPN tunneling, adding rules, VPN domain and gateway.
• Monitor and troubleshoot issues related to Checkpoint Firewall (R75.40), F5 and A10 Load balancers, McAfee IDS.
• Backup and restore of Check Point and Cisco ASA Firewall policies. Security & Network Performance Monitoring like Net QoS and worked on Bluecoat proxy boxes.
• Implementing and troubleshooting firewall rules in Cisco ASA 5540, 5580
• Expertise in VPN configuration, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
• Installed and configured Cisco ASA 5585 10G Firewall at Database & App Server Layer
• Installed and configured Checkpoint Firewall in Internet Edge and Firepower Series using Cisco ASA.
• Firepower Series using Cisco ASA for additional vulnerability scanning.
• Licensing, Provisioning and installing of F5 devices, RMA of F5 and F5 software upgrade- version 11.5.1.
• Worked on F5 devices, health monitoring of servers and load balance solutions.

Confidential

Network Engineer

Responsibilities:

• Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
• Switching related tasks included implementing VLANS, VTP and configuring ISL trunk on Fast Ethernet channel between switches.
• Used Cisco Identity service engine to provide secure and guest access.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router wif HSRP wif VRF.
• Maintaining Network Integrity on LAN and WAN Networks.
• Settings of teh networking devices (Cisco Router, switches) co-coordinating wif teh system/Network administrator during any major changes and implementation.
• Worked on QoS, Intelligent WAN and Riverbed devices.
• Experience working on Cisco routers 2800 and 2921 series routers and cisco switches and WAN technologies.
• Upgrading Cisco IOS and adding AAA authentication commands in various Cisco Routers and Switches using TFTPD. Experience working wif IDS/IPS.
• Experience establishing and configuring Enterprise Active Directory including firewall settings, group policies, and user/device accounts.
• Responsible for day-to-day management of Cisco Devices, Traffic management and monitoring.
• Proficient in technical writing Used DHCP to define TCP/IP configurations from a central location.
• Troubleshooting all network devices like Routers and Switches across teh enterprise.
• Handling Trouble Ticket management, Incident management. Direct Customer interaction that involves teh processes like changes in teh configuration as per their requirements.
• Experience wif Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication.
• Worked on hardening systems in compliance wif various C&A requirements.
• Experience in administration of access control systems such as checkpoint firewall and VPNs.
• Experience in writing rules and troubleshooting Issues related to checkpoint firewall, and has worked on R75, R75.20, R75.40
• Responsible for Checkpoint firewall management and operations across global networks. Worked wif Checkpoint Support for resolving escalated issues.
• Designed, built, and implemented Checkpoint R71 Firewall-1 VSX, wif Provider-1 running on a Crossbeam X 45.
• Monitor and troubleshoot issues related to Checkpoint Firewall (R75.40), F5 and A10 Load balancers, McAfee IDS, and Secure 64.
• Worked wif packet sniffer like Wire shark to trace data flow and troubleshoot network issues.
• Licensing, Provisioning and installing of F5 devices, RMA of F5 and F5 software upgrade.
• Worked on F5 devices, health monitoring of servers and load balance solutions.
• Expertise wif failover and load balancing configuration of networking devices.

Confidential

Network Engineer

Responsibilities:

• Experience in Cisco/Juniper Networking, Security that includes Designing, Deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols.
• Hands On experience Cisco IOS, for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Voice/data circuits, routers/switches, and cellular technologies.
• Responsible to run different kind of Network test dis includes MPLS, BGP, and SNMP.
• Configured Multiprotocol Label Switching (MPLS) VPN wif Routing Information Protocol (RIP) on teh customer’s Site.
• Experience on Trafficking of TCP/UDP through NAT and no teh role of port preservation for TCP.
• Experience in VPN Tunneling.
• Upgraded IOS on various Cisco Routers like 3945 and 2921 as well as switches like 3750, 4500 and 6500.
• Upgrades and backups of Cisco router configuration files to a TFTP server.
• In-depth noledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, Firewalls.
• Configured OSPF redistribution and authentication wif type 3 LSA filtering to prevent LSA flooding.
• Experience establishing and configuring Enterprise Active Directory including firewall settings, group policies, and user/device accounts.
• Expertise implementing security protocols like IPSEC, DNSSEC, and 802.1 x.
• Co-ordinate wif teh Data Network and Security team and come up wif possible solutions.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Knowledge on WPA encryption, WLAN, IEEE 802.11 standards and SSID setup.
• Responsible for day-to-day management of Cisco Devices, Traffic management and monitoring.
• Experience managing IDS or IPS networking technologies.
• Responsible for Manual testing, reporting defects and working closely wif development in narrowing down issues.
• Provide support 24x7 on and as needed.