- 6 years of experience in the industry, this includes expertise in the areas of Routing, Switching F5 Load balancing and Firewalls.
- Good understanding of networking concepts such as routing protocols, VLANs, IP address management, and network security.
- Strong hands on experience on PIX Firewalls, Palo alto, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
- Experience working on Juniper, Extreme, CISCO, and HP networks in an enterprise environment.
- Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Router and Cisco 2900, 3500, 4500, 5500, 6500 series switches.
- Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
- Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70, R75, R77 and Cisco ASA.
- Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and OTV and successfully implemented VSS on the Cisco catalyst switches.
- Expertise in Migration of Firewalls from Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo alto and Vice Versa.
- Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies on Juniper SSG320 and SSG140 Firewalls.
- Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA - 200 firewalls.
- Perform Palo Alto network firewall design, integration & implementation for Cyber Trap client networks.
- Experience with convert Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Palo Alto and Cisco ASA VPN experience
- Experience in maintain two Data Center operations including configuring Nexus 9K, 7K, catalyst 2000, 3000 series switches, and ISR/ASR routers.
- Monitor SIEM and IDS/IPS feeds to identify possible enterprise threats. Actively investigate, respond to and remediate security incidents.
- Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
- Onsite/Offsite SME for IP/MPLS, SDH/DWDM capacity planning solutions delivered in various projects and assist client Design and planning teams with capacity planning.
- Manage administration of Juniper Firewall, connecting offices worldwide through VPN tunnels to two HA Juniper SSG520's. The VPN provides 24/7/365 connectivity for corporate needs of all remote offices. including Palo Alto PA200, PA5050, Juniper SRX240, SRX550, and ASA 5500 series.
- Sound knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques.
- Focused on next-gen Data Center architectures, including various fabric approaches such as Cisco DFA, ACI, and SDN.
- Worked on Cisco Routers, Active /Passive Hubs, Switches, Juniper SRX firewall, VP
- Worked extensively with ASR 9K ( ), Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches.
- Extensively worked using AWS services along with wide and in depth understanding of each one of them.
- Highly skilled in deployment, data security and troubleshooting of the applications using AWS services.
- Proficient in AWS services like VPC, EC2, S3, ELB, AutoScalingGroups(ASG), EBS, RDS, IAM, CloudFormation, Route 53, CloudWatch, CloudFront, CloudTrail.
Routers and Switches: Cisco Switches (2900, 2924, 2950, 3550, 5500, 6500, 6509, 6513), Cisco routers (2600, 2800, 3640, 3825, 7200, 7204, 7206, 7600), ASR 9k, Nexus 7k, 5k, 2k
Protocols: RIP, RIP2, PPP, OSPF, EIGRP, IS-IS, BGP, SNMP, HTTP, FTP, TFTP, HTTP, DHCP, SMTP, ICMP
WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines
LAN Technologies: Ethernet, TCP/IP, CDP, STP, RSTP, VTP, VLAN, Trunks, Ethernet channel, MPLS.
AAA Architecture: TACACS+, RADIUS, Cisco ACS.
Firewalls: ASA, PIX, SRX, Watch guard, ASDM, CSM, Checkpoint
Operating Systems: Windows 2000/2003/2008, windows XP/7, LINUX, Red hat, UNIX, Macintosh
Servers: Domain servers, DNS servers, WINS servers, Mail Servers, Proxy Servers, Print Servers, Application servers, FTP Servers
Load balancer: F5 Load Balancer, ACE, LTM & GTM series.
Monitoring Tools: Wireshark, Fiddler, Microsoft Network Monitor, solar winds and some sniffers
Cloud Technologies: Amazon Web Services (AWS)
Testing Tools: IXIA, Spirent
Sr Network Consulting Engineer
Roles & Responsibilities:
- Designed, configured, tested networks using routing protocols such as ISIS, BGP implemented route distributions wherever needed and created templates for testing in the Lab.
- Worked on the IOS-XR and hardware upgrades of Cisco ASR9k and NCS 5508 Routers during production maintenance windows.
- Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
- Configuration and implementation of Juniper and Palo Alto firewalls.
- Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application
- Designed, implemented and maintained scalability test network using Cisco 6509 and ACE load balancer.
- Worked on Migration of Juniper SRX firewalls for isolation of network segments and VPN's, ASR (9k, 901,903)
- Experience with Network Redesign of branch and Campus Networks. This includes changes to both the voice and data environment.
- Worked with distributing loads across multiple carriers (AVPN, MPLS).
- Responsible for everyday tasks related to Juniper SRX Firewalls, Space Changes, and Iron Port Proxy Traffic.
- Implemented Routing protocols like ISIS, BGP and configured MPLS TE on P and PE routers.
- Writing Test configurations templates for Cisco Routers, Switches, and Firewalls.
- Configured Route-Reflectors on the P router on provider’s backbone and troubleshooting BGP issues related to customer route prefixes.
- Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
- Implemented BGP Add path and Multipath for routes coming from different neighbors.
- Configuring SRX devices and troubleshooting them, connecting them with Cisco nexus devices to test connectivity.
- Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall.
- Worked with Traffic Generators like IXIA and Spirent Test Center (STC) for generating traffic for the test scenarios.
- Built and support VRRP / Cluster based HA of Checkpoint firewalls.
- Deploying the policies on firewall using the Checkpoint’s Smart Console Manager and Smart Dashboard.
- Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
- Backup and restore of Check Point and Cisco ASA Firewall policies.
- Responsible for architecting, designing, implementing and supporting of cloud based infrastructure and its solutions. Automating various processes with Python, JSON, Ruby scripts.
- Maintained the monitoring and alerting of production and corporate servers using Cloud Watch service.
- Created EBS volumes for storing application files for use with EC2 instances whenever they are mounted to them.
- Worked on various AWS connectivity modes and Gateways such as Direct Connect, Internet Gateway, NAT Gateway, VPN Gateway to enhance connectivity and efficiency.
- Experienced in creating RDS instances to serve data through servers for responding to requests.
- Created snapshots to take backups of the volumes and also images to store launch configurations of the EC2 instances.
Environment: Cisco 2600, 2800, 3600, 3800, and 7200 game plan routers, Cisco 2950, 3550, 3560, 6509 Catalyst Switches, cisco WLAN, solar winds, f5 load balancing, Nexus, Juniper EX4200, ESW Switch, PIX 525, PIX 515E, VPC, EC2, S3, ELB, AutoScalingGroups(ASG), EBS, RDS, IAM, CloudFormation, Route 53, CloudWatch, CloudFront, CloudTrail, Python, Ruby, JSON.
Confidential, Coraopolis, PA
Roles & Responsibilities:
- RE-IP all sites so that they are all 7000 square feet or less. This is a regulation that needs to be met to comply with an E-911 project.
- Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
- Responsible for installation, troubleshooting of Check Point Firewall and LAN/WAN protocols.
- Managing Data Center and assisting other engineers with troubleshooting from network device, storage, and blade servers.
- Configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000. Experience with configuring Nexus 2000 Fabric Extender (FEX) hitch acts as a remote line card (module) for the Nexus 5000.
- Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy configuring Virtual Device Context in Nexus 9504
- Configuring F5 Load balancer LTMs and GTMs to isolate traffic from the web servers.
- Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
- Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
- Adding and removing checkpoint firewall policies based on the requirements.
- Involved in Configuration of Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity
- Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
- Dealing with Change Requests and making the required customization changes as per the requirement.
- Worked with RFC Service Management and Monitoring System and Remedy IT Service Management.
- Established network latency and configured Traffic Engineering parameters as needed on trunk and access circuits, interfaces, LAGs and ports as needed.
- Responsible for Cisco ASA firewall administration across our global networks.
- Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).
- Scheduled maintenance of Nexus (2248, 5548, and 7010) switches so that there are no Orphan ports in the network, and all Users to be dual homed, so that they have sufficient redundancy.
- Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path
- Configured policy-based routing for BGP for complex network systems
- Responsible for Troubleshoot various network problems, system problems like Core Dump Analysis.
- Infrastructure Development on AWS by employing services such as EC2, RDS, Cloud Front, Cloud Watch, VPC, etc. through CLI/SDK and AWS Console.
Environment: Juniper firewalls 5GT, 208, SSG 5, 140, 550, 550M, NSM, IDS/IPS 6500/3750/ /2950 switches, Juniper (M320, T640), Load adjusting, Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Cisco Prime, EC2, RDS, Cloud Front, Cloud Watch, VPC.
Roles & Responsibilities:
- Maintain critical MPLS infrastructure.
- Management of Cisco ASA firewalls and contexts, rule management, device administration
- Migrated various critical networks to MPLS carrier grade network.
- Manage and maintain two Data Center operations including configuring Nexus 9K, 7K, catalyst 2000, 3000 series switches, and ISR/ASR routers.
- Extensively used traffic generators like IxNetwork(IXIA) and Spirent Test Center(STC).
- Worked with ASA Firewalls upgrades and build configuration for ASA Firewalls for different versions.
- Specific expertise in IP/MPLS based pseudo-wire, Layer-2 (VPLS), Layer-3 (VPRN MP-BGP), BGP, Multicast and Triple-Play networks.
- Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification.
- Working with Cisco Nexus 5000 series switches for data center.
- Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
- Worked on Blue Coat Proxy SG to safeguard web applications (Black listing and White listing of web URL) in extremely untrusted environments such as guest Wi-Fi zones
- Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path.
- Involved in the configuration of the Nexus 2248 Fabric Extender (FEX) module on the Nexus 5000 to connect servers and storage devices.
- Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling
- Worked on Riverbed devices for WAN bandwidth Optimization in the data centers for the sensitive
- Experience Transfer web services from Cisco CSS platform to F5 Big IP LTM platform.
- Maintenance of Cisco ASA 5580 firewall for DCA site, adding new rules or changing existing access lists if necessary.
- Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
- Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
- Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
- Designed different VISIO Diagrams for different DMZ Networks for creating dashboards and for other activates.
- Performed Partner net re-certification for different users and partner net cleanup for any connect users and S2S VPN Tunnels.
Environment: Cisco 3750, 3550, 3560, 2924, 6504, 6505, 6500 series switches and 7206, 2611, 6748, T1 controller, DS3 Lines, Fiber and Ethernet cabling
Roles & Responsibilities:
- Designed and Deployed and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
- Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
- Configured Multiprotocol Label Switching (MPLS) VPN with Open shortest path first protocol (OSPF) on the customer’s site
- Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
- Support customer with the configuration and maintenance of PIX and ASA firewall systems
- Experience with configuring OTV between the data centers as a layer 2 extension.
- Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASR 9k.
- Provided installation and initial user configuration of NEXUS 1K and 9K switches at the Data Center and providing IP addressing and different user session priorities on the switch.
- Responsible for the up-to-date Network health (wired and wireless) including Security, Performance and Reliability.
- Coordinating with Service providers & Clients on various implementations
- Provided testing for network connectivity before and after install/upgrade
- Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
- Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
- Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external.
- Troubleshooting of Cisco 2800, 2900, 3900, 7200, 7600, ASR9000, CRS and GSR 12k Series routers. Managed network IP allocations using QIP and DSDB.
- Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500
- Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
- Configuration and troubleshooting of Cisco ASR 1001, 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
- Develop planning system to analyze impact of fiber cuts on MPLS networks.
Environment: Router 2800,3800, Cisco catalyst switch 3550, 2960. Fiber and Ethernet cabling