SUMMARY:

• CCNA, CCNP and Solarwinds Certified professional with over 9+ years of experience in experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
• In - depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Expertise in installing, configuring and troubleshooting Juniper Routers (J, M and MX-series)
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Proficient in Palo Alto Next-Generation Bluecoat web proxy, HP Arc Sight, Splunk Enterprise, Wireshark, FireEye, and various internet tools to assist in analysis.
• (WI-FI & WIMAX) Cisco Aironet 1410 Series Wireless Bridge, Cisco Aironet 1310 Access Point Bridge, Cisco Wireless Controllers 5508, Cisco Meraki Appliance MX (400, 80, 60) and Meraki wireless Access points (MR66, MR18), Aruba Access points IAP-92, IAP-93
• Experience with upgrading SUP1 to SUP2 on Cisco Nexus 9000,7000 Series. Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Datacenter upgrades from C6500s to Nexus 7k/5k/2k, double-VPC between distribution and access, single-VPC to servers.
• Performed on network monitoring, providing analysis using various tools like Solar winds and Share point.
• Working knowledge with monitoring tools like Solar Winds & network packet capture tools like Wire-shark
• Monitor, analyses, troubleshoot Aruba APs, wireless controllers and s3500 switches using the Airwave management system
• Involved in migration of WLAN/Wi-Fi segment on the LAN Core. Also, involved in configuring wireless VLANS.
• Expertise in configuring and troubleshooting of Palo Alto, FortiGate, Juniper Netscreen& SRX Firewalls and their implementation.
• Upgraded the software images of all Cisco network devices to include routers, switches and ASA firewalls.
• Have created lot of site to site IPSEC VPN tunnel with Checkpoint, Cisco ASA firewalls.
• Strong hands on experience on ASA (5505/5510) Firewalls.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Experience with administering, troubleshooting and configuring / implementation (Cisco and Checkpoint) firewalls.
• Strong experience in Configuring F5 LTM 8950, 6900, VIPRION 2400 models.
• Troubleshooting the issues that were raised while upgrading the F5 LTM's from 10.2.3 to 11.3.
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of F5 load balancers
• Experience in F5, Cisco ACE 4710, F5 load balancers - LTM, GTM series like 6400, 6800, 5000, 2000 for the corporate applications and their availability.

TECHNICAL SKILLS:

Networking Concepts: OSI Model, TCP/IP, UDP, IPV4, IPv6, Subletting, VLSM

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, Static Routing, Route Filtering, Redistribution, Summarization

Gateway Load Balancing: HSRP, VRRP, GLBP

Infrastructure services: DNS, ICMP, SNMP, ARP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP

Switch Technologies: VLANs, VTP, STP, RSTP, PVST+, DTP, MLPPP, IEEE 802.1q, MPLS, ISL and dot1q, SMTP, VLAN, Inter-VLAN Routing, Light weight access point

WAN Technologies: Frame Relay, PPP, HDLC, (E1/T1/E3T3)

Security: VPN, NAT/ PAT, access-lists, IPSEC, Juniper SRX, TACACS+, RADIUS

Firewall: Cisco PIX, ASA, Juniper Secure Access VPN Appliance, Checkpoint and Palo Alto

Network Management Tools;Wireshark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, and HP sweeping view, OPNET.:

Load Balancers;Cisco CSM, F5 Networks (Big-IP) LTM 8900, Cisco ACE 4710:

Cisco Platforms;Nexus 7K, 5K, 2K & 1K, Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Huawei AR Series Routers:

NETWORK APPLICATIONS (SNMP TOOLS): SolarWinds Orion NPM, NCM, UDT, NTA, VNQM, Wireshark.

Other Technologies: VISIO, Mat Lab, GNS3, Microsoft Word.

PROFESSIONAL EXPERIENCE:

Confidential,Denver, CO

Network Security Engineer

Responsibilities:

• Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Configuring and installation of Cisco 2500, 3640, 7200, and 7940 Routers.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Configured IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP.
• Configured TCP/IP addressing scheme to assigned IP blocks.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Responsible for Configuring SITE TO SITE VPN on Cisco ASA 5500 series firewall between Head office and Branch office.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall.
• Setup and maintained Checkpoint security policies including NAT, VPN and Secure Remote access.
• Integrated F5 load balancers (BIG-IP) with Cisco ISE and ACS.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.
• Strong knowledge on LAN/WAN technologies such as: Ethernet, Point-to- Point, Static, default, dynamic routing and VLANs.
• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations
• Used various scanning and sniffing tools like Wire-shark.
• Created engineering configuration, Security Standards, documenting processes and Network documentation using Microsoft Visio.
• Working knowledge with monitoring tools like Solar Winds & network packet capture tools like Wire-shark.
• Performed on network monitoring, providing analysis using various tools like Solar winds and Share point.
• Installed and Configured a Cisco secure ACS server for AAA authentication (RADIUS).
• Implementation and configuration of F5 BIG-IP LTM-6400 load balancers.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Tier 3 Escalation Point of contact for off shore Partners. Netscaler VPX alert capturing.
• Netscaler VPX Configuration Citrix web interface. Created Network paths for Wan vpn traffic.
• Responsible for Cisco ASA 5500 firewall administration, Rule Analysis, Rule Modification.

Network Security Engineer.

Responsibilities:

• Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
• Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
• Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, tuning (Configuration), make standardization for the topology.
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature
• Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800 Router/ Microsoft VPN Server to access certain limited network resources from customer locations.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Implemented security policies using ACL, PIX firewall.
• Monitored usage of network resources with Cisco works, and using sidewinder in PIX Firewall.
• Implemented Cisco IOS Firewall IDS using 2600 series router.
• Configured Cisco Switches 2900 and firewall (checkpoint) Built and support VRRP / Cluster based HA of Checkpoint firewalls
• Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client networks
• Working experience with A10 and F5 Load Balancer.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience working with market data networks and dealing with clients and deploying network designs
• Experience working with High performance data center switch like nexus 7000 series.
• Implement and configuring HSRP on different location of office on the switched network and managing the entire multilayer switched network

Network Engineer.

Responsibilities:

• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation.
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Configured & maintained IPsec VPN in Cisco ASA, Palo Alto firewalls.
• Monitoring alerts & events in Cisco IPS.
• Monitoring network devices using HP Network Node Manager.
• Implemented TACACS+ for administering user accounts.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Maintained the Cisco router as IP Firewall and for NAT.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long-term planning, implementation, project management and operations support as required.
• Configured and troubleshoot cisco WAP, and cisco prime.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.

Network Engineer                                                                                 

Responsibilities:

• Worked on Cisco 2500, 2600, 2800 series routers and 1900, 2900 series switches
• Replaced outdated Cisco switches and routers in existing Data centre and installed new Cisco switches and routers including migration of 2500 to 2600 series router
• Designed the IP addressing scheme using VLSM and configured IP addressing Performed activities such as initial user account creation, established LAN connectivity, file and resource sharing management, internet connectivity, FAX and email service setup
• Expanded LAN to accommodate 200 plus users. Coordinated installation and repair work. Diagnosed and corrected clients network related issues
• Installed and configured LAN/WAN as per organizational / client requirements, governed by communication protocols
• Hands on Experience working with security issue like applying ACL’s, configuring NAT and VPN
• Configured BGP for CE to PE route advertisement inside the lab environment
• Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues.
• Performed tasks that include Configuring and constant administration of Static routing, Default Routing & dynamic Routing Protocols like RIP, OSPF & EIGRP.
• Implemented dedicated VLAN ID for all trunk ports, set user ports to non-trunking, and deployed port security when possible for user ports for layer 2 security
• Worked to set up the TFTP server for backing up the IOS images and configuration files of Cisco Routers and Switches and troubleshooting the file servers.
• Performed network evaluations, troubleshooting a variety of network problems, and implementing various software and hardware upgrades efficient performance.
• Troubleshoot Cisco hardware: Inspected devices, Read device LEDs, loose connections, cards, dirty devices, interior IOS upgrade, switch configuration usage of Visual Switch Manager, switch port configuration, port monitoring. Watch over Flooding Control/Network port.

Jr. Network Engineer

Responsibilities:

• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured EIGRP for Lab Environment.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Network Requirements.
• Designing solutions for frozen requirements using Cisco Routers and Switches.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter-VLAN routing with Multilayer Switching.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed administrative support for RIP, OSPF routing protocol.
• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard.
• Develop and implement strategies to support the current and future needs of the company.
• Configured Cisco Routers 2600 series using RIP, OSPF, and EIGRP.
• Configured Cisco Switches 2900 and firewall (checkpoint).
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Real time monitoring and network management using Cisco Works LMS.
• Switching related tasks included implementing VLANS, VTP and configuring ISL trunk on Fast - Ethernet channel between switches.
• Develop and implement strategies to support the current and future needs of the company.