PROFESSIONAL SUMMARY:

• Cisco Certified Network Engineer with 8+ years of Experience in Network engineering, designing, architecting, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) and firewalls.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic layer 3 routing protocols such as EIGRP , OSPF , BGP IS - IS ability to interpret and resolve complex route table problems.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550), Bluecoat Proxy SG300/600.
• Good Experience in Configuration and Troubleshooting of VLAN, Trunking, STP, VTP, Ether channel MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+). 
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them and Implementation of HSRP , VRRP and GLBP for Default Gateway Redundancy.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• In depth engineering experience on F5 load balancers, including a general understanding of routing protocols BGP, OSPF, EIGRP, TCP, SSL, and TLS.
• Experience in Network security using ASA Firewall, Checkpoint, Palo Alto Cisco IDS/IPS and IPSEC/SSL VPN, F5 Load Balancer.
• Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• F5 BIG-IP application load balancing subject matter expert with concentration on layer 7 load balancing using I-Rule scripting in TCL.
• Experience with different Network Management Tools and Sniffers like SNMP, and Cisco works to support 24 x 7 Network Operation Center.
• Worked extensively in Designing, Implementing & Managing LAN, WLAN & WAN solutions for different client setups. In-depth knowledge and experience in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM & Frame Relay.
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Staging, Lab & Production Environments.
• Knowledgeable about IP Multicast, IGMP version 2 and 3, CGMP, IGMP Snooping, PIM-Sparse and Dense Mode.
• Strong practical knowledge of TCP/IP protocols including Multicast, HSRP, VRRP, STP, NHRP, IPSec, Frame-relay, DMVPN & MPLS L3VPN.
• Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCP dump and Linux operating system servers.
• Experience in configuring and troubleshooting of Nexus 7K, 5K, 2K devices.
• Experience on working with different security types WPA/WPA2, 802.1x, Static WEP & use different RADIUS SERVERS (ISE, ACS, FR) for testing.
• Managed Core network upgrades and unified communications and Identity Services Engine(ISE) deployment.
• Monitoring and capturing the traffic with multiple network management tools like Sniffer Infinistream, Wire shark, Net flow Analyzer, Solar winds, source fire, HP Open View, Cisco Works, Cisco ISE.
• Experience on NXOS, IOS, and IOS-XR BXB to N7K-NXOS (MPLS) system test.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
• Knowledge of Cisco, Juniper, Silverpeak, Aruba Wireless , Fortinet, Palo Alto, Avaya LAN Switches .  
• Assisting the virtualization team in preparing their private cloud infrastructure with ESXi 5.1 as Hypervisor
• Experience in handling Panorama firewall management tool to administer Palo firewalls.
• Firewall AAA Threat protection DLP ADRMS Firewall Management Creation and modification of firewall based on infrastructure requirement.
• Knowledge on VOIP protocols like H.323, RTP, SIP and good understanding about VOIP devices.
• Hands on experience in Troubleshooting access /connectivity issues, software version upgrade. Changes in network security design.

TECHNICAL SKILLS:

Switching: VLAN, Trunking, Ether Channel, Port Fast, Up-link, STP, RSTP, PVST+, DTP, MLPPP, IEEE 802.1q, MPLS, ISL and dot1q, SMTP, Inter-VLAN Routing, Light weight access point.

Switches: Cisco catalyst Switches (2960 series/ 3560/3750/4500/5500/6500/6513 ), Nexus Series(9k/7k/5k/2k/1k), Juniper EX series,

Routing: RIP (Versions 1 & 2), IGRP, EIGRP, OSPF, BGP v4, IS-IS Static Routing, Route Filtering, Redistribution, Summarization.

Routers: CISCO 2500, 2600, 3000, 3600, 3800, 6500, 7200, 7500, 7600, ASR 9001 IOS-XE & IOS XR. 

Load Balancer: Cisco CSM, CSS, F5 Networks (Big-IP) LTM 8950, GTM 6400, F5 ASM, Cisco ACE 4710

Gateway Redundancy: HSRP, VRRP, GLBP

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: Frame Relay, PPP, HDLC, Channelized links (E1/T1/E3/T3), MPLS, GRE Tunneling, VOIP.

Firewalls: Cisco PIX, ASA, Checkpoint and Palo Alto.

Network Management: Wireshark, Net flow Analyzer, Cisco Works, solar winds, Ethereal, SNMP,

Networking services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP, OSI Model, TCP/IP, UDP, IPV4, IPv6, Subnetting, VLSM,

Operating Systems: Microsoft XP/Vista/7, UNIX, Linux, Windows Servers 2003/2008Windows MS-Office. VMware ESX 5.1, VMware VSphere client

Other Technologies: VISIO, VMware, Mat Lab, GNS3, Microsoft Word, Excel, SQL.

PROFESSIONAL EXPERIENCE:

Confidential, Dallas,TX

Network Security Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Design, and configuring of OSPF, BGP on Juniper MX-960 Routers and SRX Firewalls.
• Configured VLANs with 802.1q tagging,Trunk groups, Ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Performed LAN operations and troubleshooting which involves working on VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Successfully configured Virtual Device Context in Nexus 7k series switch.
• Upgraded their Bluecoat infrastructure (Whether it is Associate Browsing/Wireless network, B2B environment from old 5.x code to 6.4.x code.) Also, migrated network deployment from old Netcache proxies to Bluecoat Proxy SG.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Working in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
• Implemented site to site VPN in Juniper SRX as per customer and various EX, SRX & J series Juniper devices.
• Installed and Configured Cisco 3800 series Routers and Catalyst 3500 Switches, UPS and POD (power distribution), Server, Cisco IP Phone (VoIP) 7960 with Workstations.
• Supported for installation of Cisco Routers, Switches, ASA's, Wireless LAN controllers (Cisco 6880 core switches, 2951 Routers, 2960 switches, ASA5510 - 5515's 4404 and 5508 LAN controllers).
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Worked on Cisco Firewall ASA 5500(5510/5540) Series. Performed Security operations in terms of pushing new policies and deploying new rules.
• Extensively worked on Migration of DMVPN Phase 2 to Phase 3.
• Working with different Security Appliances including DDoS Attack Protection, Web sense URL Filtering Firewall. Palo Alto.
• Performing on Palo Alto Firewall network security software and hardware, security monitoring systems, encryption software, threat and vulnerability management services and software, identity management solutions and network objects on global group, clean up unused rules, decommission etc.
• Palo Alto SSL decryption installation and configuration on PA 3060,5060, and 7050.
• Experience on working with Palo Alto  Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc. 
• Created and managed dashboards, reports, and alerts for security events using Splunk (SIEM).
• Negotiate VPN tunnels using IPsec encryption standards and configured and implemented site-to-site VPN, Remote VPN.
• Experience configuring Virtual Device Context in Nexus 7010.
• Apply patches to the Aruba controllers as well as the 80+ Juniper RADIUS appliances system to correct security deficiencies in a timely manner.
• Installation & Configuration of Aruba controllers and access points 
• Deploy, configure, and support Aruba wireless controller and AP devices globally, also a direct escalation path for all wireless issues
• Deployed Cisco Nexus 5K Series to support Virtualization, SAN Infrastructure, and high performance computing environments.
• Designed and implemented a DMVPN/EIGRP solution for a new branch location in another country. 
• Designed and deployed F5 LTM (6400) and GTM configurations to migrate thousands of Applications to lower cost Data Center locations.
• Designing F5solutions/support for migration work of applications and websites from Cisco CSS.
• Migrated multiple sets of F5 LTM devices from version 10.x to version 11.x operating systems.
• Managing the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating Wide IPs and Virtual IPs.
• Monitoring and capturing the traffic using network management tools like solar winds and Wireshark.
• Configuring secured connection between routers using GRE tunneling to achieve IPsec.
• Significantly improved the performance of the AAA module by reducing internal messaging overheads and identifying areas for memory optimization 
• Planned, testing and evaluating various equipment’s, systems, IOSs Upgrades, and procedures for use within the Network / security infrastructure.
• Implement Cisco Secure Access Control Server (ACS   3.0) for TACACS+/ RADIUS.
• Participate in all technical aspects of LAN, WAN , VPN and security Internet Service projects including, short and long term planning, implementation, project management and operations support as required.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured the entire network Infrastructure devices including Network Printers and Register.
• Hands-on experience in the network management of circuits using TDM and Frame Relay network, performing configuration and provisioning management, fault management and performance monitoring.
• Working in Handling F5 LTM, GTM series like 6400, 6800, 8800,8950 for the corporate applications and their availability.
• Team member of Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches.
• Performed professional level documentation using Visio diagrams.
• Other responsibilities include documentation and updating changes made in networking devices as per ITIL Specifications.

ENVIRONMENT: Cisco 3550/3560/4500/4510/6500/2950/2924/6509/6513/5500 switches, Cisco 1800/2800/2500/2600/2800/1600/3800/3900/7204/7500/7606/7609 routers, Palo Alto, BMC Remedy, Cisco ASA 5540, BIG-IP LTM 8900, QOS, AAA, Policy-maps, Class-maps, Vlans, STP, RSTP, PVSTP, VTP, HSRP, Ether Channel, BGP, OSPF, EIGRP, MPLS, ATM, PPP, HDLC. SNMP, TACACS+, DNS, DHCP, Solar winds, Checkpoint, F5 Load balancer, Nexus 7K,5K,2K Splunk Access, Juniper 3600, 5600, Cisco AP’s, Virtualization.

Confidential, Manson, Ohio

Network Engineer

Responsibilities:

• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Implemented traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Configured HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst switch.
• Provided port binding, port security and router redundancy through HSRP. Worked on HSRP for hop redundancy and load balancing.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210 and configured cisco chassis 4k series switches.
• Extensively worked on Nexus 9k,5k and 7k, configured and troubleshooted.
• Involved in building security model, VPC, VPC Peering, Elastic IP for databases on Cloud platform.
• Involved in Configuration of Access lists (ACL) on Juniper and   Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.
• Worked in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series.
• Monitor file integrity using Splunk tools and performed troubleshooting of connectivity and operational problems.
• Expertise in installing, configuring and troubleshooting Juniper Routers (E, J, M and T-series)
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s Site.
• Responsible for LAN/WAN(BGP/DMVPN) network design, implementation and technical refresh with detailed implementation and test plan.
• Responsible for remote sites connectivity via VPN/Site to Site/IPsec, GRE, DMVPN.
• Configured Virtual IPs and servers on F5  and associated pool and pool members to it.
• Analysis on WAF operations, Attacks / Vulnerabilities in Web Applications and present analysis to relevant teams.
• Successfully implemented and designed new solutions for Cisco ASA Firewall series 5505, 5510, 5512-X and Palo Alto Firewall series PA-500, PA-2050.
• Worked on firewalls Cisco PIX/ASA Appliance and Palo alto NGFW.
• Continually monitor, assess and improve network security, test and implement new security technologies.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications load Balancing and their availability.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured and implemented remote access solution for customers: IPSEC, Site2Site, GRE tunnel end-to-end.
• Developed strategy for cloud/virtualization migration and implementation best practices
• Helped to develop backup and recovery strategy for applications and database on virtualization platform.
• Involved in a project for a re-design of the LAN network (Cisco Catalyst 2960 and Nexus 5000 switches) and the virtualization of some systems.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Palo Alto Next-generation firewall working with PANORAMA. 
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• AAA  issues from basic connectivity to authentication issues including A11 and A12.
• Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA Secured, Proxy Radius Services to Cisco ACS.
• Configuring VLAN, STP VSTP, SNMP, Port Security on Juniper EX series switches.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server client environment with resource allocation to desired Virtual LANs of network.
• Implementing NAT/PAT solutions on WAN applications
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
• Once trouble ticket has been created keep customer informed of status of ticket and estimated time to repair.

ENVIRONMENT: Cisco 3u 750/3550/3500/2960 switches and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco ASA5510, Palo Alto, Checkpoint, Cisco Nexus9K/5K/2k/1k, 2248/3560/5020/6509 , VPN, RIP, EIGRP, BGP, OSPF, MPLS, Juniper, Splunk, F5 Load Balancer, SSL, VPN, IP Sec, Solar winds, Virtualizati

Confidential

Networking Engineer

Responsibilities:

• Performed network engineering, design, planning (WAN & LAN) & implementation. Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210.
• Worked on cisco chassis 4k series switches.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Configured VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Worked on the JUNOS platform and worked with IOS upgrade of Juniper devices.
• Designed and implemented security policies using ACL, PIX firewall.
• Implementing security ACL, IP Sec, VPN, TACACS+ and RADIUS+.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Designing F5 solutions/support for migration work of applications and websites from Cisco ACE Load Balancers to the F5  BigIP Load Balancers.
• Design and configuring of OSPF, BGP, EIGRP on Cisco/Juniper M, MX Routers and SRX Firewalls.
• Configured routing policy for BGP. Switching related tasks included implementing VLANs and configuring ISL trunk and 802.1Q on Fast-Ethernet channel between switches.
• Troubleshooting on network problems with Wire shark, identify problem and fix.
• Worked on automation of test environment using Shell, Python Scripting.
• 2000 Fabric Extender (FEX) which acts as a remote line card (module) for Redistribution of routing protocols and Frame-Relay configurations.
• Configuring and troubleshooting type of routing to route traffic flow per customer requirement as primary, backup/load balanced and load splitting.
• Performed the maintenance of Active Directory and replication scheme, DNS/DHCP services and time services; wrote step-by-step procedures for implementing upgrades.
• Dealt with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency, redirection of the URL.
• Configured VLANs on a switch for inter-VLAN communication. Configured VLAN Trunking Protocol (VTP) on Core Switches. Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches for STP, VTP Domain, VLAN, Trunking, Fast Ether Channel configuration.

ENVIRONMENT: Cisco routers (1600,3600,7300) and Cisco switches (6509, 3550, 4500,2900), Nexus (7K, 5K & 2K), Routing protocols (EIGRP, OSPF, BGP), Switching Protocols (VTP, STP, GLBP, HSRP), MPLS, Cisco ASA, Cisco PIX (525, 515E), ASA (5540, 5510) firewall, Python, DNS, DHCP.

Confidential

Network Engineer

Responsibilities:

• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, inter-VLAN routing, Trunking, STP, RSTP, Port Security, LAN security, port aggregation & link negotiation.
• Worked on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Configured Access List ACLs to allow users all over the company to access different applications and blocking others.
• Installed and configured DNS and DHCP server. And also troubleshooting of DHCP and other IP conflict problems.
• Troubleshooting network bandwidth performance, mismatched framing and line coding.
• Coordinated with LAN/WAN engineers to develop and implement various security policies.
• Monitored usage of network resources with Cisco works, and using sidewinder in PIX Firewall.
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
• Configured remote users to access corporate LAN with VPN connectivity.
• Configured Frame-Relay, ISDN, ATM, Protocols, & load balancing switches.
• Configured IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP.
• Designed network architectures and implementation of network Switches.
• Worked on a migration project which involved the removal of all static routes from core devices.
• Worked on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Supporting EIGRP and BGP based network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Also, prepared documentation for various VLANS and Voice sub networks and worked on Visio for the same.

ENVIRONMENT: Cisco routers (7900,3600,2500), Cisco switches (4500,6500), Check Point, Cisco ASA Firewall (5510), Routing Protocols (EIGRP, RIP, BGP), Switching protocols (VTP, STP, VLAN, HSRP,). DNS, DHCP, HDLC, PPP, ISDN, ATM.