PROFESSIONAL SUMMARY:

• Experienced Network engineer with 8 years of experience in switching, routing, firewall technologies, system design, implementation and troubleshooting of complex network systems
• Developed Local Area Network (LAN), IP/DMVPN Wide Area Network (WAN), Data Center Network (DCN) communication solutions that are aligned with IT department and business strategies
• Detailed understanding on nexus technologies like FEX, VPC, VPC+, VDC, OTV, Fabric path, VXLAN, APIC - Single point of management
• Installed and configured Nexus devices like Nexus 2000, 5000,6000, &7000series with F & M series Line cards on Sup 1, 2 & 2E on N7K platform
• Working experience and expert knowledge on NEXUS 9000 devices in ACI with Network centric mode. Participated in architectural level meetings and tested in lab environments
• Create Method Of Procedures (MOP) for the Nexus, ASR, ISR and Catalyst upgrades
• Extensive hands-on experience with complex routed LAN and WAN networks
• Expertise knowledge and hands on experience on routing protocols like EIGRP, OSPF and BGP
• Configured first hop redundancy protocols (FHRP) like HSRPin both version 1 & 2
• Installed and Configured Cisco devices like ciscocatalyst 2960, 3560, 3850, 4500, 4900, 6500, 6800
• Hands-on expertise with ISR routers like 2900, 3800, 4331, 4451 and ASR routers like 901, 903, 920, 1001-X
• Experience with design and deployment ofDMVPN, MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS, securing and managing remote access using VPN technologies like IPSec, GRE
• Worked on stateful firewalls (ASA, Zone based Firewall), ACL (Standard and Extended), NAT, PAT and exposure to Checkpoint firewall Gaia R77.10, R77.30 & R80
• Good understanding and hands on experience configuring AAA-authentication, authorization& accounting and ISE configuring IP Access Control Lists, Strong knowledge of TACACS+, RADIUS implementation in Access Control Network
• Detailed understanding of layer 2 protocols like VTP, STP, PVST, RSTP and Port Security, Ether channel. Very good understanding of internet protocols like IPv4 and IPv6
• Experience in Network administration, management and monitoring using Solar winds, Infoblox, Bluecoat, ACS
• Exposure to Load balancer using BIG-IP (F5), LTM and GTM and APM and ASM
• Decent knowledge in configuring and troubleshooting Wireless Networks: Cisco Prime infrastructure, WLC, WCS, Standalone, LWAPP, Wireless Security, IEEE 802.11 a/b/g/n/ac, RF spectrum characteristics
• Experience in working with multiple vendor devices like Cisco, Juniper. Worked extensively on Linux environment and its CLI
• Performed Network analysis with packet capturing tools Sniffers, Wire shark etc.
• Transitioning to SDN-Network Programing and automation using Python Scripts, Cisco EEM and Open stack/Open flow
• Knowledge on VOIP devices like IP Phones and working knowledge of SIP protocol
• Implement and maintain network monitoring systems and experienced in developing network design documentation and presentations using MS VISIO
• Proficient with TCP/IP and relative OSI model, Troubleshoot issues using tools like TELNET, SSH, PING, CDP and ARP.Excellent team player with good communication and leadership skills, Capable of Problem solving, Time management and Decision making skills with the ability to set priorities and come up with results

TECHNICAL SKILLS:

Routing: RIP, EIGRP, OSPF, BGP, Route Filtering, Route Redistribution, Summarization, and Static Routing, FHRP, HSRP

Switching: VLANs, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging, Port Security, VSS, VPCand VDC, VPC+, APIC, VXLAN

Routers: 2900, 3800, 4321,4451, ASR-901, ASR-903, ASR1000, ASR9000

Switches: Cisco Catalyst 6500, 4500, 3850, 3750, 3560, 2960, Nexus 9000,7000, 5000,2000

WAN Technologies: HDLC, PPP, MPLS, DMVPN

NetworkManagemet: Wire shark, SNMP, Ethereal, Solar winds, Cisco NAC, ISE, Cisco Meraki, Cisco works

Security: Checkpoint, Access Control Lists, Cisco ASA, MacAfee proxy servers

Virtualization: VMotion, ESXi hosts, VSphere, Vcenter

Load Balancer: F5

Operating Systems: MS Windows XP/Vista/Windows 7/8/10, Sun Solaris, Server Linux

Applications: Cisco Prime,Infoblox, Hp open view and MS Visio, Bluecoat

PROFESSIONAL EXPERIENCE:

Confidential, Richardson, Texas

Network Engineer

Responsibilities:

• Currently Data centers are interconnected with OTV, was a part of the team that architects the plan with every minute details taken into consideration with minimal downtimes, Installed transport services package on the new and old new gear for OTV feature
• Brought up the connections between existing and new environments in both data centers. Extended all vlan’s to facilitate connectivity into the new environment with OTV as interconnects. Tested and verified connectivity
• Worked on OTV to extend L2 VLANs between data centers over IP on Nexus 7710 switches, Configured and deployed VPC between Nexus 7710 and Nexus 93128, 93180
• Assisted in design and implementation of Cisco ACI devices like 9336, 9372, 93128 Switches, Worked on initializing the fabric and made sure the leaf switches got connected to the APIC-L2 C220 M4 Server
• Upgraded code on APIC-L2 C220 M4 servers to 2.2 (2f) from version 1.0 and made sure the health state is Fully Fit
• Currently the topology is in 2-tier architecture, i.e., Spine and Leaf, Configuration of overlay VXLAN, VTEPs with EVPN control-plane on Nexus switches
• Created Endpoint Groups and mapped them to the associated Domain for Communication from the leaf Switch interfaces to the end servers. Also involved in enabling the features like CDP, LACP, and LLDP on APIC-L2 Server. White listed the traffic for communication between the EPG's
• Configured EIGRP on different router series and troubleshooting the issues with protocol in case of any misconfiguration like variance to increase the convergence speed
• Experience in configuring IBGP and EBGP and had knowledge in understanding neighborship requirements and neighbor states, Had in-depth knowledge on the BGP path attributes like Weight, Local p, Origin code, AS path and MED
• Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues. If needed, we advertise those networks in BGP with our ISP. We make sure that routes are protected via VRFs. We make use of route maps for manipulating the paths to our ISP and that also helps to load balance traffic to both ISPs
• Involved in troubleshooting of link flaps, failure to form neighborship with adjacent routers on our core ASR 1001-x series routers
• We peer into our ISP core router with an AT&T service provider router (ASR 1001-X) advertising all our necessary routes to it and getting a default route from our ISP to our core router for entire global Internet
• Responsible for designing and maintaining EIGRP, BGP and Wan Protocols for Network Infrastructure. Also made sure that WAN utilization is optimized by using features like steelhead and riverbed technology
• Designed dual DMVPN cloud deployment utilizing new OC-3 circuits, Administered and implemented Cisco routers in Cisco IWAN environment creatingDMVPN tunnels connecting over 150 sites
• Worked on configuring Ether channels and troubleshooting using misconfiguration guard if the remote end of ether channel is misconfigured
• Successfully upgraded Cat 6509-E from Sup2t to Sup 6T-XL with Quad-VSS on it
• Configured STP for switching loop prevention and VLANs for data and voice along with configuring port security for users connecting to the switches (RSTP, PVST+)
• Performed IOS upgrade according to the recommendation by the Cisco TAC
• Develop and implement Cisco ISE solution to replace aging TACACS+ authentication servers
• Created a new solution including new construction and installation of a full mesh, wireless and wired network with a full ISE installation, Identifying endpoints missing from ISE and determine reason for omission and we upgraded from version 1.3 to 2.1
• Configured Cisco wireless controllers and access points for enterprise network, including setting up SSIDs and WLANs on WLC’s like 5508 and 5760, Wireless maintenance and troubleshooting to include LWAPP and IOS-based access points Cisco Prime to manage wireless controllers
• Created A records, PTR records & MX records as requested by the customers as per their DHCP settings on Infoblox
• Constantly monitored Solar winds NPM activity to ensure optimum uptime and performance in a proactive manner
• Resolve communication issues between network nodes and Solar winds Orion poolers via netflow and SNMP configurations. Set up Solar winds dependencies for alert suppression of downstream nodes in case of site outage
• Performed security operations by adding rules in firewalls and pushing firewall policy as per the incidents and rule requests from users
• Have experience in configuring the Identity Awareness (IA) cluster, which is a new feature from checkpoint for granting access to end users not only based on IP addresses but also using the AD groups that they are in which will be in sync with DC’s
• Tuned policies on IPS to make changes accordingly on the vulnerabilities and change to detect, prevent modes as required
• Worked with BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway
• Implemented load balancing methods, SSL certs, persistence profiles, SNAT IPs, client/server profiles while configuring VIPs and customizing them as per the application needs

Confidential, New Jersey

Network Engineer

Responsibilities:

• Working in high availability Nexus Environment and provide Level 3 Network Support
• Design and implementation of a multi-site backup utilizing Cisco Nexus Fabric path
• Worked on the Fabric path to extend L2 VLANs between data centers over IP on Nexus 7710 switches, Configured and deployed VPC and VRF between Nexus 7710 and Nexus 56128p, 5596 switches
• In the process of migrating the end hosts such as ESXi hosts, physical servers onto Fabric path. Connectivity between the end host and leaf switch is conventional Ethernet but the Border leaf, Spines are connected via. The Fabric path interface which eliminates STP between the fabric path interfaces
• Configured and maintained VDCs in the 7710 switches, maintained VRFs in those separate VDCs.
• Responsible for Global data center migration from Cisco Catalyst devices to a full Nexus infrastructure utilizing Nexus 7000 series switches
• Working with Cisco Nexus 2148t Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for data center access architecture
• Exposure to Nexus, Hardware Architecture of the Sups, chassis, I/O Modules, Fabrics, Licensing, VDC, VPC, ISSU, using NXOS CLI, Resolve remedy incidents related to Cisco Nexus 7K, 5K, 2K devices alerted in Solar winds
• Worked on the stub areas in OSPF and also implemented virtual links if needed, testing authentication in OSPF, OSPF is used as the IGP and LDP is used for label propagation
• Implement OSPF routing with multiple areas for networks between sites. Implement totally stubby areas to lower the system resource utilization of routing devices to the network. Implement NSSA area to allow injection of external routes into the area and propagation into the OSPF domain.
• BGP is used for distributing routes over the backbone, Configuring BGP features like VRF, as-override etc., Expertise in creating Access control lists for layer-3 security and providing first hop redundancy using protocols like HSRP
• Mutual redistribution of OSPF and BGP routes using route maps. Explored using LISP for optimized ingress routing by creating map servers for host to site resolution and mapping
• Worked on multi-stage project plan to remove BGP from LAN, and replace with OSPF, in phase one, and in phase two with design and implementation of MPLS with OSPF OTP across the OIG WAN, thus removing BGP from all OIG edge routers, and securing all communications between offices with encryption
• Advanced and complex IPv4 and IPv6 unicast routing designs (OSPF) in multi-VRF environments in production MPLS network
• Convert Branch WAN links from point to point circuits to MPLS and encryption from IPSec/GRE to Get VPN, Configured IPSec VPN access for client to site remote access
• Conversions to BGP WAN routing, which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links
• Implementation and troubleshooting of complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST, protected switch ports using security features like BPDU guards/Filters, loop guard, port security
• Performed VSS on cisco catalyst 6500 series switches
• Upgrade IOS on new switch install, install provided configuration on new network equipment install and asset tracking
• Configured UDLD, LLDP, TACACS, VLANS on HP 2920, Experience in configuring static and dynamic LACP trunks, hands on experience in troubleshooting link flaps, VLANS, SNMP etc. Providing input on day-to-day securityarchitecture policies and procedures
• Also responsible for providing VPN access on JUNOS devices running JUNOS Pulse
• Extensively worked on BMC Remedy for creating the Change Requests (CRQ's), Work Orders, Incident Management
• All-encompassing execution & configuration proficiency of Firewalls as Cisco PIX … Cisco ASAApplianceASA 5510
• Configured static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls
• Involved on working with McAfee web gateways in white listing website's, static content sites, and working with vendor on various issues like static sites and so on

Confidential

Network Engineer

Responsibilities:

• Responsible for Installation, configuration and maintenance of Cisco 7200, 3900, 2800, 2600, 2500 and 1800 series Router/Cisco Catalyst Cisco 6500, 4500, 3750,2950 series Switches
• Key contributions include troubleshooting of complex LAN/WAN infrastructure
• Worked on Cisco routers 2950, 2600 and Cisco switches 4500, 2900
• Configure Cisco Routers/L3 Switches for EIGRP using route redistribution, filtering and securing the network routes using encryption and authentication
• Configured VLANs, Private VLANs, VTP, dot1Q Trunking, and VTP-pruning, STP like RSTP and Pvst on switches. Implementing Security features like BPDU guards/Filters, loop guard, port security
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route
• Implement, build, Support and Maintain Cisco partners labs based on various Routing/Switching/Data Center architectures using Cisco and VMware Virtualized Infrastructure
• Created pools for the nodes and assigned Virtual IP’s to those pools on F5 load balancer
• Implemented least connections algorithm for the LTM, GTM and also defined the persistence
• Experience in implementing Client SSL and Server SSL for the authentication

Confidential

Network Analyst

Responsibilities:

• Involved in configuration and management of different Layer 2 switching tasks which includes address learning, efficient switching etc.
• Dealt with the escalation problems from Level 1, Level 2 & Level 3 for routing, switching and WAN connectivity issues using ticketing system Remedy
• Experience in routing protocols like EIGRP, OSPF and standby protocols like HSRP application in the routers
• Configuration of Access List ACL (Std., Ext, Named) to allow users all over the company to access different applications and blocking others.
• Involved in configuration of WAN connection using a 3600 series Router and Frame relay method, Used various Network sniffers like Ethereal, TCPdump etc.
• Designed and implemented an IP addressing scheme with subnets for different departments