SUMMARY:

• Experience in Networking and Security of 8 years, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.
• Experience in working with Cisco Catalyst series 2900, 3560, 3750, 3650. 3850, 4500, 4900, 6500.
• Experience in working with Cisco 2800, 3600, 3800, 3900, 7200 7600 series Routers and Juniper: M320, MX80, MX480, MX960 and EX4200, EX8200 series switches.
• Experience with Cisco routers ISR 4K, 2921, 891, ASR1k
• Hands on experience in configuring Cisco Nexus2232, 2248, 5548, 6001 and 7018(Sup 2E) and worked on nexus protocols VPC, VRF, VDC and FEX Links.
• Experience with Cisco Catalyst switches 6500, 4500, 3750, 3500, 2960
• Experience with network management tools and technologies such as Cisco ISE, Cisco Prime, Solarwinds
• Experience with enterprise monitoring tools like EMC Smarts, SCOM, HP OpenView/IMC, Solarwinds
• Implementing, maintaining and troubleshooting switching tasks such as VLANs, VTP, VLAN Trunking using ISL and 802.1Q, STP, IGMP,RSTP, PVST+, Etherchannel using LACP and PAGP, Inter-Vlan routing, CEF and DCEF.
• Experience in Layer 3 Routing protocol configurations: RIP, EIGRP, OSPF, BGP, & MPLS,ISIS and Layer 2 Routing protocol configurations: ATM/Frame Relay, IP services such as Quality of service (QoS) and VPN technologies: IPSEC & SSL.
• Experience working with BIND for implementing Domain name System for the internet
• Experience working with Network Management Systems, SolarWinds, Nagios, CheckMK
• Experience working with database security tools like Imperva, Oracle ASO
• Hands on experience of firewall appliances Cisco PIX and Cisco ASA, Checkpoint
• Support of firewall technologies includes Fortinet firewalls. Administration, troubleshooting and engineering background is required. Knowledge of other firewall technologies (Checkpoint/PIX/Net screen a Plus)
• Experience working with basic form of NAC the 802.1X standard
• Experience working with network monitoring tool Nagios.
• Performed Network operations by health monitoring using NMS such as solarwinds and wire shark, issue and incident resolution using ticketing system and workflow software
• Experience working with open source monitoring Wireshark and NTOP
• Experience working with multilayer architecture SME server
• Experienced in configuring, deploying, maintaining, and troubleshooting of routing protocols like RIP, OSPF, EIGRP, Policy routing, and BGP on Cisco routers.
• Assisted in designing the new site, configured and Implemented ASR 1001 as a part of migration. Used Cisco prime to figure out the number of WAP’s required at the new location.
• Added centralized management using Cisco Prime Infrastructure
• Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS, and Cisco Prime.
• Experience Working with HP Automation software, For automating the complete operational lifecycle of network devices from provisioning to policy-based change management
• Implemented MPLS/VPN services for various customers and ACS configuration for RADIUS & TACACS+.
• In-depth knowledge on Route Manipulation, Filtering and troubleshooting route re-distribution across multiple protocols.
• Migrating from Cisco and Juniper to Palo alto networks
• Experience working with Disk storage system like HP XP P9500
• Experience working with Netapp to enable efficient management of data stored on disk, and integrate with major software packages used by customers.
• Switches ASR/CSR routers and firewalls
• Experienced in DNS, DHCP, SMTP, FTP, HTTPS and web security architecture
• Strong problem-analysis talent, driven by a global view/attention-to-detail approach. “Hands on” technical knowledge Experience with different Network Management Tools, like Sniffer, HP-Openview, Cisco WAN manager, and Cisco works support 24 x 7 Network Operations Center
• Experience in working with Solar wind Log & Event Manager and Virtualization Manager
• Understanding of Cisco based VoIP systems and quality of service
• Understanding of Cisco Dynamic Multipoint VPN( DMVPN) technology
• Worked on implementing first hop redundancy protocols like HSRP, VRRP, and GLBP.
• Network security policies like NAT, PAT, VPN, DMVPN, Route-maps and Access lists.
• Worked on WAN technologies such as Frame-relay, PPP, MLPP, HDLC, and DS3.
• Maintaining and updating inventory using Network Management Application layer softwares like SNMP, Wireshark, NTP, and Syslog.
• Wireless (Wi-Fi) client troubleshooting.
• Experience scripting with Python and Perl
• Experience working with C programming language .
• Network automation, including involvement in the formulation of a structured training plan
• Worked with Infrastructure Team, build and maintain an isolated network environment suitable to test applications, automation, infrastructure initiatives, system upgrades, and server patches prior to deployment in the production environment.
• Configured Cisco Wireless NetworkslikeIEEE 802.11 a/b/g/n, LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, RF spectrum characteristics.
• Performed security operations on ASA firewalls.
• Good understanding of the UNIX/LINUX
• Experience in configuring and troubleshooting Checkpoint and Palo Alto firewalls.
• Experience in Physical cabling, IP addressing & Subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Experience in Terminal Access Controller Access-Control System (ACS TACACS)
• Managed enterprise grade server/application load balancing using F5 LTM/GTM.
• Drawing Visio Diagrams using MS Visio for documentation purposes
• Provides technical leadership for problem escalation and resolution.
• Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.
• Experience working with Nimsoft tool.
• Hands on experience on Up-gradation of Cisco IOS & Firmware of different Cisco devices & modules.

TECHNICAL SKILLS:

Routers: Cisco 2600, 3600, 3800, 7200, 7600, Juniper Routers M20, M10

Cisco Catalyst Switches: 2960, 3750, 4500, and 6500 and Nexus 2232, 2248, 5548, 6001, 7018 series

LAN Technologies: Ethernet Standards, VLAN, Inter-VLAN, VTP, STP, RSTP, SMTP, Ether Channel, PortFast, ACL, Light weight access points

WAN Technologies: Frame relay, (E1/T1/E3/T3) lines, PPP, HDLC.

Routing Protocols: RIP V1/V2, EIGRP,IGMP, OSPF, BGP, Static Routing, Summarization

Gateway Redundancy: HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP)

Network Security: Cisco ASA, IPSEC, Palo Alto PA 500, PA 3020, Juniper SRX, Bluecoat Proxies

Network Management Tools: Wireshark,ISE, Netflow Analyzer, IBM Netcool,Hpnnm,SolarWinds,Bluecoat, Nagios

Applications: MS Office, MS Visio 2010

Operating Systems: Windows (98, 2000, XP, 7)

Load Balancers: Cisco CSM, F5 Networks

WORK EXPERIENCE:

Confidential, Des Moines, IA

Sr. Network Engineer

Responsibilities:

• Worked with Cisco Layer 3 switches 3750, 4500, 6500; Cisco Nexus 2248, 5548, 6001 and 7018 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, ether channel.
• Installed Catalyst 6509E switches with 40GE and 10GE line cards; ConfiguredVSS on it.
• Performed daily network operations including checking sanity and health of network devices using NMS. Performed network configuration remediation and standardization.
• Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path.
• Technical Responsibilities include technical lead/level 3 support which included Cisco WAN NetworkCore, Distribution, and Access Layer, Bluecoat, F5 load balancer, Riverbed, netbotz, and APC Enterprise Manager, configuration and installation of Cisco routers using standard routing protocols, configuration and installation of Cisco Catalyst switches
• Managed Solarwinds Orion Network Performance Monitor management suite for constant and proactive monitoring of servers and network equipment in both Live andTest and Environments. (NPM, SAM, NCM, IPAM, WPM).
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Proactive monitoring using HP NNM, manage the alerts generated and troubleshoot of network devices accordingly
• Configured the node to matche a specific node configuration to make use, NNM uses any communication values in that configuration.
• Performed Role-based controls of user using NAC for device, application or security posture post authentication
• Worked with Nagios monitors the network for problems caused by overloaded data links or network connections, as well as monitoring routers, switches
• Responsible for monitoring availability, uptime and response time of every node on the network using Nagios.
• Responsible for maintaining NAC solutions to prevent end-stations that lack antivirus, patches, or host intrusion prevention software from accessing the network
• Experience working with Network Access Control (NAC) for control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices
• Monitor the Wi-Fi network for downed access points, backhaul circuits including point to point and point to multipoint circuits, switches, gateways and access point controllers
• Tuned Enterasys wireless system in 800,000 sqft warehouse for proper coverage in complex RF environment.
• Integrated monitoring of multiple network vendors including Enterasys, Extreme, Cisco, and HP
• Proposed upgrades, installed and configured solar wind Log, Event Manager and solarwinds Orion modules for network infrastructure monitoring purposes
• Set up and secure Wifi Access points, and assist clients with clever SSIDs and stronger passwords.
• Performed corporate data center refresh project by replacing existing Catalyst based legacy switches to Nexus 7000s, 7100s, 5000s, 2000s & Nexus 6000. Worked on latest QSFP+ 40 GE interfaces which were used for Access layer fabric aggregation. Very good understanding on Nexus 7K architecture including F series and M series modules, the Crossbar fabric modules and Supervisor 2E.
• Responsible for maintaining the entire switching domain across the campus of Head Office and also the Layer-2 campus network across the remote branches which included configuring VLANs and Trunks, Spanning Tree protocol, Port-Security, VLAN-MAPs and DOT1X for switches and Wireless.
• Possess good experience in configuring and troubleshooting WAN technologies like MPLS, T1, T3, DS3 and ISDN.
• Worked with WiFi Access Point Controller: Ericsson, Ruckus and Cisco WAPs and WiFi Controller, Tunnel Termination, Radio Interference Management and Mobility Control.
• Responsible for WiFi Access Gateway (Cisco ISG ASR 1K) - VLAN configuration, Policy Enforcement, Portal Redirection, Accounting and Session Management, NAT and Egress Router
• Worked with a team of Wifi Nokia ALU 7750 - Wireless Access Gateway (WAG).
• Worked with Aggregation Switch (Nexius 3K, Cisco 4900M)- Aggregation for WiFi Controllers and ASR routers ALU AAA 8950 RADIUS Server
• Configured pools, virtual servers, nodes on different BIG-IP F5 load balancers, Bluecoats Proxies, Riverbed WAN Optimizers and assisted in modifications of virtual server configuration on existing applications.
• Commissioning and decommissioning, configuring, URL and Web filtering, SSL Certificates, monitoring, SNMP traps, logging, blocking on Palo Alto devices, migrating from one network to other
• Worked with SME server with Firewall application for selective address or port binding, application-level access control lists, and protects the internal network from any intrusion.
• Experienced in working with SME which hosts applications like webmail access to email using any browser, 128-bit PPTP (for secure client-to-server VPNs) and open secure shell (SSH) to provide encrypted access to the internal network.
• Provide Tier III Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM).
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Bluecoats Proxies and Riverbed WAN Optimizers
• Worked with Imperva securesphere web application firewall (WAF) to analyze all user access to business web applications.
• Worked with securesphere WAF for patented Dynamic application profiling to learn all aspects of webapplications which include Directories, URLS.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Responsible for Checkpoint firewall management and operations across our global networks.
• Configured policy statements, routing instances, route manipulation on OSPF and BGP.
• Configuring, monitoring and troubleshooting of Checkpoint and Cisco ASA firewall administration across our global network.
• Deploy a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable and also got a good understanding on deployment of Identity Service Engine (ISE).
• Responsibilities on Checkpoint firewall includes rule analysis and modification of policies, NAT statements, updating IPS signatures, creating network exceptions, monitoring, troubleshooting and upgradation of firewall as per the latest version. Experience with command line verification.
• Configured and deployed BGP multi-homing and did operations on day to day basis with ISP peer-ship and troubleshoot internet based performance issues.
• Integrating & Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance & perform CoA for remote
• Responsible for system database monitoring using imperva
• Performed WAN link commissioning and troubleshooting, including coordinating with the ISP for new WAN links, and outages.
• Monitoring the NMS system for different Network Alerts
• Implemented GRE tunneling, Site-to Site VPN& multipoint DMVPN using IPSEC.
• Configuration and deployment of Cisco ASA 5540 firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Implement TCP/IP and related services like DHCP/DNS/WINS.
• Configured various advanced features (iRules, Redundancy, SSL Termination, Persistence, SNATs, HA) on F5 BIG-IP appliances
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Performed advanced troubleshooting on Cisco ASA firewalls using packet flow & packet capture methods.
• Deployed new DMZ environment from scratch for the new hosting environment.
• Configured and deployed Application based load balancing using F5 LTMs & site level load balancing on F5 GTMs using 3900 & 6900 BIG-IP appliances.

Confidential

Network Engineer

Responsibilities:

• Troubleshooting day-to-day switching issues with VTP and trunking protocols (like 802.1q and ISL) on catalyst 3560, 3750 and 4500 switches.
• Installation, Maintenance, Troubleshooting Local and Wide Areas Network (ISDN, Frame relay, NAT, DHCP, TCP/IP).
• Used XP P9500 for Supporting a clustering solution that integrates remote mirroring with a high-availability server cluster to provide multisite server and storage disaster recovery
• Participated in on call support in troubleshooting the configuration and installation issues.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA,IGMP, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication
• EIGRP & OSPF routing protocol configuration and administration.
• Maintained infrastructure DDOS protection like Web,EMAIL,FTP across the entire subnets using Imperva
• Worked with Imperva for inspecting all incoming traffic and responsible for filtering legitimate traffic to the enterprise network via GRE tunneling.
• Maintained TCP/IP problems troubleshoot connectivity issues in multi-protocol Ethernet environment.
• As part of Network operations, worked on multiple tickets as per priority and severity levels.
• Performed security operations by adding rules in firewalls and pushing firewall policy as per the incidents and rules requests from users.
• Worked with CRS Carrier Routing system CRS-X,CRS-3 configuration works only for the 8-slot and 16-slot chassis models.
• Experience with CRS-3 IPoDWDM to reduce transport elements while supporting multilayer features.
• Convert WAN links from point to point to MPLS and to convert encryption from IPsec/GRE to GetVPN.
• Performed Network related testing to ensure that the Juniper Networks products operate correctly
• Experience working Juniper T-Series, J-Series Routers
• Configured and troubleshoot Cisco PIX, ASA, FWSM, ACE,Nexus 1000v, and Juniper platforms in a multi-tenant infrastructure
• Configure and maintain both Cisco ASAs and Juniper SRX firewalls
• Implement, monitor, troubleshoot and convergence in Frame-Mode MPLS inside the core.
• Configured various advanced features (iRules, Redundancy, SSL Termination, Persistence, SNATs, HA) on F5 BIG-IP appliances.
• Knowledge on trouble tickets of F5 Load balancers in LTM module.
• Performed firewall troubleshooting by analyzing rules and traffic flow.
• Implement SNMP on Cisco routes to allow for network management.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Configure and manage Networking and Network Security by performing system administration and analysis that include installing and configuring proxies, DNS, IP addressing scheme & IP Subnetting with VLSM, configuring VLANs & Trunks.
• Worked on NX 7010, NX 5548, NX 5596 and NX 2248, BIG-IP 4200, ASA 5525, ASA 5545, Checkpoint R 77.10,R77.20, R77.30, PA 500, PA 3020 and different Cisco products.
• Configured and troubleshoot multiple routing instances (VRF).
• Experience in working with network management tools such as Solarwinds, Scrutinizer, Infoblox NetMRI, monitor network traffic and develop capacity planning initiatives, making necessary recommendations for additional resources or hardware.
• Configure and manage Networking and Network Security by performing system administration and analysis that include installing and configuring proxies, DNS, IP addressing scheme & IP Subnetting with VLSM, configuring VLANs & Trunks.
• Network redesign and configuration WAN and LAN infrastructure utilizing redundant Cisco ASA firewalls, Cisco switches and routers over MPLS and VPN connectivity.
• Configuring MPLS, VPN (IPSEC, GRE) in VPN concentrators and QOS in integrated networks (Data, Voice, and Video).
• Responsible for procurement and installation of hardware, network drives and other IT infrastructure. Document the design, implementation and troubleshooting procedures with Method of Procedures (MOPS).
• Worked on Documentation like creating solution documents and Visio diagrams.

Confidential, Iselin, NJ

Network Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, ISIS,BGP v4. Configured IP access filter policies.
• Configured CIDRIP RIP,IGMP, PPP, BGP and OSPF routing.
• Identify, design and implement flexible, responsive, and secure technology services
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Configured Juniper MX480s, EX8200s, EX4500s and EX4200s.
• Implementation of firewall rules on Juniper 5400, Juniper SRX 3600, 100 on a daily basis, using NSM, as well as CLI when needed.
• Manage all remote firewalls using Juniper NSM and Cisco Security Manager.
• Juniper M20 and M10 configuration support for EBGP/IBGP and OSPF at core level.
• Juniper M20/Cisco 6509 rate-limiting/policing configuration and support in core/aggregator level provisions for customers.
• Provide Load balancing towards access layer from core layer using F5 Network Load balancers.
• Juniper M20 JUNOS and Cisco 6509 IOS upgrade maintenance and support.
• Worked with telecom vendors in regards to network fault isolation.
• Worked with NetApp to make storage appliances based on commodity hardware and proprietary software that aim to make managing vast amounts of storage easy.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc
• Configuring, Monitoring and Troubleshooting Cisco’s PIX firewall, TACACS, ASA 5500 security appliance and Checkpoint NG Firewall. Designing and Implementation experience in building DMZ, and integration of firewalls with Gateway Anti-Virus and web filtering applications from Trend Micro and Websense.
• Experience with Solar wind network configuration and Network performance monitors.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Provide technical consultancy for better application response using QoS.
• Experience With ACS TACACS Authentication Protocol for Allowing client to accept a username and password and send a query to a TACACS authentication server.
• Maintained Checkpoint firewall to implement Internet access policy
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP,IGMP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Estimated Project costs and created documentation for project funding approvals.
• Planned resources and presented project status to higher management.
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.Created and delivered internal trainings for BGP.

Confidential

Jr. Network Engineer

Responsibilities:

• Performed IOS upgrades/Password recovery on Catalyst 1900, 2900 series switches and 2500, 2600 series routers.
• Troubleshooting hardware, software, and other network related problems, and systems Desktop responsibilities included software & hardware installation & configuration.
• Replacement of outdated Cisco switches & routers in existing data centers and installation of new Cisco switches & routers
• Hands on Experience testing iRules using Browser (IE), HTTP watch on f5 load balancers.
• Did racking, stacking, and cabling network-based, IT systems
• Configured Access List ACL (Std., Ext, Named) to allow users all over the company to access different applications and blocking others.
• Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Troubleshot the issues related to L1 and L2 levels.
• Network maintenance checks, configure and manage printers, copiers, and other miscellaneous network equipment.
• Installing operating systems, software and hardware on computers.
• Responsible for Data Backup, System Update, Recovery and Restore, and Spyware removal.
• Assisting Junior and Senior Engineers, on-site management of cable-wiring technicians
• Troubleshoot problems on a day to day basis and documented every issue to share it with design teams.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Worked on network-based IT systems such as racking, stacking, and cabling