SUMMARY:

• Cisco Certified Network Engineer with 8+ years of professional experience, performing Network analysis, design, Implementing, capacity planning with focus on performance tuning and support of large Networks.
• Expert Level Knowledge about TCP/IP, Spanning - tree, and OSI models.
• In-depth knowledge and hands-on experience on IP Addressing, Subnetting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Experience in configuring and troubleshooting of static and dynamic routing protocols such as RIP v1/v2, EIGRP, OSPF, IS-IS BGP and MPLS.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
• Worked on NX-OS, IOS, IOS-XR BXB to N7K-NX-OS (MPLS) system test.
• Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment.
• Experience in Cisco Routing and Switching using 3600, 3700, 3800, 5300, 6500, 7200, 7600Nexus 7k, Nexus 5k, Nexus 2k& ASR 9000, 1000 series routers.
• Strong work experience with MPLS, VPN, WLAN and Multicast technologies.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Advanced knowledge installation, configuration, maintenance and administration of Palo Alto firewalls, Panorama, Checkpoint Firewalls and VPN.
• Configure all Palo AltoNetworks Firewallmodels (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewalldeployments.
• Network monitoring and testing from Operation Center (NOC) from a network management perspective.
• Good knowledge on DMZ zone based security configuration on Cisco routers.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Network security including NAT/PAT, ACL, IDS/IPS, and Cisco PIX, ASA/ Firewalls.
• Proficiency in monitoring and analyzing the load balancing of network traffic using Wireshark and Solarwinds.
• Excellent experience in Checkpoint Firewall installation, configuration and troubleshooting.
• Experience in Physical cabling, IP addressing, configuring and supporting TCP/IP
• Extensive experience in handling network failure issues.
• Excellent communication and interpersonal skills.
• Fast learner with excellent problem solving capabilities.

TECHNICAL SKILLS:

Cisco Routers: ASR1,9, 3900, 3800, 3700, 7206VXR, 7500

Cisco Switches: 6500, 4510, 3750X, 3550, 3650, 3750G, 2960

Routing Protocols: EIGRP, OSPF, BGP, RIPv2

Switching Concepts: VLAN, STP, RSTP, VTP, Ether Channel, Port Fast, IP access Control lists, Uplink Fast and Backbone Fast, HSRP, VRRP.

Network Securities: NAT/PAT, VPN, Filtering, Load Balancing using f5 and Cisco ACE, Cisco ASA Firewalls 5580-20, IPSEC and SSL VPNs, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, ACL, IOS Firewall features, IOS Setup and Security Features.

Network Topologies: Frame Relay, ISDN, Gigabit Ethernet, OSI and TCP/IP layered architecture.

LAN: 10/100/1000 & 10 GBPS Ethernet

WAN: MPLS, Frame Relay, Dialup, VoIP, Cisco Routers and Switches, CSU/DSU

WLAN: IEEE 802.11, PHY and MAC layer functionality, WLAN controller/Aruba/Meru

Operating Systems: Windows Servers 2003/2008/2012, Windows 7, Windows Vista, Windows XP troubleshooting.

Sniffers: Solar winds, Wire shark, Packet tracer.

PROFESSIONAL EXPERIENCE:

Confidential, Irvine, CA

Sr. Network Security Engineer

Responsibilities:

• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Configured VLAN’s, Private VLAN’s.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
• Subject Matter Expert for juniperRouting, Switching, Security, and VPNsystems
• Implementation of Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Designed and Implemented Firewalls, F5Vipriondeployments to Front end and DMZ customers
• Measure the application performances across the MPLS cloud through various routing and switching methods.
• Configured inside ACL, outside ACL, inside, outside interfaces.
• Configured NAT and PAT policies.
• Configuration and troubleshooting of EIGRP, OSPF, BGP.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Installed and configured DNS, DHCP. Responsible for creating and configuring FORWARD LOOKUP ZONE AND REVERSE LOOKUP ZONE
• Redistributed required routes from OSPF in to BGP. OSPF cloud is present in US and is connected to all our customers over Sprint’s Frame Relay backbone
• Managed Plan of Record with PLMs/SE/Sales/Marketing and followed up and monitor product lines of Juniperrouting/switching/security portfolio (MX, PTX, EX, SRX)
• Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces
• Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Managing and configuring 4 juniperSSL VPNappliances (SA-4500 & 4000) for TSNA and ATS customers
• Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Extensive use of NSM (Network and Security Manager) and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Implemented F5 hardware refresh of older 3600 hardware to Viprion.
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Building the VPN tunnel and VPN encryption.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Preformed IOS upgrades on cisco routers and switches
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.

Confidential, Washington DC

Sr. Network Engineer

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Network Engineer for Datacenter consolidation project. Consolidated 16 global Datacenters consisting of Cisco 6500, 4500, 2800, ASA 5540, F5 BIG-IP 3600, Consolidation was in preparation to upgrade Datacenters to Nexus 7000, 5000, 2000, and ASR 1,9 backbone infrastructure.
• Providing Security Technical support and deliver of Security services including: Security vulnerability assessments, penetration studies (ethical hacking), Security policy development,Security gap remediation assistance, DMZ structural hardening, PKI, SSO and system security design
• Designed and Implemented Cisco UCS pods in Nexus 7000 and Cisco 6500 Platform
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT’ing, sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Providing technical security proposals, detailed RFP responses, security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.
• Implementing firewall policies, NAT’s on the firewall based on tickets issued.
• Experience Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Work with Carrier to test and turn-up circuits.
• Installing configuring and maintaining DHCP, TACACS+, DNS and solar winds network monitoring tools
• Experience with moving Data Center from one location to another location, from 6500 based Data Center to Nexus based Data Center.
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ.
• Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Managing security log reporting using EMS (Elementary management system)
• Applied security policies and Troubleshoot on checkpoint firewall to secure VoIP protocols SIP, H.323, MGCP and SCCP.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Checkpoint NGX firewall and Cisco 3800 series routers
• Installed, configured and administered Palo Alto firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 and PA5000 series as well as a centralized management system (Panorama) to manage large scale firewalldeployments.
• Created VSYS Builds from Checkpoint to Palo AltoPanorama Database Zone, Access Zone.
• Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Monitoring and configuring Cisco 7600 routers at data center.
• Configure and TroubleshootJuniperRouter (J2320) with IOS (JUNOS 9.3).
• Working on Cisco ASA 5580 (8.2(1) and ASDM version 6.2(1), Cisco PIX 535, Juniper NS5400, Juniper SRX550
• Actively involved in switching technology Administration including creating and managing VLANS, Port security - 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.
• NetworkSecurities withJuniperSRX firewalls.
• Worked on Infobloxfor creating the DNS entries, A records and CNAMEs
• Replaced old 6500 and WAN routers from DR testing site and Installed Nexus 7K and ASR 9, 1k routers.
• Configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Coordinate and perform VPN Lan2Lan as well as Remote VPN and Firewall security policies as well as NAT Configurations.
• Built DMVPN tunnels between HQ Data center and branches to enable connectivity or redundancy.
• Implemented various Switch Port Security features as per the company’s policy
• Maintaining and troubleshooting SAN backup networks.
• Support customer with the configuration and maintenance of Checkpoint and ASA firewall systems
• Maintain Operational guidelines, diagrams and documentation for all network/security devices and infrastructures.
• Configurations of vdc, vrf on Nexus 7k & 5k devices.
• Remote access and site-to-site VPN administration using Cisco ASA/ASR 9 andPaloAlto
• Documenting workflow process, managing and implementing standard policy and procedures.

Confidential, Plymouth Meeting, PA

Network Engineer

Responsibilities:

• Engaged in Clinic moves, helped in identifying network requirements of new building, installed new networking hardware, and coordinated with vendors for cabling/wiring
• Extensive experience on layer 4 protocols like TCP /UDP
• Configuring Wireless utility for all employees.
• Analyzing and resolving a high percentage of initial customer contact in the areas of PC/LAN.
• Implemented Site-to-Site VPNs between ASA Firewall and Router
• Escalating customer problems to management and support groups utilizing standard escalation model.
• Implemented new ultra secure networks in multiple data centers that included Cisco 6500 s, Juniper security devices, and F5 Big IPs.
• Configured Juniper Network and Security Manager (NSM).
• Supported on CiscoNexus 5000and Nexus7000 SeriesSwitch fabric links.
• Maintain and Provide support for LAN/WAN infrastructure as needed. This includes working on specific hardware such as switches, routers, PIX, ASA firewalls, wireless APs, VPN Concentrators, frame relay, IPsec VPN and other entities.
• Responsible for Planning and configuring the entire IP addressing plan for the clients'network.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• Correlates call issues with WAN performance for advanced troubleshooting
• Configuring SIP issues and wall jack issues while troubleshooting IP addressing problems.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring
• Experience working with High performance data center switch like nexus 7000 series
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices
• Migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Configured IPSEC VPN on SRX series firewalls
• Responsible for Data Center Migrations and its operations
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Cisco device programming and troubleshooting including CatOS, Nx-OS, ACE, CSS, GSS, VPN.
• Trouble-shooting end-user reported problems, thoroughly and accurately documenting problem in trouble management tool.
• Planning and upgrading Checkpoint infrastructure including Smart Centers and enforcement points.
• Implemented Cisco Wireless access points using LEAP and Cisco Radiusfor authentication, greatly increasing Wireless security.
• Worked on Cisco DataCenter Switches such as Nexus 6500, 7000.
• Implement changes to the firewall rule base, network routing tables and ACL to allow only authorized users to access the servers.
• Check for DNS issues by pinging the server’s name. Experience with Wireshark, TestTCP& OPNET
• Created security policy according to user’s requirement in Cisco ASA-5580, Juniper-SRX-5800 and ISG-1000 Fire-wall using CLI & GUI.
• Experience working with Cisco Nexus2148 Fabric Extender and Nexus5000 series to provide a Flexible Access Solution for a data center access architecture
• Installed Juniper firewalls to replace existing Firewalls which increased network uptime.
• Experience in Layer 3 Routing protocol configurations: EIGRP, OSPF, BGP, & MPLS.
• Experience in Layer 2 Routing protocol configurations: ATM/FRAME RELAY,IP services such as QoS and VPN technologies: IPSec& SSL.
• Provided installation and initial user configuration of NEXUS 7K switches at the Data Center and providing IP addressing and different user session priorities on the switch.
• Configuring, maintaining and troubleshooting routing protocols such as SDP, RTP, EIGRP and BGP.
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, Token ring, ATM, bridges, routers, hubs and Switches
• Designed and deploy various network security & High Availability products like Cisco ASA other security products
• Configuration and edit policies on F5 network access control.
• Coordinate and perform VPN Lan2Lan as well as Remote VPN and Firewall security policies as well as NAT Configurations.
• Implemented Security policy by Configuring PIX firewalls.
• Implemented TCP/IP,TFTP and related services like DHCP/DNS/WINS
• Deploying Cisco routers and switched such as 7200, 3800, 3600 and 3500,4500, 5500.
• Management tools, SNMP, Syslog and Wireshark.
• Extensive knowledge of network design, implementation & infrastructure

Confidential

Network Engineer

Responsibilities:

• Develop and implement strategies to support the current and future needs of the company.
• ConfiguredCisco Routers 2600series usingRIP, OSPF,and EIGRP.
• ConfiguredCisco Switches 2900.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
• Troubleshot Cisco hardware: Inspected devices, Read device LEDs, loose connections, interior IOS upgrade, switch port configuration, port monitoring, watch overFlooding Control/Network port.
• Installed andconfigured DHCP, DNS Server.
• Developed and tested Engineering Design Document(EDD) to deploy a VDC on the Nexus 7000 series of switches to address high level architecture of new VDCs
• Identifying technical problems anddebugged hardware andsoftware related toLANs/ WANs.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Installed and configured of inter-networking technology on multiple platforms including Cisco Catalyst (IOS), Cisco Nexus (NX-OS), F5, and Palo Alto Networks
• Implemented redundancy in BigIP F5 loads balancers to provide uninterrupted services to clients.
• Switching related tasks includedimplementing VLANS, VTPandconfiguring ISL trunkon Fast - Ethernet channelbetween switches.
• Strategies include operating systems, virus protection, mail systems and Internet services.
• Updated theanti-virus, spam blockers, and other security softwareso that the systems are always secured
• Physically deployed new Cisco Nexus devices, Catalyst and Nexus replacement blades, FWSMs, Cisco ASAs, Citrix NetScaler MPX and SDX chassis
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured all the network Infrastructure devices including Network Printers and Registers
• Configured and implemented Nexus 5K and 2K in lab environment
• Resolved all computer related problems, monitored and maintained system functionality and reliability by identifying ways to prevent system failures.

Confidential

Support Engineer

Responsibilities:

• Perform responsibilities of supporting the daily operations of the network, telecom and troubleshooting network issues.
• Responsible for updating the IOS and configuring the new Router and Catalyst Switches.
• Designed and installed small Windows XP based LANs for business clients
• Troubleshot and resolved many user issues Performed network testing and base lining
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Cisco ASA 5540 firewall experience creating access rules for various DMZ containers for both inbound and outbound traffic.
• Provided testing for network connectivity before and after install/upgrade
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external.
• Responsible for creating and maintaining diagrams and documentation of network systems