SUMMARY:

• 8 years of IT experience in design, development, implementation, troubleshooting and maintenance of complex Network & Security devices, Network Security, Linux Kernel Programming.
• Expertise in network protocols, Firewalls and Communication Network design.
• Experience with Troubleshooting tools for example protocol analyzers, load generators & network traces
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, sub - netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Corporate trainer for certification like CCNA, CCNP, Hardware & Networking.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Experience with design and implementation of Virtual Switching System (VSS).
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• In-depth knowledge of Linux Kernel Programming (Module Programming).
• Good domain knowledge in Linux source code 2.6x & Shell scripting.
• Network security including NAT/PAT, ACL, VPN Concentrator.
• Cisco VPN Concentrators, F5 Fire pass SSL VPN, 6509 Core Datacenter designs.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• In-depth Cisco technology experience/knowledge in design, implementation, administration and support.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience
• Designing, Implementing and Troubleshooting Cisco Routers (2800,2900,3900,3800,7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Checkpoint, Cisco PIX & ASA devices
• Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
• Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
• Strong Hands on experience in installing, configuring and troubleshooting of Cisco 12404,12406,7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Network Security - Anomaly Detection in Attack Prevention System, Network and Host IPS/IDS, Cisco PIX firewall, Vulnerability scanning, Penetration testing, Buffer Overflows, Cross Site Scripting,
• Security consultant for Bombay Stock Exchange, India and Kotak Securities Pvt. Ltd and many more, involving web application testing, Penetration testing, Session Management.

TECHNICAL SKILLS:

In: depth technical knowledge and diagnostic skills on all layers of the TCP/IP protocol stack and internetworking including protocol analysis and several TCPIP-based application

Programming: C Programming, Linux Kernel Module Programming, TCL/TK, Perl, Network Processors (Programmable Chips), Redhat Linux

Security: Anomaly Detection in attack prevention system, IPS/IDS, Penetration Testing and Web application testing, Buffer Overflows, Cross Site Scripting, Session Management, Cisco PIX, and Security attacks like DoS, DDoS, Spoofing, Nessus & Cisco IOS, Cisco Works

Protocols & Standards: TCP/IP Protocol Suite, Ethernet, Token Ring, FDDI, OSPF, EIGRP, Rip, BGP, HSRP, L2/L3/L4/L7 Switching, VLAN s, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.

Networking: Network Design & Engineering, Operations Research, Cisco Routers (800, 2600, 2800, 3800, 4500), Switches (2950, 3560, 6500), Snort network intrusion detection systems (IDS). Network penetration testing tools like NMAP, Net filter, IP Tables, Ethereal, SONNET, MPLS, DSU/CSU

PROFESSIONAL EXPERIENCE:

Confidential, CA

Sr. Network Engineer

Responsibilities:

• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Perform root cause analysis on the problems coming across Project execution
• Maintained a BGP/MPLS infrastructure
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• FABRIC PATH in nexus...
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
• Experience in working and designing configurations for vPC, vPC domian, vpc peer-gateway, vPC peer-switch, auto-discovery, and vPC single sided, vPC double sided, NX-OS, VFR, Otv, fabric path.
• Configuration of Voice FX0 ports on the routers for SRST (Survivable Remote Site Telephony) and SRST testing after carrier numbers are ported over.
• Experience with Cisco Call manager.
• Implemented and troubleshot Cisco Call Manager.
• Configured and Managed one Wireless VoIP Test environment using Cisco Call Manager, Cisco 7920 Wireless Phones and VoIP software for Laptop.
• Design to implement IP based Video Surveillance in the 1100+ CBNA branches and HVAC controls. Add VoIP subnet to Branch Devices
• Design and implementation of GET VPN architecture used for multicast and unicast communication on an existing IP VPN.
• Decommission serial T3 circuits and replace with MPLS circuits. MPLS clouds were provided by carriers ATT, Verizon or Level 3.
• WAN Pilot project to convert branch from dual T1 circuits to iWAN only broadband circuit. To Enable Internet WAN connectivity for the Lab in Hauppauge. Test and turn-up IWAN link and disable the 2 existing T1 circuits, running branch on IWAN only. After testing was completed site will be placed back on either dual TDM circuits or TDM with IWAN backup circuit.
• Experience Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Work with Carrier to test and turn-up circuits.
• Experience in design and implementation of new branch/New Campus test and turn up.
• Implementing & Troubleshooting of T1, MUXES and CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Involved in configuring IP Quality of service (QoS)
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
• Experience with deploying the Layer 3 MPLS VPN in all the Branches and Campus locations.
• Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
• IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Provided redundancy in a multi-homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX
• Security appliance, Failover, DMZ zoning, &Configuring VLANs/routing/NATing with the firewalls as per the design.
• Network security involves web filtering on internet sites (User's restriction) using Palo Alto and checkpoint Firewalls.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Implementing VoIP solutions using SIP & H.323 for Cisco routers 2851, also have sound knowledge of Avaya VoIP products
• Manage and provide guidance to junior members of the team.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Replace branch hardware with new 2851 routers and 2960 switches.
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO.

Confidential, Burns Harbor, IN

Network Engineer

Responsibilities:

• Maintain and track the status of device supplied to the client.
• Coordinating with JTAC for faulty part replacement and configuring standby device to support customer with minimal downtime.
• Installation & Maintenance of Juniper switches, routers & firewalls for Tata Consultancy Services onsite as per contract.
• Implemented various EX, SRX & J series Juniper devices.
• Installed controller and light weight access point coordination with JTAC.
• Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multi-Layer Switching.
• Performing onsite data center support including monitoring electrical power, switch alarms, network alerts and access logs.
• Installation and trouble-shooting of routing protocols like static and dynamic.
• Implemented site to site VPN in Juniper SRX as per customer.
• Developing access lists to meet user specifications.
• Supporting core layer, distribution layer and access layer issues.
• Tracking and installation of requirements & development by working with client and related teams to implement changes.
• Preparing weekly reports and follow- up with clients.
• Update data related to network configuration, setup and implementation of Juniper Topology.
• Coordinate with Project Managers, sales and call center (customer service) to deliver best quality of service to the customer.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Maintain connectivity for approximately 300 switches and routers in a 500+ node network.
• Troubleshooting any and all network problems involving LAN, WAN, BGP, EIGRP, MPLS/VPN, VRF - VPN Routing and Forwarding Instance, SIP Trunking, Internet ISP, Multi homed - BGP with Level-3 Datacenters.
• Experience with deploying Fabric Path using Nexus 7000 Devices
• Experience with configuring OTV between the data centers as a layer 2 extension.
• Experience with configuring FCOE using Cisco Nexus 5548.
• Implemented cluster and configuration of SRX-100 Juniper firewall.
• Implemented cluster and configuration of SRX-110 Juniper firewall.
• Installed Trapeze-MX 2800 wireless controller and light weight access points.
• Working with MPLS Designs from the PE to CE.
• Experience with designing and deployment of MPLS Traffic Engineering
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Design and deployment of MPLS QOS, MPLS Multicasting per company standards.
• Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration
• Implemented Virtual chassis of EXseries Juniper switches as per client requirement.

Confidential, Raleigh, North Carolina

Network Engineer

Responsibilities:

• Involved in configuring IP Quality of service (QoS)
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1)
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches
• Involved in designing GRE tunnels for encryption of data flow from source to destination
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP product
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Hands-on experience on Checkpoint Firewall R77, Palo Alto and Cisco ASA 5520 firewalls.
• Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Net info, Info man Virtual Change) and experience with developing network design documentation and presentations using VISIO.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES and CSU/DSU and data circuits.
• Have experience with Cisco Works LAN Management Solution.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.

Confidential, Meadows, IL

Network Engineer

Responsibilities:

• Work on different connection medium like Fiber and Copper Connectivity.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Configured and troubleshoot OSPF and EIGRP.
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Support various Routers like 2600/3600/7200 series routers.
• Tested authentication in OSPF and BGP.
• Performed and technically documented various test results on the lab tests conducted.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
• Responsible for Configuring SITE TO SITE VPN on VPN Concentrators series between Head office and Branch office
• Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Configured Firewall logging, DMZs& related security policies & monitoring
• Hands on Experience working with security issue like applying ACL’s, configuring NAT and VPN
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Planning and configuring the entire IP addressing plan for the clients' network.
• Assist the certification team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.