SUMMARY

• Accomplished network and security engineering professional with around 8 years of real time experience in designing, deploying, migrating and supporting critical multi - site redundant network environments.
• Extensive hands-on experience with complex routed LAN and WAN networks, Cisco routers, switches, Palo Alto, ASA and PIX firewall deployment.
• Extensive knowledge of deploying & troubleshooting L2/L3 TCP/IP, Distribution Routers, Access and Core Routers, Multilayer Switching, IPSec, UDP, WLAN, MPLS, Multicasting, Ethernet, IP Routing Protocols RIP, OSPF, HSRP, VRRP,GLBP, EIGRP & BGP Cisco routers, switches, ASA and PIX firewall deployment.
• Hands on with corporate compliance programs such as SOX, NERC CIP, and PCI etc.
• Good knowledge on Scripting in Python and Perl.
• Well Knowledge on PL/Sql, Oracle database for scripting purposes
• Excellent customer management/resolution, problem solving and debugging skills with good verbal/written communications and presentation skills.

TECHNICAL SKILLS

LAN Technologies: VLAN, VTP,VPC, Inter-VLAN routing, STP, RSTP, PVST

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, exposure to DS1, DS3, OC3, OC12, OC48, T1 /T3 & E1/E3

WLAN Technologies: Autonomous AP’s, Lightweight AP’s, WLC, WDS, WLSE, Standards - 802.11a, 802.11b, 802.11G

Network Hardware: Cisco and other vendor equipment Cisco routers (10008, 7200, 3800, 3600, 2800, 2600, 2500,1900, 1800 series), & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900, series), Cisco Nexus 2000, 5000,7000 and 9K series ; PIX Firewall 506/515/525/535 , ASA Firewall 5520/5550, CatOS, Cisco IOS 11.x, 12.x, PIX OS 6.x, 7.x; Load Balancers (Cisco), Junipers, CHECKPOINT firewall, Palo Alto Firewall.

Network Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration (L2 and L3), Internet Content Filtering, Load Balancing, IDS/IPS, URL Filtering, Palo Alto and ASA.

Routing Protocols: RIP, IGRP, EIGRP, OSPF, MPLS, AND BGP.

Infrastructure Services: DHCP, DNS, SMTP, FTP, TFTP, IIS

IP Telephony: SIP, H.323, RTP, voice gateways, CCM

Documentation and Servers: MS office, Win 2003, Win 2005, win 2008, Win 2009 etc

Network Monitoring Tools: Wire shark, Cisco works, vitalqip, View Point, Cisco WebEX, Unified Communications, Unity Connection, IP communicator.

Scripting: Perl, Python

PROFESSIONAL EXPERIENCE

Confidential, Oakbrook, IL

Data Center Network Engineer

Responsibilities:

• As member of Confidential Data Center Network Engineer I worked on several projects with tasks given to me related to designing, configuring and implementing the Data Center and remote site
• Firstly worked on project Science Logic ACL update in which around 1597 devices in North America has been updated with New Science Logic Collector IP's to pool them from several Science Logic Collectors sitting in Data Center.
• During this task I worked on all Layered Cisco devices such as Switches, Routers, OOB's, WLC's, WAP's, Nexus Switches etc to update the ACL by removing the old ACL.
• For this I have created few codes of scripting in Perl and completed this task by running the scripts. I did this because it’s a hard task to login each device and update the ACL.
• Second is EBR (Enterprise Backup Recovery) Project. This is to separate the backup devices environemnt completely from Production environment.
• In this task I prepared configurations for redundant paths between Nexus 5000(layer 3) and cisco 6500(Layer 2) switches. Also worked on creating documents for around 25-30 blade switches in which backup EBR Vlans exist.
• Before creating redundant paths, all cables from backup devices under EBR Vlans are connected to the two Cisco 6500's.
• I have created VPC and 2 different Port-channels such as PO30 & PO40 between N5k and cisco 6500 to create redundant paths and reduce spanning tree issue by making 2 N5K's as root.
• Prepared documentations and configurations to move all backup Blade-Server ports from other Production switches to the Backup Cisco 6500 Switches.
• Worked on Nexus5k with Fex’s (N2K/ 2000's) to install new Nutanix devices in core Data Center and also in Disaster Recovery Site in other location.
• I have worked with architects to configure the Nexus 9000 & 7000 for ACI (Application Centric Infrastructure) as well with N5K's and Fex's and connect them to Nutanix devices some with Single-homing and some with Dual-homing.
• Worked with EOL & Wan Capacity Project configuring new Wave-594 and 694’s connecting them to the central manager (Wave7571-K9) and upgrading EOL routers Confidential remote sites.
• Updated the CMDB (Central Manager Database) with new wave devices and also new routers by creating tickets in HP Service Manager.
• Created new Designs, Test Plans, Cut-Over Guides and Assigning of IP’s by adding new Wave Devices for around 25 sites.
• Created configurations for new routers which are End of Life Confidential several sites. Worked on BGP configuration on WAN and HSRP/VRRP/EIGRP on LAN.
• Worked on SIP Project with few people to migrate the production traffic from 250Mb links to 1 GB links on both Oakbrook Routers.
• I had hands on experience with two core ASR1002 routers and two core 6509-E to migrate the traffic towards the 1Gig Links.
• Used Ping tool and Wireshark to capture the packets and see the traffic forwarding through the 1 Gig links.
• Worked with Checkpoint firewalls setting up policies for data security protection, Along with Site to Site VPN for IPSEC Tunnels with my colleague and troubleshooting the tunnel etc.
• Worked on N7k (Nexus 7010) issue which is sitting ideal in lab. Worked with cisco installing new SUP and 8 GB-upgrade kit and recovering it from rommon mode.
• Good troubleshooting skills and the ability to resolve technical problems on my own regarding nexus equipment.
• I have loaded new NX-OS Image using TFTP server and then booted the kickstart.bin image followed by dk9.bin file and brought the Switch up and running.

Confidential, Amarillo, TX

Network Engineer

Responsibilities:

• Member of the Network Refresh Team for 80+sites around 5 states, removing old equipment replacing with new high end devices. As a team member we design and implement the network for upgrading the sites.
• Worked on ITIL best practices that focus on the people, process, technology and information perspectives of providing integrated organization wide business solutions within the IT infrastructure.
• Upgrading sites based on conducting Site Surveys and requirements of customers on the basis of Bandwidth or Expiring Cisco Switches and Routers, user suggestions etc.
• I scripted several codes in Perl to pull the configs of several sites to verify and update for further upgrade of remote sites.
• Designing new Lan/ Wan Network Visio Diagrams after Upgrading the sites with new equipment for future purposes.
• After Upgrading the site we need to update the Birde, DNS for communicating with devices
• Worked on Cisco 7206 VXR End Routers connected to MPLS-AVPN, MPLS-BGP Cloud, as well with other Cisco Routers such as 2811, 2651XM and Distribution routers for WAN connectivity.
• Configuring devices with protocols such as MPLS, OSPF, EIGRP, STP, RSTP, HSRP, GLBP, VTP (802.Dot1q, ISL) also on security tools and platforms such as IDS/IPS, DNS, SIEM, A/V, Data Masking, Data Loss Prevention (DLP).
• Worked on Cisco Nexus 9000, 7000, 5000, 2000(Fex’s), 6500-MSFC Switches port Switches GB Switches, 2950 Switches (End of Life).
• Nexus 9k is similar to 7k but it has higher density 40 Gigabit ports perhaps, and ACI mode
• Worked on Juniper devices Confidential some sites which are switches Juniper EX T and EX T.
• Hands on Experience on Riverbed Steelhead Wan Optimizers used for SCADA networks in Data Centers on several Client locations.
• Hands on F5LTM for handling the load and increase the capacity and reliability of applications.
• Configuring IOS-XR and troubleshooting the devices and used database languages Pl/SQL, Oracle on Sql Servers.
• Palo Alto and ASA design and installation for Application and URL filtering, Threat Prevention, Data Filtering as well migrations from one Firewall to another.
• Worked on IPSEC Peer VPN Tunnel on ASA firewalls for Security Purposes and also on CheckPoint VSX, GAIA along with site to site VPN.
• Working closely with Network Architects to resolve the issues related to certain client sites/ office/ locations on basis of Network bandwidth, equipment, cabling, QOS, trunking issues etc
• Hands on Experience working with Server personnel on Planning, configuration, maintenance and administration of VMware ESX server, VMware virtual center, V-Motion, Storage Motion, HA and DRS, P2V, V2V and Troubleshooting to find any problems from Network perspective.
• Good understanding of VMware Networking concepts like creation of vSwitches, different types of port groups, NIC Teaming and VLAN.
• Suggesting the Up-gradation of T1, T3, DS3 or OC3 links for Wan/Cloud connectivity giving better performance of network on client sites.
• Hands on Cisco ASA firewalls to allow site to site VPN access and configuring TACACS authentication, encryption, compression, ACL to ensure better security.
• Worked on Server Virtualization related to network equipment’s on some part of the project.
• Worked on Cisco L2/L3 equipment, performed physical and logical IMAC, Network Troubleshooting and project related activities.
• Strong troubleshooting skills and the ability to resolve technical problems on my own.
• Worked on tools like Quest FogLight NMS for Bandwidth Utilization & Percentage Reports etc, Remedy User used for Ticketing and Authentication, Wiresharkfor IDS and network traffic analysis.

Confidential, Chicago, IL

Network Data Center Engineer

Responsibilities:

• As a member of Global Data Center Engineering and Development, which is responsible for designing, Implementing and troubleshooting of all kind of network requirements pertaining to the data center.
• Design and implementation of the LAN IP infrastructure using Layer 2 / Layer 3 switching, VLAN,, VPC and Trunking / channeling technologies and routing protocol EIGRP, OSPF,MPLS and HSRP.
• The data centers consisted of various Cisco platforms Cisco 3550, Cisco 4510, Cisco 6509, Cisco Nexus 5000 & 7010 series switches and Loadbalancer Cisco ACE, CSS, F5 and Big IP.
• Creation and Deployment of Virtual Machines in datacenter, setup of their VLAN/Port-group
• Performing VMware crash/error analysis, Root cause Analysis, Coordinate Post Problem Analysis and Trend Analysis from network perspective.
• Writing Engineering work orders as per the changes going in data center and implement the changes as per the schedule.
• Managing and implementing Layer 4 Cisco ACE and CSS load balancer, Migration of CSS to ACE load balancer and creating of SSL and Digital Certificates and also worked on Regulatory Compliances such as SOX/PIX and HIPAA
• Worked on Network Management and Performance Analysis tools. Wireless Network Infrastructure (Wireless LAN Controllers, Cisco NCS,), Storage Area Networking.
• Used PLC’s to configure commercial installations for decades of trouble-free operation and monitoring.
• Hands on Experience on VoiP Avaya PBX equipment along with Servers associated to network equipments.
• Hands on Experience with Juniper Routers and Switches.
• Virtual routing and forwarding (VRF)included in IP which allow multiple instances of a routing table.
• Providing support for teams in activities such as Load testing, troubleshooting and managing VIP, Sticky Ness.
• Configuring Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering), also monitoring threats and traffic using this firewall.
• Configured standard and extended ACL’s on the servers to limit its access. Hands on auditing on all standards.
• Hands on Experience with security tools and platforms such as IDS/IPS, DNS, SIEM, A/V, Proxy services, Access-List Controls, Database content classification, Data Masking, Data Loss Prevention (DLP), Protocol Analyzers, vulnerability scanning, penetration testing etc.
• Configured standard and extended ACL’s on the servers to limit its access.
• AAA implementation using Cisco Secure ACS (TACACS+, RADIUS)
• Configuring all the end ports as access ports using port fast and implementing BPDU guard
• Working on Cisco ACS, Cisco works, HP NNMI tools for ticketing system and authentication.

Confidential, Pleasanton, CA

Network Engineer

Responsibilities:

• My accomplishments are Network Administration and Security Infrastructure with Cisco hardware which includes data center and campus network.
• Managing Cisco Routers 3600,7200 series routers And Cisco Switches 3800 and 6500 series
• Project involved was upgrading Cisco nexus 2000 series switches with Cisco nexus 5000 series switches.
• Hands on Experience on establishing operating policies, ITIL practices, internal controls & best practice approaches for computing and IT systems/services; evaluate overall operations of computing and IT functions & recommend enhancements.
• Configuring Net Screen Firewall to allow site to site VPN access and configuring authentication, encryption, compression, ACL to ensure better security.
• Applied effectively various routing protocols including EIGRP, OSPF and BGP
• Worked on Spanning tree design to help create a loop-free network topology.
• Isolate and diagnose network problems, SSH, HTTP, HTTPS, involving TCP/IP, DHCP, DNS, Group Policy, Deployment & support of Microsoft Active Directory Services.
• Involved in implementation of Wireless LAN, Wireless Access Point and Hotspots for our various clients and troubleshooting of Wi-Fi related problems faced.
• Managing Servers using Hardware Load balancer F5and Cisco ACE load balancer by managing internal customized tools and creating of SSL and Digital Certificates.
• Provided support for teams in activities such as Load testing, troubleshooting, and performance tuning.
• Worked on Sql Servers with database languages such as PL/SQL and Oracle.
• Hands on Palo Alto firewall for authentication and encryption of data.
• Configured standard and extended ACL’s on the servers to limit its access.
• Configured static NAT, dynamic NAT, inside global address overloading, TCP overload distribution, overlapping address translation.
• Hands on PLC’s and included VRP in IP for allowing multiple instances in routing table
• Provided routing support including configuration and troubleshooting of various routers.
• Implemented IP, RTP, TCP, UDP, IPV4 Packets capture and analysis using WIRESHARK (ethereal).

Confidential, Murrysville, PA

Systems/Network engineer

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in the network.
• Studied and analyzed client requirements to provide solutions for network design, configuration, administration, and security.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Monitor performance of network and servers to identify potential problems and bottlenecks.
• Performed RIP & OSPF routing protocol administration.
• Interacted with support services to reduce the downtime on leased lines.
• Troubleshoot problems on day to day basis; provide solutions to fix the problems.
• Monitor the operability and reliability of the network.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed IP address space using subnets and variable length subnet masks (VLSM).
• Worked along with the team in ticketing issues; responsibilities included documentation and support other teams.

Confidential

Network Security Engineer

Responsibilities:

• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Configured NAT and PAT on the Cisco PIX Firewalls for the Internal Systems
• Placed access control list (ACL) on inside and outside interfaces on the PIX Firewall
• Configured Turbo ACL
• Migration of PIX to ASA
• Configured Failover for high availability
• All Windows based support including file and print servers, accounting systems, end user systems, software development systems, and all other Windows systems
• Responsible for helping integrate the Windows server and desktop environments with the Unix server and desktop environments
• LAN/WAN Diagnostic & Configuration: In this process I handle tickets generated for troubleshooting of customer's Network issues like Routing Issues, Backup Issues, and BGP issues
• Change Management & Configuration: Changing the configurations of Customer's Routers as per Customer’s request (E.g. Adding/Advertising routes, Change in Configurations, Configuring DHCP, Changing routes to ISP).
• To manage customer Cisco access points for wireless access into LAN networks.
• Contributed to the design, testing, and roll out of new company system developed in house to replace failing 3rd party hardware solution
• Contributed to the design, testing, and roll out of workstations
• Primary system administrator providing support to groups including accounting, tools, HR, & security