SUMMARY

• Around 7 years of hands on experience in network engineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• Configuring, Administering and troubleshooting the Checkpoint and ASA firewall.
• Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies onJuniperSSG320 and SSG140 Firewalls.
• Participated in the installation, configuration and post installation daily operational tasks and
• Worked with the installation of Palo alto firewall. Migrated with a team from predominantly checkpoint environment to Palo alto global solution.
• Checkpoint level 3 operations support with hardware operation and fixed all problems.
• Expertise in Migration ofFirewallsfrom Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo altoand Vice Versa
• Access control server configuration for RADIUS & TACAS+.
• Implemented Zone Based Firewalling and Security Rules on thePalo altoFirewall
• Experience with 802.11x wireless technology.
• Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies onJuniperSSG320 and SSG140 Firewalls
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Manage administration ofJuniperFirewall, connecting offices worldwide through VPN tunnels to two HAJuniperSSG520's. The VPN provides 24/7/365 connectivity for corporate needs of all remote offices.
• Strong experience on Juniper SSG series Firewalls and checkpoint R75,76 Firewalls
• Experience working withJUNOSOS on Juniper Routers and Switches. experience on Code Upgrade for Cisco Routers including 7200, 3900, 2900, 881, 891 and Switches including 6500, 4500,Nexus9K,Nexus7k,Nexus6k,Nexus5k,Nexus4k, ASR 9K, ASR 1K.
• Experience in configuring security technologies like IPsec VPN,DMVPN, VLAN's, policy based routing.
• Experience in configuration ofJunipersecurity appliances SRX 220, SRX 240, SRX 550, NS 50, SSG 550M, SSG 520M.
• Strong hands on experience on PIX Firewalls, Palo alto, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Supporting and troubleshooting Checkpoint/Cisco site - to-site VPN/IP Sec functionality.
• Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM.
• Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9k, 7K, 5K and its downstream devices.
• Exposure of large complex checkpoint, Cisco ASA and Palo alto environment

TECHNICAL SKILLS

Routers and Switches: Cisco Switches (2900, 2924, 2950, 3550, 5500, 6500, 6509, 6513), Cisco routers (2600, 2800, 3640, 3700, 3825, 7200, 7204, 7206)

Protocols: RIP, RIP2, PPP, OSPF, EIGRP, IS-IS, BGP, SNMP, HTTP, FTP, TFTP, HTTP, DHCP, SMTP, ICMP

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines

LAN Technologies: Ethernet, TCP/IP, CDP, STP, RSTP, VTP, VLAN, Trunks, Ethernet channel, MPLS.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Firewalls: ASA, PIX, SRX, Watch guard, ASDM, CSM, Checkpoint

Operating Systems: Windows 2000/2003/2008 , windows XP/7, LINUX, Redhat, UNIX, Macintosh

Servers: Domain servers, DNS servers, WINS servers, Mail Servers, Proxy Servers, Print Servers, Application servers, FTP Servers

Load balancer: F5 Load Balancer, ACE, LTM & GTM series.

Monitoring Tools: Wireshark, Fiddler, Microsoft Network Monitor, solar winds and some sniffers

Cloud Technologies: Amazon Web Services (AWS)

PROFESSIONAL EXPERIENCE

Confidential, CA

Sr. Network Engineer

Responsibilities:

• Design, implementation and operational support of routing/switching protocols in complex environments including IS-IS, BGP, OSPF, EIGRP, Spanning Tree
• Configured and troubleshoot link-state protocols such as OSPF in single and multiple areas
• Configuring BIG-IP-F5 LTM and GTM Load Balancers and troubleshooting Issues in F5 and upgrading and modifying the Virtual Pool, Nodes and Virtual Servers
• Configured and administrated various Cisco and Nexus Routers and Switches.
• Install and Configure GRE Tunnels and Extended the Data Center access to remote sites to access the Data Center
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Experience configuring Virtual Device Context in Nexus 7010
• Implementing security Solutions using Palo alto PA 5000, Check pointFirewallsR75, R77.20 Gaia and Provider-1/MDM.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Experience in design and implementation of new branch test and turn up.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall
• Configured ASA 5500 to ensure high-end security on thenetworkwith ACLs and Firewall
• Juniper ContrailSDNCloud Computing Open Networking Openflow/ODL
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with CiscoISE
• Configured Cisco ASA 5510 for VPN Network Access Control integration with CiscoISE(Inline PEPs).
• Migration from Cisco firewalls to Palo alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls.
• Performed Network Address Translation on Cisco ASA 8.2 and 8.3
• Responsible for Cisco ASA firewall administration across the network.
• Experience configuring Virtual Device Context in Nexus 7010.
• Implemented firewall rules in Palo alto firewalls using Panorama for one of the environment.
• Deploying the policies on firewall using the Checkpoint’s Smart Console Manager and Smart Dashboard.
• Monitoring and troubleshooting traffic on Palo alto 5020 firewall.
• Troubleshoot the FW related issues by using the Checkpoint’s client software SmartLog & Smartview Tracker.
• Writing the Nat rules in Palo alto FW manager including troubleshooting & validation.
• Installation of Palo alto (Application and URL filtering, Threat Prevention, Data Filtering).
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server.
• Expert level knowledge about TCP/IP protocol suite and OSI model.
• Enabling the TCP, UDP, SMTP ports to allow the traffic between the servers
• Troubleshoot and hands on experience on security related issues on Checkpoint IDS/IPS.
• Installation of Palo alto (Application and URL filtering, Threat Prevention, Data Filtering).

Confidential, Atlanta

Network Engineer

Responsibilities:

• Palo altodesign and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Proficient in design, implementation, management and troubleshooting of Check pointfirewalls, Cisco PIX, NetScreenFirewalls, Check point Provider-1 / VSX, Nokia VPN,Palo altoIDS, Foundry / F5 Load Balancers, and Blue Coat Packet Shaper systems.
• Configuring and maintaining F5 SSLVPNandnetworkaccess and Single Sign-On (SSO) for SAML resources.
• Configure allPalo altoNetworksFirewallmodels (PA-2k, PA-3k, PA-5k etc.) as well as a centralized
• Monitoring Traffic and Connections in Palo alto and ASA Firewall.
• Installation and configuration of Cisco Nexus 9k, 7k, 5k, 2k (Fexus), ASRs, 6500s, 4510s, 3800s, 2900s.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9k, 7K, 5K and its downstream devices.
• Experience in deployment of Nexus 7010, 5548, 2148T, 2248 devices.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Provide technical support in the configuration of Cisco andJuniperrouters and switches to include: Cisco Enterprise Equipment, Cisco Routers, Cisco Catalyst Switches, JuniperEnterprise Equipment,JuniperRouters, M-Series, MX-Series, andJuniperEX-Series Switches.
• Used Cisco routers, switches, Access Points, Concentrators for implementation and management purpose.
• Experience in configuration Voice over IP (VOIP).
• Experience with devices Palo alto Network firewalls such as security NAT, Threat prevention & URL filtering
• Experience with configuring Nexus 2000 Fabric Extender (FEX) hich acts as a remote line card (module) for the Nexus5000.
• Configuring Virtual Chassis forJuniperswitches EX-4200, Firewalls SRX-210
• Adding exemption, editing policy groups on Websense Management Server.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Backup and restore of checkpoint Firewall policies.
• Installed and configured four PIX 525 and two ASA 5505 in customer locations. In addition to that, two PIX firewall configured for the Guest access
• Experience in Installation, configuration, and troubleshooting on Riverbed Steelheads.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Provided support for NAC platform including analysis and implementation of NAC requirements
• Responsible for Palo alto firewall management and operations across our global networks.
• Involved in Bradford NAC policy development, testing and deployment
• Good understanding of JUNOS platform and worked with IOS upgrade ofJuniperdevices.

Confidential, Plano TX

Network Engineer

Responsibilities:

• Palo altodesign and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Configuring/Troubleshoot issues with the following types of routers Cisco (1700, 2600 and 3500 series).
• Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route
• Redistribution, Installed and Maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems.
• Experience in designing, installing & configuring of Cisco PIX, ASA & FWSM (Firewall service module).
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Have sound knowledge of Firewall architecture, routing and VPN.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi layer stackable switch like 6500 series and 2800 series router.
• Configuring and troubleshooting perimeter security devices such as Checkpoint NGX R77 Gaia, Provider-1/MDM, Secure Platform,Palo altoand ASAFirewalls.
• Installation ofPalo alto(Application and URL filtering, Threat Prevention, Data Filtering)
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling

Confidential

Network Support Engineer

Responsibilities:

• Responsible for design & management of juniper Netscreen firewalls, juniper switches, cisco switches
• Configuration, Troubleshooting and Maintenance ofPalo altoFirewalls(160+firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and testCisco router and switching operations using OSPF routing protocol.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WANnetworkconsisting of CISCO 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
• Implement changes on switches, routers, load balancers (F5 and Brocade), wireless devices as per engineer’s instructions and troubleshooting any related issues.

Confidential

Network Admin

Responsibilities:

• Designing solutions for frozen requirements using Cisco Routers and Switches
• Configured EIGRP for Lab Environment.
• Configured Cisco Catalyst 6500, 4500, 3850, 3750, 2960 switches and Cisco 3600, 7200 &ASR1K & 9k Routers for an enterprisenetwork
• Implemented ISL and 802.1Q for communicating through VTP.
• Deploying and decommission of VLANs on coreASR9K, Nexus 7K, 5K and its downstream devices.
• ConfiguredRADIUSserver.
• Implemented Zone Based Firewalling and Security Rules on thePalo altoFirewall
• Worked onCiscoLayer 2 switches (spanning tree, VLAN).
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Apache Web Server & MRTG, BIND DNS Server configuration and optimization over UNIX and Active directory implementation of Windows 2003 Server.
• Configured & Maintained Cisco 2600, 2800, 3200 series routers including IOS upgrades.
• IOS upgrade in Nexus 7010 through ISSU (In service Software Upgrade)
• Worked on Juniper J series j2330, M320 routers and EX 3200 switches.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN