SUMMARY:

• 7 years of in experience as network engineer design, deployment, integration, planning, designing, implementing, and troubleshooting the large networks.
• In depth knowledge of TCP/IP fundamentals (switching, routing protocols and firewalls devices), layer 2 & layer 3 switching, LAN/WAN fundamentals, VLAN, routing protocols like OSPF, EIGRP, RIPV1, RIPV2, BGP, IDS/IPS, Frame - relay, VPN, HSRP, MPLS, NAT-PAT, ACL etc.
• Experience in IP multicast, IP addressing, Subnetting VLSM, Route redistribution, Spanning-tree and OSI models.
• Strong knowledge in Cisco routing/switching and security with cisco software experience.
• Configure and administer Cisco ASA firewalls (5585,5550& 5540) and use command line CLI, cisco CSM, ASDM for day-to-day administration.
• Expertise experience with NEXUS models like 7k, 5k, 2k series.
• Worked in WAN technologies like T1/T3, DS3 and Gigabit circuit types.
• Strong hands on experience in installing, configuring and troubleshooting of cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 & 1800 series routers, cisco catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Password recovery, upgrading of IOS of cisco devices.
• Experience with devices Palo Alto network firewalls such as security NAT, threat prevention and URL filtering.
• Extensive knowledge and expertise in routing, switching, firewall management, VPN management, LAN/WAN & BGP concepts.
• Extensive work experience with cisco routers, cisco switches, load balancers and firewalls.
• Experienced in configuring and troubleshooting various routing protocols HSRP, ICMP, PPP, PAP, CHAP and SNMP.
• Implementing security policies using ACL, SDM, IPsec, VPN and AAA security on different series of routers.
• Implementing different switching protocols like VLAN, trunking, inter VLAN routing, STP, RSTP, Ether-channel, FHRP, VTP, ISL/802.1q, port channelling.
• Good understanding of multiple contexts in TACACS, RADIUS, VPN (site to site VPN, remote access VPN), ISE, NAT/PAT, ACL (standard and extended), IDS/IPS IDS, IPS/ source fire ASA-firewall and implemented different failover mechanisms among ASA firewall.
• In depth knowledge with hands on experience on access control lists, LAN/WAN.
• Very strong knowledge TCP/IP based service like DNS, DHCP, HTTP, FTP and OSI model networks and components.
• On hands experience on using network monitoring tools like (solar winds, cisco prime), network packet capture tools like wire-shark network sniffers and packet analyzers.
• Strong hands on analyzers and assessment of network protocols.
• Good knowledge in cisco packet tracer, GNS3 and Python.
• Experience with WINDOWS and LINUX O.S.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 7K,5K,2K series, Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800, 810 series), Cisco catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series).

Networking Concepts: Access-lists, Routing, Switching, subnetting, Designing, CSU/DSU, IP sec, VLAN, VPN, MPLS.

Network Tools: Cisco Packet tracer, GNS3 software tool.

WAN Technologies: Frame relay, ATM, Leased lines and exposure to PPP, DS1, DS3.

LAN Technologies: Ethernet, fast ethernet, Gigabit ethernet and 10 Gigabit ethernet, port-channel, VLANs, VTP, STP, RSTP, 802.1Q.

Security Protocols: IPsec, SSH, IP sec, VPN tunnels, SSL VPNs, Firewalls

Networking Protocols: OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, LACP, MPLS, HSRP.

Networking Tools: Wire-shark.

AAA architecture: TACACS+, RADIUS.

PROFESSIONAL EXPERIENCE:

Confidential, Memphis, TN

Network engineer

Responsibilities:

• Create and test cisco router and switching operations using OSPF routing protocols, ASA firewalls and MPLS switching for stable VPNs.
• Design and configuring of OSPF, BGP on juniper routers and SRX firewalls.
• Implemented IPsec site-to-site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA firewalls 5505.
• Configured IPsec site-to-site VPN connection between cisco VPN 3000 concentrator and cisco 3800.
• Configured protocol handling, object grouping and NAT on ASA firewalls (5505).
• Worked extensively in configuring, monitoring and troubleshooting cisco’s ASA 5500/PIX security appliance, failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls as per the design.
• Configurations of load balancing in F5, SSL/VPN connections, cisco ASA firewalls and related network security measures.
• Experience deploying BIG-IP F5 LTM load balancers for load balancing and traffic management of business application.
• Experience with configuring Nexus 2000 fabric extender (FEX) which act as a remote line card (module) for the Nexus 5000.
• Worked extensively configuring Security over Wireless and Voice over Wireless.
• Based on network requirements defined a detail capability requirements for access equipment, wireless LAN controllers, Access Points and service management platforms.
• Responsible for checkpoint and cisco ASA firewall administration across global networks.
• Creation of firewalls policies as per the requirements on checkpoint, ASA, FWSM and juniper firewalls.
• Working on security devices ASA, juniper, Palo Alto firewalls, routers and switches.
• Configured cisco routers for MPLS VPN connectivity and VRF tables on edge routers for customer usage of the MPLS network.
• Configure/upgrade wireless access points and familiar with cisco wireless controllers.
• Team member of configuration of cisco 7206 router with VPN and configuration of catalyst switches.
• Advanced knowledge in design, installation and configuration of Palo Alto and checkpoint provider environment.
• Experience with convert checkpoint VPN rules over to the cisco ASA solution migration with both checkpoint and cisco ASA VPN experience.

Environment: OSPF, MPLS, VPNs, BGP, SRX firewalls, IPsec, 3DES, AES/AES-256, NAT, ASA firewall, BIG-IP F5 LTM firewalls, Nexus 2000, Nexus 5000, Palo Alto firewalls, checkpoint.

Confidential, Austin, TX

Network Engineer

Responsibilities:

• Technical knowledge on cisco PIX/ASA series, juniper net screen/SRX firewall gateways.
• Implemented site-to-site VPN in juniper SRX as per customer.
• Experience with configuration Nexus 2000 fabric extender (FEX) which act as a remote line card (module) for the Nexus 5000.
• Migration from cisco to Palo Alto firewall and cisco to checkpoint firewall.
• Worked on wireless networking hardware such as cisco wireless LAN controller and AP 1200.
• Worked on implementation strategies for the expansion of the MPLS VPN network.
• Implemented HSRP on the cisco 3550 layer 3 switches and OSPF on 2 cisco 3925 routers, the layer 3 switch, cisco 3524XL switches for failover.
• Working with cisco ASA 5585-X firewalls with firewall rules, IPsec VPN, NAT, active-standby failover, OSPF and any connect VPN technologies.
• Configuration of firewalls 5520 series ASA for business to business connectivity and application of ACL rules for network traffic.
• Design/install/configure Nexus 7K,5K and 2K switches, PAN firewall and net scaler application load balancer.
• Experience with converting PIX rules over to the cisco ASA solution.
• Maintain security policy by monitoring PIX firewalls (515 & 520).
• Established IPsec-VPN tunnels with ASA 5500 series firewall between some branch offices and headquarters.
• Configuring and managing F5 ASM (Application security manager). Develop security policies.
• Designed application mapping and application delivery using F5 BIG-IP LTM.
• Experience in working with designing, installing, troubleshooting of Palo Alto firewalls.
• Implemented site-to-site VPN with IPsec via. GRE ISKAMP.
• Configured IPsec VPN access for client to site remote access.
• Experience with configuring BGP in the data centre and using BGP as a WAN protocol and manipulating BGP attributes.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Migration of existing IPsec VPN tunnels from pre-shared key to certificate authority for purpose of scaling.

Environment: cisco PIX/ASA series, juniper net screen/SRX firewall gateways, VPN, Nexus 5K &2K, Nexus 2000 FEX, Palo Alto firewall, checkpoint firewall, MPLS VPN, cisco 3550 layer 3 switches, OSPF, cisco 3524XL switches, cisco ASA 5585-X firewall, IPsec VPN, NAT, Nexus 7K,5K,2K, switches PAN firewall, ASA 5500 series firewall, F5 BIG-IP LTM, BGP.

Confidential, Lyndhurst, NJ

Network Engineer

Responsibilities:

• Installation and configuration of composite network models consisting of cisco 7600,7200,3800 series routers and cisco 2950,3500,5000,6500 series switches.
• Configured routing protocols such as OSPF, EIGRP and BGP with access control lists implemented as per network design document and followed the change process as per IT policy. It also includes the configuration of the port channel between core switches and server distribution switches.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF and BGP.
• Responsible for day to day management of cisco devices, traffic management and monitoring.
• Experience in HSRP standby troubleshooting and experience in configuring and upgrading of cisco IOS.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured policy-based routing for BGP for complex network systems.
• Configured multiprotocol label switching (MPLS), VPN with routing information protocol (RIP) on the customer’s site.
• Provided application level redundancy and availability by depending F5 load balancers LTM.
• Router Microsoft VPN server to access certain limited network resources from customer locations.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Designing and implementation of (LAN) VLANs, VTP, spanning-tree (STP), trunking (dot1q & ISL) and ether channel.
• Implemented zone-based firewalling and security rules on the Palo Alto firewall.
• Good knowledge in using IPS/IDS devices.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Involved in designing layer 2 VPN services and VPN-IPsec authentication and encryption system.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local preference.
• Configuring and implementing F5 BIG-IP LTM, GTM load balancers to maintain global and local traffic.
• Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route-map, administrative distance for on-demand infrastructure.
• Implemented Hot Stand by protocol (HSRP) by tuning parameters like pre-emption.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired VLAN’s of network.

Environment: cisco 7600/7200/3800 series routers, cisco 2950/3500/5000/6500 series switches, OSPF EIGRP, BGP, ACL, LAN/WAN, HSRP, MPLS, VPN, F5 load balancer LTM, VTP, STP, trunking, Palo Alto firewall, IPS/IDS, VPN-IPsec, F5 BIG-IP, FTP, HTTP, DNS, DHCP.

Confidential, Redmond, WA

Network engineer

Responsibilities:

• Involved in configuring and implementing of composite network models consist of cisco 2900 router and cisco 2960, 3750, 4506 series switches and ASA firewalls devices.
• Experience in configuration of inter-VLAN routing, redistribution, access-lists and dynamic NATs, VLANs, VTP and trunking on switches.
• Extensive experience in configuring and implementing EIGRP, OSPF and BGP.
• Supported core network consisting of cisco 7200 series routers running multi area OSPF.
• Worked on 2600, 3500, 7613 cisco routers and 4500 and 6500 series cisco switches.
• Configured and deployed BIG-IP LTM 6900 for providing application redundancy and load balancing.
• Provide Tier II level load balancer expertise on F5 BIG-IP local traffic manager (LTM). Designing F5 solutions/support for migration work of applications and websites from cisco CSS load balancers to the F5 BIG-IP load balancers.
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
• Built site-to-site IPsec VPNs over frame-relay and MPLS circuits on various models of cisco routers to facilitate adding new business partners to new and existing infrastructures.
• Networking protocols worked with included but not limited to TCP/IP, DNS, DHCP, VPN, routing and remote access, network design, wiring and cabling.
• Configured STP for loop prevention and VTP for inter-VLAN routing.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Worked on security applications like ACL, NAT and PAT.
• Worked on VPN site to site and remote access VPN using ASA 5000 series firewall device.
• Dealt with NAT configuration and it’s troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.
• Experience in configuring, testing and debugging routing protocols like HSRP, VRRP and GLBP.
• Performed IOS upgrades on catalyst 4000, 3550, 2950, 1900 switches and 7200, 7600, 3600,2600,2500 and 1600 routers.
• Implemented ether channel between routers and switches.
• Designed VLAN’s and VTP topology, troubleshooting IP addressing issues and updating IOS images.
• Configured VLANs with 802.1q tagging. Configured ether channels and spanning tree protocols for access, distribution and core layer switching architecture.
• Member of IP addressing scheme distribution and maintenance team.

Environment: cisco 2948/3560/4500/3560/3750/3550/2960/6500 switches and cisco 3640/1200/7200/3845/3600/2800 routers, cisco Nexus 7k/5k/2k, cisco ASA 5510, checkpoint, F5 BIG-IP LTM, GTM, OSPF, EIGRP, RIP, BGP, VLAN, VPN, juniper SRX.

Confidential

Network engineer

Responsibilities:

• Hands on experience on IP addressing and subnetting.
• Experience in designing, implementation and operations of enterprise data networks as network engineer.
• Enterprise switching with VLANs, trunks, spanning tree, RSTP etc.
• Sound knowledge in LAN/WAN setup, installation, configuration and troubleshooting.
• Experience in layer 3 routing protocol configurations: OSPF, BGP, EIGRP.
• Experienced in trouble shooting connectivity issues on cisco-based networks.
• Installed and configured cisco ASA and checkpoint firewall.
• Performed configuration on ASK 9K pairs includes HSRP, bundle ethernet config, assigning DHCP profiles.
• Policy provisioning, access to specific segments of the networks through cisco ISE.
• Configured network access servers and routers for AAA security (RADIUS/TACACS+).
• Responsible for internal and external accounts and managing LAN/WAN and checking for security.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include knowledge and skill of 802.11 a/d/g/n LAN normal for wireless technology.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.

Environment: VLANs, STP, RSTP, LAN/WAN, RIP, OSPF, BGP, EIGRP, ASA and checkpoint firewall, HSRP, cisco ISE, AAA security,