SUMMARY

• Network Engineer with 7+ years of experience in Configuring, testing, troubleshooting, implementing, optimizing and maintaining Enterprise & Data Center Networks.
• Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers using Cisco ACE, F5 LTM/GTM, Security Device Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer, Palo Alto Networks Firewall models (PA - 2k, PA-3K and PA-5K).
• Hands-on experience in installing, configuring, maintaining and troubleshooting Cisco Switches, Cisco Routers, Juniper EX Switches, Juniper Routers and Cisco Nexus Switches.
• Experience in Cisco, Physical cabling, IP addressing, Wide Area Network configurations, and routing protocol configurations.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols such as MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP and Trunking).
• Worked on configuring the Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders. And Implemented VDC, VPC, and OTV on the Nexus 5K and 7K switches.
• Experience in implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether-channel, STP, RSTP and MST.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Expert level knowledge on OSI model and TCP/IP protocol suite.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Experience in troubleshoot Cisco Meraki solutions remotely including 802.11a/b/g/n/ac Wireless networks, Stateful.
• Installed and configured Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500 (5510/5540) series.
• Experience with hardware load balancer administration and support, preferably with F5 and Cisco ACE load balancers.
• Experience with the conversion of Checkpoint VPN rules over to the Cisco ASA technology.
• Migration experience with both Checkpoint and Cisco ASA VPN.
• Experience in layer-3 Routing and layer-3 Switching.
• Experience in Providing administration and support on Bluecoat Proxy for content filtering and internet access between site and VPN client users.
• Deployment and Management of Bluecoat proxies in the forward proxy scenario as well as for security in reverse proxy scenario.
• Hands on experience in configuring the Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders.
• Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches.
• Implemented highly secure network solutions leveraging networking tools including Cisco IOS-XR, IOS-XE, Cisco ASA and SD-WAN solutions.
• Experience in Design and assistance for deploying enterprise-wide Network Security and High Availability Solutions for ASA.
• Expertise in installing, configuring and troubleshooting Juniper EXSwitches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series) Juniper Routers (E,J,M and T-series).
• Good understanding of security, encryption, authentication, key management and applied cryptography.
• Proficient in using SolarWinds Network Management tools like Network Performance Monitor (NPM), Netflow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
• Having knowledge in Linux and Unix Operating Systems, web security devices or proxy - Cisco WSA/CWS, understanding of global security policies.
• Experience in documentation and updating client’s network documentation using Microsoft Visio.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professionalism.

TECHNICAL SKILLS

Router platforms: Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 7K, 5K, 2K & 1K.

Switch platforms: Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, CheckPoint (NGX, R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA-2K, PA-3K and PA-5K).

Network Management/Monitoring: Solar winds Orion, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump, PRTG, Infoblox, Riverbeds.

Load Balancers: F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900, Bluecoatt SG8100, AV 510.

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix, Arista

Software: GNS3, Microsoft Vision, Remedy, Service Now, MS SQL Server 2008, HTML

PROFESSIONAL EXPERIENCE

Confidential, Little Rock, AR

DIS Security Specialist

Responsibilities:

• Responsible for troubleshooting firewall rules on Cisco ASA and Firepower as well as Fortinet firewalls
• Hands on experience on NAT (Network address translation) configurations and its analysis on troubleshooting issues related access lists (ACL).
• Configured and troubleshooting WAF and load balancing features of BigIP F5 LTM and ASM modules
• Configured of site - to-site and Remote Access VPN
• Responsible for with ASA Firmware upgradation
• Experience with AnyConnect VPN Setup
• Advanced troubleshooting to identify and resolve network connectivity and security issues
• Implemented security hardware architectures and required configurations
• Experience with wiping out the old firewall and configuring the new firewall.
• Audit and cleanup of existing firewall rulesets
• Responsibility for ensuring compliance requirements are met on all supported devices accordance with Best Practices as well as state and federal regulation
• Implement hosting SSL certificates on F5 platforms and Cisco ASA

Confidential, IL

Sr. Network Engineer

Responsibilities:

• Installation and Configuration of Composite Network models consisting of Cisco7600, 7200, 3800 series routers and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured routing protocols such as OSPF, EIGRP, and BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy. It also includes the configuration of the port channel between core switches and server distribution switches.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF & BGP.
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured policy based routing for BGP for complex network systems.
• Configured Multiprotocol Label Switching (MPLS), VPN with Routing Information Protocol (RIP) on the customer’s Site.
• Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Upgrading system images on Nexus 5 and 7 multi-layer switches using kick start and FTP server.
• Configured Multicasting by using protocols such as PIM and IGMP.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Worked on Cisco Wireless Controllers 5500’s and 2500’s and coming to access points, worked on 3700’s, 3500’s and 1142 access points.
• Implemented Zone-Based Firewalling and security rules on the Palo Alto Firewall.
• Installed and configured PIX 525 and ASA 5505 in customer locations. In addition to that, configured PIX firewall for the guest access.
• Implemented and troubleshooting security rule and NAT rule in Firewalls including Check point, Juniper (JunOS and NetScreen), and Fortinet.
• Migration/Installation of complete SDWAN setup from Cisco environment in remote offices.
• Implemented a large number of security policy rules and NAT policy rules on Palo Alto, created zones, implemented Palo Alto Firewall interface and Palo Alto IDS.
• Create/delete/modify Firewall rules in order to provide access or block unwanted traffic to/from external, internal and DMZ network.
• Troubleshooting tier 3 security issues for different security platform including Check point, Juniper (JunOS and NetScreen), and Fortinet.
• Managed Infoblox Grid Manager to manage DNS Forward and Reverse Lookup zones.
• Worked in the redistribution into OSPF on the core ASA firewall.
• Worked in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Worked in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Worked in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Configured and implemented F5 BIG-IP, LTM, GTM load balancers to maintain global and local traffic.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Experience working with Active Directory (as a centralized system) to automate network security management and user data.
• Used Tcp dump to analyze packets on the TCP/IP and provides brief display of packet.

Confidential, TX

Network Engineer

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT’ing, NAC product sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
• Hands on experience and good working knowledge with Checkpoint Firewall policy provisioning.
• Experience with managing the completed end to end site solutions.
• Designed, Implemented and Troubleshot Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Planned Design and assisted in deploying enterprise wide Network Security and High Availability Solutions for ASA. Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
• Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
• Upgraded the data center network environment with Cisco ASA 5520. Configured ACL’s on Cisco Switches as well as configured routers as terminal servers.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review, evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Configuring and managing Blue Coat Proxy Servers.
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX as per the design.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Worked on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches.
• Experience with Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Worked with Carrier to test and turn-up circuits.
• Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
• Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Provided tier 2 support for Check Point and Cisco ASA Firewalls, Backup and restore of checkpoint and Cisco ASA Firewall policies.
• Installed wireless access points (WAP) at various locations in the company.
• Actively involved in switching technology Administration including creating and managing VLANS, Port security - 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.
• Worked on configuration and commissioning of the MPLS circuits for various branch offices.
• Provided Daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
• Built SD-WAN test network design using multiple cases to look client data center networks simpler to manage, operate, and maintain.
• Configuring, installing SD-WAN devices, running shipping and receiving department, and day-to- day operations.
• Areas of focus included development of NFVI specification for centralized NFV services, development of SD-WAN services.
• Handled Network capacity planning, modeling, and traffic optimization and experience in using tools (OPnet, Netflow, etc.).
• Configured ACL’s in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Responsible for Data Center Migrations and its operations including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 5k and 7k.
• Worked on multipath routing in Data Center using Shortest Path Bridging.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server as well as configuration of F5 Big-IP LTM-6400 load balancers and experience working with F5 technologies (LTM, GTM, APM, V9, V10, V11)
• Experience in deploying, configuring & maintaining F5 3DNS (Global traffic Manager) Controller and BigIP -LTM (local traffic manager) for wide area load balancing and global redirection using VPN and Proxy load balancing techniques.
• Worked in an Agile Scrum environment and with HPSM Change Control System.
• Documented workflow process, managing and implementing standard policy and procedures.