- Seeking a challenging position of network engineer which will give me an opportunity to prove potential in me and educate me more in the field of networking and to help reach the goal of the organization and its growth.
- 7+ years of experience in Network infrastructure planning, designing, deploying, troubleshooting and analysis.
- In - depth understanding on implementation of LAN/WAN network routing environments
- Strong working knowledge in complex configurations, troubleshooting network connectivity and Cisco IOS version integration issues
- Successful in resolving Routing, Switching and WAN connectivity escalation issues using various ticketing tools
- Leverage Q radar, Security Onion, and Bro to gather network forensic artifacts and for retrospective analysis
- Thorough experience in OSI model, TCP/IP, UDP, IPv4/IPv6 sub netting, NAT concepts
- Expertise in configuring IGRP, EIGRP, OSPF, BGP and MPLS protocols
- Ample knowledge in configuring networking protocols including VM s, DHCP, DNS, NTP, FTP, VOIP (SIP, H.323, MGCP) and Quality of Service (QoS)
- Configurations and issue detection of HSRP, VRRP, GLBP redundancy protocols
- Proficient in configuring WLAN, VLAN, VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Spanning Tree Protocol (STP), RSTP, and PVST
- Worked on configuring 2600, 2800, 3600, 3800, 7200, 7600 Cisco Routers and Nexus 7k, 2960, 3750, 3560, 4500, 6500 Cisco Switch series
- Exposure in working on Layer 2 Routing Protocol Configurations as ARP, RARP, and deployment of VPN's over IP Sec and GRE
- Strong basics with x86/x64 Intel, HP, IBM and Dell server models like rack-mounted and tower series
- Good knowledge of CISCO NEXUSdata center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248).
- Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center.
- Configured Cisco Routers (2621, 2621XM, 2620, 2800) using EIGRP and Configured Cisco Switches (Catalyst 6500, 4500, 3750)
- Assist in building QRadar rules in order to tune out false positives that produce noise in the SIEM environment Review & decode packet capture via Wireshark in order to get a better understanding of what a source/destination IP is attempting
- Worked as a System Administration on Windows and Linux platforms under production, migration, patching and change environments
- Experience with Design, code, and debug operations, reporting, data analysis and web applications utilizing Python.
- Expert in Network management operations including network monitoring and reporting using SNMP, Tivoli, HP OpenView and WebTop in 24/7 Command Center environment
- Troubleshoot and fix issues related to IP Helpers by verifying running configuration of port, Vlan and DHCP, Develop the change control, configuration management, automation, and
- Citrix Patching, Security & Citrix Capacity and performance management
- Collaborate with service
- Excellent skills in Network security installation, configuration and managing Firewalls including Fortinet, ZyWall, SonicWall and Checkpoint VSX, IDS and IPS
- Handled the implementation and configuration of Gateways, SRX Firewalls
- Ability to configure, monitor and troubleshoot Cisco ASA firewall series 5505, 5510, 5500/ PIX security appliance as per the infrastructure requirement
- Investigate and fix issues related to the rules configured under Firewall ASA modules installed under different L3 boxes
- Knowledge about setting up Python REST API Frame work using Django.
- Experience in working with Python ORM Libraries including Django ORM.
- Migrated and deployed Juniper NetScreen Firewalls NS50, ISG 1000, ISG 200 for financial corporations
- Experience in load balancing using F5 LTM/GTM networks
- Adhesive nature in understanding organizational needs and proactive in resolving complex technical tasks within the given SLA
- Performed different Types of Testing like Black Box, Build Acceptance, Functionality, Integration, Database, System, Boundary, Regression, Security, Positive, Negative and Cross Browser Testing.
- Experience in reporting the defects in Quality Center and JIRA.
Routing Protocols: EIGRP, OSPF, BGP.
Windows Server: Windows Server 2008, 2012 R2, 2016, Active Directory.
WAN Protocols: HDLC, PPP
Security Technologies: Firepower Threat Device (FTD), ISE (Identity Service Engine), FortiGate 300E, Forti Mail, Forti Token, Forti authenticator, Forti Analyzer Palo alto PA-3020, PA-500, Barracuda Web Filter, Barracuda Email Security.
CABLING: Fiber Optic Cables, CAT 5, CAT 6, COAX, CAT 3, Twinax, Voice and Data Cabling, Crimping, installing and design.
Cisco Routers: Cisco 2500,2600,2800,3600,3945,7200,7600
Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, Wire shark, Solar Winds, SNMP
(G-PON Gigabit-Passive Optical Network): 1134AC Optical Line Terminal (OLT), Panorama Element Management System (EMS).
Layer 2 technology: VLAN, RTP, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)
Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)
Operating Systems: Windows Servers 2008, 2012, 2012 R2, 2019, RHEL, CENTOS, Linux, Windows 7, 8, 10.
Scripting Languages: Python, Bash-shell.
Senior Network Engineer
- Design, deployment and maintenance of security/network devices and datacenters of enterprise.
- Worked on configuration, maintenance and administration of Palo Alto PA 5020, PA 7050 Firewalls and migrating from Cisco ASA 5050 to Palo Alto 5020 in HA network.
- Have migrated more than 100 firewalls from PA to Cisco ASA.
- Experience with Palo Alto Migration Expedition tool to migrate cisco ASA, Juniper SRX, FortiGate, check point firewall to Palo Alto Firewall.
- Configuring Administrating Cisco ACS5.3 for Dot1x RADIUS authentication for Wireless users and TACACS for Device Administration.
- Having advanced knowledge in Cisco ASA 5000 series and PIX installation, configuration and maintenance
- Install and configure Cisco Meraki (MR66, MR18) wireless Access points in the warehouses.
- Experience with Cisco Meraki wireless managed network infrastructure.
- Designed and Implemented Cisco Firewall (Firepower) Threat Defense System.
- Cisco 2600/2800/3600 Cisco 2950/2960 series switches, Cisco Routers 7000, 5300, 4000,2500, 3000, 2600, NAT, PAT, DHCP, DNS, OSPF, EIGRP, ASR, TCP/IP, LAN, WAN.
- Configure and setup the new Palo alto firewall from scratch level.
- Configure User ID and User ID group mapping with using windows user id agent and create the policy to control flow of traffic with user name instead of IP.
- Experience with create custom APP ID using pattern signature with using Wireshark packet capture and create application override policy to control the unknown application traffic.
- Experience of managing different security profiles and Content ID which includes antivirus, anti-spyware, URL filtering with PAN DB, file blocking, Vulnerability, Dos Protection and Zone base protection profile.
- Citrix Patching, Security & Citrix Capacity and performance management Collaborate with service
- Tracking and documenting the server information connected to Cisco Catalyst, Nexus Switches, Cisco ACE load-balancers and BIG IP F5LTM. managers to provide client-facing support on IT Work on technical problem identification and resolution, including responding
- Configure site to site IPsec VPN Tunnel and large-scale VPN in Palo Alto firewall.
- Configure Global Protect VPN in Palo Alto using duel multifactor authentication.
- Testing for all phases like Unit, Integration, IOT, Feature, Performance and Services Experience with SSL Decryption including for SSL forward proxy (Outbound) and Inbound traffic.
- Configure Panorama M 500 from scratch and manage 700+ firewalls.
- Configured security rules and NAT rule to control the traffic flow.
- Experience with wildfire configuration
- Configuring Vlans, Self IP's& Routes on F5 load balancers.
- Worked with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
- Worked extensively on Cisco Firewalls, Cisco ASA 5500 (5510/5540) Series.
- Experience with converting PIX rules over to the Cisco ASA solution.
- Experience with autofocus for analyzing of threat and vulnerabilities in network.
- Configure MineMeld to update externally for URL dynamic list.
- Deeply understanding framework of Palo alto firewall.
- High level experience of trouble shooting for Palo Alto firewall.
- Experience with ServiceNow Ticketing tool.
- Experience with Tufin network security management tool to manage firewalls.
- Worked on configuration and administration of cisco ASA 5050 firewall.
- Configure routes using OSPF and BGP on Palo Alto firewall as well as cisco ASA firewall.
- Have experience with Python Scripting to integrate with firewalls.
- Create different python script to create custom object and rules integrating with firewall API.
- Developed a python script, which will parse all trace files and calculate throughput, latency and drop rate.
- Well understanding and implementation experience on SDN technology, including PANW NSX and Cisco ACI.
- Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for datacenter access architecture.
- Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500, and 6500) in multi VLANs environment and inter-VLAN routing, HSRP, ISL trunk, ether channel.
- Design and implement Cisco ACI in datacenters, create a strategy that allows use of containers, cloud orchestration tools for end users and developers
- Day to day hands on VMware vRealize ESX 6.5 Administration like vMotion, Storage vMotion, Hyper-V and Maintenance of VM's include monitoring of ESX systems for Performance.
- Managed the F5 Big IP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
- Implement Cisco Works 2000 device to manage Cisco routers, switches, ASA firewall, Access Points, Concentrators.
Environment: App ID, User ID, Content ID, cisco ASA 5050, IOT,Global Protect, Expedition, Autofocus, MineMeld, SSL Decryption, Large scale VPN, security profiles, panorama, Tufin, ServiceNow, Python Script, PA 7K and 5K, Expedition, Gigamon.
Senior Network Engineer
- Worked with HPE Aruba Layer 3 switches 5406zl, 5400 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, ether channel
- Worked on FortiGate Firewall 300E, Forti Mail, Forti Token, Forti authenticator, Forti Client, Forti Cloud, Forti Analyzer.
- Unity Connection, Presence, DSPFarm Routers, Upgrade to Cisco Unified Attendant Console 8.6 to 9.x
- Configured and implemented IPSEC VPN Tunnels, Global Protect VPN on Palo Alto firewall series PA-3020.
- Handling network devices such as Switches (Cisco Catalyst 2900 and 3500 series), Routers (Cisco 2600, 2800 and 7200 series), Firewalls, Load balancers etc.
- Implemented Splunk to drive reporting and search for data collected from Cisco firewall devices - FWSM, Pix and ASA.
- Worked on Extensively on Cisco Firewalls, Palo Alto Firewalls (5020,3020) & ASA 5500(5510/5540) Series
- Migrated to R75.xx in various Checkpoint 4k/11k/21k appliances from R65, R62, R60, etc., and building the new Smart Center server.
- Experience configuring Virtual Device Context in Nexus 7010.
- Implemented LAN/WAN utilizing CISCO 7200, 7204, 7206.
- Configured the SSL VPN and IPSEC VPN on the Fortinet Firewall.
- Worked on Agilysys POS (Point of Sales system).
- Performed firewall firmware upgrades.
- IoT & Wireless - Wireless LAN Controllers, Network connectivity i.e. Cisco’s Ruggedized Industrial router and switches configuration and functionality
- Managed AD Domain Controller, DNS, and DHCP servers and configurations.
- Worked on Auvik Tool.
- Aruba Clear Pass Server Authentication: 802.1X, AAA, Policy Management.
- Configuring Aruba Controllers integrating with Cisco ACS and RADIUS severs for Dot1x authentication.
- Designing and building new system with Golang.
- Integrating Cisco ISE with external identity stores such as Windows AD, Cisco ACS LDAP.
- Hands experience in creating a port channel between two devices by using LACP negotiation two get enough bandwidth and redundancy, load balance.
- Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports managers to provide client-facing support on IT Work on technical problem identification and resolution, including responding
- Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
- Resolution of complex routing, switching and security related problems with Cisco and Juniper routers and Palo Alto firewalls. HSRP and Ether channel configuration. MPLS and MPLS VPN troubleshooting
- Installed and configured CISCO ASA and Checkpoint firewall.
- Maintain and troubleshoot networking equipment including but not limited to Extreme, Fortinet, HP, Aerohive and Cisco devices.
- Performed basic security audit of perimeter routers, identifying missing ACLs, writing and applying ACLs
- Hands on experience of Cisco works and Cisco configuration professional tools used for Network discovery, topology views and VLAN management
- Experience with convert PIX rules over to the Cisco ACI solution.
- Responsible for Cisco ASA firewall administration and checkpoint firewall provider-1 across our global networks
- Hands-on experience with VMware ESXi5.5, 6.0 and vCenter applications. Experience in VMware networking with VMware standard switch and Distributed switch.
Environment: CiscoRouters: 7200, 3800, 3945. Fortinet:300E: NexusSwitches: 5596, IOT, 7010 FortiToken: Firewall: FortiGate 300E, Palo alto PA-3020 Cisco Firewall: Cisco ASA 5510.5516. Switching: VTP, VLAN, PVST, Pulseway NOC Monitoring, Aruba Access point, HP Switch.