SUMMARY

• Cisco Certified Network Engineer with 8+ years of experience in the industry which includes Designing, Implementation, Installation, Configuration, Deployment, Troubleshooting, Network Operations, Administration Support and Network Security.
• Excellent knowledge and experience on different vendor’s like Cisco, Arista, Juniper, Brocade, HP, Aruba, Palo Alto, Checkpoint, F5 And Vmware.
• Strong hands on experience in layer - 3 Routing and layer-2 Switching. With Cisco switches (9K,7K,5K, 2900, 3550, 3750, 6500, MDS 9000, 5000 NX-OS) series, juniper (EX, QFX, QFabric) series, Arista switches, Broadcom switches, Brocade (ICX, SLX CES), juniper (MX960, MX480, LN, CTP) series routers, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers.
• Experience in Configuring and implementing Palo Alto Firewalls, checkpoint firewalls, PIX Firewall (506, 515, 525, 535), cisco ASA (5505,5510,5520) Firewall, Cisco ISE (Identity Service Engine) Juniper (SRX 220,300, Csrx) series firewalls.
• Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520 ver8.2.
• Modified and worked in the following platforms to support customer Voice: Cisco Unified Call Manager 6.x through 8.x, Cisco Unity Connection, voice gateways.
• Design and install Cisco UC Cluster Environment (CUCM, CUC) for many Clients.
• Experience in installing and troubleshooting of WAN technologies like T1/T3, DS3, STM1, OC3, SONET, Gigabit and STM4 circuit types.
• Hands on experience on cisco wireless LAN CONTROLERS and ACCESSES POINTS. Experience in Physical cabling, IP addressing (ipv4 & ipv6), Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, ISIS BGP).
• Supports multiple business lines and a network of global data centers through the administration of SSL certificates.
• Experience in Configuration and Support of LAN protocols on Cisco Switches such as Layer2, Layer3 and Multi Layer.
• Up-grading and degrading the OS (IOS, NX-OS, JUNOS) for switches and routers as per requirement
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Security Technologies DHCP Snooping, IP Source Guard, Dynamic Arp Inspection, 802.1x and VACL's
• Strong Knowledge of the 7 layers, TCP/IP, IP Addressing and IPV6.
• Configured and troubleshooting the F5 LTM and APM and providing level 2 support for the customers.
• Enterprise Exchange 2007 SP3, Run & Maintain/Configure Exchange environment, 16K+ users, 5 Cluster (10 node CCR ESX VMWare Mail store) 25+ node messaging system, Exchange PowerShell, Mailbox restoration, User support Outlook 2007/2010 clients, EMC Email Source One Archiving, ActiveSync, RSA Security, Symantec Email Security, Room Wizard Administrator. CRM Application integration.

TECHNICAL SKILLS

• Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008/2012 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.
• Equipment’s (Switches, Routers)
• Cisco routers (7600, 7200, 3900, 3600, 2800, 2600,2500, 1800 series, ASR 9K (9922) and ASR 1K) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX480, 240, 80 series, EX, QFX Series Routers and HP (7000) series Switches.
• Routing: OSPF, EIGRP, ISIS, BGP (EBGP/IBGP), RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, IPV4, IPV6.
• Switching:VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.
• Firewalls: ASA 5500 series, checkpoint, Juniper Netscreen Firewall ISG100, 2000, SSG, SRX, Palo Alto.
• Load Balancer: ACE Module, GSS & F5 LTM
• LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.
• WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.
• Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.
• Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), D-Link Wireless (point to point), D-Link Accesses Point, CISCO 1200 series Accesses Points, and Linksys Wireless/Wi-Fi Router.
• AAA Architecture: TACACS+, RADIUS, Diameter, Cisco ACS.
• PROGRAMING LANGUAGES: C, C++, EMBEDDED C.

PROFESSIONAL EXPERIENCE

Confidential, Redmond, WA,

Responsibilities:

• Designed and support the consolidation of data centers utilizing Nexus 2K, 5K, 7K and Arista, Cisco Catalyst switches infrastructure.
• Configure and maintain all Palo Alto Networks Firewall models (PA-3k, PA-5k.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Use HTTP forward Proxy in Blue coat Proxy server.
• Working closely with knowledge center management to investigate the information center sites for cabling necessities of assorted network instrumentation.
• Provided application level redundancy and accessibility by deploying F5 load balancers long-term memory.
• Management of F5 Viprion based load balancer as LTM and GTM for hundreds of applications serving the needs of thousands of users local and abroad.
• Worked on BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway.
• Dealt with creating VIP Pools, Nodes and Created Custom Irules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies
• Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.
• Configure F5 Load balancers for SSL handling, Design and Implemented Virtual Server Farm for Web site load balancing in DMZ.
• Troubleshoot network connectivity by utilizing Netscout Infinistream and Riverbed Steelhead and Juniper wan accelerators.
• Created the AAA servers for LDAP and AD authentication in F5 APM.
• Worked on Cisco ISE with Access control and AAA protocols.
• Configured EC2-Classics platform to communicate with instance in an VPC using private ip address.
• Monitored VCP log information of network traffic in and out network interface VPC.
• Integrated AWS Network with our existing production and corporate network.
• Monitor all Malware incidents thru Sourcefire IPS system.
• Generate authentication report in ISE to estimate the endpoints that underwent authentication failure.
• Configure and install Aruba wireless controllers and access points.
• Implementation and troubleshooting of 802.11a/b/g/n technology with primary focus on Cisco Unified Wireless Network.
• Implementation and troubleshooting of wireless guest access.
• Creating solid SecureX (SOS) architecture with the identity Services Engine.
• Using Solarwind, NetScout and windows performance and resource monitor to figure out that we were losing PCoIP packets that was degrading the VDI environment.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Configuring ADC (Application Delivery Controller ).
• Using ISE Deployment Assistant (IDA) to validate and document endpoint authentication status during monitor mode deployments.
• Configured complex ISE implementation involving 6 agencies with GETVPN, DMVPN, SSL VPNs.
• Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).
• Used troubleshooting skills to fix Multicast routing issues and used WireShark to source packet level issues.

Environment: Nexus 2k/5k/7k, Arista, Cisco 6500/7500/7200 switches Routers, Broadcom, Palo Alto Fire Walls, Bluecoat proxy server, LAN, WAN, OSPF, BGP, SNMP, LDAP, IGMP, SSH, HSRP, PPP, VPN,, Cisco ASA, Cisco ACI., Solarwinds(Orion), Hostmon.

Confidential, Seattle, WA,

Responsibilities:

• Responsible for fitting the infrastructure surroundings with majority of Cisco ISE & Palo Alto appliances except for varied different instrumentality.
• Efficiently exploitation ServiceNow tool for generation of tickets, distribution severity to incidents, following up with incident standing and troubleshooting incidents.
• Excellently used Splunk to research and monitor incident management and incident resolution issues.
• Analyzed and monitored incident management and incident resolution issues exploitation Splunk.
• Backed up Electronic health record systems via File system backup (EPIC). Thus, faster backup and restore times.
• Perform 24x7 log monitoring - review and analyze system security logs.
• Monitored & analyzed system logs on Symantec Endpoint Protection anti-virus, Symantec Data Center Security & Credant Encryption servers.
• Responsible for implementation/installation of LAN/WAN/SAN, Aruba Switches, Aruba WirelessAP’s and Aruba Virtual Controllers.
• Installing and configuring CISCO Wireless LAN Controllers (WLC) with active/ standby state with controlling more 100 Cisco access points.
• Hands-on experience and expert knowledge of Cisco Intelligent WAN (IWAN).
• Hands on Experience in wireless RF site surveys and RF spectrum analysis.
• Good Experience in performing wireless site surveys using Air magnet software.
• Working on Cisco 4400, 5500 series wireless controllers, Cisco 1130, 1140, 1200 3702, 3602 and 2600 Series Access point.
• Configuring the PCI Palo Alto Firewall to The Tufin Monitoring Tool for The Log Analysis as The Syslog Server.
• Firewall Audit and Compliance Check Using Tufin And Generation of Reports Based on The Analysis.
• Configured Tufin Secure Track for checkpoint firewall to analyze the firewall rules.
• Worked on MTS software plug-in for Multimedia over Coax Alliance (MoCA) configuration capability on DOCSIS cable modem and gateway products.
• Install and configure Tufin orchestration suite and manage the Tufin tool from the scratch.
• Deployed Tufin in a distributed architecture with central server and remote collectors.
• Upgraded Showtime content network with Arista switches.
• Configured TCP idle timeout settings for Azure Load Balancer, Configured the distribution mode for Azure load balancer, and configured multiple VIPs for a cloud service. Configured Site-to-Site connection in the Azure portal
• Implement SNI on Load balancer and add snat pool.
• Experience on the load balancers including AWS ELB.
• Migrating to Cisco APIC-EM with dynamic QoS templates serving 5 high-volume Call Centers with Call Center as a Service. Resulting in enhanced flexibility at more cost-effective price-points, and elevated customer care capabilities.

Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, HP (7510,7506) switches, Brocade VPX, ICX series switches, Palo Alto Firewalls, Viprion 2400 BlueCoat proxy server, LAN, WAN, WLAN, OSPF, RIP, SNMP, BGP, LDAP, IGMP, SSH, EIGRP, HSRP, PPP, VPN, Checkpoint, Cisco ISE.

Confidential, Boston, MA,

Responsibilities:

• Configuration 7609, 7606 with OSPF, juniper (EX, QFX, QFabric) switches with various VLAN’s.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Fortinet NGFW series firewalls and Cisco ASA.
• Hands on experience on all software blades of Check Point Firewall.
• Design and Build Windows 2000, 2003, 2010 2012, Servers.
• Active Directory Installation, Maintenance, and Upgrades.
• Python scripting for automation of difficult tasks
• Modernized old backup and recovery technologies using select solutions (Networker, Avamar, Quantum VTL and Brocade). Backup all operating systems and applications (Linux, Unix, Windows, exchange)
• Responsible for All Software Installations on Both the Servers and Workstations. This Includes Antivirus Software and Any Custom Applications.
• Testing GTP V2C, GTP V1U, GTP Prime, Diameter, SIP & NAS protocols
• Provided technical expertise and consultation in network administration, security prevention with Akamai and secure works, Cisco WCS (Wireless Control System) for Wi-Fi and Fore Scout for wired breaches.
• Install network backbone, wireless controllers, and wireless access points (Cisco, Aruba, Ruckus).
• District Wireless Network Specialist with experience installing, maintaining, optimizing, and troubleshooting the district's Enterprise Wireless solutions from Aruba and Meru Networks, as well as extensive HP/Aruba Procurve switch knowledge.

Environment: juniper (EX, QFX, QFabric) Switches, Broadcom(PEX), Fortinet, CheckPoint, PaloAlto Firewalls, Cisco ACI, Viprion 2400 Cisco 6500/7500/7200 Routers, Nexus, 5K,7K, LTM, GTM, F5 Load Balancer, ASA, OSPF, SNMP, BGP, LDAP, IGMP, SSH, EIGRP, RIP, LAN, WAN, SSL/VPN.

Confidential, Santa Ana, CA,

Responsibilities:

• Configured and deploying Cisco catalyst 6506, 4948E, 4510 switches, Broadcom(PEX), Cisco 3660, 3845, and 7609 series Routers.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls
• Involved in the troubleshooting aspects of complex network infrastructure using the routing protocols like EIGRP, OSPF & BGP.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification.
• Configuration and maintenance of Cisco PIX and ASA firewall systems.
• Configured FirePower service and FireSIGHT management.
• In-depth knowledge in installing/configuring Planning/Sizing for the new equipment including, NextGen IDS/IPS Firewalls such as Cisco ASAs Firewalls, Switches, UPSs, Cablings

  Firepower (Sourcefire), Palo Altos, SonicWALL.

• Configuration of routing protocols EIGRP and BGP for little to medium sized branches supported company branch standards, together with distribution and route maps.
• Experience configuring multiple models of Cisco ASA, 3750, 6500, 7600, 3800, ASR 1k/9k, and ISR platforms.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices and configure 2k, 3k,7k,9K series Routers.
• Holds good exposure in (VitalQIP, Infoblox & Efficient IP) - IPAM software, DNS, DHCP.
• Have good exposure on IPAM, BIND DNS and DHCP concept.
• Access purpose refresh and implementation at varied sized branches and locations.
• Used network observation tools like Spectrum to confirm network property and protocol analysis tools to assess and pinpoint networking problems inflicting service disruption.
• Worked with management and various departments to develop procedures and troubleshoot issues as they arose.

Environment: CheckPoint, CISCO ASA, PIX, Broadcom, Cisco 6500/7500/7200 Routers, Nexus, 5K,7K, LTM, GTM, CISCO ASA, OSPF, BGP, EIGRP, RIP, LAN, WAN, SSL/VPN.