SUMMARY

• 7+ years of experience in Networking & Security, including hands - on experience in IP network design providing network support, installation and analysis.
• Experience in building network infrastructure for Data Centers which involved trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Managed and deployed Cisco PIX and ASA firewalls along with support and maintenance of Fortinet firewalls remote connectivity and URL Lists.
• Experience with devices Palo AltoNetwork firewalls such as securityNAT, Threat prevention & URL filtering.
• Experience in configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Designed and implemented various project with Cisco PIX firewall. Extensively worked on Cisco PIX 506/515E and 525.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
• Deployed site-to-site VPNs over IPsec and GRE.
• Experience on Checkpoint Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75, UTM
• Configured Checkpoint clusters with IPSO 2.0, IPSO 4.0, IPSO 5.0.
• Migrated and implemented new solutions with Cisco ASA Firewall series 5505, 5510, 5512-X
• Coordination with the Cisco TAC/Cisco AM, Checkpoint Consultant, for the critical cases/projects
• Good knowledge in installing Symantec for endpoint protection on Linux enterprise.
• Worked on F5 Local Traffic managers (LTM), Global traffic manager (GTM) of series 8900, 6400, 6800, 3400, 5100, 3600 and 3DNS migration to GTM.
• Configured virtual chassis for Juniper switches EX- 4200, firewalls NS 5200.
• Worked on Juniper Netscreen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200
• Deployed Netscreen firewalls ISG 1000, ISG 2000 for financial domains.
• Proficient using the F5 based profiles, monitors, VIP’s, pools, pool members, iRules for virtual IP’s
• Involved in scripting the iRules using TCL (Tool command language) and Python for HTTP redirection.
• Implementing standard security measures on all the Routers and Switches. Configuring AAA on all network devices with TACACS+ using Cisco ACS.
• Experience of routing protocols like EIGRP, OSPF, RIP, and BGP.
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Router andCisco 2900, 3500,4500, 5500, 6500 series switch.
• In depth understanding of IPv4 and implementation of Sub netting.
• Extensive hands-on experience with complex routed LAN and WAN networks,routers and switches.
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trucking, Port Security, ACLs, Syslog, STP and RSTP.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Extensive experience with Cisco IOS, Windows client/server operating systems, Linux, Networking technologies, Firewalls.
• Strong experience in Network Security using ASA Firewall, Checkpoint, Palo Alto, Cisco IDS/IPS, AAA, and IPSEC/SSL VPN.
• Experience in L2/L3 3 protocols like VLANs, STP, VTP, MPLS and Trunking protocols.
• Good knowledge in WAN Technologies like ACL, NAT and PAT, IPSec and VPNs
• Proficiency in configuration of VLAN setup on variousCiscoRouters and Switches.
• Experience in designing MPLSVPN and QoS for architecture using Cisco multi-layer switches.
• Enhanced level of experience with OSPF, BGP, and TCP/IP.
• Worked on WAN Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing.
• Designing most cost effective networks using MS VISIO and implementing them.

TECHNICAL SKILLS

Protocols: RIP, EIGRP, OSPF, BGP, VRRP, GLBP, LACP, PAGP, DNS, SMTP, SNMP, FTP, TFTP, LPD/ TDP, WLAN

LAN Technologies: HSRP, DHCP, VLAN, STP, RSTP, PVST, VTP, Inter VLAN, IEEE 802.1Q, Port Security

WAN Technologies: Frame-Relay, ISDN, PPP, MPLS, HDLC, ATM, SONET, Metro Ethernet

Network Products: Cisco Routers-7200, 3800, 3600, 2800, 2600, 1800; Cisco Switches-2900, 3500,4500, 5500, 6500, 6800, Nexus 5K, 7k

Security: Cisco PIX, ASA, Checkpoint, Palo Alto firewalls, Blue Coat Proxy, IPS/IDS, NAT, PAT, Symantec, Cisco ACS, Juniper Netscreen, Fortinet, IronPort, Proxy Server, VPN, IPsec

Management Tools: Wireshark, Syslog, Sniffer Pro, and Infoblox

Operating Systems: Microsoft Windows XP/Windows 7/ Windows 8.1, Linux- Red Hat, Windows Server 2003/2008.

Documentation: Microsoft Office, Visio

PROFESSIONAL EXPERIENCE

Confidential, Redding, CA

Network Security Engineer

Responsibilities:

• Design, Build, and Implement various network security solutions using Checkpoint/ Fortinet/ Netscreen Firewalls, Blue Coat Proxies, and F5 Load balancers.
• Configured and implemented networkusing routing protocols such as EIGRP MPLS, OSPF, and BGP and troubleshooting L2/L3 issues.
• Installed and configured protocols like TCP/IP and Internet protocols on WAN network.
• Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP.
• Designing and implementing new Firewalls requirements for Customers such as Cisco PIX, ASA, Checkpoint UTM, Fortigate and Juniper SSG and SRX Firewalls.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Checkpoint and Cisco ASA VPN experience.
• Implemented higher security measures to include Dual layer security for remote access via SSL/VPN utilizing Fortinet FortiGatedevices.
• Performed configuration of SNMP, RADIUS, and TACACS along with other standard global configurations on existing client production routers and switches
• Supporting EIGRP and BGP based BOA network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Demonstrated the migration benefits from HSRP to GLBP. Successfully upgraded the existing network to GLBP for high availability and load balancing between distribution layer switches.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Performed Upgradation from old platforms to new platforms R62 to R75.20.
• Measure the application performances across the MPLS cloud through various routing and switching methods.
• Implementing SecuritySolutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Review monitoring and security risks for our networkinfrastructure, update securitypolicies using Firemon and Palo Alto Firewalls.
• Experience in different VPN platforms, IPSec, SSL & Web VPN. Mobile VPNs solutions from Cisco and Checkpoint.
• As part of Quarterly audit review process, we will remove user accounts which no longer exists in Bluecoat proxies and in Provider-1.
• Migrated Firewall infrastructure from Checkpoint R65 to Netscreen ISG2000.
• Captured the network packets and examined the network protocols using Wireshark.
• Worked on the Blue Coat proxies for content filtering and URL filtering.
• Proactively involved in upgrade, maintenance, monitoring and support for the PA500 Palo Alto devices.
• Performed IOS upgrades on Cisco Nexus 2148Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
• Gathering details from customers and providing best security infrastructure solutions with F5 load balancers, Checkpoint/Netscreen firewalls and Blue Coat proxies.
• Installed and Configured a Cisco secure ACS server for AAA authentication (RADIUS).
• Commissioning & de-commissioning with Cisco 7500, 7200, 6500 with SUP 720 module, 3550, 2950 switches for the Data Center migration & operations.
• Update SOP (Standard Operating Procedure) Documentation including network diagrams using Visio.
• Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates, iRules, and SNATs on the F5 Big IPs using the Web GUI and CLI.
• Participating in 24*7 on-call support and implementing changes in different time zones as per the client requirements

Environment: Cisco Switches & Routers, iRules, SNAT, F5 Big, Virtual Servers, Netscreen, EIGRP, OSPF, BGP, RIP, N2X series, Wire Shark, Visio, Palo Alto, ACS, RADIUS, TACACS, LAN/WAN, Fortinet, Blue Coat Proxy, Python, Nexus 3k & 5K, TFTP, MPLS, VPN, VLAN, Cisco ASA Firewall.

Confidential, Dallas, TX

Network Security Engineer

Responsibilities:

• Installation & maintenance of client network infrastructure using multiple Firewalls like Checkpoint security firewall, Juniper and Palo Alto.
• Configuring Static, IGRP, EIGRP, BGP and OSPF Routing Protocols on Cisco1600, 2600, 2800, 3600, 7300 series Routers.
• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Building the VPN tunnel and VPN encryption and providing daily network support for national wide area network consisting of MPLS and point to point site.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN.
• Configured and maintained IPsec and SSL VPN on Palo Alto Firewalls
• Configuring RIP, OSPF and Static routing on JuniperRouters.
• Experience working with Juniper EX-Series Ethernet Switches.
• Configured various LAN switches such as Cisco 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Implemented VPC, VDC on Nexus Switches and also configured FEX.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco ASA 5500.
• Implementing securitySolutions using Palo Alto PA-5000, Checkpoint Firewalls R76, R 77.20/77.30 Gaia Provider-1/MDM.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500, Firewalls, Cisco PIX 506, PIX515.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Worked on datacenter migration of existing PIX to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Proficient in design, implementation, management and troubleshooting of Checkpoint firewalls, Checkpoint Provider-1, VSX, Palo Alto IDS/IPS modules, Data Center Migration, F5 Load Balancers, LTM, GTM, ASM, APM, Blue Coat URL filtering.
• Using Smart Update, User Management and Authentication in Checkpoint Firewall.
• Regularly performed firewall audits around Checkpoint Firewall-1 solutions
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Server load-balancing utilizing F5 LTM-BigIP, including, AFM, APM and ASM modules.
• Involved in Big-IP F5 load balancing for internet traffic across web servers using iRules.
• Troubleshoot basic BGP routing issues on Cisco 12000 and Cisco CRS series.
• Implementing, troubleshooting and maintaining AP, WLC, WCS, NCS.

Environment: Cisco and Juniper Switches and Routers, Access Points, Cisco Nexus 7K/5K/2K, Cisco ASA 500, PIX, Blue Coat Proxy, Palo Alto, Checkpoint, Fortinet, FortiOS, Visio, F5 BIG-IP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, MPLS, HSRP.

Confidential, Knoxville, TN

Network Engineer

Responsibilities:

• Worked on multiple projects related to Branch networks, Campus networks, extranet clients and Data Center Environments involving in data center migrations from one data center to another
• Configured Site-to-site and remote access VPN solutions
• Installed and configured Cisco 7200 series router and Cisco 2950, 4500, 6500 Series switches
• Configured network using routing protocols such as RIP, OSPF, and BGP and troubleshooting L2/L3 issues
• Created data migration strategies to help with completion of migration of data center from one point to another
• Worked with Wireshark for capturing and analyzing packets between the client-server.
• Configured Cisco 6500 (sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access
• Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution
• Configured RIP, OSPF and Static routing on Cisco Routers
• Configured VLAN, STP, VSTP, SNMP on EX series switches
• Performed time to time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HSRP, EIGRP in unequal cost load balancing to build resilient network
• Designed and implemented Catalyst/ASA Firewall Service Module for various LAN’s
• Performed troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, & BGP
• Configured Client VPN technologies including Cisco’s VPN client via IPSec.
• Configured ACL to allow only authorized users to access the servers
• Performed installation, maintenance, troubleshooting of local and Wide Areas Network (ISDN, DDR, NAT, DHCP, TCP/IP)
• Provided technical support in terms of upgrading, improving and expanding the network
• Provided technical security proposals, detailed RFP responses, and security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures

Environment: Cisco Routers 7200, Cisco Switches 2950/4500/6500 , LAN/WAN, Cisco ASA Firewalls, Access Lists, STP, HSRP, VLAN, VTP, VPN, SNMP, OSPF, BGP, EIGRP

Confidential, Atlanta, GA

Network Engineer

Responsibilities:

• Responsible for implementing new technology and new releases in the production environment.
• Configured and troubleshoot VTP, STP, and Trunks.
• Experience with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
• Configuring and Maintaining TACACS+ for AAA.
• Installing and configuring protocols like TCP/IP and Internet protocols including LAN.
• Routing and HTTP and RMA’s and provided 24x7 support.
• Assisted in backing up, restoring and upgrading the router and switch IOS.
• Worked on Data, VOIP, Security as well as wireless installations and technologies.
• Identifying technical problems and debugged hardware and software related to LANs/ WANs, different kind of workstation (PC/ MAC/ LINUX), laptops, printers, and copier.
• Experience of VMware ESXi and VMware infrastructure.
• Configured Ethernet channels using PAgP and LACP.
• Desktop support for users including MS office, Windows 2000/ XP, MAC, Linux.

Environment: Cisco Routers - 2600, 2800, 3200 series routers, TACACS, AAA, LAN/WAN, Windows, Linux

Confidential

Network Engineer

Responsibilities:

• Designed and implemented remote dial up solution for clients.
• Installed and configured workstations for IP based LAN’s.
• Installed and configured DHCP Client/Server.
• Installed and Configured a Cisco secure ACS server for AAA authentication (RADIUS).
• Configured and managed networks using L3 protocols like RIPv2
• Configured VLANs, Private VLANs, VTP and Trunking on switches.
• Planning and configuring the entire IP addressing plan for the clients'network.
• Assist the certification team and perform configuration of LAN/WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.
• Configured L2 and L3 security features on the devices
• Troubleshooting on routing protocols, which include RIP, RIP V2, BGP, EIGRP, and OSPF.
• Recovered lost passwords and created standard access-lists and extended access list for new users.
• Broad Hands on Experience in Inter-VLAN routing, redistribution, access-lists and dynamic NAT
• Develop and implement strategies to support the current and future needs of the company.
• Assists with installing, supporting and maintaining new hardware and software infrastructure, Monitors network usage

Environment: Routing Protocols (RIP, OSPF, BGP, EIGRP), VPN, RADIUS, MPLS-VPN, TACACS, LAN/WAN. VLAN Trunking, DHCP Client/Server, VTP.

Confidential

Jr. Network Engineer

Responsibilities:

• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default routes.
• Worked on HSRP for hop redundancy and load balancing.
• Configured the Cisco router as IP Firewall and for NATing and configured RSTP, MST and used VTP with 802.1q trunk encapsulation.
• Provided port binding, port security and router redundancy through HSRP.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Provided testing for network connectivity before and after install/upgrade
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Experience with Cisco switches and routers: Physical cabling, IP addresses, Wide Area Network configurations.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external.
• Troubleshooting of Layer 2 features (VLAN, STP, RSTP, VRRP, and Ether Channel).

Environment: VLAN, STP, RSTP, VRRP, and Ether Channel, OSPF, IGRP, RIPv2, EIGRP and RSTP, MST