PROFESSIONAL SUMMARY:

• Over 7 years of experience in Cisco/Juniper Networking, Security which includes designing, Deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols.
• Hands On experience Cisco IOS/IOS - XR/NX-OS, Juniper JUNOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Responsible for Check Point (Secure Platform R70) and Cisco ASA firewall administration across global networks.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Worked on Juniper Net screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, and ISG 200.
• Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Worked on MPLS while ensuring secure networking, improving the network performance by prioritizing network traffic and allocating bandwidth according to usage and service requirements.
• Worked on Multicast to use the bandwidth more effectively while reducing the load on the sender.
• Have knowledge on various advanced technologies like VOIP, QOS, IPv4, Multicasting, and MPLS.
• Strong hands on experience in Troubleshooting for QOS, connectivity and hardware problems on Cisco Networks
• Good Knowledge with the technologies MPLS,VPN, WLAN, NAT, Multicast, Routing, Frame relay, SNMP
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN/ IWAN architecture and good experience on IP services.
• Knowledge of WAN Optimization Technology, Riverbed.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.
• Knowledge in preparing Technical Documentation and presentations using Microsoft VISIO/Office.
• Excellent communication skills, team player.

TECHNICAL SKILL:

Routers: Cisco 17XX, 18XX, 26XX, 28XX, 37XX, 38XX, 39XX &72XX series & ASR 1K & 9K series

Switches: Cisco 3550, 3750, 45XX, 65XX series, Nexus 7K, 5K, 2K

Load Balancer: Cisco CSS, F5 Networks

WAN Optimization: Cisco WAAS, PPP Multilink

OSPF, EIGRP, BGP, RIP: 2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation

Leased lines 64k: 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing.

EX2200, EX4200, EX: 4500, MX-480, M Series, SRX210, SRX240

Security / Firewalls: Cisco ASA Firewalls 55XX, IPSEC & SSL VPNs, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, ACL, IOS Firewall features, IOS Setup & Security Features

AAA Architecture: TACACS+, RADIUS, Cisco ACS

PROFESSIONAL EXPERIENCE:

Confidential, Jersey City, NJ.

Sr. Network Engineer

Responsibilities:

• Responsible for implementing, supporting, and maintaining 24x7 network services.
• Coordinated efforts with Engineer’s to ensure all network devices conformed to defined network standards. Guided junior engineers throughout initiatives when required.
• Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS and Route Maps.
• Configured and maintaining Cisco 7200, 4400, 5000 and 6500 platforms.
• Troubleshoot connectivity issues involving VLAN’s, OSPF, QoS etc.
• Support, monitor and manage the IP network
• Security policy review and configuration in Palo Alto and Junipers Firewall in US offices and Datacenter
• Experience with configuring Nexus 5000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
• Performance monitoring of various applications and web servers to maintain quality of service and network stability.
• Implement a process to authorize system access based on need-to-know in PCI network.
• Implement strong user authentication and Physically secure systems and network devices in PCI.
• Maintained core switches, creating VLAN’s and configuring VTP.
• Designed IP Addressing schemes, VLAN tables and Switchport assignments, Trunking and Ether-channel implementation.
• Design solutions using Cisco DMVPN/IWAN features.
• Implemented WAN connectivity to test and turn-Up IWAN link.
• Strong experience in Network Security using ASA Firewall, Checkpoint, Palo Alto , Cisco IDS/IPS and IPSEC/SSL VPN, F5 BigIP Load Balancer
• Experience to configure DNS Change requests nd adminatration leased time.
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Provided service and 3rd level escalation support for DNS, Internet Email, global server load balancing (F5 3DNS and GTM), local network load balancing F5 LTM, web and ftp proxies, VPN , and other network related solutions.
• Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
• Gained hands on experience with VLSM, STP, VTP, VLAN Trunking.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and PALO ALTO rules.
• Configuring rules and maintaining PALO ALTO F irewalls & Analysis of firewall logs using various tools.
• Installed and set up Cisco routers and switches according to deployment plans.
• Applied access lists and NAT configurations based on implementation guidelines.
• Managed and developed network projects designed to strengthen network continuity and deploy security elements in an attempt to meet and exceed contract requirements, including system analysis and troubleshooting.
• Change management, monitoring network performance with network tools.
• IP Distribution for existing devices and new devices as they were added.
• Preformed maintenance on equipment as necessary, performing device upgrades, modification of configurations, password changes and diagnostic testing.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in an event where a core router became unreachable.
• Responsible for maintenance of multiple CheckPoint-1 firewalls on NT environment
• Worked with vendors and Engineering team to test new hardware and procedures.
• Prepared and maintained documentation using MS Visio and MS Office (mainly Word, Excel).
• Basic and advanced F5 load balancer configurations, general troubleshooting of the F5 load balancers.
• Route configuration and point code checks for System Technician and Network Technician.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Worked with other team members in testing of the network architecture.
• Implemented, configured redundancy protocols HSRP, VRRP, GLBP for Default Gateway Redundancy.
• Upgrade multiple Checkpoint firewall and NG on distributed NT environment. And manage network security policies which include access control, NAT, content security and authentication.
• Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds.
• Monitored network for optimum traffic distribution and load balancing using Solar winds.
• Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Experience in migration of VLANS.
• Primary responsibility is to design and deploy various network security & High Availability products like Checkpoint, Cisco ASA other security products
• Estimated Project costs and created documentation for project funding approvals.

Confidential, Oshkosh, WI.

Sr. Network Engineer

Responsibilities:

• Responsible for company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Building the VPN tunnel and VPN encryption.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN
• Creating and provisioning Juniper SRX firewall policies
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Implemented TCP/IP and related services like DHCP/DNS/WINS.
• Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Implemented VPC, VDC on Nexus Switches and also configured FEX.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Implement automated audit logs and protect log data and Monitor and test security controls in PCI Infrastructure.
• Maintain an information security policy and incident response plan in PCI.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco ASA 5500.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls, CISCO PIX 506, PIX515.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Involved in Switching Technology Administration including creation and management of VLANs, Port security, Trunking, STP, Inter-Vlan routing and LAN security.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.
• Worked on datacenter migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert datacenter PIX rules over to the Cisco ASA solution.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Updated documentation as necessary.
• Preformed IOS upgrades on Cisco routers and switches.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Server load-balancing utilizing F5 LTM-BigIP, including, AFM, APM and ASM modules.
• Maintaining and load balancing: web server traffic for customers using F5 load balancers.
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and RIVER BED and Wireshark.
• Worked as a team with other engineers to design, install, implement, and configure ASR 9K Network for interconnectivity, and egress redundancy.
• Troubleshoot basic BGP routing issues on Cisco 12xxx and Cisco CRS series.
• Propose network redesign based on client hardware guidelines, network policies and individual site’s unique characteristics.
• Implementing, troubleshooting and maintaining AP, WLC, WCS, NCS

Confidential, Union, NJ.

Network Engineer

Responsibilities:

• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Installed Solar winds Network Performance Monitor with traffic analysis, application & virtualization management, configuration management and other modules additionally installed. Tuned modules, customized the specific platforms used and trained staff. Support other smaller customer sites on similar analyze-recommend-implement site-wide upgrades and troubleshoot issues.
• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
• Vulnerability Management using Security Information & Event Management
• Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
• Monitoring network platforms include IBM Tivoli Netcool management systems, Siebel CRM, WebTop, utilizing HP Service Manager 9 logging tools.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Network design and administration experience.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Documentation and Project Management along with drawing network diagrams using MSVISIO.

Confidential, Deerfield, IL.

Network Engineer / Subject Matter Expert

Responsibilities:

• Working with Network Design and implementation teams on various projects across related to Branch, Campus and Data Center.
• Designing and deployment of Partner IPSEC VPN tunnels.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
• Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Configuration of Site-to-Site & Client to Site VPN’s on Cisco PIX/ASA Firewalls & IOS Routers.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures
• NAT and access rules on PIX/ASA Firewall
• Experience configuring Virtual Device Context in Nexus 7010
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Performed OSPF, BGP, DHCP Profile, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Configuring and Troubleshooting of Multicasting.
• Performing the ACL requests change for various clients by collecting source and destination information.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) & ASR 1K & 9K Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, BlueCoat Proxy and Riverbed Steelhead appliances
• Performed Break Fix support through driving to different buildings, identifying the root causes.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Experience working Juniper T-Series, M-Series, MX-Series, J-Series Routers.
• Configure Corporate, Wireless and Lab Devices which includes Bandwidth Upgrade, Adding New Devices, Decom the Devices, Testing( Pilot ).
• Configured routing protocols like MPLS, OSPF and troubleshooting layer3 issues.
• Worked on Aruba Wireless LAN Implementation for 11n Infrastructure Across the Corporate Network.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Familiar with various MSIT Tools to check Networking Connectivity, Testing, Configuration and Adding or Removal of IP address blocks, Decoming or Adding the Devices.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.

Confidential, San Diego, CA.

Jr. Network Engineer

Responsibilities:

• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Worked with telecom vendors in regards to network fault isolation.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Configured CIDR IP RIP, PPP, BGP and OSPF routing.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, MPLS, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Management and Deployment on Checkpoint Firewall.
• Use Checkpoint to establish Point-to-Point tunnels.
• Ability to use NAT and Firewall security policies in Checkpoint.
• Experience In working on Configuring Multicast.
• Identify, design and implement flexible, responsive, and secure technology services
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Configured egress and ingress queues for ISP facing routers using CBWFQ.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Configuring Multi-Protocol Layer Switching (MPLS).
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation using VISIO.