- 7+ years of Experience in Designing, Deployment and Operations of complex enterprise and service provider networks
- Provided technical leadership for problem escalation and resolution.
- Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professionalism.
- Build stable, productive and profitable operations within highly technical environment.
- Well experienced in configuring various routing protocols like RIP, EIGRP, OSPF, BGP, MPLS
- Well Experienced in configuring protocols like HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
- Enterprise Switching with VLANs, Trunks, Spanning Tree, Port Spanning etc.
- Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.
- Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
- Experience in WAN technologies like T1/T3, DS3, and Gigabit circuit types.
- Worked on Load BalancerF5 LTM, GTM series like 6400, 6800, and 8800
- Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
- Experienced in various Juniper products: EX - 2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
- Experienced working with Nexus 7010, 5020, 2148 and 2248 devices.
- Experience with Firewall Administration, Rule Analysis, Rule Modification.
- Responsible for designing and deploying various network security & High Availability products like Cisco ASA and Checkpoint Firewall products.
- Experience to migrate the infrastructure on Amazon Cloud Service - AWS
- Experience in Checkpoint Firewall on SPLAT and VPN technologies, Stateful inspection, and Global rule base, address spoofing.
- Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
- Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
- Experience in installing and configuring DNS, DHCP server.
- Experience in configuring Site-to-site and remote access VPN solutions.
- Good knowledge in configuration of Voice VLAN’s (VOIP), prioritizing the voice traffic over the data traffic.
- Proficient in deploying and troubleshooting mission-critical environments using proactive suite of support services - Wireshark and SolarWinds.
- Strong knowledge on Wireless Standards and Technologies, i.e. Ethernet, WAN, LAN, IEEE 802.11 (Wi-Fi). Very good knowledge on IEEE 802.15.1 (Bluetooth), IEEE 802.15.31a (UWB), IEEE 802.15.4 (Zigbee), Cognitive radio networks, Mesh networks
Experience: Cisco 3900 / 7600 Series Routers, Alcatel Lucent 7750, BRAS - Redback Edge Routers, T1s, DS3s, OC3/12/48s, IMA, GigE, Calix E5, E7, C7, Adtran (1148,1100,1248,1200,3K,5K) and UMC 1000Applications: Remedy Ticketing System, IPAM, Citrix XenApp, Calix CMS and IMS, SAM 5620, Secure CRT and Cirus.
Networking Protocols: RIPv1, RIPv2, BGP, OSPF, EIGRP, NAT, ACL, Frame-Relay, MPLS.
Networking Terminologies: OSI Model, ARP, ICMP, TCP/IP, VLAN’s, Spanning Tree, DNS, DHCP, SNMP, SSH, Telnet, HTTP, IPv4, IPv6, GRE Tunneling, Ethernet, ATM.
Networking: Network Design & Engineering, Operations Research, Cisco Routers (800, 2600, 2800, 3800, 4500), Switches (2950, 3560, 6500), Snort network intrusion detection systems (IDS). Network penetration testing tools like NMAP, Netfilter, IPTables, Ethereal, SONNET, MPLS, DSU/CSU, ASR9K and Octane Line Cards.
Routers & Switches: GSR 12000, 2900 3900, 7200, 7600, ASR 1002. 6500, 4506, 4510, Nexus 7000
Wireless: 802.11 (a, b, g, n), 802.16/WiMax, 3GPP, LTE, GSM, UMTS, CDMA, 3G, RF.
Programming Languages: Basics of C/C++, Python, and Matlab.
Software: Microsoft Office Suite, Visio, Lucid Charts, Wireshark.
Operating System: LINUX, Windows.
- Creating Instances like different locations for the use of Openstack and AWS Clouds
- Instances are running for the use of KAFKA & ZOOKEEPER
- We were creating the Brokers for the use of Kubernates, kafka, zookeeper
- Checking and pinging for the public and private clouds for the VCMTS VIRTUALIZATION Project
- In Virtualization we were creating multiple VM’s for single Moonshoot
- Creating Network seetings and Network configuration settings for every cartridges and every moonshoot
- Cloud bases we were using Openstack Compute, For compute the instances were creating for different sizes and different GB’s
- For Images storing we were using Docker and Docker Conatiners for VCMTS Project
- Cisco ASA Firewall Policy Provisioning and troubleshoot connectivity issues through firewall
- Configuring and Troubleshooting of Various Firewall ACL, NAT rules, policy and protocols like OSPF and Switching protocols like STP, VLAN, VTP Using CLI, SecureCRT, Skybox and Cisco ASDM
- Creating and Testing Cisco Firewall and Switch operations using security protocol, IPS, ASA Firewalls, and MPLS switching for stable VPNs using WAN backbone
- Migrating Virtual Firewalls to Physical Firewall and Cisco ASA to Palo Alto Firewalls
- Migration of Cisco ASA to Palo Alto using Palo Alto Migration Tools.
- Provide Service Support to Clients regarding LAN/WAN connectivity Configuring and Modification of ACL, NAT Rules and Port numbers in ASA Firewalls using CLI, SecureCRT, and ASDM
- Firewall Clustering and High Availability Services using Cisco ASA. Troubleshooting User connectivity issues on Cisco ASA using CLI utilities
- Worked on BIOS upgrde for moonshoots, using on HP and HARMONIC servers for 12 core and 16 core cartridges
- Creating public IP’s and private IP’s for HP and HARMONIC servers
- HP servers for Ubuntu 16.04 Image we were using and installation for all 12 core cartridges
- Confidential we were using and creating licenses for HP EL 4000 series
- Checking on system health for all rack space in the SIT LAB
- Configuration on Juniper switches and cisco switches for network configuration
- Network configuration settings are changing for MDC to Central data center
- Creating NETMASK, SUBNETMASKS, for every cartridges
- Checking on Network issues for routing switches and security levels for CICD Servers.
- Packet capture on firewalls and analyzing the traffic using CLI, Cisco ASDM, Wire shark utilities
- Troubleshoot Clustering issues on ASA and Sync issues monitoring and fix. Implemented Active/ Standby configuration on Cisco ASA Firewalls
- Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls. Upgrade of Cisco ASA Firewall in Active/Standby mode
- Experience with Juniper Net screen 520M Firewall and Palo Alto network firewall
- Implementation and Support of Nexus 7000, Nexus 5000, 6500, virtualization, ACE and Data Center Project implementation
- Configuring F5 Big-IP LTM and GTM. Responsible for troubleshooting of F5 load balancers
- Securing network access with Cisco Secure (RADIUS/ TACACS+)
- Firewall Compliance and Rule remediation for compliance such as PCI Audit
- VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation
- Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol
- Working with Azure Routing Table or User Defined Routing, allow to create network routes
- Configuring static NAT, dynamic NAT, Inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls
- Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes
- Network Router and Switch protocol configuration for firewall access
- Network IDS/ IPS Signature tuning. Escalating IDS and Firewall handling requests to third party vendors
- Generate and maintain platform-specific security baselines
- Firewall security Protocols, Access-list, Network address translation, Network Policy, object list, ISAKMP and IPSec for Site to site VPN and Firemon, Vendor / Managed Service Provider escalations
Confidential - Sacramento, CA
Network Security Engineer
- Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
- Experience on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
- Setting up cloud infrastructure for POC's on OCI and AWS.
- Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
- Working on to set up OSPF dynamic routing on Cisco ASA Firewalls by using and following their current network structure.
- Apply Cisco ISE configuration to switches
- Provide level 2/3 support for ISE related issues, including off-shift and weekend support functions
- Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
- Monitor, operate and support network security devices such as cisco ASA
- Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
- Successfully installed Palo Alto PA 3060 firewalls to Protects Data Center and provided L3 support for routers/switches/firewalls
- Expertise in maintenance of layer2 switching tasks - VLAN, VTP, RSTP, configuration of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
- Replaced the Legacy 3750 stack wise with Juniper EX 4200 switches in the LAN Environment.
- Migrated juniper firewalls to Palo Alto network firewalls and carried out troubleshooting and configuration of the same.
- Worked on Palo Alto PA-5000 and PA-3000 Series hardware handling App-ID, Content-ID and User-ID
- Experience in F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs
- Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route- distribute list and administrative distance for on-demand Infrastructure
- Managing data center and network by using solar winds, NPM, NTA, NCM and F5 load balancer
- Working on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices.
- Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
- Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs.
- Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and 9000 Core with VPC and 3172 TOR.
- Incorporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-protocol Label Switching (MPLS)
- Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches by enabling networked devices to communicate effectively
- Automated network implementations and tasks and designed monitoring tools using python scripting
- Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
- Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
- Documenting workflow process, managing and implementing standard policy and procedures.
Confidential - Monroe, LA
Sr. Network Security Engineer
- Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall.
- Creating or Modifying Firewall rules on Cisco 5555, 5520, Juniper SRX and Palo alto VM-300 devices.
- Upgrading the IOS on Network Devices including cisco 6800, 6500 and Palo Alto VM-300 devices
- Experience in working in panorama, palo alto user interface version 8.0.2 and VM-300 series firewalls.
- Creating templates in panorama to manage the individual devices from it.
- Creating Network objects, dynamic address groups, FQDN and assigning it to rules based on the information in tickets
- Creating custom URL profile based on the expressions and assigning it to rule to perform URL filtering.
- Configuring network interfaces, static routes, NAT rules in panorama and thereafter pushing to individual palo alto devices.
- Configuration included VLANs & VTP, STP port features, Gateway redundancy using HSRP, enterprise security using Cisco Port Security and Dot1X framework.
- Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Like, 4500-X in VSS mode and 3850 switches for distribution and POE-user switches
- Troubleshooting the Network failure issues and thereby making the changes to Network Infrastructure.
- Worked on maintenance and upgraded Cisco wireless WLC, LWAPP APs
- Troubleshoot issues with Wireless Access points (Cisco 3502) and configure SSID’s on 5520 Wireless LAN Controllers.
- Configuring Node, pool, VIP, SSL client, server profile in F5 LTM 4000 series Bigip and thereby adding firewall rule to bring the end servers live
- Configured RIP and EIGRP on 2600, 2900 and 3600 series Cisco routers
- Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switche
- Troubleshooting when the servers are down, checking logs the identify the error and thereby taking necessary steps.
- Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long-term planning, implementation, project management and operations support as required
- Performing the software upgrade from version 7 to 8.0.2 on panorama and VM-300 series palo alto firewalls.
- Implemented the Core switch cut over project from Cisco 6509 to Nexus 7004 devices.
- Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7k/5k devices
- Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
- Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
- Established BGP peering between onsite datacenter in Monroe and AWS cloud.
- Worked with Cisco advance services to implement data center Nexus environment for new Upgraded datacenter for the NX-OS in 7004 in core layer, 6880 in aggregation layer and cisco 6800 in access layer.
- Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
- Providing Technical Support and solutions for Network Problems and resolve tickets across sites and corporate offices.
- Involved in periodic IOS upgrades, troubleshooting network outages and high severity incidents.
Sr. Network Engineer
- Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for datacenter access architecture.
- Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500, and 6500) in multi VLANs environment and inter-VLAN routing, HSRP, ISL trunk, ether channel.
- Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
- Designed MPLS VPN and QoS for the architecture using Cisco multi-layer switches
- Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and on CAT6500 in a complex datacenter environment
- Hands on experience installing Sup720 for Cisco 6509-E series and its Gigabit Ethernet port deployment in the Core network
- Experience in configuring routing protocols like EIGRP,RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
- Coordinated with senior engineers with BGP/OSPF routing policies and designs, worked on implementation
- Strategies for the expansion of the MPLS VPN networks.
- Implement Cisco Works 2000 device to manage Cisco routers, switches, PIX and ASA firewall, Access Points, Concentrators.
- Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
- Implemented Voice VLANS, UDP, SIP, and RTP and provide QOS by DSCP and IP Precedence.
- Used DHCP to automatically assign reusable IP addresses to DHCP clients.
- Integrate VoIP with PSTN and setup voice Gateway ensuring QOS for Cisco based Voice over IP and CDR for voice call Accounting.
- Handling network devices such as Switches (Cisco Catalyst 2900 and 3500 series), Routers (Cisco 2600, 2800 and 7200 series), Firewalls, Load balancers etc.
- Experience configuring Virtual Device Context in Nexus 7010.
- Experience in Configuring, upgrading and verifying the NX-OS operation system.
- Experience in working with installing Nexus 7010 License upgrade.
- Experience in installing and configuring Checkpoint NGX R60.
- Maintain Security policy by monitoring PIX firewalls (515 and 520).
- Experience working with Network management software NSM primarily to manage the firewalls as well as performing changes as per the requirement.
- Involved in effective communication with vendors, peers and clients in resolution of problems, equipment.
- Worked extensively in configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design. Primary responsibility is to design and deploy various Network Security & High Availability products like Cisco ASA and other Security Products.
- Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
- Experience with converting PIX rules over to the Cisco ASA solution.
Confidential, Houston, TX
- Responsible for designing and implementation of customers network infrastructure
- Help negotiate hardware, software, and circuit contracts for customers
- Redesign customers office copper and fiber cable plant for scalability
- Implement Cisco IOS Firewall IDS using 2600 series router
- Configuring RIP, OSPF and BGP Static Routing on Juniper M and MX series Routers.
- Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
- Configured and debugged policy based routing for special traffic, route filtering with route maps, route redistribution.
- Configured VLAN Trucking 802.1Q, STP, and Port Security on Catalyst 6500 switches.
- Performed OSPF, BGP routing protocol administration.
- Router memory & IOS upgrade with TFTP.
- Network Assessment and Documentation (including technical, operational, and economic assessment)
- Build and maintain Visio documentations for Clients
- Was Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
- Ensured network, system and data availability and integrity through preventative maintenance and upgrade.
Jr. Network Engineer
- Migration of RIP V2 to OSPF, BGP routing protocols.
- Configured EIGRP for lab environment.
- Implemented ISL and 802.1Q for communicating through VTP.
- Working with client tams to find out requirements for their Network requirements.
- Deploying the network infrastructure to meet the requirements.
- Created VLAN and Inter-Vlan routing with Multilayer Switching.
- Configured Cisco 6500(SUP 720), 4500(SUP 6), and 3750 catalyst switches at the core and Distribution/Access Layer respectively with Port-Securities, VLAN, VTP, RSTP, connected switches with 802.1Q Trunking Protocol and provided gateway redundancy with HSRP.
- Used Cisco ASA 5540 series for enterprise security, configured ACL’s for Internet Access requests to SERVER FARM in LAN and DMZ.
- Completed service requests (i.e.- IP addressing, bandwidth upgrades, IOS/platform upgrades etc.)
- Providing technical consultancy for better application response using QoS.
- Monitor performance of network and servers to identify potential problems.
- Performed RIP, OSPF, BGP, EIGRP routing protocol administration.
- Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
- Provided technical support on hardware and software related issues to remote production sites.
- Other responsibilities included documentation and support other teams.