SUMMARY:

• CCNA Certified Professional with 6 years of experience in network design, implementation, troubleshooting, engineering, managing& migration of large - scale enterprise networks.
• Good knowledge of CISCO firewalls, CISCO PIX and ASA 5500 series, Palo Alto Firewalls.
• Hands on experience on the Palo Alto firewall platforms PA-7050, PA-5050, PA-2000 series, PA-200, PA-500.
• Experience in Juniper Firewalls, Cisco ASA, Checkpoint firewalls, Palo Alto Firewalls, SSL VPN, Cisco Nexus Cisco ACS, Cisco ISE, IPS, and Microsoft TMG.
• Completed Firewall migration from Juniper Netscreen to new R77.20 checkpoint firewall.
• Experience in Juniper Firewalls, Cisco ASA, Checkpoint firewalls, Palo Alto Firewalls, SSL VPN, Cisco
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, Token ring, ATM, bridges, routers, hubs and Switches
• Experience in working with Juniper routers such as MX-480, MX-960 and switches EX-4200, EX-4300, EX-8200 and Juniper firewalls such as Juniper SRX-610, SRX-3600
• Experience in Implementing Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75, R77.
• Extensive knowledge in implementing and configuring F5 Big-IP LTM-3900, and 6900 Load balancers
• Experience with Load Balancers for administrating and monitoring global & local traffic using F5 BIG IPLTM & GTM
• Configured Client-to-Site and site to site VPN using SSL Client on Cisco ASA 5520 ver8.2.
• Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Cisco router models like 7200, 3800, 3600, 2800, 2600, and 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, and 2900 series switches.
• Experience in Managing the VMWare virtual environments, networking and security hardware and SAN storage areas for the systems.
• Experience in installing, Maintaining, monitoring, troubleshooting and managing blade center server, configuring and zoning storage area networks and SAN switches and VMware ESX server administration.
• Design and implement an SD-WAN solution for a medium sized company maintain different locations through united states .
• In-depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel.
• Expertise in configuring switching protocols such as ARP, RARP, VTP, PPP, VLAN, STP, RSTP, PVST+, HSRP, GLBP, VRRP and Routing Protocols such as RIP, OSPF, BGP, EIGRP, IS-IS, and MPLS.
• Good Understanding on NAT and Firewall on Aruba Controllers.
• Experience office 365 migrations and hybrid solutions.
• Experience in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Implemented Checkpoint FW Interface, NAT and VLAN using R77 GAIA Smart Dashboard.
• Advanced knowledge, design, installation, configuration, maintenance, migration and administration of Checkpoint R77.

TECHNICAL SKILLS:

Network Configuration:: Advanced switch/router configuration (Cisco IOS access list, Route, redistribution/propagation).

Routing Protocols:: IGRP, EIGRP, OSPF, BGPv4, MP-BGP, SDWAN

WAN Protocols:: HDLC, PPP, MLPPP

Circuit switched WAN:: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).

Packet Switched WAN:: ATM, FRAME RELAY, MPLS VPNs

Security Technologies: Cisco FWSM/PIX/ASDM, Nokia Checkpoint NG, Juniper SRX

Cisco Routers: Cisco GSR 12416, 12418, CRS-1, Cisco 7200vxr, Cisco 3640, Cisco

3600

Redundancy and management:: HSRP, RPR, NSF/NSR

Physical interfaces:: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonnet (POS)

Layer 2 technology:: VLAN, VTP, VMPS, ISL, dot1q, DTP, Spanning-tree, PVST

Layer 3 Switching:: CEF, MLS, Ether Channel

QOS:: CBWFQ, LLQ, WRED, Policing/Shaping.

Switches:: Catalyst 6500, MSFC, MSFC2, 7600, 3700, 3500

Operating Systems:: Microsoft XP/Vista/7, UNIX, Linux (Red hat, OpenSUSE, Fedora)Office365,Windows Servers 2003/2008, Windows MS-Office.

PROFESSIONAL EXPERIENCE:

Confidential, Sacramento, CA

Sr Network Engineer

Responsibilities:•

• Administration of Checkpoint, Palo Alto and Juniper Firewalls at multiple properties
• Responsible for firewall rule set migration from Cisco ASA to newly implemented Palo Alto.
• Responsible for implementing firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto Firewalls. Extensive Packet level debugging and troubleshooting on Palo Alto Fire wall.
• Working with Palo Alto firewalls PA3020, PA5020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Installation of Checkpoint OS R80.10 Gaia on checkpoint appliances 4400 and Smart 1 for testing before upgrading the production firewalls.
• Configuring rules and maintaining Palo Alto firewalls & analysis of firewall logs using various tools.
• Administered and maintained Cisco ASA, Juniper and Checkpoint Firewalls
• Completed Firewall migration from Juniper netscreen to new R77.20 checkpoint firewall.
• Centrally managed all Palo Alto Firewalls using Palo Alto Panorama M - 100 management server.
• Implementing brand new Cisco ASA Firewalls with updated Security Policies.
• Successfully migrated the Cisco legacy environment which consist of 6500, 4500 to Cisco Nexus 7k/5k/2k.
• Security policy review and configuration in Palo Alto and Juniper SRX Firewall across multiple locations and Datacenter.
• Design, implement and deployment of SDWAN infrastructure to provide secure, carrier-independent WAN connectivity across the enterprise.
• Experience with advanced Cisco IP routing and switching technologies, Cisco/Aruba wireless WLC, Firewall, Cisco Nexus support, Network infrastructure design and implementation.
• Configured & managed around 400+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Regular upgrades and maintenance of Infrastructure, Installations, configurations, and maintenance of Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo
• Designed and configured OSPF, BGP on Juniper Routers and SRX Firewalls.
• Working on tools and devices Aruba controllers to assign roles, policies to devices and users.
• Deployed Checkpoint GAIA Firewalls at the Data Centers.
• Migrated Sites from EIGRP to OSPF & Migrated Data Center Backend Firewalls from PIX to the ASA.
• Configured policy statements, routing instances, route manipulation on RIP, OSPF and BGP.
• Coordinated with Vendors for creating and modifying firewall and NAT rules and Maintaining Site to Site and SSL VPN.
• Conducted VMware virtualization assessments to recommend consolidation scenarios and project cost savings associated with virtualization for clients .
• Created automated scripts using Python language and also manual testing to enhance hardware performance.
• Used automation scripts to minimize error level in day to day VMware operations.
• Developer test scripts using Python and assorted proprietary software tools.
• Coordinating with Store technician for switch addition, movement and replacement Creating, Managing and maintaining rules thereby adhering to corporate security standards using checkpoint Firewall.
• Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, MLS, HSRP, VRRP, UDLD, Spanning Tree Protocol 802.1d, 802.1s and 802.1w.
• Configured switch ports (VLAN tagging, switch port mode, Port Channel) at distribution and Access layers for new server builds and critical server movement as per requirement.
• Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, OSPF, CHAP and SNMP.
• Experience in installing and configuring DNS, DHCP server.
• Strong Experience on Administration and Troubleshooting of Azure IAAS Components (VM, Storage, VNET, OMS, NSG, Site to Site VPN, RBAC, Load Balancers, Availability Sets).
• Expertise in Azure infrastructure management (Azure Web Roles, Worker Roles, SQL Azure, Azure Storage, Azure AD Licenses, Office365).
• Deploying and Managing windows 2003/2008/2012 , office365 cloud migrations, SAN/NAS storage .
• Knowledge about SAN configuration and implementation, storage components like interbnal storage, attached storages and SAN switches.
• Responsible in diagnosing & troubleshooting of VMware ESX and virtual center environments .
• Knowledge in synchronizing directory from On-premises to office 365 using different identities as per business needs.
• Excellent knowledge in Azure compute services, Azure Web apps, Azure Data Factory & Storage, Azure Media & Content delivery, Azure Networking, Azure Hybrid Integration, and Azure Identity & Access Management
• Experience working on maintaining and auditing the infrastructure security including configuring the Cloud Trial logs to encrypted S3 bucket and using the other services including AWS inspector, AWS trusted advisor, AWS Guard-Duty, Config etc.
• Experience working on administering various AWS Services using AWS Console, AWS CLI and using Amazon API (Boto3 SDK) using python
• Expertise on various AWS Services in Compute, Storage, Network, Database, Monitoring and Security.
• Implement/Maintain a Juniper Environment of 600 data collection units across USA.
• Good understanding of OSI Model, TCP/IP col suite (IP, ARP, ICMP, TCP, UDP, SMTP, FTP, TFTP)
• Worked in HP blade centers for server storage and used HP One view for automated lifecycle management.
• Infrastructure trouble shooting and TCP/IP Protocols Experience.
• Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.

Confidential, Sacramento, CA

Network Administrator

Responsibilities:

• Involved in Planning, Designing and assisted in deploying Enterprise wide Network Security and High Availability Solutions for ASA.
• Cisco 6500 Series Switches (both 6513, 6509), Cisco 4500 Series, Cisco 4006, Cisco 3750 and Cisco 3550.
• Cisco Router 1700, 1900, 2500, 2600, 3600, 7200, HP Procurve switches, ASR series routers.
• Migrated user access switch environment, which is of HP 5406 to Cisco 3750X, 3750G and 3750V2 environment to get gigabit speed.
• Successfully migrated Cisco 6500 environment to Cisco Nexus environment with 7k/5k and 2ks.
• Extensive experience in handling a Datacenter environment built out of Cisco 7K/5K/2K.
• Installed and maintained Riverbed 2050, 5050 and 7050.
• Maintained the client environment which had Juniper SSG5/SSG20/ISG1000 and SA6500.
• Maintain and expand wireless infrastructure, conduct site-surveys, provision and install new access points, and troubleshoot offline AP’s in an Aruba Networks wireless environment.
• Designed and developer VMware view infrastructure components.
• Deployed ACS VMware practice.
• Troubleshooting SAN switches, NFS and NIS.
• Converted Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Converted to BGP WAN routing, which will be in-turn to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Converted Cat OS to Cisco IOS Config Conversion on distribution layer switches.
• Have been involved in configuring the Access lists (ACL) on Juniper and Palo Alto firewalls for the proper network routing for the B2B network connectivity.
• Monitoring and Inspecting the throughput on HP Tipping point Intrusion Prevention System (IPS) S330 series through command line interface and Intrusion Detection Systems (IDS).
• Have created site to site IPSEC VPN tunnels with Checkpoint, Juniper Net screen firewalls and Cisco PIX/ASA firewalls.
• Troubleshot and managed Cisco, Juniper and Extreme devices.
• Maintained a backup environment build out of HP8212ZL and HP5406ZL with 10G uplinks to the core.
• Completed a project to update the patch HFA50 across all the firewall to overcome the bugs in the existing version of R65.
• Migrated the Cisco legacy environment which consist of 6500, 4500 to Cisco Nexus 7k/5k/2k.
• Maintained Checkpoint NG AI, SPLAT - NGX - Rx, R65, R70 and R75
• Responsible for logging & Resolving the severity calls logged in by Incident management.
• Troubleshot complex issues with wire shark at source and destination which can’t be resolved by the basic troubleshooting like ARP, firewall logs, switch logs and TCP dump.

Confidential

Network Engineer

Responsibilities:

• Configuring HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4.
• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
• Implemented WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Setup Access list and configured Firewall.
• Switches Replace branch hardware with new 2851 routers and 2960 switches.
• Switches: Basic Configuration and VLAN/VTP/Spanning tree setup on Cisco 3800, 6500, WDN 6K Nexus/Fexus Switches.
• LAN/WAN design and implementation using Cisco routers, hubs and switches
• Securing network resources with shared folder permissions, Implementing file security system.
• Configure Switches (layer 2, 3 and 4 switching)
• Router: Basic Configuration and monitoring of Cisco 9K, 71w.
• Configured Cisco Routers using Bundle Ethernet, RIP, IGRP, OSPF and EIGRP.
• Working knowledge of router management and configuration, networks engineering and sub netting of BGP/MPLS/OSPF Networks
• In depth knowledge of CISCO IOS, CISCO MIBs and Catalyst command line interface and Cisco hardware platforms.
• Designed and implemented IT security policies and networked backup systems.
• Reviewed, approved, procured various IT hardware and software products to fulfil strategic and operational needs of various departments.
• Worked with management and various departments to develop procedures and troubleshoot problems as they arose.
• Maintained all servers & network equipment with current stable firmware, IOS images & access control lists.
• Documented and maintained technical diagrams, documented logical and physical topology, and other IT procedures.