- Overall 6 years of professional experience in Network engineering with Cisco Certified Network Engineer, performing Network analysis, design, Implementing, capacity planning with a focus on performance tuning and support of large Networks. Strong knowledge in Cisco Routing, Switching and Security with Cisco hardware/software (heavy Cisco shop) experience.
- Experience in configuring Virtual Local Area Network (VLAN), spanning tree protocol (STP), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Per VLAN spanning Tree (PVST) and 802.1x authentication in access layer switches.
- Experience in Layer 3 Routing Protocol configurations: RIP, OSPF, BGP, EIGRP and MPLS.
- Experience in Layer 2 routing Protocol Configurations: ARP, RARP, ATM/FRAME RELAY and VPN technologies: IP Sec & SSL.
- Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
- Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 9k, 7K, 5K, 2Kseries, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
- Experience with Troubleshooting tools for example protocol analyzers, load generators & network traces.
- Experience with design and implementation of Virtual Switching System (VSS).
- Experience in troubleshooting NAT configurations, Access-Lists (ACL), and DNS/DHCP related issues within the LAN network.
- Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
- Good domain knowledge in Linux source code 2.6x & Shell and python scripting.
- Exhibit superior talents in supervising wireless migration of more than 40 sites with multiple WLAN controllers and AP.
- Design, implement and manage security tools and systems such as IDS, IPS, VPN, WAF, DLP, AV, Cisco AMP, SEIM, and Vulnerability.
- Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for Cisco ASA.
- Installed, configured and administered Cisco ASA firewall and other Cisco technologies.
- I Upgraded Cisco ASA 5505S to 5525X with Firepower.
- Installed, Configured and currently maintaining Check Point Firewalls (R76 Gaia, R75.40, R75 and R70) in a Distributed Deployment and High Availability Redundancy Scenario
- Implementation and administration of Check Point Firewalls & network Management.
- Experience in Checkpoint Firewalls and VPN, Checkpoint IDS-IPS, McAfee Antivirus Endpoint Protection Solution.
- Experience with deployment of Palo Alto firewalls for different NAT, video conferencing traffic. Performing administrative tasks with Palo Alto Networks (Panorama) including Security, NAT policy.
- Experience in configuration of Juniper security appliances SRX 220, SRX 240, SRX 550, NS 50, SSG 550M, SSG 520M.
- Extensive working experience in AAA protocols such as RADIUS, TACACS+ and Cisco ACS.
- Experience on Monitoring and Management tools such as HP Open view, Splunk, TCP dump, Solar Winds and Wireshark/Ethereal, Cisco Prime, Net Flow, Net scot, Sniffer, Riverbed.
- Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.
- Design, installation and implementation of Cisco ISE projects.
- Experience working on Cloud Computing Virtualization using VM ware ESXi 4.0 and Windows Hyper-V.
- Experience with 802.11x wireless technology.
- Worked on several load balancers such as F5, A10 and Cisco ACE.
- Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
- Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
Operating Systems: UNIX, Linux, HP-UX, Solaris, and Windows NT/2000/XP.
Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000
Switches: Cisco 3750, 4507, 4510 & 6500 series switches, Nexus 7010, 5548
Routing: MPLS, OSPF, EIGRP, BGP, RIP-2, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing
Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Etherchannels, Transparent Bridging.
Network Security: Cisco (ASA, PIX) 5510, ACL, IPSEC VPN, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS
Load Balancer: F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer
LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.
WAN: Leased lines 128k - 155Mb (PPP / HDLC), Fiber Optic Circuits, Frame RelayISDN, Channelized links (T1/DS3/OC3/OC12), Load Balancing.
Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP,TFTP and FTP Management
Network Management: SNMP, Solar Winds, HP open view, and Wire shark
Other Tools: Remedy, HP Service center, Big Brother, JRMC, JConsole, VisualVM. Wily Introscope, Jmeter, JRockit Mission Control, Bamboo integration, Remedy, CVS, HP Open View, Jira
Confidential, El Segundo, CA
Sr. Network Engineer
- Worked as a part of a team to manage Enterprise Network Infrastructure as a Tier 3 Network Engineer.
- Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 3925E and 2951E Routers and Cisco 6500, 4510, 3560X, 3750X and 2950T Switches for deployment on production network.
- Worked on the Cisco ACS TO Cisco ISE Migration. And Successfully implemented Cisco ISE for wireless security across our company network.
- Worked on configuring the TACACS for cisco catalyst switches and routers and Cisco ASA FW and juniper SRX/SSG and nexus 2k/3k/5k/7k/9k and brocade switches.
- Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on Cisco ISE.
- Configured Cisco ISE for Domain Integration and Active Directory Integration.
- Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, Routers and Brocade switches and Cisco ASA/Juniper SRX/ SSG Firewalls.
- Configured wireless security by implementing Cisco ISE and Aruba Clear Pass at the data center.
- Apply Cisco ISE configuration to switches. worked on implementation strategies for the expansion of the MPLS VPN networks.
- Worked on the migration of Frame Relay based branches to MPLS based VPN for customer's WAN infrastructure.
- Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
- Experience with setting up MPLS Layer 3 VPN cloud in data center and working with BGPWAN towards customer.
- Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s stages.
- Experience on migration of Firewalls from Juniper SSG 50000 to Juniper SRX 300/320/1500 FW.
- Configured and set up of Juniper SRX firewalls for policy mgmt. and Juniper SSL VPN's.
- Worked on troubleshooting the Juniper SRX/ SSG/ISG and Cisco ASA FW and Nexus 5k/7k/9k switches and Brocade switches and Cisco routers and BGP& MPLS.
- I was responsible for upgrading IOS for Cisco Catalyst switches and replacement catalyst 60000 series switch cisco 9000 switches.
- Worked on Python automation of Vulnerability Management Tasks.
- Implemented changes and upgrades to network equipment and perform quality assurance reviews of those upgrades. Reviewed all changes to network configuration for technical accuracy and impact.
- Configured network services equipment Riverbed accelerators in compliance with security policy.
Confidential, Alpharetta, GA
Sr. Network Engineer
- Performed network engineering, design, planning (WAN & LAN) & implementation. Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
- Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 3945, 3845, 2800, 3600) and Switches to perform functions at the Access, Distribution, and Core layers.
- Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 7750,7950, 3925E and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production.
- Responsibilities include software upgrade, license activation, configuring/installing new GSR router 7000,12000, Nexus switch 9000, 5000,3000, 9504, 9300, 3200, 2308, F5-5050 and maintaining network documentation.
- Troubleshooting Layer 2 issues, Spanning Tree protocol, RSTP, MST, VTP, VLAN on Cisco - 6500 series switches.
- Configure and installation Cisco prime infrastructure to deploy IWAN.
- Configured a redundancy for network devices such as Cisco ASA 5555, Cisco C4507 Catalyst L3 and C2960 L2 switches with SNMP monitoring system by SolarWinds Orion.
- Involved in SNMP Network management.
- Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between Switches.
- Worked in the Datacenters and performed tasks such as Racking, stacking, device testing, faulty management various network devices.
- Experience installing and administering firewall and IDS/IPS systems in enterprise networks including in Datacenter.
- Design and Implement Catalyst/ASA Firewall Service Module for various LAN’s.
- Cisco ASA 5585 Firepower hardware module installation and configuration.
- Setup high availability Cisco ASA pair with Firepower.
- Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
- Configuring, Monitoring and Troubleshooting Cisco ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design.
- Experience in Adding Rules and Monitoring Checkpoint Firewall traffic through smart dashboard and smart view Tracker applications.
- Checkpoint Firewall Deployment, Upgrade and Administration.
- Experienced on working with Checkpoint firewalls R75/R77 such as installing/deleting and troubleshooting the networks.
- Designed security policies on Palo Alto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
- Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
- Troubleshooting of protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
- Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
- Network-wide implementation of F5 Traffic steering nodes with TCP acceleration,
- Created Virtual Servers on F5 Load balancer.
- Hands on Experience configuring and testing F5 I Rules using Browser (IE), HTTP watch.
- Writing i-Rules and i-Apps on the F5 load Balancer and Renewing the Certificates.
- Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual servers.
- Creation of ASM policies (Application security) on F5 Virtual servers.
- Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
- Implemented and maintained custom APM I Rules for variable authentications.
- Created Access policies on APM module using AD and LDAP authentication for external clients
- Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc.
- Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS AAA (TACACS+ & RADIUS).
- Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
- Coordinating with Vendors for creating and modifying firewall and NAT rules and Maintaining Site to Site and SSL VPN.
- Involved in designing and implementation of AWS network and connectivity b/w physical and AWS DC.
- Configure a Site-To-Site IPsec VPN to the Amazon AWS VPN Gateway with other vendor security appliances devices.
- Worked with Automation script with Python module like Chef & Ansible.
- Developed and implemented a web crawler program in Python that gathers data from social networking site.
- Blocking Websites with Content Filtering and Layer 7 Firewall Rules.
- Improve scalability and ease of deployments of the Open stack underlay network by migrating from Standalone Nexus to Cisco ACI platform.
- Focused on working with Cisco Channel partners to build practices around Cisco ACI.
- Implemented Cisco Application Centric Infrastructure (Cisco ACI) as a solution for data centers using a Spine and Leaf architecture
- Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS).
- Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.
- Experience on dealing with Cisco ISE Secure Network Server 3515 and other network security products.
- Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VMware.
- Performed site refreshes on Cisco switching and Aruba wireless infrastructure.
- Worked with Splunk Monitoring and Reporting.
- Created and configured management report and dashboards using Splunk.
- Experience with Virtualization technologies like installing, configuring, VMWare vSphere. Creation, management, administration and maintenance of virtual servers and clients.
- Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
- LAN Cabling in compliance of CAT6 standards infrastructure like Racking and Stacking.
- Experienced with configuration, upgrading and monitoring of Cisco Wifi.
- Designed and installed Aruba Wifi network to supply wireless connectivity to both employees and guests using segregated VLANs.
- Implement Cisco Prime Infrastructure and APIC-EM solution for network management and SD-WAN.
- Recently refreshed data center access layer with Nexus 9k's to prepare the infrastructure for future SDN or SD WAN requirements.
- Worked with Host Master for shared web hosting and managed Web Application firewall (WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark.
- Vulnerability assessment and penetration testing by using various tools like HP Web inspect and IBM Appsca.
- Experience in white listing webpages and blocking webpages with Blue Coat Proxy SG and Blue Coat reporter.
- Infoblox to provide DNS, DHCP, IPAM, administration services..
Confidential, San Francisco, CA
Network Security Engineer
- Assisted in troubleshooting LAN connectivity and hardware issues in the network of 500 hosts.
- Performed client requirements to provide solutions for network design, configuration, administration, and security.
- Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
- Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
- Created a backup and recovery policy for software application and verified peripherals are working properly.
- Monitor performance of network and servers to identify potential problems and bottleneck.
- Performed RIP & OSPF routing protocol administration. Support services to reduce the downtime on leased lines.
- Troubleshoot problems day to day basis & provide solutions that would fix the problems within their Network.
- Maintenance and Troubleshooting of connectivity problems using Ping, Traceroute.
- Daily responsibilities included monitoring remote site using network management tools, assisted in design guidance for infrastructure upgrade & help LAN administrator with backbone connection and connectivity issue Other responsibilities included documentation and support other teams
- Designed and Implemented plan for migration from existing Catalyst switches to Nexus and configured NX-OS Virtual Port Channels, Nexus port profiles, Nexus VPC peer links on Nexus 5k and 7k
- Acquitted with Cisco Meraki for Cisco Wireless Devices Monitoring, managing and troubleshooting Cisco Wireless devices using Cisco Meraki.
- Cisco ASA/Checkpoint, Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network.
- Supported and executed migration to F5 BIG-IP LTM/GTM ADC Appliances from Citrix NetScaler
- Maintained BIG IP F5 APM VPN and provided solutions for intricate issues.
- Participated in the installation, configuration, and post-installation routine operational tasks and configuration of the Cisco Nexus Switches.
- Worked with Host Master for shared web hosting and managed Web Application Firewall (WAF), DNS and DHCP management using Infoblox and Analyzed networks using Wireshark
- Worked with Nagios for monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH)
- Provided full visibility and notification of authorized and unauthorized network access with the integration of Cisco ASA and NAC solutions. Performed Load balancing using F5 BIG-IP LTM ADC 6400, Cisco ACE 4710.
- Provided redundancy in a multi-homed Border Gateway Protocol (BGP) network by tunings AS-path
- Designed and implemented VLAN using Cisco switch catalyst 1900, 2900, 5000 & 6000 series.
- Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
- Responsible for Checkpoint, ASA, Palo Alto Firewall management and operations across global networks.
- Analyzed customer application and bandwidth requirements, ordered hardware and circuits and built cost-effective network solutions to accommodate customer requirements and project scope.
- Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits. Configuring, Maintaining the Routers and Switches and Implementation of RIP, EIGRP, OSPF, BGP routing protocols and troubleshooting. Responsible for implementing QoS parameter on switching configuration.
- Involved in Design and Implementation of complex networks related to extranet clients.
- Troubleshooting the N/W Routing protocols (BGP, EIGRP, and OSPF) in Migrations and new client connections.
- Manage operational monitoring of equipment capacity/utilization and evaluate the need for upgrades; develop methods for gathering data needed to monitor hardware, software, and communications network performance
- Worked towards the key areas of the project to meet SLA's and to ensure business continuity. Involved in meetings with engineering teams to prepare the configurations according to the requirement.
- Creating change tickets according to the scheduled network changes and implementing the changes.
- Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
Confidential, Norwalk, CT
- Support for new store rollout, circuit and wan installations
- Configured and supported multiple remote site installations
- IP Address management using IPAM
- Maintain and troubleshoot Hub and spoke frame relay with EIGRP
- Installation & configuration of ISDN BRI/PRI circuits .
- Implement port security on Cisco switches
- Responsible for monitoring & operations of all data network related products and services