SUMMARY

• Cisco Certified Network Engineer with 8.4 years of experience in the industry, which includes expertise in the areas of Routing, Switching and Firewall.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Implementation traffic filters on Cisco routes using Standard, extended Access list.
• Expert Level Knowledge about TCP/IP and OSI models.
• In - depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 77 firewalls.
• In depth understanding of using FortiGATE firewalls and fortiweb firewalls for IPS and other virtual web applications
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers with Site-Site VPN, and firewalls
• Implemented Security Policies on firewalls using ACL, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Good Understanding ofIPS/IDS,UCS,Proxies, encryption,ASRandCRSrouters and the configuration of VRF's and BGP.
• Worked on NXOS, IOS, and IOS-XR BXB to N7K-NXOS (MPLS) system test.
• Experience in F5, Cisco ACE 4710 Load balancers.
• Extensive understanding of the Application Security Module (ASM) technology
• Experience in working with load balancer for converting CSS to ACE
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
• Strong hands on experience in installing, troubleshooting, configuring of Cisco 7200, 3800, 3600, 3400, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Have knowledge on various advanced technologies like VoIP, H.323, SIP, QOS, IPv6, Multicasting, and MPLS
• Experience in working with Windows power shell scripting to maintain and administrating server environments.
• Experience with Layer 2 and Layer 3 protocols like LDP, RSVP/ TE, QOS, COS L2 VPWS and VPLS, FRR.
• Experience with IP address management (IPAM) such as Infoblox, Solar winds etc.
• Experience with Blue Coat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering
• Working knowledge with monitoring tools like Solar Winds & network packet capture tools like Wire-shark and Opnet.
• Experience working with McAfee antivirus, Storage Area Network (SAN) and data storage system
• Excellent qualities such as Teamwork, Negotiation, Analysis and Communication.

TECHNICAL SKILLS

Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP.

Networking Hardware: Cisco Switches, Cisco Routers, ASA/Pix firewalls, Vmware, Ironport.

Routing Protocols: OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting.

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat.

Network Monitoring: Cisco Works 2000, Wire Shark, HRPing, Solarwinds, Netflow, Cisco Prime

Operating Systems: Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR.

Routers: CISCO 2600, 2800,3600,3800,7200, Juniper M & T Series, Cisco CRS-1, CRS -3, GSR

WAN: PPP, HDLC, Frame Relay, Fiber Optic Circuits, Channelized Links(T1/T3)

WAN Optimizer: Riverbed Steel Appliance

Switches: CISCO 2900, 3500,4500,5000,6500, Nexus 7k,5k,2k

Programming Languages: C, C++, Perl, VB Script, Power Shell, Python, and SQL.

Simulation Tools: Qualnet Developer, OPNET IT GURU, OPNET Modelar, Cadence

Firewalls: juniper net screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Features & Services: IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics, Infoblox

PROFESSIONAL EXPERIENCE

Confidential, Secaucus, NJ

Sr. Network Engineer

Responsibilities:

• I was responsible for Crossroads rollout LAN/WAN problem determination and diagnosis, provide project leadership (onsite, offsite)
• Working with local IT personnel on troubleshooting, problem determination, diagnosis of performance issues, bandwidth issues, throughput traffic prioritization to improve overall application response time across WAN.
• Install and monitor application traffic using network protocol monitoring tools such as NTOP or wireshark to analyze network usage and bandwidth and run diagnostic programs to resolve problems.
• Worked with MPLS for redirecting data from one network node to another network node based on the shortest paths.
• Configuration and installation of LAN switches and wireless network infrastructure equipment and cabling all uplink and user network connections.
• Working with the Networking team and IT staff to review current VLAN configuration, IP routing and firewall access control for existing networks, and applying the necessary network and security access rules to the installed equipment.
• Participating in testing of the internal network infrastructure in the new building, and troubleshooting and remediating any issues.
• Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc
• Worked with F5, CISCO ACE 4710 Load balancers, GSS and Wireless networks.
• Deployed Cisco Catalyst 6500, 4500, 4000, 3750, 3850, 3560 (Layer 2 through 7).
• Deployed and configured Cisco ASR 1000, 7000, 9000 series routers
• Worked with Infoblox for securing and managing DNS, DHCP and IPAM
• Also worked with Extreme networks wireless devices like Access points AP3705, AP3610.
• Experienced working with Nexus OS, IOS, CATOS and Nexus 7K, 5K & 2K Switches
• Work experience on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Deployed Juniper switches EX4500 and EX4200, routers M7i and M10i and Junos OS
• Worked with Juniper Net Screen 500/5200 and also juniper SRX 650/3600.
• I have been involved in software development and testing using C language on Linux and Unix Platforms.
• Deployed Cisco 2500 and 5800 Series Wireless Controllers and 1xxx and 2xxx series Access Points
• Worked and working with Cisco ASA 5525 firewalls with current and demonstrated expertise with ACL security in a multi-VLAN environment
• Worked with Firewall DMZ zones and configuring them.
• Updated firewall rules and provided support for checkpoint 13500 firewalls. Used checkpoint console 77.30 and 77.47.
• Experience with Cisco ACI fabric networks
• Worked with VMWare and Flex team for Configuring and install their Dell Power Connect switch 5548 and increasing their Bandwidth Usage.
• Experience in working with load balancer for converting CSS to ACE
• Experience in working with F5 BIG-IP LTM and GTM for scaling and securing DNS infrastructure during high volumes.
• Expertise in creating custom I Rules, Health monitors, VIP’s, pools, nodes for F5 LTM/GTM
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s stage.
• Worked and performed troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Perform administrative tasks to configure, deploy and sustain Symantec Anti-Virus clients installed and operational on all internet network servers & workstations.
• Extensive experience with setting up Web Security Gateway including configuration of exceptions, tunneling and SSL decrypt bypass. Data Security module for DLP including rules and policy setup and E-mail Security including configuration as an in-bound/out-bound external e-mail gateway with services such as proof point.
• Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.
• Successfully configured Aruba Wireless LAN AP-255 and involved with troubleshooting Wireless LAN issues.
• Worked with ITIL (Information and technology information library) for managing our services.
• Working with ITS networking teams to install an Avaya VoIP phone system and test phone system connectivity and functionality.
• Knowledge of with API’s for troubleshooting Network issues using Wireshark and NTOP
• Responsible for implementation design, configuration and deployment of Cisco ISE added new devices on network.
• Plan, deploy, and support the Cisco ISE ecosystem applications and components.
• Hands on experience of large scale (600+ Access Points) wireless deployments including device posturing and profiling with cisco ISE appliance.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
• Configured and perform trouble shooting on Dell Power Connect Switch 5548 used to connect VM Servers and Flex Systems.
• Responsible to provide technical assistance in the CISCO Call Manager environment
• Responsible for voice technology operations based on Cisco VoIP solutions with specific expertise in several areas including Cisco Call Manager, Unity voicemail, Windows Servers, Linux servers and router/switching/gateway telephony technologies.
• Experience working with Active Directory (as a centralized system) to automate network security management and user data
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.

Confidential, Los Angeles, CA

Network Engineer

Responsibilities:

• Involved in configuring and implementing of composite Network models consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links
• Participated in the installation, configuration, and post installation daily operational tasks and configuration of the deployment of Cisco Nexus equipment
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, and Cisco 3800 series routers
• Managed rules on Cisco checkpoint NGX firewall
• Worked with Juno OS and Juniper M&T series switches
• Worked with Cisco ACE GSS 4400 Series global site selector Appliances.
• Worked on networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance
• Configuring Palo Alto’s for inline use and Adding signature attacks on prevention lists.
• Created new policies for CDE and syncing the same policies in all the Data Centers.
• Auto Tuning Palo Alto Signatures and syncing between the data centers, working on PCI’s and managing it during peak if needed.
• Also worked with the Riverbeds appliances
• Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Worked with Processes like RFI, RFE and RFP
• Experience in working with Network automation tools and testing for network change and configuration management.
• Worked with HP Network Automation software that automates the complete operational lifecycle of network devices from provisioning to policy-based change management, compliance, and security administration
• Worked with basic SQL quires in working with Database team in solving some of their network connection issues.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Worked with MPLS to improvequality of service (QoS) by defining LSPs that can meet specificservice level agreements (SLAs) on trafficlatency, jitter, packet loss anddowntime
• Worked with Load balancing device like F5 Big-IP local traffic manager(LTM) 1600
• Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Migrated, created, and managed pools and clusters in F5 Big-IP GTM 3DNS load balancers across multiple Datacenters
• Plan for migrations off Cisco CSS and Cisco ACE/GSS onto F5 LTM active/passive pair and deploy F5 GTM for site redundancy across two data centers connected via two diverse service providers.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption
• Implemented various OSPF scenarios on networks consisting of 7600 routers
• Configured policy based routing for BGP for complex network systems
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s site
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Worked with Nagios for monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH ).
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Experience working with remote teams. If it is P2 or P3 incident, we use to give handoff to remote team but if it is P1 then we need to be on call along with India team till resolution
• Worked on ASR 7000, 9000 series Cisco aggregation routers.
• Security policy review and configuration in Palo Alto, Cisco ASA firewalls in US offices and data centers.
• Created new policies for CDE and syncing the same policies in all the Data Centers.
• Auto Tuning Palo Alto Signatures and syncing between the data centers, working on PCI’s and managing it during peak if needed
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Provided full visibility and notification of authorized and unauthorized network access with integration of CISCO ASA/FWSM and NAC solution
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN
• Analyzed and tested network protocols (Ethernet, TCP/IP) using Wire shark tool.

Confidential, Tempe, AZ

Network Engineer

Responsibilities:

• Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS, static routing and policy based routing.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Upgraded Cisco ASA 5510 firewalls using 6500/7600 catalyst modules for enhanced performance, security and reliability. Security policy review and configuration in Palo Alto and Juniper SRX Firewall in Datacenter. Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router: 7705 SAR 8 and 7750 service router.
• Experienced in working with BIG-IP Edge Portal and BIG-IP Edge Client.
• Configuring and implementing F5 Big-IP LTM,GTM load balancers to maintain global and local traffic
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs& trouble-shooting of routing protocols like static, dynamic
• Provided on-call support for installation and troubleshooting of the configuration issues.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for state ful replication of traffic between active and standby member.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Firewall policy provisioning on Fortinet Fort iGATE appliances using FortiManager.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Implemented site to site VPN in Juniper SRX as per customer.
• Regular upgrade and maintenance of Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
• Troubleshooting experience with Cisco WAAS technology, WAN Optimizer/Accelerators like Riverbed.
• Monitoring and troubleshooting network issues between client site and 85 remote sites with legacy switches and routers.
• Provide escalation support to L1/L2 members of network team.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• IOS upgrade 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series Cisco routers using TFTP.
• Migrated IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), NAT64, DS-Lite and DNS64.
• Involved in troubleshooting of DHCP and other IP conflict problems.
• Configured ACLs (Standard, Extended and Named) to allow users all over the company to access different applications and blocking others.
• Configured switches with port security and 802.1x for enhancing customers security.

Confidential

Network L1 Engineer

Responsibilities:

• Manage installations, configuration and administration of Cisco equipment in IT architecture of organization.
• Configure IT LAN/WAN elements and held responsibility of maintaining and monitoring performance of network
• Provide Tier1 technical support; assist users facing network problems. Perform advanced troubleshooting, diagnostics and provide tier/level-1 solutions to network failures.
• Managed 5000 user accounts and group policies for users belonging to various accounts such as Confidential using Active Directory server.
• Also managed Internet Information Services (IIS), Mail servers, File servers, DNS and DHCP servers.
• Worked with Network Operations Center (NOC) by managing and monitoring LAN/WAN network services.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Responsible for Configuring SITE TO SITE VPN on Cisco Routers between Head Quarters and Branch locations
• Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
• Experience with Info lox technologies.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Created Virtual Machine templates for Windows server 2003/2008 using VMware vSphere and cloned them.
• Experience with Information Technology Infrastructure Library (ITIL) processes, especially change management and configuration management.
• Experience in using Putty, Win SCP, Active Directory, VoIP, Web Sphere Application Server, Apache, Eclipse, Databases (DB2, Oracle, and SQL Server).
• Performed switching related tasks such as implementing VLANS, VTP, RSTP and Port security.
• Implemented security measures using ACL and configured NAT according to the connectivity requirement.
• Provided 24/7 rotational on call supports for branch offices.
• Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy based routing, infrastructure and configured the entire network Infrastructure devices including network printers.
• Plans, coordinates, implements and supports the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.
• Troubleshoot Frame Relay; T1, T3, IP and OSPF related router and circuit issues.

Confidential

Network Associate

Responsibilities:

• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured EIGRP for Lab Environment.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Network Requirements.
• Designing solutions for frozen requirements using Cisco Routers and Switches.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter-Vlan routing with Multilayer Switching.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed administrative support for RIP, OSPF routing protocol.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Real time monitoring and network management using Cisco Works LMS.
• Provided technical support on hardware and software related issues to remote production sites.