Professional with over 13 years of experience in administration, implementation, configuration, monitoring, troubleshooting of various technologies with proficiency in routing, switching, security & branch technologies.
Technologies: BGP, MPLS, OSPF, EIGRP, Route - maps, Prefix-lists, ACLs, Static Routing, Stub Routing, IPv4/6, ARP, TCP, UDP, NAT/PAT, Cisco ASR 1004/1002-HX/1001-X, ISR 4451/3845/2851 , Cisco IOS XRv, Meraki MX 450/100, Juniper SRX 340/210, Juniper vSRX, Cisco IOS XE, JunOS.
Technologies: VPC, VXLANs, VSS, StackWise, HSRP, VRRP, VLAN Trunking, SVI, Portchannel, STP, VTP, Portfast, BPDU Guard, UDLD, F5 Big-IP load balancers, LTM, Nexus 9K/7K/5K/3K/2K, Catalyst 6500/4500/3850/3750 X, Meraki 410/210/220, Juniper EX4200/2200, DHCP, CDP, ACL, QoS, SFP+, QSFP, NX-OS, IOS XE, JunOS, SolarWinds, Wireshark, Cacti, Nagios, Remedy, SNMP, DNS, SSH, FTP/SFTP
Technologies: Cisco ASA 5555-X/5508-X/ASAv/5510, Meraki MX 450/100, Cisco IPS/IDS, Cisco ISE, Juniper SRX 340/240, Juniper vSRX, Palo Alto 850/220/VM, ACLs, SSH, IPSecVPN, SSLVPN, MPLSVPN, AAA, TACACS+/RADIUS, 802.1x Authentication, Port Security.
Wireless/Branch Technologies: Cisco WLC 5500/3504, Cisco vWLC, Cisco 3702i/1852i/3602i/1142 APs, Cisco Meraki MR 42/33/20 APs, Cisco ISE, TACACS+/RADIUS, 802.1x Authentication, 802.11, WLAN, WAP, SSID, LWAPP, SMTP, VoIP/SIP, QoS, CUCM, UCCX, AWS, Cisco Meraki Cloud-based Dashboard, UPS & PDUs.
- Member of a team of professionals responsible for administration/service requests, escalation support, ticket resolution and analysis of enterprise LAN/WAN environments for datacenters, WAN links, and branch offices.
- Specific Technologies handled include but not limited to Cisco ISRs/Meraki MX, Cisco Catalyst/Nexus Switches, Cisco ASA FirePOWER, Juniper EXs, Cisco Wireless LAN Controller, Cisco Access Points, Palo Alto (PAN) Firewalls, Nagios, Solar Winds, Cacti, Wireshark, VMware, Cisco Unified Communications Manager & Cisco Unity.
- Consultant responsible for project management including schematics, vendor relation, estimate and budgeting, resource planning, organizing and managing solution delivery team as well as developing strategies for brand and marketing including campaigns, events and PR.
- Configured ISE to provide AAA services to enterprise network, 802.1X authentication for wired and wireless access to networks. RADIUS server implementation. Access switches, WLAN controllers configured as 802.1X authenticators to relay endpoint credential information on to ISE for processing, including the use of a various VLANs based on business needs. Viewing connection logs in ISE. Ticket resolution and change requests; more extensive changes require scheduling during periods of low network utilization, and users will need to be informed in advance if they will experience a change in behavior.
- Deployed and Maintained Cisco ASA 5500 and Cisco ASA FirePOWER, series firewalls including Security Levels, Zones, NAT, ACLs, and Active/Standby HA. Also, implemented NGFW features such as URL filtering and other IPS/IDP functions.
- Managed an IPSec Site-to-Site VPNs between Cisco ASA5500s at Main Office and Cisco branch ISR specifying IKE Policy, encryption and authentication protocols, access-lists to define VPN traffic, transform sets and crypto-map. Have used both s and Pre-shared Keys.
- Deployed Zone-based Firewalls on Juniper SRX along with IPS/IDS features and on Cisco ISR.
- Configured port security, DHCP snooping, and IP ARP inspection for access switchport hardening.
- Deployed SSL VPN (WebVPN for secure, remote-access VPN tunnel to the Cisco ASA 5500 series for clients.
- Deployed and Supported eBGP & iBGP peering using directly connected networks and loopbacks, ebgp-multihop for MPLS and BGP Multihoming. Managed BGP Peer groups, PREFIX-LISTs, ROUTE-MAPs.
- Implemented both single area and multiple area OSPF routing. Also implemented stub areas to lower system resource utilization of devices. Utilized link and area authentication to improve security for OSPF neighbors.
- Provided Escalation Support for BGP and OSPF neighbor and route issues using Traceroute, Show and Debug commands along Protocol Analyzers such as wireshark.
- Deployed WAN infrastructure Branch to HQ and Datacenter utilizing MPLS and IPSec VPNs.
- Implemented EIGRP routing on Cisco ISRs and ASAs. Implemented EIGRP MD5 between sites to prevent unauthorized insertion of routes into the domain. Implemented manual EIGRP route summarization to reduce demand on CPU resources, memory, and bandwidth used to maintain the routing tables.
- Scheduled, upgraded, and maintained recommended SW/firmware for IOS and JunOS devices.
- Managed StackWise & StackPower, VSS on Catalyst, VPC on Nexus, and MLAG on Juniper for Device Redundancy. Implemented Switching utilizing VLAN & trunking using 802.1q.
- Managed VTP with transparent mode, Managed RSTP/STP on Cisco and Juniper switches and priority for root election. Managed portfast, bpdu guard, UDLD. Implemented SVIs for VLANs with HSRP, GLBP and VRRP for gateway redundancy on dist. switches.
- Implemented Datacenter focused Nexus Switching utilizing NXOS with features including, vPC, Fabric Extenders (FEX), Fabric Path and VXLANs. Familiar with SFP, SFP+, QSFP and Optical and copper based cabling. Implemented F5 Big IP Local Traffic Manager (LTM) for load balancing Web based applications.
- Implemented Wireless network infrastructures utilizing Cisco WLC with Flexconnect as well as Cisco Meraki APs using Cloud based Dashboard.
- Deployed 802.1X port authentication for Wireless utilizing Cisco ISE.
- Implemented secure access such as SSH, AAA, Radius, TACACS+ to vty and console ports along with SNMP. Managed SNMP, AAA, TACACS+, Radius, Netflow, Syslog for authentication, logging and management.
- Utilized Nagios XI, SolarWinds Orion NPM, CACTI monitoring and graph traffic. Widely used Wireshark for troubleshooting and analyzing traffic flow including HTTP and other network traffic.