SUMMARY:

• 8 plus years of Experience and having multiple s Cisco (CCNA&CCNP) in designing, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) & firewalls of various vendor equipment.
• Working on Cisco IOS, Junos & NX - OS (7K, 5K&2K).
• Strong hands on experience on ASA (5505/5510/5540/5585 ) Firewalls, Juniper (SRX 110/210/220/550 ).
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA(TACACS+ & RADIUS).
• Worked aggressively on complex Palo Alto firewalls Environment.
• Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like ISR 43K, ISR 44K, 7200, 3900, 2900, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3850, 3750, 3500, 2900 series switches
• Technology and Infrastructure consultant for Cisco and Juniper design and implementation projects. Specific tasks include installations, configurations, support and maintenance of routers and switches.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS
• Diverse industry exposure - Finance, Telecom, and IT consulting Markets.
• Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
• Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Experience working with Cisco IOS-XR on teh ASR9000 devices for MPLS deployments
• Experience configuring & troubleshooting routing protocols like RIP, OSPF, BGP, and EIGRP.
• Hands-on experience with Juniper SRX - Juniper SSL VPN
• IOS/JUNOS upgrade for Cisco & Juniper routers/switches.
• Experience in testing Cisco & Juniper routers/switches in laboratory scenarios and deploy on site
• Team player, TEMPEffective inter-personal skills, adaptive to any environment, with teh latest technologies and delivering solutions as an individual and as part of a team

TECHNICAL SKILLS:

Routing Protocols:: RIP, BGP, OSPF, EIGRP, Static Routing, IP Addressing, Subnetting, VLSM

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, PPP

Redundancy Protocols:: GLBP, HSRP, VRRP

Topologies: MPLS, Ethernet, Cable Modem, and Wireless

Switch Technologies: VLANs, VTP, STP, DTP, ISL and dot1q

Network Hardware: Cisco switches (2960, 3550, 3560, 4500, 6509, and 6513),Cisco Nexus Switches(2248,2232,5548,5596,7010,7718),Cisco routers (1900, 2900, 3900, 7200, ASR-1k/9k), Cisco ASA 5500 series, CSU/DSU s, network cards, Modems and F5 Network Load Balancer

Network Management Tools: MRTG, HP Open view, Cisco WAN manager, Cisco works 2000, Solarwinds Orion, Zenoss

Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, URL Filtering -Web-sense, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and autantication AAA (TACACS+ & RADIUS).

Firewall: Cisco ASA, Juniper SRX, Palo Alto

Network Simulators:: GNS3, Packet Tracer, Wire shark

OS: Windows, UNIX, LINUX

PROFESSIONAL EXPERIENCE:

Confidential, TN

Sr. Network Engineer

Responsibilities:

• Worked on data center segmentation project to create segmentation between teh user and server traffic by deploying checkpoint firewall 6000 series in teh data center including cabling to Nexus 9k
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card(module) for teh Nexus 5000
• Configuring and administration of firewalls, which includes Checkpoints, Juniper, and Cisco ASA firewalls
• Hands on experience Cisco IOS/IOS-XE/NX-OS, Junos for configuration troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS
• Experience configuring Virtual Device Context in Nexus 9k, 7k, 5k, and 2k
• Responsible for deployment, configure and administer of Data Center Switches such as Nexus 9K, 7K, 5K, 3K and 2K Series
• Worked on Juniper device like M, MX, T routers on advanced technologies like MPLS VPN, TE and other service provider technologies
• Designed and installed Aruba Wifi network to supply wireless connectivity to both employees and guests using segregated VLANS
• Configuring and testing Multicast for both IPV4 AND IPV6 routing in Data Center Environment
• Technical Knowledge on Cisco DMZ, ASA 5585 and 5525 series Firewalls.
• Trunk, VTP ether channel, STP, RSTP and MST.
• Reconfigured Data Center core routing with Nexus 9K in VPC using HSRP
• Hands on experience in building Cisco ACI fabric ( policy groups, switch profiles etc), tenants - VRFs, Endpoint Groups, Contracts
• Provide technical support and administration to IT system including day to day operations, monitoring and problem resolution for all teh client/server/storage/ network devices, mobile device etc
• Implemented AWS networking services Amazon VPC for teh Private/Public Cloud, EC2 instances, IAM, and S3.
• Deployed new computing infrastructure systems within AWS infrastructure.
• Experience in troubleshooting network issue including boundary protection devices, cisconortel/avaya and bluecoat proxy servers.
• Designed and Implemented Cisco Firepower Threat Defense System
• Network Security. ASA, Source Firepower Power Management for VMWare &Sensors BIG-IP
• Perform Zero down time upgrades on teh Clustered firewall Checkpoint Gaia, PanOS, FortiOS both minor and major upgrade.
• Worked on wireless network for providing teh day to day operations including cisco VOIP Phones, and working on teh wireless access points.
• Experience with setting up IPSEC VPN on Cisco 5585 Firewall towards teh multiple vendors
• Intermediate experience of implementing and troubleshooting hypervisors and Virtual Machine
• Part of implementation and operational support team responsible for managing Checkpoint Security Gateways, Cisco ASA and Palo Alto at clients Data Center environment including DMZ and other remote office locations.
• Implemented Python scripts for pre and post checks and in configuring teh devices involved in teh events.
• Working on python scripting and created framework as Ansible.
• Implementation of traffic filter on Cisco routes using standard extended ACL.
• Working on NEXT-gen technologies like SDWAN (Velocloud, Viptela), SDN (NFV)
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Multipoint VPN: IPSEC, IKEV2, DES, 3DES, AES(-128,-192,256), firewall rules for each VPN connection
• Data center migration was involved in Access, Distribution and Core layers.
• Performed configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet config, Assigning DHCP profiles
• Configured and implemented enhanced VPC, OTV and Fabric Path between Nexus 7K and 5K series switches for Data center operation.

Confidential, Chicago, IL

Sr. Network Engineer

Responsibilities:

• Experience working with Nexus 7010/Nexus 7018, 5020, 2148, 2248 devices
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for teh Nexus 5000
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage teh console, configure, maintain, monitor, and update firewall core, as well as back up configuration.
• Helped team to deploy 100 APs with 15 Switches, Cisco Nexus, Cisco Meraki and 2 Wireless controllers.
• Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center
• Configured Virtual Servers, Configure Nodes, and configuring teh load balancing Pools and also used to work with configuring load balancing algorithms.
• Experience configuring session based persistence and I has leant configuring writing i Rules for specific redirection purpose and also i rules for persistence.
• Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for teh virtual servers like cookie persistency, redirection of teh URL
• Installed different Wireless LAN, VLAN, F5 server, Cisco VPN any connect and VoIP phone.
• Worked on data center segmentation project to create segmentation between teh user and server traffic by deploying Palo Alto firewalls (5250s) in teh datacenter including cabling to teh Nexus 9K, 7K VDCs and .
• Worked on providing management connectivity, HA configuration, setting up RSA for MFA, license and updates management, VSYS support, L3, aggregate Ethernet and sub interfaces configuration, configuration of BGP on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from ASA core to Palo Alto.
• Created VSYS Builds from ASA to Palo Alto Panorama Database Zone, Access Zone.
• Configured IP-SEC VPN for user traffics that needs to be encrypted using Checkpoint, Palo Alto, Cisco ASA, and Azure cloud.
• Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
• Experience with configuring FCOE using Cisco nexus 5548.
• Experience working with Juniper devices like EX 2200,EX 4200, EX 4500, MX 480, M Series, SRX650, SRX240
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Troubleshoot wan related problems including OSPF, EIGRP, BGP routing and design
• ExperienceSupporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Experience with configuring BGP, OSPF in Juniper M and MX series routers for Back office locations.
• Configured and troubleshoot Autonomous and Cisco Meraki and Access Points
• Experience with setting up IPSEC VPN on Cisco 5585 Firewalls towards teh multiple vendors
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Configured Cisco 3502 wireless access points.
• Supplied documentation, escalation, and standard operating procedures as needed to allow for a smooth transition within teh NOC.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing
• DMZ environments to support new and existing application platforms.
• Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
• Performed switching technology administration including VLANs, interVLAN routing, Trunking, STP, RSTP,port aggregation & link negotiation.
• Involved in configuring IP Quality of service (QOS)
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products
• Convert Branch WAN links from point to point circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Performed configuration, deployment and support of cloud services including Amazon Web Services (AWS) and deploy monitoring, metrics, and logging systems on AWS
• Configured, implemented, and troubleshoot routers and switches with various account settings permissions, and parameters including security firewalls.
• Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA and SRX Firewalls
• Work as a part of teh DMZ migration and consolidation for external vendors into a new environment on ASA 5585 devices.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with teh firewalls as per teh design.
• IPSec, IKEv2, DES, 3DES, AES (-128, -192, -256), Pre-Shared Key, X.509v3, MD5, SHA-1, NAT-T, firewall rules for each VPN connection, configuration assistance via web interface, remote-controlled activate/ deactivate connection.
• Data center migration was involved in Access, Distribution and Core layers.
• Created MOPS and get approval from peers to perform configuration add/ remove changes.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configuration and extension of VLAN from one network segment to other segment between Different vendor switches (Cisco, Juniper).
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles.

Confidential, Essex Junction, VT

SR Network Engineer

Responsibilities:

• Created documents for various platforms including Nexus 7k, ASRk, and ISR enabling successful deployment of new devices on teh network.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Involved in Implementation and Configuration (Profiles, I Rules) of F5 Big-IP C-4400 load balancers.
• Network Redesign for Small Office/Campus Locations. dis includes changes to both teh voice and data environment
• Establish AWS technical credibility with customers and external parties
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Develop/capture/document architectural best practices for building systems on AWS
• Involved in teh Configuration and Administration of Cisco and Juniper Routers and Switches
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Implemented Site-to-Site VPNs over teh internet utilizing 3DES, AES/AES-256 with ASA and JUNIPER SRX Firewalls
• Configure and troubleshoot Juniper EX series switches and routers at branches/back offices.
• Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
• Worked with Cisco, Palo Alto, Juniper, Splunk, Force point, Nessus, Stealth watch, Checkpoint, Zscaler and other vendors to provide a stable, high-speed, secure network.
• Responsible to evaluate, test, configure, propose and implement network, firewall and security solutions with Palo Alto networks.
• Worked on cleanup of several legacy rules of ASA and created a migration path to Palo Altos, configured for Global protect VPN, User ID, Wildfire set up, SSL decryption, license and policy management on Palo Alto appliances.
• Worked on Network Automation using python
• Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy
• Implemented Zone Based Firewalling and Security Rules on teh Palo Alto Firewall
• Advanced expertise and hands-on on Cisco IOS-XR software platform on Cisco 12000 series routers
• Experience working with ASR 9000 series switches with IOS-XR
• Advanced expertise and hands-on on Cisco IOS, IOS-XR 4.1.2 and 4.3.31 software platform on 12000 series routers
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP .
• Worked on Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may has been altered during various planned network changes on teh network.
• Experience in installing and configuring DNS, DHCP servers.
• Replace branch hardware with new 3900 routers and 3750 POE Switches.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting teh user ports to non-trunking, deployed port security when possible for user ports
• Involved in configuring Juniper SRX 550, Cisco ASA 5585 firewall and PALOALTO 5050 firewall
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 autantication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.

Confidential

Network Engineer

Responsibilities:

• Responsible for teh configuration, implementation and operation of Cisco 3745 routers Cisco 6509 and 3560 L2/L3 switches
• Removed Cisco 3600 and 2600 series routers and Cisco 2900 series switches from teh current infrastructure and replaced them with teh Cisco 6509 or 3560 L2/L3 switches.
• Configured RSTP, MST and used VTP with 802.1q trunk encapsulation. Provided port binding and port security wherever required. Provided router redundancy through HSRP.
• Configured ether channels using PAgP and LACP.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of teh configurations on switches and routers.
• Staged, planned and deployed Palo Alto 5060 within Data Centers.
• Worked with Palo Alto firewalls using Panorama performing changes to monitor/block/allow teh traffic on teh firewall.
• Implemented IPSEC, SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple.
• Responsible for Checkpoint firewall management and operations across our WAN networks.
• Working with Checkpoint Support for resolving escalated issues.
• Created TEMPeffective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
• Provided testing for network connectivity before and after install/upgrade
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Worked on HSRP and GLBP for first hop redundancy and load balancing.
• Configured teh Cisco router as IP Firewall and for NATting.
• Prepare, update, and maintain technical and logistical network documentation