SUMMARY:

• Over 7 years of experience in Networking and Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.
• Cisco Certified engineer with Expert level knowledge in troubleshooting, implementing and testing of static and dynamic routing protocols such as EIGRP, OSPF, RIP and BGP
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse and proxy ARP, Ping concept.
• Monitoring of equipment capacity/utilization and evaluate the need for upgrades; develop methods for gathering data needed to monitor hardware, software, and communications network performance
• Working on Cisco Routers and Switches and Wireless networks … at Enterprise level.
• Cisco's Application Centric Infrastructure (ACI) implementation (Nexus 9K, APIC).
• Configuring Cisco switches including Nexus9K, Nexus7K, Nexus5K and Nexus2K
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers & Cisco Firewalls.
• Deployment and maintenance of Arista Networks using 7100 and 7150 switches.
• Configured Arista, and 7050 series switches within legacy network environment.
• Design and Install UCP Select for VMWare with Cisco UCS and Cisco Unified Fabric Switching.
• Dealt with Datacenter migration to Amazon Web Services (AWS) infrastructure and provided support to Applications and Database teams.
• Experience in managing Active Directory Domain Controllers, DNS and DHCP Servers.
• Hands on experience with Checkpoint Firewalls. Hands on experience with configuring firewalls and managing issues.
• Familiarity with Websense, nCircle, Imperva, DAM, SourceFire and WAF devices and services.
• 3 years WAN experience with ATM, Frame Relay, SMDS, DSL, ISDN, DDS, T1 and T3, VPN, Cisco routers, PIX firewalls, RIP, IGRP, EIGRP, OSPF, BGP, HSRP, TACACS+ and Cisco Works.
• Extensive knowledge of firewall Checkpoint, McAfee, Juniper Net Screen on SRX 550, 650 Series and IPS/WAF(Tipping Point, Imperva, and Citrix NetScaler) Technologies.
• Adapted the lead role/Tech lead; providing escalated assistance to the team/other administrative functions.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on APM, LTMs and GTMs.
• Experience with Cisco ACI fabric networks
• Installing Cisco UCS Components including Chassis, Fabric Interconnects, firmware upgrade, service profiles, VLAN.
• Install network backbone, wireless controllers and wireless access points (Cisco, Aruba, Ruckus )
• Checking monitoring and issue escalating to vendors about status of FDN connectivity
• Identify and resolve connectivity problems between Ruckus Wireless AP and on Ruckus , UBNT, Gemtek and Telenet ODCPE.
• Support PAN India Mail-Escalation cases and taking follow-up and resolve cases.
• Configuring Vlan on L2 switches MROTEK, RTS switch, D-link, TP- link
• Coordinating with field engineers about CPE-AP Alignment, Signal strength status, and other troubleshooting.
• Worked on Juniper Net screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, and ISG 200.
• Experienced Network Security Engineer With Outstanding Knowledge, Skills and Expertise, Dedicated and Committed To Providing Excellent Network Security Solutions. Technical Skills/Expertise: Installation, Configuration, Deployment and Management Of Firewalls Such As Check Point, Palo Alto and Fortigate Firewalls , System Migration and Upgrade, Network Security Monitoring (SIEM), NIPS Configuration and Management, VPN Configuration, LAN/WAN, IP Addressing and Subnetting, Switching, Routing (Static and Dynamic - OSPF, RIP) and Troubleshooting., Checkpoint Endpoint Protection.
• Responsible for Checkpoint Firewall architecture and design.
• Provide in-depth analysis for complex troubleshooting for Checkpoint , Fortinet, and Cisco ASA Firewalls .
• Performed security measurements using Cisco ASA, Forti Gate, Checkpoint , Cisco Routers, Switches, Cisco ASDM, Wireshark, Cisco Source Fire Virtual Defense Center, and what’s up Gold.
• Utilized Various SNMP Tools: Solar Winds , utilized Windows, Linux, UNIX base software and tools.
• Managed network performance, including providing network monitoring and reporting
• Troubleshot and resolved complex problems to ensure quality transmission service on the network
• Utilized Various SNMP Tools: Solar Winds , OP Manager, and Confidential Open View
• Utilized VTC tools for this position in the GNOC to include: Putty, Solar Winds , OP Manager, SharePoint, Cisco IOS, Support Web Incident Tracking System, and various network monitoring/troubleshooting tools

TECHNICAL SKILLS:

Operating Systems: Windows (Server 2003/2008, Vista, Windows 7), Linux OS

Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000

Switches: Cisco 3750, 4507, 4510 & 6500 series switches, Nexus 7010, 5548

Routing: MPLS, OSPF, EIGRP, BGP, RIP-2, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Network security: Cisco (ASA, PIX) 5510, Palo Alto, juniper, ACL, IPSEC VPN, GRE VPN, NAT/PAT, FilteringLoad Balancer F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

F5 Viprion: Architect, Design and Deployment

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.

WAN: Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing. Various Features & Services IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Management: SNMP, Solar Winds, Confidential open view, and Wire shark

Reports and Network Diagrams: Microsoft (Visio pro.)

WORK EXPERIENCE:

Confidential

Network Engineer

Responsibilities:

• Planning and perform hardware and software upgrades, preventative maintenance, high availability, disaster recovery failover and deployments (firewall, router, switches, load balancers). Coordinate with vendors, development, business partners and escalation support teams as needed, all to follow the approval and change management processes.
• Perform detailed, post event analysis of unusual or suspicious incidents, and direct needed procedure or process changes in response (firewall, router, switches, load balancers)
• Maintain regular backup of firewall and network devices and perform recovery operations as needed.
• Hands-on technical knowledge of Cisco ASA firewalls, routers and switches
• Working with Cisco enterprise grade products to include: Nexus 7k, 5k, 2k, Catalyst 6500, 4900, ASA, and ASR.
• Working with network capacity planning, network security principles, and general network management best practices.
• Experience on designing, deploying, and operating F5 LTM/GTM products.
• Migrated legacy F5 LTM appliance to newer version appliances. Experience in Migrating of applications from Cisco ACE to F5 LTM.
• Architecture, implement, and support the F5 BIG-IP infrastructure included LTM, GTM, APM, ASM
• Architecture, implements, and supports the corporate portal by leveraging BIG-IP APM to support the corporate insource/outsource model and branch migration.
• Work with IT Security to design the SSL VPN through different network tunnels for corporate employees, vendors, and contractors by leveraging F5 APM
• Manage F5 APM- APM traffic processing and configuration wizards, configure access policies and access profiles etc
• Created complex rules utilizing TCL scripting to perform load balancing decisions
• Upgraded GTM modules from version 10 to version 11+
• Configured F5 LTM solutions, which includes WideIP, Pool Load Balancing Methods, probers and monitors
• Design and deployed F5 LTM load balancer infrastructure per business needs from the ground up approach

Confidential, Houston, TX

Network security engineer

Environment: F5 LTM / GTM / APM, Cisco ASA Firewalls, F5 ADC, Cisco 3900,4300,4400,4500 Routers, Juniper SSG-140, Palo Alto Wildfire, Juniper EX series switches, Juniper SRX, Routing Protocols: BGP, OSPF, TCL Scripting

Responsibilities:

• Implemented High-availability (Failover) Configuration For Security Management
• F5 VIPRION hardware products like LTM, GTM series like 6400, 6800, 8800. Configuration and Administration of Palo Alto Networks Firewall to manage large scale Firewall deployments.
• Dealt with creating VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies.
• Documented standard operation policies for Cisco IOS, IOS-XR, IOS-XE, NX-OS and ASA firewalls.
• Worked on BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway.
• Implemented F5 LTM and GTM changes using CLI (TMSH and advance shell) configurations and Experienced in administration of F5 infrastructure.
• Created the AAA servers for LDAP and AD authentication in F5 APM.
• Working with F5 APM sessions and manipulating session using iRule and configuring and maintaining Webtops and Portal Access.
• Successfully migrated the Exchange 2010 application from TMG environment to F5 LTM/ APM.
• Successfully migrated the SharePoint 2010 application from UAG environment to F5 LTM/ APM.
• Staged and Installed Firewall Security Policy
• Assist with The Creation and Management of User Accounts Resources and Active Directory Design and Implementation
• Migrated legacy F5 LTM appliance to newer version appliances. Experience in Migrating of applications from Cisco ACE to F5 LTM.
• Created complex rules utilizing TCL scripting to perform load balancing decisions
• Upgraded GTM modules from version 10 to version 11+
• Conducted Security Policy/Rule Review to Identify and Remove Rules That Are Not Needed to Reduce Check Point Firewall Policy Lookup
• Configured NAT and NAT Policies
• Implemented High-availability (Failover) Configuration for Security Management
• Experience on designing, deploying, and operating F5 LTM/GTM products.
• Implementing security Solutions using Palo Alto PA 5020, Checkpoint Firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Charged with creating firewall policy.
• Once in 4 week on-call rotation. Installation and maintenance of network infrastructure and Configure, administer, and document firewall infrastructure, working with Checkpoint.
• Managed the firewall deployment, rules migrations, and firewall administration and was responsible for converting existing rule base onto new platforms.
• Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering). Successfully installed Palo Alto PA-3060 Firewalls to protect Data Center.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks. Exposure to Wildfire feature of Palo Alto.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs. Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Researched, designed and replaced aging Checkpoint Firewall architecture with new next generation Palo Alto appliances serving as Firewalls and URL and application inspection.

Confidential

Network security Engineer

Responsibilities:

• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Researched, designed and replaced aging Checkpoint Firewall architecture with new next generation Palo Alto appliances serving as Firewalls and URL and application inspection.
• Subject Matter Expert for URL Content Filtering.
• Configured and maintained IPsec and SSL VPN’s on Palo Alto Firewalls.
• Assisted on URL web filtering migration from Blue Coat and Websense to Palo Alto firewalls. Problem resolution of leveraged and dedicated SIEM Environment.
• Hands-on experience on Cisco switches 2960, 3750, 3560, Cisco routers 2821 ISR.
• Penetration testing and vulnerability analyses of both internal and external of the networks.
• Palo Alto design and installation (Application and URL Filtering, Threat Prevention, Data Filtering). Experience analyzing both log and packet data to include the use to Wireshark, tcp dump and other capture/analysis tools.
• Perform Basic Configuration Of Firewall
• Provide On Site Support For On-site Engineer and End Users During Installation
• Provide On Site Troubleshooting and Fault Finding If Issues Occur On Initial Installation Of Firewall
• Monitor Firewall Performance, Troubleshoot Network Problems, Schedule Upgrade to Maximize Network Performance
• Perform Data Network Fault Investigation In Local and Wide Area Environment With Information From Multiple Sources
• Installing Cisco UCS Components including Chassis, Fabric Interconnects, firmware upgrade, service profiles, VLAN.
• Install network backbone, wireless controllers and wireless access points (Cisco, Aruba, Ruckus )
• Support PAN India Mail-Escalation cases and taking follow-up and resolve cases.
• Perform Upgrade Of Equipment to The Latest Stable Firmware Releases
• Implementing, Managing and Troubleshooting Fortigate Firewall , IPS, Router and Switches
• Migrated legacy F5 LTM appliance to newer version appliances. Experience in Migrating of applications from Cisco ACE to F5 LTM.
• Created complex rules utilizing TCL scripting to perform load balancing decisions
• Upgraded GTM modules from version 10 to version 11+
• Configured F5 LTM solutions, which includes WideIP, Pool Load Balancing Methods, probers and monitors
• Design and deployed F5 LTM load balancer infrastructure per business needs from the ground up approach
• Configured and deploy LTM for application such as Exchange, 2010, 2013, SharePoint, VMview, using iApp and manually
• Advanced skills of designing, coding, and troubleshooting iRules Executed the F5 Viprion to deal with high traffic volume for L7 traffic on 2250 blade while Thunder 6630 using viprion chassis.
• Configured and deploy LTM for application such as Exchange, 2010, 2013, SharePoint, VMview, using iApp and manually.
• Advanced skills of designing, coding, and troubleshooting iRules Executed the F5 Viprion to deal with high traffic volume for L7 traffic on 2250 blade while Thunder 6630 using viprion chassis.
• Strong understanding of the Global Traffic Manager and iQuery functionality between LTM & GTM for a HA design.

Confidential, Chicago, IL

Network Engineer/Security Admin

Responsibilities:

• Install, upgrade and configure Next-Gen Palo Alto Firewall series PA-200, PA-500
• Designed and configured IPSEC VPN tunnels on PA firewalls to establish remote site connectivity
• Install, manage and monitored Palo Alto Firewalls in Panaroma
• Developed technical documentation and Visio diagrams for PA Firewall configurations and IPsec tunnels
• Extensive Knowledge on monitoring tools like SolarWinds, Netflow, Netbrain and Infoblox
• Resolved tickets on timely manner. Troubleshooting tickets based on switches, routers, Palo Alto Firewalls
• Configured site-to-site and client VPNs. Identify and resolve firewall and VPN connectivity issues.
• Monitored Firewall interfaces in Netflow for alerts and troubleshooting
• Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Integrating Panorama with Palo alto firewalls, managing multiple Palo Alto firewalls using Panorama
• Worked on SSL handshake proxies to a Big-Ip Viprion to do all the hardware SSL work dealing with layer 4 throughput work, to upgrade the SSL license limits.
• Palo Alto App ID migration from the legacy based port rules for PA 5060, 7050.
• Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
• Working as SME for IDS/IPS products (e.g., Tipping Point, SourceFire.
• Configured servers and SNMP alerts on Citrix NetScaler SDX.
• Installed and configured NetMRI and Visual uptime select.
• Support Infoblox, and NetMRI applications to resolve any software, or hardware error messages while working with vendors.
• Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
• Administer and support Big IP LTM for all Local Load balancing and GTM for load balancing between DC Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Vulnerability assessment using tools such as Nessus and Qualys, and implementation of Security Policies. Knowledge in design and deploy of F5 LTM, GTM, APM, ASM solutions.
• Experience with working on latest Cisco switches like Nexus 2000,5000,6000 and 7000 series switches while implementing advanced features like VDC, VPC, OTV and Fabric path.
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.

Confidential

Network Engineer

Responsibilities:

• Expertise in F5 BigIP GTM/LTM appliances including writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Planned and worked on design with Network team to re-architect F5 load -balancers to load -balance traffic anywhere in the company network.
• Experienced in implementing and managing F5 BIG-IP load balancing, including APM, ASM, and custom iRule development.
• Enforcement Readiness period, Trusted and Untrusted traffic, Loosening and tightening restrictions in ASM.
• Configured Arista, and 7050 series switches within legacy network environment.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Good experience in Amazon Web Services (AWS) environment and good knowledge of AWS services.
• Maintenance of citrix-Netscaler 9800 load balancer to monitor the traffic at the severs end
• Implemented Netscaler SDX 8400 platform with active cluster environment/VPX model.
• Configuration and Monitoring of Citrix Netscaler (Both MPX and VPX )
• Upgradation, Load balancing through Citrix Netscaler.
• Supported Infoblox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4), for the State Farm enterprise network.
• Experience in managing Active Directory Domain Controllers, DNS and DHCP Servers.
• Performed cross platform audits of Active Directory objects and user permissions using Identity Manager.
• Experienced in installing VMware VSphere 5.1 5.5 and created virtual machines on ESX 5.1 5.5 Servers. Created standard images and deployed servers.

Confidential

JR Network Engineer

Responsibilities:

• Conducted a thorough technology analysis as a complete upgrade of existing network, which was required by the company
• Maintained a Network with more than 600 Network devices, some 25,000-end hosts, and the other Network devices like DHCP, DNS servers, and Firewall servers
• Configured routers including 3925, 3845, 2811, 2600 series along with Cisco switches including 2960,3750
• Performed OSPF and BGP protocol administration and used redundancy protocols like HSRP, VRRP
• Configured VLANs, VTP, RSTP, STP (Spanning Tree Protocol), and Ether channel and port security at switching level
• Works with the end users to validate problem descriptions and perform detailed problem diagnosis, track and update problems in Confidential Service manager (Trouble-ticketing System)
• Assisted Operations with troubleshooting and root cause analysis for network incidents in the environments
• Assisted in migration of existing B2B VPN tunnels with the vendors from the 3060 VPN concentrator to ASA Firewall and
• Performed updating of F5 wide ip configured site-to-site IPSEC VPN
• Performed multiple firewall changes on the PIX, ASA, and Palo Alto firewall based on the requirements and monitored firewall changes using firemon Tool configurations, persistence profiles, updating the SSL s across the F5 devices for the resource updates
• Used multiple network monitoring tool Solar Winds, Cisco Prime for supporting the existing core network environment and Network edge devices
• Configured WAP and performed troubleshooting of WAP and WLC using Cisco NCS Monitoring Tool.
• Extensively used Infoblox for IP address management. Created and added IPv4 Network, Reserved IP addresses for various devices, Defined DHCP Scope as per the requirements, Created DHCP scope options for setting up Voice VLANs and PXE Clients etc.