SUMMARY:

• Network Engineer with 8.2 years of experience in the industry, which includes expertise in the areas of Routing, Switching and Firewall.
• Hands on experience working with Data Center Cisco Nexus 9k,7K, 5K & 2K Switches.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP, RIPv1, RIPv2 ability to interpret and resolve complex route table problems.
• In - depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Experience with Cisco Wireless infrastructure planning, deployment and troubleshooting.
• Network Design Engineer/Network Design Engineer - Switching/Routing, Cisco ASA 5500 Firewall, Local Area Networks, Network Standards
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Hands on Experience in Managing Data Center starting from installation to decommission.
• Installation and configuration of Juniper M 120 multi service edge router and also MX 10 and MX40 series routers in datacenter.
• Knowledge of TCP/IP protocol stack, network analysis tools, load balancing technologies, and network services (DNS, DHCP, SNMP, etc).
• Hands on expertise with Cisco Catalyst routers/switches, Cisco Nexus equipment, Infoblox appliances, Cisco wireless, Riverbed/Cascade monitoring, and Solar winds
• Experience with Palo Alto Network Firewall, Cisco ASA and Checkpoint Firewall.
• Provide direct day to day support for various technologies such as: WAN technologies (MPLS, Frame Relay, etc.), Data Center infrastructure (VLANs, trunks, teaming, L2 & L3, etc.), Campus switching, Load Balancer and Virtualization, Routing protocol support (BGP, IEGRP & OSPF), VPN technology support, VoIP communications and infrastructure, enterprise wireless, RADIUS services, enterprise DNS / DHCP and other various enterprise technologies and services.
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them.
• Excellent qualities such as Teamwork, Negotiation, Analysis and Communication.

TECHNICAL SKILLS:

Switching: TCP/IP, VLAN, VTP, STP, HSRP,VPC,VDC,LACP, Inter-vlan routing, Layer 2 switching, Layer 3 Switching

OSPF, IGRP, EIGRP, RIP, MPLS, IS: IS, BGP, Multicasting, Redistribution

Monitoring Tools: Solar winds, CA tools,Nagios etc

Cisco IOS,NX: OS,Windows

Routers: Cisco ASR 100 series, ISR 4400,4500

Switches: Cisco catalyst 6500, 4500, 3560, 4948, 2960, Nexus -7k, 5k,2k.

AAA Architecture: TACACS+, RADIUS, Cisco ISE

F5 BIG: IP LTM, GTM

Ticketing tool: Service now, BMC Remedy

PROFESSIONAL EXPERIENCE:

Confidential, Reston, VA

Network Security Engineer

Responsibilities:

• Configured Object Grouping, Protocol Handling and Code up gradation on Palo Alto Firewalls.
• Implement SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple gateway solutions including integration of PKI certificates. Integrate multiple vendor IPSEC site to site VPNs, including Palo Alto Networks, Cisco ASA, and Juniper SRX firewalls.
• Experience on license installation, filtering based on Applications, Adding Zones on Palo Alto firewall.
• Created Build-Outs of New Safe Zone in Palo Alto Panorama VLANS, VIP, IP.
• Experience in F5 Load balancers for pool migration.
• Experience deploying BIG-IP F5 LTM Load Balancers for load balancing and traffic management of business application.
• Experience with Cisco ACI (Application Centric Integration) technology implementation
• Design, deployment, Troubleshooting, and management of Cisco ASA firewalls using CLI.
• Working in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trucking, STP, Inter-VLAN routing, LAN security
• Configured the Network for NetApp SAN with a VPC Configuration on nexus side.
• Maintained and created scripts in Python that assisted in pulling in the necessary data to meet audit and reporting requirements.
• Establish AWS technical credibility with customers and external parties
• Establishing VPC between Nexus pair and doing a VPC bonding on Nexus ports for increasing bandwidth to servers.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Involved in Configuration and Implementation of Juniper SRX Firewalls across various new Branch sites as a part of tech refresh.
• Experience in configuring VDC, FEX pinning, FEX port-channel, port-channel, peer keep alives on Nexus Devices.
• Worked on Juniper MX-960, MX-480, MX-240, MX-104, MX-80 routers and EX4600, EX4300, EX4200, EX2300, EX2200 Switches
• Configuring and installation of Cisco ASR 920 and 100s series routers.
• Configured HDLC, PPP, TCP/IP, BGP, EIGRP & HSRP.
• Configured TCP/IP addressing scheme to assigned IP blocks and make changes to DNS, DHCP on infoblox appliance.
• Performing network monitoring, providing analysis using various tools like Wireshark, Solar Winds (NCM, NTM, IPAM).
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, MPLS L2VPN, MPLS L3VPN, DMVPN, VPN, STP, HTTPS, NFS, VLAN, QoS.
• Responsible for redesigning, integrating and installing on the existing network, 2 Nexus 7010, 4 Nexus 5548, and Fabric extenders during migration.
• Worked closely with Server and storage teams for network requirements to the equipments during migrations.
• Migrated Data Center from scratch and deployed it co-location facility.
• Implement ASA 5500 series and Palo Alto firewall change request, troubleshoot and add new access-list policies.
• Configured Network for NIC ports in Linux and Windows servers present in Data Center.
• Hands on experience of data center environment also implementation of VPC, VDC and Fabric path on Nexus 7K, 5K, & 2K Switches.
• Configured Network for Server Virtualization through VM ware in Data Center.
• Resolving tickets through Service now which are opened by end users.
• Install and Configure VM Ware ESXi servers to include virtual machines, virtual center servers, VLANs, drives, memory and end user zero clients.
• Implementation and upgrading core and distribution layer including multiple server with Nexus 5K and 7K.
• Configured Network for Dell blade servers in MX7000 chassis through dell force 10mxl switches.
• Hands on Experience working with LAN and WAN topologies, TCP/IP protocol, routers, switches, and firewalls in Internet, Intranet and Extranet environments.
• Installed python 2.7 for network automation
• Track, document and close all requests for assistance using BMC Remedy Force when the end user is satisfied.

Confidential, Lexington, KY

Network Security Engineer

Responsibilities:

• Established BGP peering between onsite datacenter in California and AWS cloud.
• Worked on Network automation using Python
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall.
• Perform Firewall Policy provisioning on Checkpoint using Smart Center, PAN devices using PANAROMA Management Platform and CSM for Cisco ASA's
• Working as a Network SME for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus 9K. Working with Cisco Account team onsite for creating and testing the POC
• Managing & administering Cisco WSA.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices
• Working Experience on web content filter and gateways like Blue Coat, Websense.
• BlueCoat WAF proxy services were redeployed to provide WAF on the guests and contractors network.
• Adding Websites to the URL filtering block list in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
• Created different application policies in the ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Filters & Labels.
• Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Like, 4500-X in VSS mode and 3850 switches for distribution and POE-user switches
• Troubleshooting the Network failure issues and thereby making the changes to Network Infrastructure.
• Worked on maintenance and upgraded Cisco wireless WLC, LWAPP APs
• Troubleshoot issues with Wireless Access points (Cisco 3502) and configure SSID’s on 5520 Wireless LAN Controllers.
• Configuring Node, pool, VIP, SSL client, server profile in F5 LTM 4000 series Bigip and thereby adding firewall rule to bring the end servers live
• Troubleshooting when the servers are down, checking logs to identify the error and thereby taking necessary steps.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues
• Worked with Cisco advance services to implement data center Nexus environment for new Upgraded datacenter for the NX-OS in 7004 in core layer, 6880 in aggregation layer and cisco 6800 in access layer.
• Implemented the Core switch cut over project from Cisco 6509 to Nexus 7004 devices.
• Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 9K/7k/5k devices
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Providing Technical Support and solutions for Network Problems and resolve tickets across sites and corporate offices.
• Involved in periodic IOS upgrades, troubleshooting network outages and high severity incidents.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long-term planning, implementation, project management and operations support as required.
• Creating or Modifying Firewall rules on Cisco 5555, 5520, Juniper SRX and Palo Alto VM-300 devices.
• Upgrading the IOS on Network Devices including cisco 6800, 6500 and Palo Alto VM-300 devices
• Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls.
• Creating templates in panorama to manage the individual devices from it.
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Creating Network objects, dynamic address groups, FQDN and assigning it to rules based on the information in tickets
• Creating custom URL profile based on the expressions and assigning it to rule to perform URL filtering.
• Configuring network interfaces, static routes, and NAT rules in panorama and thereafter pushing to individual Palo Alto devices.
• Performing the software upgrade from version 7 to 8.0.2 on panorama and VM-300 series Palo Alto firewalls.
• Configuration included VLANs & VTP, STP port features, Gateway redundancy using HSRP, enterprise security using Cisco Port Security and Dot1X framework.
• Experienced in up- gradation of Corporate LAN, by upgrading IOS on core switches (6509/6513), replacing/adding supervisor's modules(720/IV), GE and FE modules, GBIC/SFP modules on 4500/4006 switches. Configured STP, HSRP, VRRP. OSPF and BGP routing protocols for internal and external connectivity.

Confidential, Boston, MA

Network Engineer

Responsibilities:

• Install and configure Cisco routers, switches and firewalls of various models. Upgrade codes, IOS, and patches for different network devices.
• Performed TCP/IP networking based administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation and port security
• Configuration & troubleshooting of routing protocols: Static, OSPF and EIGRP and BGP.
• Troubleshooting LAN and WAN problems, Application working slow problems.
• Responsible for all Load Balancing; i.e., F5 LTM/APM ASM/ and other Modules.
• Configuration of 4000 series Cisco Wireless LAN Controllers for access points.
• Planning the placement of wireless access points and maintaining wireless devices to provide seamless connectivity.
• Tracking Mac-address from core switches for port finding for Vlan change
• Configuration of checkpoint rules and policies and pushing them in checkpoint smart dash board.
• Hands on support for Cisco firewall solution including Cisco ASA 5xxx, Cisco AIP, Cisco SSL .
• Configured and Deployed Cisco ACL.
• Configured Security Policies including NAT, PAT, AAA, ACL's Standard Access Lists, Distribute-Lists, Route-Maps, VPN Concentrators, IPS/IDS, (PIX, ASA) firewalls.
• Monitor/maintain network connectivity & traffic using network monitoring tools to ensure optimal performance
• Experience working in datacenter environment, configuration changes as per the needs of company and Implementing and troubleshooting VLAN’s, VTP, STP, Trunking, Ether channels
• Convert Campus WAN links from point to point to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Migrated FW rules from Checkpoint to the Safe Zone in Palo Alto Panorama to enable BGP at cutover. Building the Span tree primary, secondary IP Access.
• Configuration of IP and Routing technologies for various protocols such as EIGRP, OSPF, BGP for MPLS network.
• Expertise in document creation with technical configurations, billing, security standards design and network documentation using MS VISIO.
• Responsible for researching new technology directions and making recommendations for improving the reliability & functionality of LAN & WAN.
• Monitor network performance, trouble shoot using Solar winds
• Management of all technical security equipment, including Cisco ASA, Palo Alto firewall, Cisco Defense Center - IDS/IPS devices.

Confidential, Glendale, AZ

Network Administrator

Responsibilities:

• Experience with migrating from OSPF to BGP WAN Routing protocol.
• Network Redesign for Office/Campus Locations. This includes changes to both the voice and data environment.
• Experience with setting up MPLSLayer3 VPN cloud in data center.
• Experience in communicating with different customers, IT teams in gathering the details for the project.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements.
• Design Voice solutions for business applications and infrastructure technology.
• Configured routers/ firewalls to allow voice and video traffic priority (QoS)
• Administrated policies and NAT rules in Checkpoint firewall.
• Voice network planning, design, and standard configurations.
• Cost benefits analysis of voice network solutions as they apply to business objectives.
• Created detailed VISIO diagrams of Networks, including detailed configuration change management documents.

Confidential

Associate Network Engineer

Responsibilities:

• Configuration of Access List ACL (Std., Ext, Named) to allow users all over the company to access different applications and blocking others.
• Troubleshot problems on a day-to-day basis and documented every issue to share it with design teams.
• Worked with Network Design and implementation teams on various projects across related to Brach, Campus and Data Center.
• Deploying and decommissioning Cisco switches and their respective software upgrades.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Prepare Design documents, VISIO diagrams and Implementation plan for all projects on the Network environment.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Installed, configured and maintain with the latest updates on the 3700, 3800, 7200 and 7600 Cisco Routers and 2960, 3750, 3560, 6500 Switches.
• Configuring all the end ports as access ports using port fast and implementing BPDU guard.
• Monitoring the network, troubleshooting network problems, implementing changes, provided Cisco IOS.
• Upgrades and backups of Cisco router configuration files to a TFTP server.