SUMMARY:

• An enthusiastic and hardworking network professional with an experience of 9 years in facing and successfully completing the challenges put forth to me in the networking field.
• Profound knowledge in deploying routing protocols like OSPF, BGP, EIGRP, RIP, MPLS,ISP, IP Multicast and Policy routing on Cisco routers like 2600, 2900, 3600, 3900, 7200 and 7600 series.
• Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 4400, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches and also Juniper devices.
• Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enable business functionality.
• Knowledge in integrating with Cisco ACI Fabric for better Network Performance and Manageability.
• Expertise in the area of Virtualization with vSphere, HyperV-VMware ESXi 6/5.5x hosts and Virtual Center server.
• Expertise in configuring of SSH, TFTP, FTP, DNS, DHCP and Syslog and Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Configuration of ACLs in Cisco 5540 series ASA firewall and Palo Alto for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Familiarity with Cat 5/6 and fiber optic cabling for network communication capabilities.
• Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
• Extensive experience in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Client Roaming, Wireless Security Basics, Dual band WAPs, RF spectrum characteristics, AP groups, WLANS, Cisco Prime Site Maps.
• Working expertise in troubleshooting, optimizing and documenting LAN/WAN technologies and T1/T3 WAN technologies.
• Familiar with ServiceDesk Plus, BMC REMEDY & ServiceNow for ticket change management process.
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy.
• Experience in skillful deployment of Layer-2 technologies like VLANS, VTP, STP, RSTP, Inter-VLAN routing, VLAN Trunking, Ether Channels, VLAN access-maps and port security.
• Experience with working on latest Cisco switches like Nexus 2000, 5000, 6000 and 7000 series switches while implementing advanced features like VDC, VPC, OTV and Fabric Path.
• Knowledge gained by working on Cisco firewall technologies like ASA 5580, AAA with Cisco ACS.
• Efficient in configuring and implementing load balancers like F5 BIG-IP LTM, GTM series like 3900, 6900, Cisco CSM, McAfee proxy servers.
• Experience in implementing network security using NAT, PAT, ACL, IDS, IPS and ASA firewalls.
• Experience with Firewall migrations from PIX firewall to Cisco ASA, Juniper SRX firewall appliances and McAfee proxy servers.
• Worked on Checkpoint and Palo Alto Firewall for security of client network.
• Hands on management of Data Center services including racking, cabling, capacity planning, tracking, reporting & inventory control.
• Hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, Docsis, GigE circuits, Firewalls.
• Access control server configuration for RADIUS & TACACS+.
• Hands-on experience in deploying SSL VPN, PULSE Secure, frame-relay, GRE tunnels, Remote Access VPN and Site-to-Site VPN.
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
• Creating security and access policies to the end users using Cisco ISE connected within the network.

TECHNICAL SKILLS:

Firewalls & Load Balancers: Cisco ASA 5585, 5550, 5540, Juniper SRX 5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Palo Alto PA-3060/2050, F-5 BIG-IP LTM (3900 and 6900), Blue Coat SG8100, AV 510, AV810, A10 Load Balancers.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 4400 7200, 7600), Cisco L2 & L3, Juniper routers (M7i, M10i, M320)

Switches: Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 2232, 5548 &7010)

Routing: RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI. Cisco

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems.

Secure Access Control Server: TACACS+/Radius

VOIP Devices & Wireless Technologies: Cisco IP phones, Avaya, CUCM, UCCX, CIPC and UCS

Wireless: LWAPP, WLC, WCS, Standalone APs, Client Roaming, Wireless Security Basics, AP groups, WLANS, Cisco Prime Site Maps.

Network management: SNMP, Cisco Works LMS, HP Open View, Solar winds, ACI, Ethereal

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN, ISP

Redundancy protocols: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

QOS: CBWFQ, LLQ, WRED, Policing/Shaping

Monitoring Tools: Riverbed, Wireshark, Infloblox, Opnet, Nagios, SNTC and Solar winds.

Security Technologies: Cisco FWSM/PIX/ASDM, Juniper SRX, McAfee proxy servers, Pulse Secure, Bluecoat, WSA, Symantec, iSensor Secureworks.

Operating Systems: Microsoft XP/Vista/7,10, UNIX, LINUX, Redhat.

PROFESSIONAL EXPERIENCE:

Confidential, Schaumburg, IL

Network Engineer and Operations

Responsibilities:

• Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems).
• Considerable use of Wireshark captures. Captures obtained by port mirroring, or layer 3 capture inside of Cisco IOS routers, Checkpoint Firewalls or end point devices.
• Physical cabling, IP addressing, Wide Area Network configurations.
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
• Responsible for entire LAN and WAN maintenance and troubleshooting of the company network. Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements.
• Worked with Palo Alto firewalls PA3020, PA5020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Experience with configuring Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5548.
• Troubleshoot across the comprehensive network security issues across the diverse portfolio of Palo Alto Networks Security Products- PAN NextGen firewalls.
• Experienced with Solarwinds monitoring tool. Used to monitor the alerts, Connectivity, Status of the node and bandwidth issues.
• Replaced old Catalyst 6500 and WAN routers from DR testing site and Installed Nexus 9K and ASR 1002 routers.
• Configured Site-to-Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Experienced with Project data and voice documentation tools & experience with developing network design documentation and presentations using VISIO.
• Configured routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4 and also troubleshooting.
• To secure configurations of load balancing in F5, Pulse Secure, SSL/VPN connections, Troubleshooting Cisco ASA firewalls, and related network security measures.
• Deployed and configured the Avocent console server (ACS6000) and worked on some troubleshooting issues too.
• Configured new routes for new endpoints into Palo Alto Firewalls.
• Deployed and executed the Cisco SmartNet Total Care server for the monitoring tool purpose to mitigate the issues in advance and also did installation and configuration for Common Service Platform Collector(CSPC).
• Performed IOS upgrades for Nexus 5548, ISR 4451 and also Catalyst Cisco series switches.
• Worked on WAN connectivity between the two data centers for the branch routers (ISR 4451) of both primary link and back link.
• Performed PCI wireless scans using the Acrylic WI-FI professional and inSSIDer software’s and created the documentation and used to analyze it.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity. Troubleshooting of connectivity problems using PING, Trace route.
• Creation of change tickets and implement according to the customer requirements ServiceDesk Plus ticketing tool.

Environment: Cisco Routers 2600, 2951, 4451, ASR-1002, Switches 2950G, 2960G, 2960S, 3750G, 3550, Nexus 2232, 2248, 5548, 93180, 9504, Palo alto Networks, Cisco ASA 5510, 5540, 5585, F5 Big-IP 3900, ACS 6048, Solarwinds, Nagios, SmartNet total care etc.

Confidential, Washington, DC

Network Engineer

Responsibilities:

• Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Worked on troubleshooting issues on F5 LTM/SNAT related to network, objects and servers.
• Involved in the activity of DATA-Center migration of Cisco catalyst series 4500, 6500 switches with the new Nexus 2248, 2224T, 5548, 6018, 7010 using F3/M3 line-cards with 10GE & 40GE interfaces and Supervisor 2E. Have a good understanding of Fabric Path.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Centrally managed all Checkpoint Firewalls using Checkpoint Gaia r77 & r 80 management server.
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works).
• For capacity planning, I used like modeling tools such as OPNET, NetSim, Netflow and sFlow Analyzer that project the impact of new applications.
• Implementing different roles & realms for the remote users through Juniper SSL VPN.
• Design and implementation of GET VPN architecture used for multicast and Unicast communication on an existing IP VPN.
• Installed and configured HyperV-VMware ESX (4.0), ESXi, and VSphere 4 environments with Virtual Center management, Lab Manager and Consolidated Backup.
• Used Checkpoint smart Console Dashboard to monitor servers and status of firewalls.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Configured HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Implemented security policies using ACL, IPSEC, SSL VPN, Pulse Secure, IPS/IDS, AAA (TACACS+ & RADIUS).
• Configured and deployed VDC and VPC between Nexus 7018 and Nexus 5596, 5548 switches along with FEX 2248. Also, migration from Legacy Catalyst 6509 with SUP-720 to Nexus 7k with SUP-2E.
• Configured routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4 and also troubleshooting.
• Configured HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst.
• Worked with Palo Alto Support for resolving escalated issues and replace branch hardware with new 2851 routers and 2960 switches.
• Conversions to BGP WAN routing, which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links and also ISP.
• Worked on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches.
• Experienced with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO.

Environment: Cisco 4510, 4948, 4507, switches, F5, NGX R55 and R65, Palo Alto, Bluecoat, Nexus 2148, 2224T, 5548, 6018, 7010 Cat 6509, VPC, VDC, VRF, VSS, Cisco ASA, BGP, VPLS, OSPF, EIGRP, QOS, VPM, Solarwinds, STP, VLANS, VTP, Port-Channel, and Switch Stacking.

Confidential, Austin, TX

Network Security Engineer

Responsibilities:

• Performing standard network operations via ITIL standard with Incident Management and Change Management.
• Providing gateway redundancy using HSRP & creating ACL for layer-3 security.
• Creating IP-prefix-list, route-map, offset-list and distribution list for performing route manipulations.
• Working experience in Design Large scale enterprise Wireless networks with AirMagnet, Visiwave and ekahau, Wireless planning and Management Tools like Aruba Airwave and Cisco Prime Infrastructure.
• Migrated catalyst 45XX and 65XX switches to Nexus 7000 switches, where 7018 being the core and 5000, 2000 as the distribution layer switches for data center requirements.
• To secure configurations of load balancing in F5 BIG-IP, SSL/VPN, Pulse Secure connections, Troubleshooting CISCO ASA firewalls, Checkpoint firewalls and related network security measure.
• Configured IPSEC Site-to-Site VPNs to provide secure remote access to vendors and partners using SPA modules on Cisco 6500.
• Worked on OTV to extend L2 VLANs between data centers over IP on Nexus 7018 switches.
• Cisco ASA/Palo Alto Firewall troubleshooting, McAfee proxy servers and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Configured IPSEC VPN tunnels over backup Internet connections for increased availability.
• Worked on functional understanding of DNS DDOS, DOS threats, mitigation techniques and DNSSEC.
• Configured and troubleshooting layer-3 routing protocols like OSPF, EIGRP & BGP.
• Configured and managed layer-2 technologies like VLANs, STP, VTP & port-security.
• Performed OTV to extend L2 VLANs between data centers over IP on Nexus 7018 switches using DATA CENTER Interconnect and underlying MPLS network for ISP.
• Worked with Nexus 6001T switch which is used for low port-to-port latency in the data center using cut-through feature architecture. And configured VDC & VPC+ on these switches along with Nexus 2200 Fabric extenders.
• Experienced with convert Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Palo Alto and Cisco ASA VPN experience.
• Deployed Cisco 6500 series switches with SUP32 & SUP720 and, implemented VSS.
• Maintained Checkpoint 41000 and 61000 systems, Juniper SRX3600 and Palo Alto-5050 firewalls.
• Worked on Firewall rule management as part of network operations to take care of Firewall ACL requests. Maintained ASA 5580 to ensure high end security on the network with ACLs and Firewall. I also performed firewall troubleshooting to resolve application issues in DMZ and server farm.

Environment: Palo Alto, Check point Firewalls, ASA, Blue coat, VPN, VLANs, DMZ, Cisco IOS-XR, STP, RSTP, PVSTP, Citrix NetScaler, VTP, HSRP, Ether-Channel, BGP, OSPF, EIGRP, MPLS, ATM, PPP, HDLC, SNMP, TACACS+.

Confidential, Phoenix, AZ

Network Engineer

Responsibilities:

• Experience in implementation, analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Configure and troubleshoot network and security equipment’s like routers and switches, firewalls, UNIX and Windows servers etc.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.
• On-call support for SAN infrastructure and storage services.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering and existing DMZ environments based on the requirements of various application platforms.
• Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
• Performing network monitoring, providing analysis using various tools like Wireshark, Solarwinds etc.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Monitored traffic and access logs in order to troubleshoot network access issues.
• Provided daily network support for Global wide area network consisting of MPLS, VPN and point-to point site.
• Provided 2nd level support for all Linux-related issues and Configure Linux servers to access SAN and NFS.
• Designed IP Addressing schemes and Switch port assignments, Trunking and Ether-channel implementation.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity. Troubleshooting of connectivity problems using PING, Trace route.
• Implemented PORs (port open requests) based on the requirements of various departments and business lines.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Implemented and troubleshoot (on-call) IPsec VPNs for various business lines and making sure everything is in place.

Environment: Cisco 6505/2950/3550/3500/2960 Switches, Cisco 6500/7500/7200/3800/2800 Routers, Nexus5K, 7K, LTM, GTM, F5 Load balancer, Switching Protocols STP, VTP, RSTP and VLAN; Checkpoint, ASA, OSPF, BGP, EIGRP, RIP, LAN, WAN, SSL/VPN.

Confidential

Jr. Network Engineer

Responsibilities:

• Performed IOS upgrades/Password recovery on Catalyst 1900, 2900 series switches and 2500, 2600 series routers.
• Did racking, stacking, and cabling network-based, IT systems.
• Configured Access List ACL (Std., Ext, and Named) to allow users all over the company to access different applications and blocking others.
• Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Involved in trouble shooting of DNS, DHCP and other IP conflict problems.
• Responsible for Data Backup, System Update, Recovery and Restore and Spyware removal.
• Assisting Junior and Senior Engineers, on-site management of cable-wiring technicians.
• Troubleshoot problems on a day to day basis and documented every issue to share it with design teams.
• Providing documentation by creating MOPs and VISIO diagrams for the network designing team.

Environment: Cisco Routers 2500, 3600; Cisco Switches3500, 2900 and 1900 series; Catalyst 1900,2900 series switches; Routing protocols RIPv2, EIGRP, OSPF; Firewall Security Protocols: ACL, NAT, PAT.

Confidential

Jr. Network Administrator

Responsibilities:

• Configuration, LAN/WAN, Switch/Routing protocols.
• Troubleshooting complex LAN /WAN infrastructure that include routing protocols EIGRP, OSPF.
• Configured Access-lists, Distribution-lists, Offset-lists and Route Redistribution.
• Configured Ether channels, Trunks, VLans, HSRP in a LAN environment. Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Implemented port aggregation & link negotiation using LACP and PAGP.
• Responsible for performing administration on OSPF routing protocols. Implemented route redistribution between OSPF and EIGRP.
• Performed IOS upgrades on various catalyst series switches and maintained latest IOS versions according to company’s policy.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP). Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Worked on network-based IT systems such as racking, stacking, and cabling.

Environment: BMC Remedy, Cisco ASA 5540, BIG-IP LTM, QOS, Policy-maps, Vlans, STP, RSTP, VTP, HSRP, ETHERCHANNEL, OSPF, EIGRP, MPLS, ATM, PPP, HDLC, SNMP, TACACS+, DNS, DHCP.