SUMMARY

• Senior Network Engineer with 8 years of working experience in Network Infrastructure, Security which includes designing, deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols, routing, switching, configuring, implementation, troubleshooting of complex networking system.
• Working experiences with Routers, Switches, Load Balancers, Firewalls and Proxies.
• Excellent hands on experience in configuring Cisco Nexus 2248T, 2224T, 5548P, 5596T, 6000, 7010, 7018, 7710 switches. Also implemented VDC and VPC on the Nexus 5505, 7010, 7710 switches.
• Hands on experience in performing various configurations on Access, Distribution and Core layer switches like Cisco Catalyst 2960, 3750, 4507, 4010, 6506, 6509 switches.
• Hands - on experience in implementing and troubleshooting Switch technologies such as STP, VTP, 802.1q, VLAN and MPLS.
• Experienced in configuring, deploying, maintaining, and troubleshooting of routing protocols like RIP, OSPF, EIGRP and BGP on Cisco 1900, 2800, 3800, 3900,7200 and 7600 routers and also performed Policy based routing.
• Proficient in configuring and troubleshooting route Re-distribution between EIGRP, OSPF, and BGP protocols and also in Route Manipulation.
• Expert level knowledge on IP Addressing, Subnetting, VLSM, OSI model, TCP/IP model.
• Using IP Address Manager (IPAM) provides a centralized management of the IP address space, including IPv4 andIPv6 Address Management .
• Proficient in implementing first hop redundancy protocols like HSRP, VRRP, and GLBP.
• Understand the JUNOS platform and worked with IOS upgrade of Juniper MX80,MX104 devices
• Hands-on experience in creating security zones and security policies on branch Juniper SRX 240 and SRX 550 firewalls.
• Configuring BGP, OSPF and Static routing on JuniperMX80, MX104 series Routers.
• Proficient in implementing Security policies like NAT, PAT & Access lists.
• Hands-on experience in deploying GRE tunnels, Remote Access VPN and Site-to-Site VPN.
• Expert in configuring and implementing proxy servers and Authorization, Authentication & Accounting (RADIUS, TACACS+)
• Experiences with Cisco Nexus Fabric Extender (FEX) (2296, 2248)
• Experience in design, Deploying & Troubleshooting F5 Load Balancer Includes BIGIP Series 5050V, 10000V, 8900, 6900, and 3900.
• Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM. GTM, ASM, APM
• Experiences in Deploying & Troubleshooting policy management on Web Proxies.
• Experiences dealing with OS upgrading/Patching for various vendors like F5 (TMOS), CISCO (IOS, NX-OS), PANOS, JUNOS, Web sense, Bluecoat.
• Experience in administration and designing web proxies which includes Bluecoat.
• Experience in dealing with centralized management tool for rule based policy like Solsoft.
• Experience with McAfee and Splunk SIEM tools for log analysis and threat management analysis
• Experience in design, installation, configuration, maintenance, migration and administration of Juniper FirewallR55 up to R77.
• Experience in Policy based filtering using Palo Alto Firewalls.
• Experience working with Palo Alto GUI Panorama.
• Experience in migrating Juniper to the Cisco ASA Devices. Also migrating from Cisco to Palo Alto.
• Extensively used the packet capture tools like TCP dump, Wireshark and snoop on the devices to identify the potential network issues.
• Proficient in using Network Management Application layer software’s like SNMP, Solar winds, NTP and Syslog.
• Proficient in using MS VISO drawing for documentation purposes.
• Hands on experience in configuring VoIP phones using asterisk.

TECHNICAL SKILLS

Cisco Switches: Nexus 7K, 5K, 2K & 1K, Cisco routers (7200, 3800, 3600, 2800, 2600, 2500, 1900 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900series).

Routers: Cisco 2600, 2900, 3600, 3900, 7200 and 7600 series

Infrastructure services: DHCP, DNS, SMTP, FTP, TFTP

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- Channel, VLANS, VTP, STP, RSTP, 802.1Q, SVI

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, HSRP, VRRP, & GLBP.

WAN technologies: MPLS, leased lines & exposure to PPP, T1 /T3 & SONET.

Firewall Technologies: Cisco ASA 5580 series, PANOOS 2020, Juniper SRX, Palo Alto

Network Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, Load Balancing, IDS/IPS, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS)

Network Management: SNMP & knowledge on Cisco Works, Ethereal.

Platforms: Cisco IOS (11.x, 12.x), LINUX, Nexus OS, Windows XP.

Documentation: MS Office, MS Viso

Load-Balancer Technologies: F5 BIG-IP LTM.

PROFESSIONAL EXPERIENCE

Confidential, Irving, CA

Network Engineer

Responsibilities:

• Performing troubleshooting on slow network connectivity issues, and Performance on F5 and Cisco ASA Firewalls.
• Deploying and decommissioning Cisco switches/Firewalls and their respective software upgrades.
• Hands on experience in Installing and Configuring Palo Alto PA-3060 Firewalls to protect Data Center.
• Implemented Positive Enforcement Model with the help of Palo Alto networks
• Configure outbound web flow policies on Palo Alto devices
• Implemented Palo Alto solution for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Hands on experience in Configuring VPN, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
• Maintained TACACS+/RADIUS Servers for AAA authentication and User authentication.
• Provided VPN services to site-to-site and, Remote access VPNs using IPSec tunneling.
• Work with IP for any vulnerabilities /ACLS and remediate as needed.
• Provided routine status updates on work performed and interpretation of securityimplications from performed events.
• Performed upgrading of load balancers from citrix to F5 BigIP load balancer to improved functionality, reliability and scalability in the system.
• Worked on F5BIG-IP LTM 8900, configured profiles, provided and ensured high availability
• Worked on troubleshooting and resolving issues escalated by the NOC and internal systems, including developing, implementing and deploying emergency hot fixes within a global network
• Configuring ASM policies for external applications
• Administrating on F5 LTM, GTM, ASM, APM on series 5050
• Created an automated backup procedure for all F5load balance appliances
• Create complex iRules using TCL language for URL redirections, HTTP header-insertion and HTTP header modification.
• Experience in F5 iHealth reports creating and maintaining high quality installation guides, standards documents, diagrams, run books and other engineering documentations.
• Configuration and troubleshooting of Cisco 1900, 2500, 2800, 3800, 6500, 7200, 7600 Series routers.
• Worked on Catalyst 4506E, 4507, 6503E and 6506E series switches along with Nexus 5020 switches in change of configurations and maintenance.
• VSS on 6506E switches maintenance to provide dual homing for the consumers as well redundancy.
• Configured and maintained VDCs in 7018 switches, maintained VRFs in those separate VDCs. Operated in OTV to extend L2 VLANs amongst data centers over IP on Nexus 7018 switches.
• Upgradation of nexus OS from 6.2.2a to a higher version to increase performance and support new features on both N7010 & N7710 chassis.
• Proficient in Configuring VPC between the Cisco Nexus 7k, 5k.
• Route redistribution between OSPF, EIGRP and also in required routers, between IGP and BGP.
• Creating BGP multi-homed network using BGP attributes like AS-PATH, MED and local-preference as per the environment.
• Implemented Port Aggregation using LACP and PAgP protocols.
• Configured and maintained PVST+ for L2 loop prevention on Catalyst switches.
• Scheduled maintenance of Nexus 2248, 5548 and 7010 switches so that there are no Orphan ports in the network.
• Documented migration of data center from legacy switches to nexus switches..
• Handled LAN environment involving HSRP, VLANs, Trunking and Spanning Tree protocol.
• Upgraded the remote access (VPN) and firewall environment for the entire organization
• To ensure that day-to-day Security Operations run smoothly. Change management and third level incident management being the primary responsibility, participate directly as well as take escalations from the team members as and when required.
• Created Viso documentation to give complete picture of network design for each building.
• Hands on experience in Troubleshooting IOS related bugs based on past history and appropriate release notes.

Confidential, Chicago, IL

Network Engineer

Responsibilities:

• Hands on experience with Catalyst L3 switches and Cisco Nexus switches: 2232, 2248, 5548, 6001 and 7018(Sup 2E).
• Operated in Administration of L2 technologies like VLANs, VTP, Trunking, RPVST, Inter-VLAN routing, Ether channeling, and Switch port Security on Access Layer switches.
• In the process of Data center fabric migration from legacy Catalyst to Nexus switches, deployed, configured and maintained 5548, 7018 switches.
• Installed Catalyst 6509E switches with 40GE and 10GE line cards containing MSFC and PFC cards and configured, maintained VSS on it.
• Operated with Sup 2E for 7018 switch. And F cards for L2 switching and few M cards for L3 proxy routing purposes for F cards.
• Functioned in upgrading system images on 5k and 7k Nexus switches using kick start and FTP server.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, network devices
• WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP address
• Configured and maintained OSPF, EIGRP, and BGP on Cisco routers.
• Creating BGP multi-homed network using BGP attributes like AS-PATH, MED and local-preference as per the environment.
• Maintained TACACS+/RADIUS Servers for AAA authentication and User authentication.
• Provided VPN services to site-to-site and, Remote access VPNs using IPSec tunneling.
• Documented migration of data center from legacy switches to nexus switches.
• Providedhands-on support for environment includingon-call support for switches, routers and servers. Used Solar winds, DHCP, DNS to troubleshoot issues.
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Experience on Juniper GAIA R77. Environment consisted of 30+ Check Point firewallsand performed configuration, troubleshooting, and maintenance.
• Worked on, groups, and updating access-lists and responsible on Juniper Firewall, apply static, hide NAT using smart dashboard.
• Performed upgrades for all IP series firewalls from previous Juniper versions (R75.40, R75.40VS, R75.45, R75.46, R75.47, R76, R77) to R77.10
• Troubleshoot and resolve firewall software and hardware issues including VPNs, connectivity issues, logging, cluster configurations, hardware installations
• Experience in converting Juniper VPN rules over to the Cisco ASA solution. Migration with both Check point and Cisco ASA VPN experience.
• Setting up MPLS Layer 3 VPN cloud in data center.
• Implemented all standard and non-standard ISDN and IP-VPN changes to company customer support connections.
• Responsible for administrating Bluecoat and dealing with policies for user access like Blocking/Unblocking URL's.
• Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs.
• Configuring policies on ASM using manual policy enforcement and auto policy enforcement with F5 ASM, LTM, APM
• Knowledge in implementing and configuring F5Big-IP LTM load balancers.
• Installed high availability Big IP F5LTM and GTM load balancers to provide uninterrupted service to customers
• Prepare test plans for checking the configuration on the CLI, and GUI. writing iRules, scripts
• Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.

Confidential, Norfolk, VA

Network Engineer

Responsibilities:

• Configured Cisco ASA Firewall to use multiple security levels and interfaces
• Implemented numerous Firewalls polices on Cisco Firewall.
• Implementation and configuration of ASA 5520 in failover along with the CSC module as per the customer requirement.
• Implemented clientless SSL VPN on ASA 5500-x platforms.
• Preformed Firewall configuration primarily through the command line interface.
• Experience working with the Cisco IPS module which allows IDS or IPS inspection of all traffic passing through the firewall
• Configuring RADIUS and TACACS+ authentication on Cisco ASA firewalls.
• Worked on ASA routed mode and transparent mode.
• Worked on ASA 5500-x platform configuring the ACLS, NAT policies and AnyConnect VPN’s
• Upgraded the Cisco ASA firewalls from version 8.6 to 9
• Negotiate VPN tunnels using IPsec encryption standards and, also configured and implemented Site to Site VPN and remote VPN.
• Performing the ACL requests change for various clients by collecting source and destination information from them
• Work with application team and Information security for ACL renewals and ACLS aging.
• Hands on Experience on IPAM tool used for periodical scans a subnet and provides the availability status of IP addresses in that subnet.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the IP addresses from Subnet.
• Upgrades and backups of Cisco router configuration files to a TFTP server
• Design, WAN link using PPP Multilink and by implementing Cisco WAAS.
• Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices
• Team player in a data analytics environment, maintaining networkcapacity, integrity, and performance of client connectivity and data centers leveraging Devices, Solar winds as the primary tool set and VPLS as the key technology

Confidential

Network Engineer

Responsibilities:

• Worked on Catalyst 4506E, 4507, and 6503E, 6506E series switches along with Nexus 5020 switches in change of configurations and maintenance.
• VSS on 6506E switches maintenance to provide dual homing for the consumers as well redundancy.
• Route redistribution between OSPF and EIGRP & also in required routers, between IGP and BGP.
• Created stub areas and configured summarization for effective routing. Manipulated route updates using distribute lists, route maps & administrative distance, offset lists.
• Implemented Port Aggregation using LACP and PAgP protocols.
• Configured and maintained PVST+ for L2 loop prevention on Catalyst switches.
• Scheduled maintenance of Nexus 2248, Nexus 5548, and Nexus 7010 switches so that there are no Orphan ports in the network.
• Security issues handled related to VPN, IPSEC, NAT, and Configuring Standard, Extended and Named Access lists.
• Client VPN technologies including Cisco’s VPN client via IPSEC configured.
• Used Cisco ASA 5540 firewall for Enterprise security, configured ACL’s for Internet requests to Server Farm in LAN and DMZ.
• Worked with F5 Big-IP Product LTM in Load Balancing.
• Hands on experience with Checkpoint firewall on NGX 65 SPLAT on 65 product using CLI and web UI as well.
• Configured and maintained Cisco ACS server for AAA Authentication (RADIUS)
• Involved in configuring switch for 802.1x port based authentication.

Confidential

Jr Network Engineer

Responsibilities:

• Performed installation and configuration of Cisco switches 3600, 2800, 2600, 2500, 1800 series.
• Configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design..
• Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP & Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
• Configuring RIP, OSPF and Static routing on JuniperM and MX series Routers.
• Hands-on with Network management software NSM & configuration and extension of VLAN from one network segment to other network segment between different vendor switches (Cisco, Juniper).
• Taking Regular backups & testing the backups by restoring in test lab frequently.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Installation, Configuration and troubleshooting Cisco switches and Firewall on multimode context based environments.
• Managing a TACACS server for VPN user authentication and network devices authentication.
• Includes Artifacts for regular Health Checks, IP and System Integrity, Change management, Problem management, Logical Access Controls, Network Connectivity, Service Registration and Performance Management.
• VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and support also configuring IPsec site-to-site VPN connection. created engineering configuration, documenting processes using Microsoft Viso.