SUMMARY:

• Overall 8 years of professional experience in Network engineering with Cisco Certified Network Engineer, performing Network analysis, design, Implementing, capacity planning with a focus on performance tuning and support of large Networks. Strong knowledge in Cisco Routing, Switching and Security with Cisco hardware/software (heavy Cisco shop) experience.
• Experience in configuring Virtual Local Area Network (VLAN), spanning tree protocol (STP), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Per VLAN spanning Tree (PVST) and 802.1x authentication in access layer switches.
• Implemented MPLS/VPN services for various customers.
• Experience in Layer 3 Routing Protocol configurations: RIP, OSPF, BGP, EIGRP and MPLS.
• Experience in Layer 2 routing Protocol Configurations: ARP, RARP, ATM/FRAME RELAY and VPN technologies: IP Sec & SSL.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Experience working on Cisco Catalyst Series3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000 and 7000 series switches.
• Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
• Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 9k, 7K, 5K, 2Kseries, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Experience with Troubleshooting tools for example protocol analyzers, load generators & network traces.
• Experience with design and implementation of Virtual Switching System (VSS).
• Experience in troubleshooting NAT configurations, Access-Lists (ACL), and DNS/DHCP related issues within the LAN network.
• Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Good domain knowledge in Linux source code 2.6x & Shell and python scripting.
• Strong Working knowledge of Cisco and Juniper software (IOS/XR and JunOS) and hardware.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Exhibit superior talents in supervising wireless migration of more than 40 sites with multiple WLAN controllers and APs
• Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
• Design, implement and manage security tools and systems such as IDS, IPS, VPN, WAF, DLP, AV, Cisco AMP, SEIM, Vulnerability.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for Cisco ASA.
• Installed, configured and administered Cisco ASA firewall and other Cisco technologies.
• Experience in configuring, deploying and deployment of Cisco Security Manager (CSM) for management of Cisco ASA Firewall series.
• I Upgraded Cisco ASA 5505S to 5525X with Firepower.
• Installed, Configured and currently maintaining Check Point Firewalls (R76 Gaia, R75.40, R75 and R70) in a Distributed Deployment and High Availability Redundancy Scenario
• Implementation and administration of Check Point Firewalls & network Management.
• Experience in Checkpoint Firewalls and VPN, Checkpoint IDS-IPS, McAfee Antivirus Endpoint Protection Solution.
• Experience with deployment of Palo Alto firewalls for different NAT, video conferencing traffic. Performing administrative tasks with Palo Alto Networks (Panorama) including Security, NAT policy.
• Configured and maintained Palo Alto Network firewalls.
• Experience in configuration of Juniper security appliances SRX 220, SRX 240, SRX 550, NS 50, SSG 550M, SSG 520M.
• Extensive working experience in AAA protocols such as RADIUS, TACACS+ and Cisco ACS.
• Experience on Monitoring and Management tools such as HP Open view, Splunk, TCP dump, Solar Winds and Wireshark/Ethereal, Cisco Prime, Net Flow, Net scot, Sniffer, Riverbed.
• Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.
• Design, installation and implementation of Cisco ISE projects .
• Experience working on Cloud Computing Virtualization using VM ware ESXi 4.0 and Windows Hyper-V.
• Experience with 802.11x wireless technology.
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Worked on several load balancers such as F5, A10 and Cisco ACE .
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Provide design, configuration and support of VMware NSX proof of concept project.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
• Specialize in VoIP traffic analysis and designing VoIP networks for small MSPs.
• Experience in implementing Cisco VoIP using CUCM.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), CSR/ASR, IOS-XR

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Access: lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510), Checkpoint, Cisco ASA, Palo Alto

Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

IKE, IPSEC, SSL: VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

KEY ACCOMPLISHMENTS: Cisco Certified Network Associate (CCNA)

PROFESSIONAL EXPERIENCE:

Sr Network Engineer

Confidential, Fort Lauderdale, FL

• Worked as a part of a team to manage Enterprise Network Infrastructure as a Tier 3 Network Engineer.
• Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 3925E and 2951E Routers and Cisco 6500, 4510, 3560X, 3750X and 2950T Switches for deployment on production network.
• Worked on migrating the Cisco ACS TO Cisco ISE. And Successfully implemented Cisco ISE for wireless security across our company network.
• Worked on configuring the TACACS for cisco catalyst switches and routers and Cisco ASA FW and juniper SRX/SSG and nexus 2k/3k/5k/7k/9k and brocade switches.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on Cisco ISE.
• Configured Cisco ISE for Domain Integration and Active Directory Integration.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, Routers and Brocade switches and Cisco ASA /Juniper SRX/ SSG Firewalls.
• Configured wireless security by implementing Cisco ISE and Aruba Clear Pass at the data center
• Apply Cisco ISE configuration to switches. worked on implementation strategies for the expansion of the MPLS VPN networks.
• Worked on the migration of Frame Relay based branches to MPLS based VPN for customer's WAN infrastructure.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and working with BGPWAN towards customer.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s stages.
• Experience on migration of Firewalls from Juniper SSG 50000 to Juniper SRX 300/320/1500 FW.
• Configured and set up of Juniper SRX firewalls for policy mgmt. and Juniper SSL VPN's.
• Worked on troubleshooting the Junipe r SRX/ SSG/ISG and Cisco ASA FW and Nexus 5k/7k/9k switches and Brocade switches and Cisco routers and BGP& MPLS.
• I was responsible for upgrading IOS for Cisco Catalyst switches and replacement catalyst 60000 series switch cisco 9000 switches.
• Worked on Python automation of Vulnerability Management Tasks .
• Implemented changes and upgrades to network equipment and perform quality assurance reviews of those upgrades. Reviewed all changes to network configuration for technical accuracy and impact.
• Working experience performing Incident, change management using ticketing tools such as ServiceNow, Remedy.
• Performing network monitoring, providing analysis using various tools like SolarWinds, PRTG etc.

Sr Network Engineer

Confidential, New Port beach, CA

• Performed network engineering, design, planning (WAN & LAN) & implementation. Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 3945, 3845, 2800, 3600) and Switches to perform functions at the Access, Distribution, and Core layers.
• Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 7750,7950, 3925E and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production.
• Responsibilities include software upgrade, license activation, configuring/installing new GSR router 7000,12000, Nexus switch 9000, 5000,3000, 9504, 9300, 3200, 2308, F5-5050 and maintaining network documentation.
• Troubleshooting Layer 2 issues, Spanning Tree protocol, RSTP, MST, VTP, VLAN on Cisco - 6500 series switches.
• Configure and installation Cisco prime infrastructure to deploy IWAN.
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between Switches.
• Worked in the Datacenters and performed tasks such as Racking, stacking, device testing, faulty management various network devices.
• Experience installing and administering firewall and IDS/IPS systems in enterprise networks including in Datacenter.
• Design and Implement Catalyst/ASA Firewall Service Module for various LAN’s.
• Cisco ASA 5585 Firepower hardware module installation and configuration.
• Setup high availability Cisco ASA pair with Firepower.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Configuring, Monitoring and Troubleshooting Cisco ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design .
• Experience in Adding Rules and Monitoring Checkpoint Firewall traffic through smart dashboard and smart view Tracker applications.
• Checkpoint Firewall Deployment, Upgrade and Administration.
• Experienced on working with Checkpoint firewalls R75/R77 such as installing/deleting and troubleshooting the networks.
• Designed security policies on Palo Alto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
• Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
• Troubleshooting of protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Network-wide implementation of F5 Traffic steering nodes with TCP acceleration,
• Created Virtual Servers on F5 Load balancer.
• Hands on Experience configuring and testing F5 I Rules using Browser(IE), HTTP watch.
• Writing i-Rules and i-Apps on the F5 load Balancer and Renewing the Certificates.
• Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual servers.
• Creation of ASM policies (Application security) on F5 Virtual servers.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
• Deployment of enterprise firewalls (Palo Alto Networks, Cisco ASA, Check Point) in production environments.
• Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS AAA (TACACS+ & RADIUS).
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Coordinating with Vendors for creating and modifying firewall and NAT rules and Maintaining Site to Site and SSL VPN.
• Managed Cisco PIX firewall for ACL and VPN. Also worked with the physical server migration to AWS data center.
• Involved in designing and implementation of AWS network and connectivity b/w physical and AWS DC.
• Worked with Automation script with Python module like Chef & Ansible.
• Developed and implemented a web crawler program in Python that gathers data from social networking site.
• Network Address Translation (NAT) and Smart Dashboard Configurations.
• Blocking Websites with Content Filtering and Layer 7 Firewall Rules.
• Improve scalability and ease of deployments of the Open stack underlay network by migrating from Standalone Nexus to Cisco ACI platform.
• Focused on working with Cisco Channel partners to build practices around Cisco ACI .
• Implemented Cisco Application Centric Infrastructure (Cisco ACI) as a solution for data centers using a Spine and Leaf architecture
• Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS).
• Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.
• Experience on dealing with Cisco ISE Secure Network Server 3515 and other network security products .
• Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VMware.
• Performed site refreshes on Cisco switching and Aruba wireless infrastructure.
• Manage Cisco VOIP Networks using Cisco Unified Call Manager (Version 11.x,10.x,9.x,8.x), Cisco Telepresence, Voice Gateways, UCCX .
• Troubleshoot and resolved many VOIP related issues.
• Experience with Virtualization technologies like installing, configuring, VMWare vSphere. Creation, management, administration and maintenance of virtual servers and clients.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• LAN Cabling in compliance of CAT6 standards infrastructure like Racking and Stacking.
• Experienced with configuration, upgrading and monitoring of Cisco Wifi.
• Designed and installed Aruba Wifi network to supply wireless connectivity to both employees and guests using segregated VLANs.
• Worked with Host Master for shared web hosting and managed Web Application firewall (WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark.
• Vulnerability assessment and penetration testing by using various tools like HP Web inspect and IBM Appsca.
• Configured network services equipment Riverbed accelerators in compliance with security policy.
• Experience in white listing webpages and blocking webpages with Blue Coat Proxy SG and Blue Coat reporter.
• Infoblox to provide DNS, DHCP, IPAM, administration services.

Sr. Network Engineer

Confidential, WI

• Configure, maintain and upgrade of data center infrastructure, Nexus 7k, 6k, 5k, 2k, and UCS, employing VDC, VPC, VRF, and fabric-path technologies.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Experience working with High performance data center switch like nexus 9000, 7000 series.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Experience with configuring Cisco 6500 VSS in Distribution layer of the Data center network.
• Upgraded Showtime content network with Arista switches.
• Configuration and implementation of Arista 7504 & 7280 in Spine-leaf architecture.
• Configured HSRP and VLAN trunking 802.1Q, VLAN routing on catalyst 6500 switches.
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240 and Juniper J series j230, M 320 and MX960 routers. Worked on Juniper EX4200 & EX4550 switches.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 daily, using SPACE as well as CLI when needed.
• Implemented cluster and configuration of SRX-100 & 110 Juniper firewalls.
• Worked with Juniper SRX-240,550,650 series firewalls.
• Implemented cluster and configuration of SRX-100 & 110 Juniper firewalls.
• Network security involves web filtering on internet sites (User's restriction) using Palo Alto and checkpoint Firewalls.
• Successfully Design and installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.
• Experience with working on Palo Alto Next-Generation firewalls security profiles.
• Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewall using Panorama.
• Experience on Panorama firewall management tool which provides centralized monitoring and management of multiple Palo Alto devices from single window.
• Installing and Configuring Palo Alto Pa-500 series and Pa-2000 series firewalls using Panorama.
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM.
• Managed the ongoing configuration of F5, tuning and troubleshooting, deployed the virtual servers for newly implemented applications and services, and writing custom iRules and health monitor scripts.
• Completed basic configurations on the F5 Big-IP LTMs and GTM load balancer on existing network to split traffic on web-servers.
• Worked with Blue Coa t and handled the Trouble Tickets on F5 Load Balancer.
• Worked on F5 LTM series like 1600, 6400 and Viprions for the corporate applications and their availability.
• Experience with Using GTM, APM & LTM F5 component to provide 24"7 access to applications.
• Responsible for configuration of A10 load balancer.
• Creating, configuring and Troubleshooting VIP's for (EBL & EFL Extranet networks) on F5/A10 networks.
• Configured and troubleshooting Aruba Wireless products like Access Points and Mobility Access .
• Hands on experience in Aruba S2500 switches, Aruba 7200, 3600 series wireless controllers .
• Migrated from Cisco 3650 switches to Aruba 3810 series switches .
• Configured and Created wireless sites using the Cisco Meraki System dashboard.
• Design Cisco, Meraki, and Aruba WLAN/WiFi infrastructures for SD-WAN.
• Installed Solar Winds Network Performance Monitor with traffic analysis, application & virtualization management, configuration management.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems.
• Perform root cause analysis on the problems coming across Project execution.
• Maintained a BGP/MPLS infrastructure.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
• Experience in working and designing configurations for vPC, vPC domian, vpc peer-gateway, vPC peer-switch, auto-discovery, and vPC single sided, vPC double sided, NX-OS, VFR, Otv, fabric path.
• Implemented and troubleshot Cisco Call Manager.
• Debugged, Configured, and Tested Routers at Access Points and WLAN Stations
• Cisco CUCM Management and Support.
• Configured and managed one Wireless VoIP Test environment using Cisco Call Manager, Cisco 7920 Wireless Phones and VoIP software for Laptop.
• Design and implementation of GET VPN architecture used for multicast and unicast communication on an existing IP VPN.
• WAN Pilot project to convert branch from dual T1 circuits to iWAN only broadband circuit. To Enable Internet WAN connectivity for the Lab in Hauppauge. Test and turn-up IWAN link and disable the 2 existing T1 circuits, running branch on IWAN only. After testing was completed site will be placed back on either dual TDM circuits or TDM with IWAN backup circuit.
• Involved in configuring IP Quality of service (QoS)
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
• Experience with deploying the Layer 3 MPLS VPN in all the Branches and Campus locations.
• Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
• Implemented LAN, WLAN environments, including configuration development based on router designs
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX
• Security appliance, Failover, DMZ zoning, &Configuring VLANs/routing/NATing with the firewalls as per the design.
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works).
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
• Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multi-Layer Switching.
• Worked on Riverbed devices for WAN bandwidth Optimization in the data centers for the sensitive.
• Conduct network Vulnerability Assessments using tools to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures.
• Security Engineer (Penetration Testing/Vulnerability).
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO.

Network Security Engineer

Confidential, Seattle, WA

• Worked on Extensively on Cisco Firewalls, Cisco (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Configured and maintained IPSEC VPN tunnels on Cisco ASA Firewalls.
• Experience in upgrading IOS on Cisco ASA 5500 devices.
• Worked with Cisco ASA 5500-X with Firepower services, Firepower 4100.
• Worked on Cisco Firepower on URL filtering and Advance malware protection with the help of Firesight management .
• Creation of Firewall policies as per the requirements on Cisco ASA Firewalls.
• Configured and maintained IPSEC VPN tunnels on Cisco ASA Firewalls.
• Maintain and track the status of device supplied to the client.
• Tracking and installation of requirements & development by working with client and related teams to implement changes.
• Experienced with Checkpoint VPN rules over Cisco ASA VPN. Which filters traffic by inspecting the application layer.
• Configuring VPN, clustering and ISP redundancy in Checkpoint firewall.
• Worked on Checkpoint Platform including Provider Smart Domain Manager.
• Worked on configuring, managing and supporting Checkpoint Gateways.
• Implementation configuration and troubleshooting of Checkpoint Firewall R 77.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Installed controller and light weight access point coordination with JTAC.
• Implemented site to site VPN in Juniper SRX as per customer.
• Implemented cluster and configuration of SRX-100 Juniper firewall.
• Implementing and maintaining WAN/LAN and WLAN networks in different diagrams
• Involved in troubleshooting L3VPN issues and updating Junos images, UTM Anti-virus and IDP.
• Monitor performance of network appliances and WAN utilizing using network analyzer like Wireshark.
• Performing onsite data center support including monitoring electrical power, switch alarms, network alerts and access logs.
• Optimizing and monitoring the performance of a WLAN, LAN, WAN and user's segments
• Managing intrusion detection system (IDS) and intrusion prevention system such as NSM, Tipping point.
• Upgraded code on Palo Alto firewalls to meet company security policy.
• Configured High availability, User ID on Palo Alto firewall.
• Implemented many number of security policy rules and NAT policy rules on Palo Alto, created Zones, Palo Alto Firewall interface, Palo Alto IDS and VLAN.
• Experience in Deploying and decommissioning Cisco switches, Cisco Meraki Products and their respective software upgrades.
• Implemented site to site VPN on Cisco Meraki MX64, MX65, MC84, and MX400.
• Worked with Enterprise Intrusion Detection / IPS (Snort, Source fire, Juniper IDP, IBM ISS).
• Monitor Intrusion Detection Systems ( IDS ) console for active alerts and determine priority of response .
• WLAN integration of all hotspot access points with wired central LAN infrastructure by using bridged backhaul point to point, point to multi-point and mesh type wireless network topology.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.

Network Engineer

Confidential

• Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration.
• Performed network engineering, design, planning (WAN & LAN) & implementation. Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Configured VLANs on a switch for inter-VLAN communication. Configured VLAN Trucking Protocol (VTP) on Core Switches. Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches for STP, VTP Domain, VLAN, Trucking, Fast Ether Channel configuration.
• Maintain connectivity for approximately 300 switches and routers in a 500+ node network.
• Experience with configuring FCOE using Cisco Nexus 5548.
• Involved in configuring IP Quality of service (QoS).
• Troubleshooting all network problems involving LAN, WAN, BGP, EIGRP, MPLS/VPN, VRF - VPN Routing and Forwarding Instance, SIP Trunking, Internet ISP, Multi homed - BGP with Level-3 Datacenters.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Hands-on experience on Checkpoint Firewall R77, Palo Alto and Cisco ASA 5520 firewalls.
• Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Completed basic configurations on the F5 Big-IP LTMs and GTM load balancer on existing network to split traffic on web-servers.
• Have experience with Cisco Works LAN Management Solution.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Implemented Virtual chassis of EX series Juniper switches as per client requirement.
• Experience with designing and deployment of MPLS Traffic Engineering.
• Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.