SUMMARY

• Over 8+ Years Experienced Network Engineer having worked extensively with multiple Clients in Switching, Routing, Network Security (Firewalls and Proxies), Application Delivery Controllers, Authentication and Wireless environments.
• Experience in installing, configuring, and troubleshooting Cisco Nexus 7k, 5k, 2k, Cisco 7600, 7200, 3800, 3900, 2800, 2900 series Routers, Cisco Catalyst 6500, 4500, 2960, and 3750 Stack Switches.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP - BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Experience with legacy and high-end switching technologies in Campus and Data Center environments.
• Worked on Cisco, Juniper, and Aruba/HP gear in campus environments. Worked on Cisco, Arista, Dell, Cumulus, and Juniper gear in Data Center environment.
• Experience in Solar wind to log and even the suspicious activity and security threats, conducting an investigation and responding to real-time issues, including blocking IP addresses, disabling accounts, changing privileges and permissions and killing applications.
• Deployed site-to-site VPNs over IPsec and GRE
• Familiar with Cisco Security SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cryptography, VPN, IPSec.
• Experience in configuring L2/L3 protocols like VLANS, STP, VTP, MPLS, and Trucking protocols.
• Designed and deployed highly available LAN/WAN infrastructure.
• Strong experience in creating firewall policies as per the requirements on Palo Alto (PA-5020/PA-3020), Cisco ASA (5540/5580).
• Profound working knowledge of administration and management of Palo Alto Firewalls using centralized Panorama M-100 and M-500 devices.
• Basic and advanced F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Knowledge and configuration of Cisco ACL, NAT, AAA, TACACS+ & RADIUS Server on Cisco Secure ACS.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Extensive experience with data center design with MLAG/VSS/vPC, BGP, OSPF, creating complex ACLs for multiple FW policies, Active Directory, IPSEC VPN tunnels, SIEM, ethical hacking, penetration testing, firewall, automation, TCP/IP, OSI model, PCI compliance, monitoring network with netflow/sflow, and wireless installs.
• Design and configure OSPF and BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPNs on Palo Alto Firewalls.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Configure Elastic Load Balancing on EC2 instance with multi-region hosting of Application for failover setup on AWS cloud.
• Expertise in configuring and troubleshooting complex layer 2 technologies such as VLANs, VTP, Ether Channels, Spanning Tree Protocol STP, RSTP and MST and redundancy protocols like HSRP, VRRP, GLBP.
• In-depth knowledge and experience working with other protocols like TCP/IP, OSI model, DHCP, DNS, SMTP, IMAP, FTP, WAN, LAN, NAT, PAT, ACL, VLANs, Trunking using 802.1Q, IPv4, IPv6, LDAP, HTTP, HTTPS, UDP, VOIP, QOS.
• Proficiency in the configuration of VLAN setup on various CISCO Routers and Switches.
• Migrating applications from cisco ACE/CSM to F5LTM, and GSS configurations to F5 GTM wide-Ip’s
• Experienced with Polycom/BroadSoft/Cisco Voice platforms, Call Manager, Unity, VOIP gateway, SIP, PRI's, Dialing plans, and Cisco Unified Boundary Element (CUBE).
• Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
• Experience on Virtual PrivateNetwork(VPN) for operatingNetworkand Data Center.
• Test Planning, writing, lab setup and certification of features Network Management of IPv4 devices, IPv6 devices, BGP Multihoming, VPLS, SAVPN, BGP Multihoming with VPLS,VPWS and CFM,VRRP, RADIUS and management protocols like DHCP, TELNET, FTP, SNMP, TFTP, RADIUS,RMON,TACACS
• Experience with TACACS/RADIUS servers, migration from ACS and Aruba ClearPass to ISE. Experience with Windows, Infoblox DNS, DHCP servers, IPAM, and internal and external grids.
• Traffic monitoring and managing using Palo Alto Panorama.
• Experience with WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPsec tunnels, ISP circuits, and Customer Edge configurations. Experience with SD-WAN solutions that include Viptella and Versa.

TECHNICAL SKILLS

Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000, Juniper M320, MX80, MX960, And MX480

Firewall Platforms: Juniper, Checkpoint Cisco Firewalls (ASA 5505, 5506-X, 5585), Net gear Firewall, Fortinet, Palo Alto Networks (PA series 2K, 3K and 5K), WAF, ACI.

LAN Technologies: VLAN, VTP, Inter-VLAN routing, STP, RSTP, PVST, 802.1x

WAN Technologies: Frame Relay, ISDN, ATM, MPLS, PPP, Channel & Leased lines

Network Securities: NAT/PAT, VPN, Filtering, Load Balancing, IDS/IPS, IPsec, ACL

Routing Protocols: RIP, IGRP, HSRP, EIGRP, OSPF, IS-IS, BGP, OMP

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTP

Network Management: SNMP, SSH, Telnet, ICMP

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap.

Load Balancers: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, Citrix NetScaler, MWG, Zscaler Proxies.

Configuration Management Tool: Ansible, Cisco SD-WAN(Viptela)

IP Telephony: VOIP, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager Express.

Operating Systems: Windows Vista/XP/NT/2003, MS-DOS, UNIX, Linux

Packages: Visual Studio 2008, OPNET, MATLAB, CAD, Flash, Dream weaver.

Ticketing tool: Service NOW, JIRA, REMEDY

Cloud Technologies: Open Stack, AWS.

Tools: Wireshark, tcpdump, VMware, Nessus, Solar winds, Cisco ISE, Splunk

Scripting Languages: Bash, Python, and Perl.

PROFESSIONAL EXPERIENCE

Confidential, NJ

Network Engineer

Responsibilities:

• Responsibilities in preparation, planning, design, and implementation of purchased solutions into a customer's existing networking environment.
• Implement Wide Area Networks, including the development of configurations.
• Implement routing protocols, including OSPF, and BGP.
• Troubleshooting and problem-solving for network and application issues.
• Configure and assist with the implementation of network hardware, including routers, switches, VoIP equipment, security appliances, etc.
• Worked as a part of a network team where my daily tasks included configuring, monitoring, and troubleshooting TCP/ IP networks.
• Planning, designing, and configuration of various Cisco ISE strategies (Standalone, Distributed Setups).
• Starting up a new IoT team to help support the network needed to run IoT products.
• Configuring user's roles and policies for authentication using Cisco NAC and monitoring the status of logged users in the network using Cisco ISE.
• Implemented Cisco ACI L4-L7 service graph to include, Cisco ASA and F5 integration as well as L2 and L3 out extension using contracts and Layer 3 capable device such as routers and Checkpoint firewalls.
• Configured networks using routing protocols such as OSPF, and BGP and manipulated routing updates using route-map, distribute-list and administrative distance for on-demand Infrastructure.
• Collaborating with Application owners, Network Team, DNS Team, and Firewall Team, to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager
• Engineering and configuring Virtual Server, Pools, iRules, Profiles, Persistence, and monitor on F5 LTM to match the configuration the Application had on NetScaler.
• Experience with partners on installation and configuration problems and issues related to SDA, and DNAC.
• SD-Access simplifies the delivery of consistent, highly secure, identity-based policy for users and devices across wired and wireless networks.
• Worked extensively with Cisco Catalyst 9K, ASR 1K, ISR 4K series switches and routers on setting up DNA lab infrastructure.
• Configured Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox)
• Designed and implement Cisco/Meraki Enterprise Cloud Wireless Bridge/Repeater to extend the LAN for multiple buildings.
• Expertise in F5 BIG-IP LTM and Cisco CSS Load balancers.
• Configured Access-List, Access group, Access-Class, Line VTY, Telnet, IPsec, VPN, TACAS and AAA, DNS, DHCP, EIGRP, BGP for securities.
• Troubleshooting backup and restore problems and performing day-to-day troubleshooting for the end users and Linux-based servers.
• Was responsible for the IPAM (IP Address management) system for a very large WAN/LAN network (QIP) using SolarWinds IPAM and Infoblox DNS and DHCP servers. Experience with DHCP scopes, IP reservations, DNS host entries, pointers, delegations, Zones, DNSSEC etc.
• Worked on creating and removing files and directories in Linux servers.
• Experienced in the configuration of the Splunk input and output configuration files
• Installed, configured, and manage Splunk Enterprise Security.
• Expertise in F5 LTM and GTM Management.
• Team point person for configuring and installing of Cisco 3750 and 4500 access switches . Cisco Nexus 6K for core and distribution.
• Create and Validated Migration plan to move the Legacy data center env to the AWS Cloud environment.
• Mentoring the partner technical engineer on executing the Voucher Guidelines for ISE Trustsec activation, ISE Wireless guest management activation.
• Assist partners with plans and executions of highly complex system upgrades and migration activities.

Environment: Cisco Routers, Cisco Switches, Citrix, Nexus, Routing protocols, AWS, Palo Alto, F5, Load Balancer HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, MPLS, VLANS, VTP, RSTP, ACL, Cisco ACI, NAT, IDS/IPS, SIP, RTP, RADIUS, TACACS+, Juniper SRX, Juniper M, MX, ASR 9000, Catalyst, CRS, Cisco ASR, UNIX, Firewall FWSM.

Confidential

Network Engineer

Responsibilities:

• Responsible for the day-to-day management of Cisco Devices, Traffic management and monitoring.
• Implemented L2 technologies including VLANs, VTP, STP, RSTP, and Trunking.
• Configuring RIP, OSPF, and Static routing on Juniper M and MX series Routers.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access to internal servers and resources with access restrictions.
• Designed, installed, configured, and troubleshot Citrix NetScaler devices in the support of NetScaler Gateway, Clientless VPN, and SSL VPN implementations.
• Implemented the Inter VDOM Routing through the FortiGate Firewalls and the Router.
• Extensive use of Cisco Routers and Switches by using LAN & WAN routing protocol EIGRP, OSPF and BGP to manage network infrastructure worked with any complex routing and switching issues.
• Implementing, configuring, and troubleshooting routing protocols such as OSPF (v3, v2), RIPv2, BGPv4, EIGRP, HSRP, GLBP and MPLS.
• Involved in Data Center migrations and handled proper management, maintenance, configuration, and altered management of firewall structure.
• Performed all Maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers infoblox DNS and Cisco ACI.
• Configured IPSEC vpn tunnels, create and modify traffic Rules for allow and control traffic to various applications, ports, and different traffic in Cisco ASA, Dell SonicWALL & Cyberoam Firewalls.
• Used load balance applications based on addition to completing the SANS Top 20 Controls within a Scrum Agile Team.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server.
• Analyzed and tested network protocols (Ethernet, TCP/IP) using the Wireshark tool.
• Used multiple network monitoring tools like Solar Winds, and Cisco Prime for supporting the existing core network environment and Network edge devices.
• Installed, configured, and set security policies on Cisco ASA and Checkpoint firewalls.
• Supported customers with the configuration and maintenance ASA 5550 firewall systems. Configured object groups on ASA 5550 firewalls.
• Deploying and decommissioning of VLANs on core ASR 9K, Nexus 9k, 7K, 5K, and its downstream devices.
• Configured Site-to-Site IPsec VPN tunnels to peer with different clients and each client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.

Environment: Cisco routers and Cisco switches, Nexus, Data Centers, FEX, Routing Protocols (EIGRP, OSPF, BGP), ASA, Palo Alto, Fortinet, F5 load balancing, AWS, STP, VLAN, MD5, 3DES, AES, OTV, SNMP, NAT, cisco IO, HSRP, VLAN trunking, F5 Networks Big IP, CISCO ASA and Checkpoint firewall, Palo Alto.

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Hands-supporting the consolidation of data centers utilizing Cisco 6500, Nexus 2K, 5K, and 7K infrastructure.
• Configure and maintain all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large-scale Firewall deployments.
• Hands-on experience on all software blades of Check Point Firewall. 24x7 on-call step-up support as a part of the safety operations team.
• Provide operations and engineering support for critical network and application security systems.
• Configured windows USER-ID agent to collect host information using Palo Alto Global Protect
• Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets.
• Working closely with knowledge center management to investigate the information center sites for cabling necessities of assorted network instrumentation.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing, and LAN security.
• Managed DHCP, DNS, and IP address thru Infoblox, and Admin for Internet sites access thru Zscaler.
• Involved in troubleshooting firewall rules in Palo Alto, Checkpoint, and Zscaler.
• Configured Log Forwarding to forward logs from the firewall to Panorama and then configured Panorama to send logs to the servers.
• Designed, validated, and implemented LAN, WLAN & WAN solutions to suite clients’ needs.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Maintaining Checkpoint security policies including NAT, VPN, and Secure Remote access.
• Migration from Checkpoint firewall cluster to Cisco ASA 5580 firewalls in a failover pair configuration.
• Provided application-level redundancy and accessibility by deploying F5 load balancers long-term memory.
• Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Maintain and configure AWS and Azure cloud applications.
• Worked extensively in Configuring, observing and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover demilitarized zone socialization & configuring VLANs/routing/NAT.
• Performing troubleshooting on slow network property problems, routing problems that involve OSPF, BGP, and distinctive the foundation reason for the problems.
• Provided technical support case escalation for customer wireless infrastructure.
• Extensive active expertise with complicated routed local area networks and WAN networks, routers, and switches.

Environment: Cisco, Catalyst 2960, 3650, 3850 series switches; ISR 800/1000 series, ASR 1000 series, 3600/2800 routers, Alcatel-lucent, Red Hat Enterprise Linux, SDN, EIGRP, BGP, DMVPN, SSL VPN, Cisco Meraki, Cisco ACI, Cisco ISE, EtherChannel, VMware ESXi.

Confidential

Network Engineer

Responsibilities:

• Involving in complete LAN, and WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
• Involving in Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter VLAN routing, LAN security, etc.
• Designed security policies on Palo Alto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
• Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
• Troubleshooting of protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
• Implementing Cisco Layer 3 switches 3750, 4500, 6500 in multi-VLAN environments with the use of inter-VLAN routing, HSRP, ISL trunk, and ether channel.
• Proficient in LAN/WAN Network, TACACS, Radius, CSACS, VPN, Frame Relay, MPLS, TLS, EIGRP, OSPF, BGP, ISDN, IPSec, GRE, VLAN, STP, VTP, LWAPP, CAPWAP Cisco IOS/Catalyst OS, SIP
• Campus Switching and Routing Hardware includes - Cisco 3750, 3850, Cat 9K, 4500, cisco ISR routers, 2300, 7200 series routers Juniper EX 4300, 3400 in access and EX 4600 in Distribution. Aruba 2530, 2540, 3810 and 5400R switches. Cisco Layer 2/3 networking knowledge.
• Act as a single point of contact for client wireless infrastructure for Cisco, Arista, Meraki, and Aruba.
• Created enterprise multi-Zones in VMware NSX and Integrated that with the Palo Alto network. Experience in integration of NSX manager 6.0 with Palo alto firewalls.
• Worked on data center Core switches for configuring Nexus 9k, Nexus 5k, 4500, 4900, 6500 series switches.
• Basic Knowledge on Meraki switches MS220 & building stack and core connection to MS425 on the dashboard.
• Configured OSPF, and BGP protocols on Cisco ASR 9001/1006, and Cisco 7200 and troubleshoot them.
• Installation and migration to SolarWinds and LiveAction network monitoring systems.
• Performing OSPF, BGP, DHCP Profile, HSRP, IPV6, EtherChannel implementation on ASR 9Kredundant pair.
• Implementing the necessary changes such as adding, moving, and changing as per the requirements of business lines in a data center environment.

Environment: LAN, WAN, VLAN, HSRP, ISL TRUNK, OSPF, BGP, DHCP, IPV6, ISDN, ATM, IPX/SPLX, HDLC, EIGRP, VRRP, CISCO ACI, VXLAN, MPLS, PALO ALTO Firewalls, CISCO ASR1000, CISCO ASA, DMZ, VMware, SD-WAN, AWS VPCs, NLB, ELB, EC2, R53, and CloudFormation.

Confidential

Network Engineer

Responsibilities:

• Provided technical support for the expansion of the existing network architecture to in corporate new users.
• Network layer tasks included the configuration of IP Addressing using FLSM and VLSM for all applications and servers throughout the company.
• Configured STP for loop prevention on Cisco Catalyst Switches.
• Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
• Worked in setting up inter-vlan routing, redistribution, access lists and dynamic routing.
• Involved in configuring and implementing of Composite Network models consisting of Cisco 2620 and 1900 series routers and Cisco 2950, 3500 Series switches.
• Assist customer team with the design and placement of Palo Alto Networks devices.
• Responsible for managing the Net Motion Server, including monitoring usage, removing unused devices, and updating rule sets when necessary.
• Working on Active Directory to add users to new groups and change user policy
• Working on tools and devices Aruba & CADA to assign roles and policies to devices and users.
• Configuring and deploying Cisco NAC & Cisco ISE.
• Worked on FTP, HTTP, DNS, and DHCP servers in a windows server-client environment with resource allocation to desired Virtual LANs ofthe network.
• Involved in Local Area Network (LAN) implementation, troubleshooting, and maintenance as per the company’s requirements.

Environment: Cisco routers & switches, VLANs, Trunking, HSRP, Sniffing Tools: Ethereal, Wireshark, Routing Protocols: OSPF, BGP. TFTP Server.