- 8 years of Experience and having Certifications Cisco (CCNA&CCNP) &Check Point (CCSA - r77), Experience in designing, architecting, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) & firewalls of various vendor equipment.
- Expertise in Cisco Routing and Switching using 3600, 3700, 5300, 6500, 7600 Nexus 9k,7k, 5k, 2k & Router 2600, 2800, 3600, 3800, 7200 ASR 9000,1000 series routers.
- Protocols Awareness: OSPF, EIGRP, HSRP, ACL, VTP, NAT/PAT, CDP, Dot1q, SSH, HTTP, HTTPS, NTP, SNMP, ARP, STP (802.1D), SNMP, DNS & DHCP, QIP .
- Expertise in Configuration of Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN trunking using 802.1Q.
- Design and implement data center environments utilizing technology's such as Fabric Path, VPC+/VPC, FEX’s, Port Channel, STP, SVIs, VLANs including private, OSPF, BGP, VSM, VEM and vEthernet on Nexus hardware 5K, 2K (also B22) and 1Kv as well as IOS data center hardware Cisco Blade Switches, 7600 and 6500 series routing and switching.
- Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
- Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
- Background in network design, including Wide Area Networking (WAN), Local Area Networking (LAN), Multiple Protocol Labeling Switching (MPLS), DS3 with Physical Labelling and IP Addressing.
- Proficiently implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
- Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
- Experience securing and managing remote access using various VPN technologies like IPSec, SSL, and GRE.
- Performed Load Balancing with Big IP/F5 - LTM 3900 and Cisco ACE load balancer
- Extensive knowledge in implementing and configuring F5 Big-IP LTM-3900, and 6900 Load balancers
- Experience in building and implementing access control lists depending on the needs of industry
- Worked on Checkpoint and Cisco ASA 5500 series Firewall providing support and configuring for NAT, PAT & advanced Firewall rules implementation. IPS on ASA’s with Botnet protection
- Deploying and Configaring ForeScout CounterACT as Physical CEM-100 and CEM-150 models and Virtuaval on ESX server
- Installing Web Certificates and configaring poloicy conditions on ForeScout CounterACT
- Configaring Thret protection, by tuning Threat Protection wizard and configaring Microsoft SCCM plugin on ForeScout CounterACT
- Analyzing and Troubleshooting ForeScout CounterACT using HPS logs and Action logs
- Implementing security policies using Cryptography, ACL, SDM, PIX Firewall, IPsec, VPN, and AAA Security on different series of routers.
- Experience in configuring and supporting VPN on Cisco VPN concentrators and 2811 routers
- Reviewing all changes to network configuration for technical accuracy and provide solutions to Multi-Protocol Network problems.
- Strong problem-analysis talent, driven by a global view/attention-to-detail approach. “Hands on” technical knowledge Experience with different Network Management Tools and Cisco works support 24 x 7 Network Operations Center
- Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
Cisco Platforms: Nexus 9K, 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series)
Juniper Platforms: SRX, MX, EX Series Routers and Switches
Networking Concepts: Access-lists, Routing, Switching, Sub netting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi
Firewall: PIX Firewall (506/515/525/535 ), ASA Firewall (5505/5510),Check Point Firewall ( r77)
Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark, Blue Coat proxy
Load Balancers: A10 Networks(AX2500),Cisco CSM, F5 Networks (Big-IP)
WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1,DS3,OC3, T1 /T3 & SONET
LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q
Security Protocols: IKE, IPSEC, SSL-VPN
Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA
\Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix
Confidential, Alexandria, VA
Sr. Network Engineer
- Configured RIP, PPP, BGP and OSPF routing, and involving in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
- Identify, design architecture and implement flexible, responsive, and secure technology services
- Experience with Firewall Administration, Rule Analysis, Rule Modification
- Documented new VPN enrolments in a database and create standard procedures for further improvement.
- Troubleshoot traffic passing managed firewalls via logs and packet captures
- Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
- Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux/ Unix platforms in Development, Lab & Production Environments.
- Supervised and implemented various level of functional test plans for Traffic Signal controller with land line and wireless, signaling of steps and time scheduling and Integration test plans under the environment of Oracle, Microsoft 2003 Server, and Cisco 6500/47xx/3xxx/26xx routers over IP/BGP/MPLS/OSPF, F5, HSRP, GPRS, Cisco WCS/WLSE, and Juniper on M/T/MX series, and Cisco PIX 515 firewall, IDS, and IPS.
- Actively engages HPE Aruba resources and senior executives to build strategic relationships with the partner which ensures long-term business opportunities for HPE Aruba
- Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
- Firewall Clustering and High Availability Services using Cluster XL on Check Point
- Daily responsibilities included design, implementation, support and administration of multiple security products running Checkpoint Provider-1 and VSX, Sourcefire, and ISS Real secure.
- Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
- Created standard access lists to allow SNMP, NTP and logging servers.
- Racking, Stacking, configuring, Nexus 5K and 2K and 7K and 9K.
- Maintained a Network with more than 600 Network devices, some 25,000 end hosts, and the other Network devices like DHCP, DNS servers, Firewall servers.
- Implemented Citrix GotoMeeting, GotoWebinar, and OpenVoice. Creating documentation for the Service Desk
- Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
- Configured and Managed ForeScout CounterACT to identify devices with IP addresses, including network infrastructure, BYOD systems, non-traditional IoT devices (handhelds, sensors and machines) and rogue endpoints (unauthorized switches, routers and wireless access points)
- Troubleshooting using HPS logs and Action logs on ForeScout CounterACT
- Troubleshooting and verification of FabricPath
- Deployment and support of Nexus Switches, UCS R&S, Fabric Path (Trill) to forward Layer 2 and Layer 3 Packet from Classical Ethernet to Fabric Path mode
- Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
- Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
- Provide Tier 3 technical support for Riverbed Pilot, Shark, Profiler and ARX.
- Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
- Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
- Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
- Co-ordinated with the Data Network and Security team and came up with possible solutions.
- Work on Physical site Inventory verification, gather information of various Cisco Network devices and Security Devices to develop Run book and Spec Book.
- Provided proactive threat defense with ASA that stops attacks before they spread through the network.
- Worked on Cisco Switches Sup IV and 6 Blades
- Involved in Shell and PERL scripts to handle files management and performed regular TFTP management for configuration files to store revisions
- Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
- Experience working with cisco IOS-XR on the on the ASR9000 devices for MPLS deployments
- Created Monitoring requirements around security (SNMP, syslog) for ASR1k, WLC, AP and NCS Etc.
- Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO
- Installed and Trouble shoot Cisco call Manager 7.0 and 8.2.
- Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
Confidential, Princeton, NJ
Sr. Network Engineer
- Responsible for designing architected implementation of customer’s network and Security infrastructure.
- Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre configuration of network equipment, testing, and maintenance) in both Campus and Branch networks
- Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
- Experience working with Nexus 7010, 5020, 2148, 2248 devices
- Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
- Implementation of HSRP, IPsec, Static Route, IPSEC over GRE, Dynamic routing, DHCP, DNS, FTP.TFTP, RAS
- Administered network workstations using TCP/IP protocols in UNIX-based operating system
- Configured RIP, OSPF and Static routing on Juniper M and MX series Routers
- Experience configuring VPC, VDC and ISSU Software upgrades on Cisco Nexus 7010
- Experience in Configuring, upgrading and verifying the NX-OS operation system
- Worked on Cisco Routers, Active/Passive Hubs, Switches, Cisco PIX Firewall, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall
- Deploying, configuring, maintaining and troubleshooting the vast majority of Palo Alto Networks-based network security implementations and Sourcefire firewalls
- Responsible for Cisco ASA firewall administration across our global networks
- Support customer with the configuration and maintenance of PIX and ASA firewall systems
- Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
- Configuring IPSEC VPN on SRX series firewalls
- Served as part of a team that rolled out Citrix Thin Client solutions to over 3000 users which then followed the imaging of all workstations to work with the Citrix solution.
- Provided complete L3 support for VMware virtual infrastructures.
- Monitor DHCP requests and 802.1x requests using ForeScout CounterACT
- Using ForeScout CounterACT pooling Switches, VPN Concentrators, Aps and Controllers for list of devices that are connected
- Experience with configuring OTV between the data centers as a layer 2 extension.
- Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
- IPv6 Conformance: Implementing Changes to Network Stack(Host side) to make sure that our Network Stack is IPv6 compliant. As a part of this project bugs reported by ANVL (Automated Network Validation Library) IPv6 Conformance Test Suites were fixed. Mainly did changes to
- ICMPv6, NDP (Neighbor Discovery Protocol), DAD (Duplicate Address Detection), Stateless Auto configuration modules of Ipv6 Stack.
- Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
- Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
- Works with largest partner accounts and those with a high strategic value or high risk to HPE Aruba
- Hands-on-experience on VMware Networking concepts like creation of VSwitches, DVSwitches and different types of Port Groups
- Involved in scripting the IRules using TCL (Tool command language) and PERL for HTTP redirection
- Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
- Other responsibilities included documentation and supporting other teams
- Experience working with BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic
- Involved in Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing and LAN security.
- Use and maintain routing protocols EIGRP, OSPF and BGP on the Routers in the network & also worked on BGP Route Reflectors, Confederations
- Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
- Worked on Cisco Firewalls - PIX 500 series - ASA 5500 series - Router/Switch Blades
- Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
- Experience with convert PIX rules over to the Cisco ASA solution.
- Ability to plan independently and execute product testing with quality (White box, Black box testing, Scalability, performance, solution and system testing)
- Applies test expertise and experience to craft & execute test plans, conduct negative/exception tests, verification, performance and regression testing of RIA, HTML, AJAX, Mobile Web client, integration services, enablers & platforms
- Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
- Implemented HSRP on the Cisco 2948G Layer 3 switches and EIGRP, OSPF on 2 Cisco 2610routers, the Layer 3 switch, 3 Cisco 350XL Switches, Cisco 3524XL switches for load balancing and fail over.
- Successfully executed P2V Project involving virtual environment of over 50 physical machines; it solved space and power capacity constraint at Data Centre
- Configuring ASA Firewall and accept/reject rules for network traffic.
- Extensive knowledge and troubleshooting in data communication protocols and standards including TCP/IP, UDP, IEEE 802.3, Token Ring, Cable Modem, PPPOE, ADSL, Multilayer Switching, DoD standards.
- Provided Network Support in the designing and implementation of Point to Point over T1s Frame Relay, DSL over ATM and IP over Frame Relay and Gigabit Ethernet.
- Designing and testing plans to meet those requirements.
- Managing network growth and development.
- Manages servers and network resources including network applications for the purpose of delivering services in compliance with established guidelines and/or objectives.
Confidential, Owings Mills, MD
Sr. Network Support Engineer
- Configured and deploying Cisco catalyst 6506, 4948E, 4510 switches and Cisco 3660, 3845, and 7609 series Routers.
- Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
- Experience in migration of VLANS.
- Involved in the troubleshooting aspects of complex network infrastructure using the routing protocols like EIGRP, OSPF & BGP.
- Worked extensively on Juniper MX Series Routers and EX series Switches.
- Implementation of Access Lists for allowing/blocking desired traffic.
- Configuring VLANs/routing/NATing with the firewalls as per the network design.
- Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification.
- Configuration and maintenance of PIX and ASA firewall systems.
- Good knowledge in systems integration, software hardware emulation experience.
- Worked on change management documentation of Network infrastructure design using Microsoft Visio.
- Perform setup of test scenarios, both hardware and software components, and perform troubleshooting.
- Experience working in Datacenter environment, configuration changes as per the needs of company.
- Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls
- Configured and performed troubleshooting on link state protocols like OSPF in single area and multiple areas.
- Installation, configuration, maintenance and support of Checkpoint firewalls, Palo Alto firewalls, VPNs, Website Filtering devices, Forescout NAC, Remote Access and Intrusion Detection/Prevention systems
- Configure and support Private BGP Peering with transit providers.
- Configure iBGP and eBGP peering between L3 routers and core routers
- Configuring, implementing and troubleshooting VLAN’s, VTP, STP, Trunking, Ether channels.
- Designing, implementing LAN/WAN configurations on Cisco 5K, catalyst 6500 switches.
- Installing, configuring Cisco Catalyst switches 6500, 4948, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
- Experience in configuring, upgrading and verifying the NX-OS operation system.
- Troubleshoot issues with network connectivity and issues related to neighbor relationship and peers
- Experience working with Nexus 7010, 5020, 2148, 2248 switches.
- Experience configuring Virtual Device Context in Nexus 7k series switch.
- Strong knowledge on networking concepts like TCP/IP, Routing and Switching.
- Designed, configured, implemented site-site VPN on cisco ASA 5500 firewall.
- Implemented, configured redundancy protocols HSRP, VRRP, GLBP for Default Gateway Redundancy.
- Worked in projects converting P2P circuits into MPLS circuits, commissioning and decommissioning of the MPLS circuits for branch offices.
- Configuring and resolving various OSPF issues in an OSPF multi area environment,
- Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
- Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
- Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP.
- Performing network monitoring, providing analysis using various tools like Wire Shark, Solar winds etc.
- Operating System and Software. Windows XP/Vista, Windows 2007, Windows server (2003, 2008), Microsoft office suite, Microsoft Visio, Microsoft Azure, VMware ESX 4.1, VMware VSphere client, Linux, Ubuntu.
Confidential, Littleton, CO
- Installed and configured Cisco 7200 series router and Cisco 2950, 4500, 6500 Series switches.
- Configured network using routing protocols such as RIP, OSPF, and BGP and troubleshooting L2/L3 issues.
- Worked on multiple projects related to Branch networks, Campus networks, extranet clients and Data Center Environments involving in data center migrations from one data center to another.
- Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
- Created data migration strategies to help with completion of migration of data center from one point to another.
- Configuration of Cisco 6500 (sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access.
- Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
- Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
- Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
- Time to time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HRSRP, EIGRP in unequal cost load balancing to build resilient network.
- Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
- Key contribution includes troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, & BGP.
- Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
- Configuring ACL to allow only authorized users to access the servers.
- Participated in on call support in troubleshooting the configuration and installation issues.
- Installation, maintenance, troubleshooting local and Wide Areas Network (ISDN, Frame relay, DDR, NAT, DHCP, TCP/IP).
- Responsible for designing and implementation of customer network infrastructure
- Negotiate hardware and software circuit contracts.
- Configured and troubleshoot OSPF and EIGRP.
- Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
- WAN Infrastructure running OSPF & BGP as core routing protocol.
- Support various routers like 2600/3600/7200 series routers.
- Tested authentication in OSPF and BGP.
- Responsible for Configuring SITE TO SITE VPN on VPN Concentrators series between Head office and Branch office
- Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
- Configured Firewall logging, DMZs& related security policies& monitoring
- Worked on Cisco Layer 2 switches (spanning tree, VLAN).
- Hands on experience working with security issue like applying ACL’s, configuring NAT and VPN
- Responsible for Internal and external accounts and, managing LAN/WAN and checking for security
- Network Migrations
- Configuring Cisco and Juniper devices (Router & Switches)
- Dynamic routing protocol configuration (RIP, RIP V2).
- Troubleshooting network problems.
- NAT and IPSec configuration on Cisco Routers.