SUMMARY

• CCNA and CCNP certified network engineer professional with overall 7+ Years of experience in designing, performing Network analysis, troubleshooting, maintaining and supporting complex network systems.
• Deploying, implementing and providing support for Cisco 1800, 2500, 2600, 2800, 3600, 3750, 3800, 7200, ASR 1K, 9K routers, Cisco 2900, 3500, 3700, 4000, 4500, 4900, 5000, 5800, 6500, 7600, Cisco Nexus and catalyst, Arista Switches JuniperE series, J series and M series. Juniper SRX & VPN, T - Series, MX-Series Routers. Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks Firewall models (5060, 7060)
• Installed, configured, and maintained with vendors Cisco, Juniper, Arista, Brocade, Riverbed, Fortinet networking and wireless technologies and protocols BGP, EIGRP, HSRP and VRRP.
• Performed Ospf, BGP, EIGRP profile, IPV6, Bundle Ethernet implementation on ASR 4300, 1K, 2K, 3K, 7K 9k, Cisco 6500 Series and Juniper routers
• Deploying and migrating complex layer 2 technologies such as VLAN Trunks, VTP Ether channel(LACP), Port channels(PagP), STP(PVST+), RSTP and MST from Cisco to Arista switches
• Deploying and decommission of VLANs on core ASR 4300, 1K, 2K, 3K, 7K 9K, Nexus 7K and 5K and its devices.
• Configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Implemented ServiceNow ITSM applications utilizing ITIL V3 benefits best practice processes, methods, testing, and training projects for multiple, diverse organizations.
• Providing support for voice communications technology and VoIP Protocols.
• Deploying and Migrating MPLS L2, L3 VPN in brocade firewalls.
• Configuring and troubleshooting Site to Site VPN, Remote access VPN, IPSec VPN, SSL VPN, DMVPN.
• Supports multiple business lines and a network of global data centers through the administration of SSL certificates.
• Extensive development in ServiceNow including Implementation, Customization and Maintenance of ITIL modules such as Incident, Change, Problem, Knowledge, Service Catalog, CMDB in ServiceNow.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution, migration with both Checkpoint and Cisco ASA VPN experience.
• Involved in analysis of end user requirements and business rules based on given documentation and worked closely with tech leads and Business analysts in understanding the current ServiceNow system.
• Adding and removing checkpoint firewall policies based on the service requests from different user
• Experience with Net ScreenFirewall, SidewinderFirewall,McAfeeWeb/Email Gateway, Net scout, Blue Coat or Cisco ASA, IPS/IDS.
• Experience with BIG-IP F5 load balancers, version 9.x, 10.x, 11.x.
• Performed F5 appliance (LTM, GTM, APM, and ASM) maintenance and system upgrades including hot fixes and security configurations.
• Worked with F5 based profiles, Virtual IP's, iRules for virtual IP's, monitors and pool members.
• Dealt with F5 load balancing of web traffic and data center environment failover for HA servers, Fabric path.
• Implementation of DHCP, DNS, FTP, TFTP, HTTPS, web security architecture, Frame Relay, MPLS, ATM, software Defined Networking (SDN).
• Installed and configured databases on Unix/Linux platforms, managing swap configurations, virtualization (VMware ESXi 5, 5.5 and Oracle Virtual Box).
• Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) solution, as well as the Cisco Nexus 9k, 7k, 6k, 5k, 4k, & 2k.
• Expertise in Virtualization with vSphere, VMware ESXi 5/4.1/4 and 3.x hosts and Virtual Center server.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 Sonet POS OCX / GigE circuits, Firewalls.
• Experience through Hand-on Experience with configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay and VOIP (Voice-Over Internet Protocol).
• Experienced working on network monitoring and analysis tools like, Solar Winds, Cisco Works, River Bed, Cisco Prime, NETQOS, EMAN.
• Experience in technical documentation of Change management process and Project documentation using Excel and VISIO.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Used tools such as HP Arc Sight, Bluecoat Reporter 9 web proxy, Network Security Manager (NSM, NMN) and Palo Alto to correlate network events/alerts to get a more in-depth analysis of network traffic.
• Extended the support to all unified communications components including troubleshooting, configuration, optimization and design of a multi-cluster environment.
• Knowledge of large-scale Cisco Communication Manager, Messaging, presence and conferencing solution Architecture, Design and installation.
• Reviewing and validating existing telecom services and solutions.
• Experiences with using Virtualization tools like Citrix, VMware, Hyper V.
• A highly-organized individual who adopts a systematic approach to problem solving, effectively analyzes results, and implements solutions.
• Worked with ticketing tools like ServiceNow, Remedy tool.
• Knowledge on Python scripting.
• Strong Knowledge on SDN (software defined network).
• Excellent customer management/resolution, problem solving and debugging skills with good verbal/written communications and presentation skills.
• Well organized, Self-starter, Quick learner, Self-motivated, Team player with analytical, technical and communication skills. .

TECHNICAL SKILLS

Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008/2012 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.

Equipment’s (Switches, Routers): Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series, ASR9K(9922) andASR1K) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX480, 240, 80 series, EX, QFX Series Routers and HP (7000) series Switches.

Routing: OSPF, EIGRP, ISIS, BGP (EBGP/IBGP), RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, IPV4, IPV6.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Firewalls: ASA 5500 series, Check Point Nokia Firewalls IP350, IP550 & IP750, Juniper Net screen, Firewalls ISG, Cisco PIX & ASA 5500 Series, Checkpoint Firewall NG, NGX, NG R55, NGX 60, NGX R65, R70, R75, UTM.

Load Balancer: ACE Module, F5 Networks (Big-IP) LTM 8900 and 6400, F5 APM, Citrix Net scalar

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.

Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), D-Link Wireless (point to point), D-Link Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

AAA Architecture: TACACS+, RADIUS, Diameter, Cisco ACS.

Nodes: 4 node, 10 node, 40 node, 50 node, mobile node

PROGRAMING LANGUAGES: C, C++, JavaScript and HTML

PROFESSIONAL EXPERIENCE

Confidential, Santa Ana, CA

Sr. Network Engineer

Responsibilities:

• Designed and support the consolidation of data centers utilizing Nexus 2K, 5K, 7K and juniper (EX, QFX) switch infrastructure.
• Configure and maintain all Palo Alto Networks Firewall models (PA-3k, PA-5k.) as well as a centralized management system to manage large scale Firewall deployments.
• Hands on experience on all software blades of Check Point Firewall. 24x7 on-call step-up supports as a part of the safety operations team.
• Involved in the documentation of Network infrastructure design.
• Configured OSPF, BGP, LDP, MP-BGP on Juniper M320 and Cisco CRS-1 in the Core.
• Deploying Cisco 6500, ASR 9K /Arista/Juniper Routing/Switching - 6500/7020R/QFX.
• Deploying Layer 2 layer 3 protocols (BGP, OSPF, STP (PVST+) and Ether Channel, Port channels in Cisco and Arista platforms.
• Worked extensively on Cisco ASA 5500/5510/5540 Series, experience with convert PIX rules over to the Cisco ASA solution.
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Worked on BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway.
• Internet/intranet, inter-access, VPN/DMVPN firewall, Intrusion Prevention plan design configuration to PIX/ASA, Checkpoint/Juniper.
• Migrated L3VPN Traffic from Juniper M320's to Cisco CRS-1 with minimum disruption
• Provided application level redundancy and accessibility by deploying F5 load balancers long-term memory.
• Management of F5 Viprion based load balancer as LTM and GTM for hundreds of applications serving the needs of thousands of user’s locals and abroad.
• Worked on BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway.
• Dealt with creating VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies
• Configure F5 Load balancers for SSL handling, Design and Implemented Virtual Server Farm for Web site load balancing in DMZ.
• Worked on ITIL tools like BMC Remedy, HP Service Manager and ServiceNow.
• Integrated ServiceNow with external SOAP based Web Services and Managed users, groups and roles in ServiceNow.
• Configuring the PCI Palo Alto Firewall to the Tuffin Monitoring Tool for the Log Analysis as the Syslog Server.
• Firewall Audit and Compliance Check Using Tuffin And Generation of Reports Based on The Analysis.
• Configured Tuffin Secure Track for checkpoint firewall to analyze the firewall rules.
• Created the AAA servers for LDAP and AD authentication in F5 APM.
• Configured VPC and attached Amazon Elastic IP, VPC peering to connect from one VPC to other VPCs
• Monitored VCP log information of network traffic in and out network interface VPC.
• Responsible for setting up end-to-end secured connectivity with business partners using IPSEC VPNs.
• Responsible for setting up client to site, Site to Site IPSEC VPNs as per the security policies agreed with the customers.
• Integrated AWS Network with our existing production and corporate network.
• Monitor all Malware incidents thru Source fire IPS system.
• Configure and install Aruba wireless controllers and access points.
• Implementation and troubleshooting of 802.11a/b/g/n technology with primary focus on Cisco Unified Wireless Network.
• Using Solarwinds, Net Scout and windows performance and resource monitor to figure out that we were losing PCoIP packets that were degrading the VDI environment.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Supporting EIGRP and BGP supported the network by partitioning level two & three issues of internal groups & external customers of all locations.
• Performing troubleshooting on slow network property problems, routing problems that involves OSPF, ISIS, BGP and distinctive the foundation reason for the problems.
• Involved in the Analyzing, designing & evaluating network systems such as Local Area Networks (LAN), Wide Area Networks (WAN), Internet, Intranet and other data communication systems.
• Responsible for managing IP address schema with in internal domain, change management requests raised by users.
• Installation, Implementation and management of Microsoft ISA server running in 100% redundant load balancing environment.
• Implementing Network Control to secure DNS, DHCP and Software Defined Networking SDN.
• Responsible for maintaining SLA's agreed with the customer, working experience in tools like remedy.
• Documentation of network design documents in Microsoft Visio.
• Managing restricted Internet access as per organizational security policy using URL filtering tool, Surf control.
• Implemented integration of Microsoft ISA server with Active directory for authentication, to prevent unauthorized access to Internet.
• Configured Checkpoint Firewall’s Web Defense to mitigate malicious traffic.
• Responsible to facilitate Internet access to the users following Organization's Internet Security Policy.

Environment: Cisco 2800, 2900, 3900, 7200, 7600, ASR 4300, 1K, 2K, 3K, 7K, 9K, Arista routers Cisco Catalyst Switch 6500, 4500, 4900, 3500, 3700, 3700, Nexus 9k and 5k, Aruba 3810, 5412 switches, Arista switches, Cisco ASA 5510, Fiber and Ethernet cabling, Ixia XR 2000, Cisco LAN Wireless Controller and Access Points, Remedy Ticketing System.

Confidential, WA

Network Engineer

Responsibilities:

• Implemented and delivered services to our customers and partners on a variety of platforms and vendors, including Cisco and F5 load balancing.
• Configuring the Cisco CSR-1000v virtualized network function (VNF) fromServices like CSR-1000v Base Configuration Fields, CSR-1000v Firewall Configuration Fields.
• Configured static NAT, dynamic NAT, dynamic NAT overloading.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
• Responsible for implementing, supporting, and maintaining 24x7 network services.
• Coordinated efforts with Engineer's to ensure all network devices conformed to defined network standards.
• Configured various Routing protocols such as OSPF, EIGRP, static routing.
• Configured VLANs with 802.1q tagging.
• Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Migration from B 2100 F5 blades to B 2250 series in Viprion 2400 boxes. Troubleshot, configured and managed both models licensed for LTM and GTM.
• Server load-balancing utilizing F5 LTM-Big IP, including APM, ASM and Viprion device modules.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Provided configuration of STP and Port Security on Catalyst 6500 switches.
• Vender management experience in Nortel CS1000, Norstar options 11 - 81c.
• Configure the Cisco CRS-1 Routing System, back out of configuration changes, and restore older versions of a configuration.
• Configured the IPSec VPN tunnel as well as DMVPN for flexibility
• Performed Switching Technology Administration including VLANs, inter-VLAN Routing, Trunking, STP, RSTP and Port Aggregation on Cisco catalyst devices and Arista 7K.
• Configured of MPLS L2 VPN's, VPLS on Juniper M and J Series Routers
• Troubleshooting of Cisco 2800, 2900, 3900, 7200, 7600, ASR 4300, 4300, 1K, 2K, 3K, 7K, 9000Series routers.
• Python scripting for automation of difficult tasks.
• Configuration of OSPFv3, BGPv4 on Juniper M and J Series Routers
• Configure legacy route map configurations using the new Cisco IOS XR Routing Protocol Language (RPL).
• Working knowledge on configuring access lists. Troubleshooting DNS/DHCP issues within the LAN network.
• Maintaining Core Switches, HP C7000 Enclosures Switches creating VLANs and configuring VTP.
• Optimized performance of the WAN network consisting of Cisco 3550/4500, 4900/6500 switches by configuring VLANs.
• Handled Priority 1 and Priority 2 Tickets.
• Administration and configuration of Virtualized Datacenter environment, Citrix and NetScaler environment.
• Configured QOS parameters in Nexus 9k (9500) Switches.
• Performed redistribution with OSPF, EIGRP to enable communication with backbone.
• Managed the Cisco network infrastructure using Cisco Prime and software Defined Networking SDN
• Configuring Cisco Voice SIP protocol and its gateways (H323, MGCP).
• Worked with Ixia XR 2000 Devices for in-band and out-band management.
• Configured OSPF for Stub area, Totally Stubby Area and NSSA.
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Configuring and implementing IPSec VPN tunnel between ASA 5550 Firewalls, Palo Alto 5060, 7060 firewalls applied access list, NAT& IPS/IDS, Mcafee configurations.
• Worked on a broad range of topics such as proactive monitoring and maintenance, disaster recovery exercises, and core network repairs.
• Performed Migration from Cisco ACE Load Balancers to F5 LTM.
• Route configuration and point code checks for System Technician and Network Technician.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Worked with other team members in testing of the network architecture.
• Participated in quality system implementation project.
• Configure wireless routers on enterprise network with certificates and policies
• Worked with Remedy ticketing system.

Environment: Cisco 2948/3560/4500, 4900/3560/3750/3550/3500, 3700/ switches, Aruba 3810, 5412 switches, ASR 4300routers, Arista routers, Nexus 7K/5K, Cisco ASA 500, F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP, Cisco ACE Load Balancer, Fabricpath, Software Defined Networking (SDN).

Confidential, PA

Network Support Analyst

Responsibilities:

• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS)network using Frame Relay and Open Shortest Path First (OSPF).
• ProvidedTier 2 support as part of the network engineering team for one of the largest privately held WAN environments in the state of Texas incorporating T1, T3, OC3, Gigabit Ethernet, 10Gig, ATM, and MPLS technologies. Maintenance, upgrade, troubleshooting, and reporting of 2500+Cisco nodenetwork with approximately 30, 0000 users across 4 states and 3 countries.
• Provide support for a 40-node Frame Relay network and 4-node ATM OC-3 Campus Backbone network.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP)networkby tunings AS-path.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like pre-emption.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Scripting experience with Pearl.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured OSPF over frame relaynetworksfor NBMA and point to multipoint strategies.
• Configured policy based routing for BGP for complexnetworksystems.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer's Site.
• Use to be within a team of java and .NET developing applications team.
• Experience with Synchronous Optical Networking (SONET) over optical fiber.
• Configuring, Installing and troubleshooting on Check Point Devices.
• Involved in Configuring and implementing of CompositeNetworkmodels consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Good knowledge on Intrusion Detection and Intrusion Prevention System.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs ofnetwork.
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
• Configurednetworksusing routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Knowledge on multiplex techniques such as DWDM.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls.
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.

Confidential

Network Engineer

Responsibilities:

• Configured network equipment's (routers, firewalls, & switches) and installed network cable drops; terminated straight-through and crossover Ethernet connections and installation of fiber optics.
• Completed 10 independent, remote deployments of network hardware to client sites nationwide.
• Troubleshoot remedy tickets to resolve network issues and maintain Clients operational capability.
• Created and updated network designs (LAN and WAN) and rack elevations using Microsoft Visio.
• Conducted site surveys to determine and document requirements for security requirements, wiring, network, and specialized equipment. Procured network services and rack space to support customer requirements.
• Procured Internet lines (T1, Metro Ethernet and Fast Ethernet) and IP subnet blocks.
• Configured routers, switches, and firewalls for deployments.
• Conducted site surveys to determine and document network requirements.
• Assisted help desk resolution of trouble tickets.
• Involved in Network Performance Analysis and Capacity Management.
• Worked on Catalyst 6509 series with SUP 720, Sup Engine II Plus, processors with various line cards such as 24 port Gig E SFP, 48 port Gig E copper cards.
• Product testing and support for a wide range of products like routers, Layer2/layer3 switches, 802.11 wireless access points (Aruba - 105, 125) etc.
• Differentiated between System and Network issues and provided quick resolutions.
• Worked with IP routes BGP, OSPF and Cisco LAN Switches.
• Updated Microsoft Access database to maintain records of network information (rack spaces, IP blocks, POCs, etc.).

Environment: Worked on Cisco switches 6500, 4500, 4900, 4000, 4300, 3900, 2900, 5500 series, Catalyst 6509 series with SUP 720, IP routes BGP, OSPF, Cisco LAN switches, Proxy server, Troubleshooting DHCP.

Confidential

Jr. Network Analyst

Responsibilities:

• Performed Configuration and troubleshooting of multi-customer ISP network environment
• Involved in network monitoring, alarm notification and acknowledgement.
• Performed penetrationtestingfor event feed validation with LDAP, Active Directory, Linux/Unix systems.
• Implemented new/changing existing data networks for various projects as per the requirement.
• Performed troubleshooting of complex networks layer 1, 2(Point to Point, ISDN) to layer 3 (routing with MPLS, BGP, EIGRP, OSPF and RIP protocols) technical issues.
• Used Wire shark for network packet capture.
• Provided support to networks containing more than 2000 Cisco devices.
• Performed troubleshooting for IOS related bugs by analyzing past history and related notes.
• Carried out documentation for tracking network issue symptoms and large scale technical escalations.
• Managed the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.
• Performed Commissioning and Decommissioning of the MPLS circuits for various field offices.
• Prepared feasibility report for various upgrades and installations.
• Performed installation and maintenance of new network connections for the customers.
• Configured all the required devices and equipment for remote vendors at various sites and plants.
• Installed new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations.
• Installed and maintained local as well as network printers.
• Validated existing infrastructure and suggesting new network designs.

Environment: HDLC, FR, ATM, PPP, LAG and LACP that involves configuration and management of different Layer2 switching tasks and design of VLSN's, Troubleshooting, VLSM and IP address allocation.