SUMMARY:

• Network Engineer with Over 7+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Extensive experience in Windows 2008 R2/2008/2003 Wintel Servers at single or multi domain platforms.
• Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Confidential PIX 535, 520, 515, ASA - 5500 and 5505.
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Brief idea on Network Service Orchestration(NSO) and Multi-Vendor Service Orchestration(MVSO).
• Extensive understanding of networking concepts like Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, SRX5800), Confidential Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k).
• Well Experienced in configuring protocols HSRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Experience in migration of IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, 9999Transport Relay Translation (TRT), NAT64, DS-Lite and DNS64.
• Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
• Experience in Cloud Based Networking and SD-WAN.
• IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
• Experience in Disaster Recovery management
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, Confidential works and RIVERBED and Wireshark.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000 for the corporate applications and their availability.
• Worked on Confidential Catalyst Switches 6500/4500/3500 series.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Confidential Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks Firewall models ( PA-2k, PA-3k, and PA-5 k ).
• Administration, Engineering, and Support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing and wireless.
• Experience in working with Confidential Nexus Switches and Virtual Port Channel configuration.
• Experience with Checkpoint VSX, including virtual systems, routers and switches.
• Policy development and planning / programming on IT Security, Network Support and Administration.
• Experience with Firewall migrations from PIX firewall to Confidential ASA and Juniper SRX firewall appliances.
• Configuration of Network and Security devices such as Confidential routers and switches ( Confidential 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Confidential FWSM), Load Balancers and DNS and IP Manager (Infoblox)
• 24 x 7 on call support.

TECHNICAL SKILLS:

Cisco router platforms: 2500, 2600, 2800, 3600, 3700, 3800, 7200, 7609.

Cisco Switch platforms: 2900XL, 2950, 2960, 3560, 3750, 4500, and 6500

Firewalls & Load Balancers: Confidential ASA 5585, 5550, 5540, Juniper SRX5400, 5600,5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Palo Alto PA-3060/2050, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810.

Routers: Confidential routers (1900, 2600, 2800, 2900, 3600, 3800,3900,7200, 7600), Confidential L2 & L3, Juniper routers (M7i, M10i, M320, AC753)

Switches: Confidential switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 5548 &7010)

Routing: RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI.

Secure Access Control Server: (ACS) for TACACS+/Radius.

VOIP Devices: Confidential IP phones, Avaya.

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP

Network management: Infoblox, SNMP, Confidential Works LMS, HP Openview, Solar winds, Ethereal.

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN.

Redundancy protocols: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

Software: Microsoft Office Suite, MS SQL Server 2008, HTML.

Language: Unix, Turbo C / C++, basics in Perl and Shell scripting.

PROFESSIONAL EXPERIENCE:

Confidential, Indianapolis, IN

Network Engineer

Responsibilities:

• Implementing security Solutions using PaloAlto Pa-5000/3000, Confidential ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) and GTM’s for managing the traffic and tuning the load on the network servers.
• Configure Syslog server in the network for capturing the log from firewalls.
• Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
• Configure and Monitor Confidential Sourcefire IPS for alerts.
• Experience working on Network support, implementation related internal projects for establishing connectivity in various field offices and Datacenters.
• Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
• Implemented configuration back-ups using WinSCP, cyberfusion to automate the back-up systems with the help of public and private keys.
• Documentation involved preparing Method of Procedures (MOPs) and Work Orders. Also creating and submitting Remedy tickets for user auditing.
• Co-ordinated and Upgraded F5 LTM’s and Confidential ASA’s IOS images during window time.
• Running vulnerability scan reports using Nessus tool.
• Configure B2B VPN with various business partners and 3 rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including crypto map, encryption domain, psk etc.
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Troubleshoot connectivity issues and Monitor health of the firewall resources as well as work on individual firewall for advanced troubleshooting.
• Working on Service now tickets to solve troubleshooting issues.

Environment:: Confidential ASA, Checkpoint, Palo Alto, Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN.

Confidential, Raleigh, NC

Network Engineer

Responsibilities:

• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Configure and administer Confidential ASA Firewalls (5585, 5550, and 5540) and use command line CLI, Confidential CSM, ASDM for day-to-day administration.
• Configured Panorama web-based management for multiple firewalls.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Active/Standby and Active/Active HA configuration on Confidential ASA Firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Experience on ASA firewall upgrades to 9.x.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• Use Tools such as SKYBOX for Firewall Policy optimization and rule base Clean up.
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Understand different types of NAT on Confidential ASA firewalls and apply them.
• FWSM configurations in single/multiple context with routed and transparent modes.

Environment:: Confidential routers and switches, Access Control Server, F5 load balancers, Juniper SRX, Palo Alto, checkpoint, VLAN, Trunk Protocols, Confidential ASA, DHCP, DNS, Spanning tree, Nimsoft.

Confidential, Mount Laurel, NJ

Network Security Engineer

Responsibilities:

• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• I worked on Check Point Security Gateways and Confidential ASA Firewall.
• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
• Implemented Active/ Standby HA configuration on Confidential ASA Firewalls.
• Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, building Fortigate High Availability using Fortigate Clustering Protocol (FGCP).
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Confidential ASA Firewalls.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Documentation and Project Management along with drawing network diagrams using MSVISIO.

Environment:: Confidential 7200/3845/3600/2800 routers, Confidential ASA, Checkpoint, NAT, Forti Manager, Fortigate, MS VSIO, TACACS, Nexus5K/7K, Confidential 2990/3550/6550 switches, Confidential 7200/3845/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels Juniper VPN's and SSL.

Confidential, Farmington Hills, MI

Network Engineer

Responsibilities:

• Implemented cable multi-service operator (MSO) to capture traditional Telco subscribers with IP telephony and provide relevant QOS.
• Configured EIGRP, BGP, and MPLS.
• Configure Firewall, QOS by SDM and provide security by Prefix list, Access- List and by Distribution List.
• Moved Core switches and several non- Confidential devices under strict deadlines to maintain network functionality
• Implemented new ultra-secure networks in multiple data centers that included Confidential, Juniper security devices.
• Designed VLAN’s and set up both L2 and L3 logical to have it communicate to the Enterprise network.
• Scheduled preventive maintenance for fire-protection systems, including new protocols. Utilize MS Windows, Word, and Excel for reporting/documenting process.
• Satisfactorily Resolved Problems in timely manner with focus on providing a high level of support for all customers.
• Standardize all WAN and LAN hardware, IOS images and configurations for a range of Confidential products.
• Supported a switched VLAN environment consisting of EIGRP and BGP routing protocols.
• Worked on Confidential 6500 Series switches with dual MSFC cards for redundancy and Layer 2 and Layer 3 functionality, 3750 switches (layer 2 and layer 3), 4000, 3550 switches, 7300, 3640 routers and 2611XM routers.
• Supported Multi-Protocol Layered Switched (MPLS) WAN to enhance inter-office connectivity within North and South India.
• A totally redundant solution was implemented by utilizing dual global carriers with a primary and shadow circuit terminated on Confidential 3745 routers and redistributing EIGRP routes via BGP.
• Handling clients and vendors for network issues like latency, link failure, connectivity, and packet drops.
• Monitoring the network with SNMP and Syslog server.
• Using management tools Confidential works, Remedy, Changelite, Spectrum, Visio, sniffers and network analyzer.
• Implemented and maintained Shell scripting on Unix nodes
• Configured Client VPN technologies including Confidential ’s VPN client via IPSEC.

Environment:: Confidential routers and switches, Access Control Server, VLAN, Trunk Protocols, Unix shell scripting, Confidential ASA, DHCP, DNS, Spanning tree, HSRP, VRRP, IPSec and MPLS

Confidential

Jr. Network Engineer

Responsibilities:

• Primarily responsible for incident and problem management.
• Schedule changes and work through maintenance requests over weekends.
• Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
• Configuration of Confidential Routers (3600, 4000 Series) and 3550, 4500 series switches.
• Creating groups, users and policies in Active Directory.
• Troubleshoot and support Confidential Core, Distribution and Access layer routers and switches
• Built IPSec based Site-to-Site VPN tunnels between various client locations.
• Point-to-Point, Frame Relay, T3, ATM, WAN troubleshooting.
• Debugging abilities at L1, L2, L3, and L4 protocols in an Internet-centric environment. Troubleshooting Active Directory, DNS, and DHCP related issues.
• Domain Controller, DNS, DHCP, server backup and recovery.
• Configured OSPF on Confidential devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
• Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up.
• Configuring/Troubleshoot issues with the following types of routers Confidential (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Confidential 3640 to Confidential 2811 ISR routers and switches at access level to 2950, 3550.
• Configuring Vlan’s, VTP’s, enabling trunks between switches.
• Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
• Plans, coordinates, implements and supports the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.
• Troubleshoot Frame Relay; T1, T3, IP and OSPF related router and circuit issues.
• Documenting and Log analyzing the Confidential PIX series firewall.
• Excellent Troubleshooting Skills and Customer Centric approach.

Environment:: Confidential 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP and Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Confidential 2990/3550/6550 switches, Confidential 7200/3845/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels Juniper VPN's and SSL.