SUMMARY:

• Highly dedicated and experienced Network Engineer worked with companies that have global presence and vast environments. Performed multiple roles from operations to Design from legacy to latest technologies. Expert in Routing, Switching, Firewalls, Load balancers, wireless and VOIP.
• Network Engineer & Security Analyst with 5+ years of working experience in Network Infrastructure, Security which includes designing, deployment and providing network support, installation and analysis for a broad range of LAN/ WAN protocols, routing, switching, Firewalls, WLAN, Application Delivery controllers and VOIP.
• Excellent hands on experience in configuring Cisco Nexus 2248T, 2224T, 5548P, 5596T, 7010, 7018, 7710 switches. Also, implemented VDC and VPC on the Nexus 5505, 7010, 7710 switches.
• Configured 7010's with multiple VDC's running EIGRP for route propagation between them. Installed dual router/dual MPLS.Migration experience from Cisco ACS to ISE for Wired and Wireless infrastructure. Expert in 802.1x.
• Hands - on experience in implementing and troubleshooting Switch technologies such as STP, VTP, VSS, MEC, LACP, EtherChannel, HSRP, VRRP, 802.1q, VLAN and MPLS and QOS.
• Experience in configuring, designing and troubleshooting routing protocols that includes OSPF, EIGRP, BGP and IS-IS, route redistribution, policy-based routing. Basic understanding of EVPN, VXLAN, VTEPS, MP-BGP and Spine Leaf Architecture.
• Experience on Cisco 1800, 2600, 3600, 7200 and 7600 routers, Juniper MX and J series.
• Hands-on experience in creating security zones and security policies on branch Juniper SRX 240 and SRX 100 firewalls.
• Experience in design, Deploying & Troubleshooting F5 Load Balancer Includes BIG-IP modules that includes LTM, GTM, APM and ASM. Expert in Virtual servers, Pools, iRules scripting in TCL, profiles, persistence, SNAT, monitors, wideIP’s, zones, listener IP, one arm and two arm architectures on F5.
• Virtualization Experience: VMware Workstation, vCenter server, NSX, VMotion, vSphere, ESXi hypervisor. Experiences in Deploying & Troubleshooting policy management on Web Proxies.
• Experiences dealing with OS upgrading/Patching for various vendors like F5 (TMOS), CISCO (IOS, NX-OS), PANOS, JUNOS, Web sense, Bluecoat and MWG.
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Proficient in implementing Security policies like NAT, PAT & Access lists.
• Hands-on experience in deploying Frame-relay, GRE tunnels, Remote Access VPN and Site-to-Site VPN. Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls. Worked on SSL forward Proxy and SSL decryption on PA.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall. Exposure to wild fire feature of Palo Alto.
• Experience in design, installation, configuration, maintenance, migration and administration of Checkpoint Firewall R55 up to R77. Experience in Policy based filtering using solar, Qradar Firewalls.
• Experience in migrating Cisco ASA Devices to Checkpoint and Palo Alto using migration tool for the existing security policies.
• Implementing security Solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20 Gaia and Provider-1/MDM.
• Expert in configuring and implementing proxy servers and Authorization, Authentication & Accounting (RADIUS, TACACS+) and management by means of Infoblox and Active Directory ADFS Database. Worked on Cisco ISE, ACS and Aruba ClearPass as RADIUS and TACACS Servers.
• Engineered and executed the migration of InfoBlox data into VitalQIP.
• Worked on Cisco and Aruba WLAN. Configured AP groups, AP profiles, SSID’s, Authentication rules, RTLS, RF parameters etc.
• Extensively used the packet capture tools like TCP dump, Wireshark and snoop on the devices to identify the potential network issues.

TECHNICAL SKILLS:

Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP.

Networking Hardware: Cisco Switches, Cisco Routers, F5, PA, Checkpoint, Juniper, Aruba.

Routing Protocols: OSPF, IGRP, EIGRP, MPLS, BGP.

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat.

Network Monitoring: Cisco Works 2000, Wireshark, HRping.

Operating Systems: Windows, LINUX.

Routers: CISCO 2600, 2800,3600,3800,7200, Juniper M & T Series, Cisco CRS-1, CRS -3, GSR.

Load Balancers: F5 Networks (BIG-IP), Netscalers, ACE.

Switches: CISCO 2960, 3750, 3850, 4500,5000,6500, Cat 9300, Nexus 9k,7k,5k,2k

Programming Languages: C, C++, Power Shell, Python.

Simulation Tools: GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence.

Firewalls: Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway, Palo Alto firewalls.

AAA Architecture: TACACS+, RADIUS, Cisco ACS, ISE.

Features & Services: IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics.

PROFESSIONAL EXPERIENCE:

Confidential, Princeton, NJ

Network Engineer

Responsibilities:

• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance, troubleshooting etc.).
• Configured network using routing protocols such as BGP, EIGRP, OSPF and troubleshooting L2/ L3 issues . Configuring Switches with: VLANs, VTP, STP, PORT SECURITY using 802.1X for MAC based and Cert based Authentications for Wireless and Wired users.
• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols. OSPF, IGRP, EIGRP, Static and default route.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700, 3850 series, 6500 series) Cisco Routers (4300, 4400, 4500,4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), and Firewalls, Nexus 7k, 5k & 2k, f5 BIG IP, ASA, Palo Alto Firewalls.
• Worked on HSRP and GLBP for first hop redundancy and load balancing.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls. Experience with F5 load balancers - LTM, series like 6400, 6800, 5000 and 2000.
• Monitoring Traffic and Connections in Palo Alto and ASA Firewall. Backup and restore of Palo Alto and Cisco ASA Firewall policies. Installed, configured and set security policies on Cisco and Palo Alto firewalls, VPN.
• Implemented zone-based firewalling and security rules on the Palo Alto Firewall. Experience with convert Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Palo Alto and Cisco ASA VPN experience.
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Implementation of advanced routing configuration using BGP, EIGRP, and OSPF protocols as well as static routing, policy-based routing, VRFs, access lists, prefix lists, route maps, redistribution, and quality of service.
• Design and configuration of Cisco 5505, 5510 and 5520 ASA devices for firewall and VPN services, design and configuration of Cisco integrated services routers for LAN extension to remote sites.
• Designed, built, and deployed F5 Big IP load balancers (8900’s, Viprions, Blades), F5 Big IP LTM Local Traffic Manager, F5 DNS Domain Name Services and ASM. F5 Big-IP iRules programming and troubleshooting.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• Deploy, configure, and support Aruba wireless controller and AP devices globally, also a direct escalation path for all wireless issues.
• Enterprise and Public Safety Wireless LAN/WAN (802.11, Mesh).
• Worked as a Schema Master and Domain naming master.

Confidential, San Diego, CA

Network Engineer

Responsibilities:

• Hands on experience with Catalyst L3 switches and Cisco Nexus switches: 2232, 2248, 5548, 6001 and 7018.
• Creating and managing domains , preparing disaster recovery strategies, offering technical support to users, upgrading software, and handling user accounts .
• Operated in Administration of L2 technologies like VLANs, VTP, Trunking, RPVST, Inter-VLAN routing, Ether channeling, and Switch port Security on Access Layer switches.
• Hands on experience in configuring VoIP phones using asterisk.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, network devices.
• WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP address.
• Configured and maintained OSPF, EIGRP, RIP and BGP on Cisco routers.
• Creating BGP multi-homed network using BGP attributes like AS-PATH, MED and local-preference as per the environment.
• Aided in redundancy mechanisms for multi homed Border Gateway Protocol (BGP) network by tuning AS-path for various network segments.
• Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x.
• Upgraded the Firmware and Software on WLC 5508 and all Access Points within the building.
• Configuring the 3700 Access point and 5508 Wireless LAN Controller and Monitoring them by adding to the Cisco Prime Infrastructure.
• Manage deployment and testing of code updates for wireless systems, such as WCS, WiSM, and WLC.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Configuring High Availability using Cluster XL in Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
• Possess experience as an architect in deploying and managing security solutions like Cisco ISE and ACS.
• Designed and deployed a Cisco Identity Services Engine (ISE) solution (wired, wireless, and VPN users) for a commercial client with converged access switches and ASA firewalls.
• Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex Connect.
• Maintained TACACS+/RADIUS Servers for AAA authentication and User authentication.
• Provided VPN services to site-to-site and, Remote access VPNs using IPSec tunneling.
• Provided hands-on support for environment including on-call support for switches, routers and servers. Used SolarWinds, Infoblox, DHCP, DNS to troubleshoot issues.
• Implemented VPC (Virtual Port channel), VDC and Fabric path on Nexus 7K Switches.
• Also worked with the physical server migration to AWS data center. Involved in designing and implementation of AWS network and connectivity between physical and AWS DC.
• Worked with the Python 2 & 3 version. Assisted in designing and programming of object-oriented databases with Python and other languages. Worked with Automation script with Python module like Chef & Ansible.
• Managed relational database applications with UI designing services and Python languages. Developed a python script, which will parse all trace files and calculate throughput, latency and drop rate. Developed and implemented a web crawler program in Python that gathers data from social networking site.
• Setting up MPLS Layer 3 VPN cloud in data center.
• Configuring policies on ASM using manual policy enforcement and auto policy enforcement with F5 ASM, LTM, and APM.
• Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.
• Deployed, Managed, monitored and supported Bluecoat Proxy for content filtering, internet access between sites and VPN client users, forward proxy scenario and reverse proxy scenario for security and worked on adding URL’s in Bluecoat Proxy SG’s for URL filtering.
• Design and Install UCP Select for VMWare with Cisco UCS and Cisco Unified Fabric Switching.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.
• Designing, configuring and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border.

Confidential

Network Operations Engineer

Responsibilities:

• Performing troubleshooting on slow network connectivity issues, and Performance on F5 and Cisco ASA Firewalls.
• Deploying and decommissioning Cisco switches/Firewalls and their respective software upgrades.
• Improved troubleshooting skills while working with many network devices such as Cisco, Arista switches, Routers and Checkpoint, Cisco ASA firewalls technologies, system design, implementation and troubleshooting of complex network systems. Troubleshooting of network related issues including routing, switching, and security.
• Worked with other team in solving VPN and FTP connection issues from customer side to access Imprivata resources. Worked on troubleshooting and routing issues related to Arista Switches, Cisco Core Nexus 3k and 5k switches.
• Responsible for the support of the 3M Global switching and wireless environment .
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000.
• Made security policies in F5 Application Security Manager (ASM) and made iRules in Local traffic manager.
• Configuring failover for redundancy purposes for the security devices. Implemented the stateful & serial failover for PIX/ASA firewalls, Clustering and load balancing features. Using Smart Update, User Management and Authentication in Checkpoint Firewall.
• Monitoring Traffic and Connections in Palo Alto and ASA Firewall. Backup and restore of Palo Alto and Cisco ASA Firewall policies. Installed, configured and set security policies on Cisco and Palo Alto firewalls, VPN.
• Implemented zone-based firewalling and security rules on the Palo Alto Firewall. Experience with convert Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Palo Alto and Cisco ASA VPN experience.
• Configuring, administering and troubleshooting the Checkpoint, Palo Alto and ASA Firewall. Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Palo Alto integration with VMware Virtual Desktop infrastructure.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Worked extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches.
• Worked on Riverbed Steelhead appliance on WAN optimization. Worked on Policies and rules to mitigate delay, jitter in the WAN. Traffic captures for analyzing WAN traffic.
• Implementation of advanced routing configuration using BGP, EIGRP, and OSPF protocols as well as static routing, policy-based routing, VRFs, access lists, prefix lists, route maps, redistribution, and quality of service.
• Configuration of Cisco 3750 and 6509 multilayer switches for secure network access using tools such as VLANs and port security.
• Design and configuration of Cisco 5505, 5510 and 5520 ASA devices for firewall and VPN services, design and configuration of Cisco integrated services routers for LAN extension to remote sites.
• Configuring & managing around 500+ Network & Security Devices that includes Firewalls, F5 Big-IP Load balancers and 3DNS, Blue Coat Proxies and Plug Proxies.

Confidential

Responsibilities:

• Responsibilities included taking care of the IP Addressing in the organization which included designing new subnets based on the requirements.
• Involved in implementing & Designing the switched network. Configured STP, VTP and dot.1q in switching network.
• Created VLAN & Inter-VLAN Routing with Multilayer Switching.
• Configured and Maintained TACACS for AAA. LAN Cabling in compliance of CAT5 standards.
• Assisted in Troubleshooting LAN connectivity and hardware issues in the network of 100+ hosts.
• Maintained Redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Performed RIP, OSPF, EIGRP routing protocol administration.
• Learned and tested various BGP parameters like Local Preference, MED, Weight, and replicated customer issues in the Lab environment.
• Involved in monitoring the performance of the network, thereby identifying the bottlenecks in the network, troubleshooting the connectivity problems using Ping, Traceroute, and Telnet.
• Involved in troubleshooting IP addressing issues and Upgrading IOS images using TFTP.