SUMMARY

• 10 years of experience in Routing, Switching and Firewall Security, including hands - on experience in providing network support, installation, and analysis for a broad range of LAN / WAN/MAN communication systems.
• Strong knowledge in Confidential Routing, Switching and Security with Confidential hardware/software (heavy Confidential shop) experience.
• Profound knowledge on various WAN technologies like E1/T1/E3/T3, HDLC, Frame-Relay and PPP.
• Experience in managing security policies with CSM, integrated with ASA 5500 devices.
• Strong Knowledge in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay.
• Experience in Confidential: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, BGP)
• Experience in working with IPSEC Site to Site, Remote VPN using different encryption methods.
• Configured and managed Nexus 2k fabric extender, 5K and 7K switch network at the client’s location.
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, Confidential works and RIVERBED and Wireshark.
• Expertise in implementing, maintaining, and troubleshooting L2 switching tasks such as VLANs, VTP, VLAN Trunking using ISL and 802.1Q, STP, RSTP, PVST+, EtherChannel using LACP and PAGP, Inter-VLAN routing.
• Exposure to LAN/WAN setup, installation, configuration, and troubleshooting
• Worked closely with application team on troubleshooting the issues.
• Installation, Configuration and Maintenance of Samba, Apache Tomcat, Web Sphere and Linux environment.
• Experience of routing protocols like EIGRP, OSPF, RIP, and BGP, MPLS.
• Hands-on experience in Confidential ISE, ACS and Aruba ClearPass Radius and TACACS solutions
• Experienced in Troubleshooting for connectivity and hardware problems on Confidential Networks.
• Extensive knowledge in implementing and configuring F5 Big-IP LTM-3900, and 6900 Load balancers.
• Designing and implementing F5 BIG-IP load balancer.
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, Token ring, ATM, bridges, routers, hubs and Switches.
• Performed security operations on ASA firewalls.
• Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA-5050 and the PA-5260)
• Experience in working on FortiGate Firewalls. as independently with minimum supervision & Team Player.
• Pulse Secure client diagnostic and troubleshooting skills.
• Ability to work with end users to troubleshoot and solve their Pulse Secure VPN problems.
• Expert level knowledge on configuring Confidential Wireless Solutions, Aruba Mobility controller.
• Performed deep packet analysis to troubleshoot application issues using tools like Wire-shark.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Juniper SSG series.
• Experience in L2/L3 3 protocols like VLANS, STP, VTP, MPLS and Trunking protocols.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP. Configured RIP, EIGRP, OSPF.
• Experience in installing and configuring DNS, DHCP server.
• Configuration NAT, Static route and Firewall rules on Fortinet and Checkpoint firewalls.
• Good knowledge in WAN Technologies like ACL, NAT and PAT, IPsec and VPNs.
• Configuration, troubleshooting and upgrading fire ware on FortiGate firewalls, Forti Manager 1000D and Forti Analyzer 1000D.
• Design WAN solution using the AutoVPN technology with Confidential Meraki MX security appliances including DC to DC failover and SD WAN capabilities.
• Experienced with various dynamic and static network protocols RIP, OSPF, EIGRP, HSRP, VRRP, BGP, VLAN, Spanning Tree, Frame-relay, MPLS, and IPsec VPN.
• Worked in OSI model, TCP/IP, UDP, IP addressing and Sub netting.
• Hands-on experience in the setup of HSRP, ACL, and tunnel installations.
• Enhanced level of knowledge with IGRP, PPP, ATM, and T1/T3 Frame-Relay.
• Responsible for service request tickets generated by the helpdesk in all phase such as troubleshooting, maintenance, upgrades, patches, and fixes with all around technical support.
• Extensive knowledge in different networking protocols DHCP, DNS, FTP, VOIP (SIP, H.323, MGCP), Quality of Service (QOS).
• Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills.
• Experience in Physical cabling, IP addressing, configuring, and supporting TCP/IP.
• Worked on Extensively on Confidential Firewall & ASA 5500(5510/5540) Series.
• Efficient at use of Confidential VISIO/Office as technical documentation and presentation tools.

TECHNICAL SKILLS

Networking: Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDS

Hardware: Dell, Confidential, Confidential, Confidential, SUN, Checkpoint, SonicWall, Barracuda Appliances, FortiGate, PaloAlto.

Operating Systems: Windows, NT, MS-DOS, Linux, Confidential Windows 2008 R 2/ 2008/20 NOS family, Confidential Active directory 2008/2003/2000, VM Ware ESX/ESXi server, Confidential ISO

Application Servers: DNS, DHCP, Windows Active Directory Services, FTP, SFTP, Confidential Exchange 2003/2007/2010, Confidential SharePoint 2007/2010

Firewalls: Check Point, ISA 2004/2006/ ASA 5585/5520/5500, FWSM, Checkpoint 4200/Nokia IP-560, Confidential PIX 535/525, Fortigate Firewalls, Palo Alto Firewalls

Routing/Routers: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, Confidential Routers ASR 06 / 06 / 51 / 2600

Infrastructure Hardware: Confidential, Confidential, Compaq, Dell desktops laptops servers, Cabling, Network printers, IP KVM Switches, Confidential Routers Switches, 802.11x Wireless gateways, Access Points, Network UPS, Storage Area Network, NAS, iSCSI SAN

Switching: VLAN, VTP, STP, Inter VLAN routing Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

VPN: Confidential Any Connect, BIG IP F5 VPN.

Security Tools: Wireshark, MS Visio, VMWare ESXi 3.5, VMware Server, Symantec End Point Protection

PROFESSIONAL EXPERIENCE:

Confidential, Nutley, NJ

Security operations center Engineer

Responsibilities:

• Establish network specifications by conferring with users, analyzing workflow, access, information, and security requirements.
• Establish RL network by evaluating network performance issues including availability, utilization, throughput, goodput, and latency.
• Defining network policies and procedures and establishing connections and firewalls.
• Maintain network performance by performing network monitoring and analysis, and performance tuning, troubleshooting network problems and escalating problems to vendors.
• Participate in an on-call schedule. Be available during the on-call shift 24x7 in case issue occurs.
• Investigate and help resolve issues on RL network and IT estates using agreed troubleshooting methodologies.
• Whitelisting, Blacklisting and Troubleshooting Force Point Proxy related Tickets.
• Uninstalling old Version of ForcePoint Agent and Installing Latest version of ForcePoint Agent on user machines.
• Troubleshooting include network protocol, log analysis and raw data captures.
• Work collaboratively across various business units to implement new technology, support existing, and at times do Firewall changes after normal business hours.
• Perform troubleshooting, resource optimization across all ACI configurations at scale including multi-pod and multi-site.
• Work with various Ralph Lauren application teams to troubleshoot to resolve the issues.
• Create Firewall rules on Confidential ASA and Palo Alto Firewalls as per application Team’s requirement.
• Implemented site to site VPN changes in Confidential ASDM as per RL application Team requirement.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Responsible for Confidential ASA firewall administration across our global networks.
• Analyzing firewall change requests and integrating changes into existing firewall policies while maintaining security standards.
• Experience with IP Networking - Routing, Switching, BGP, MPLS, OSPF etc., Confidential, Juniper, Brocade
• Experience in Confidential ACI Integrating Layer 2, Layer 3, L4-L7 and VMware with ACI.
• Designed and worked on migrating Cat 6500s to Confidential ACI, Confidential N9Ks, N5Ks, Python script.
• Mapped Cat 6500, Cat 4500 settings, Data Center migration to Confidential ACI, Confidential Nexus N9K, N7K.
• Experience in the field of next-generation network architecture, such as SD WAN and/or WAN architectures, Network Function Virtualization (NFV), Software Defined Networking (SDN).
• Analyzed ArcSight logs and related tools for troubleshooting connectivity issues.
• Worked on extensively on troubleshooting multiple issues and driving Incident calls to resolution by doing packet and wireshark capture techniques and performing other troubleshooting scenarios.
• Implemented rules on Imperva WAF firewall as per application team requirement to provide additional layer of security for RL servers.
• Blocking malicious URLs and IP’s on Force Point and perimeter firewalls.
• Implemented firewall rules on Palo Alto firewall and Panorama management systems.
• Created Blocked Category on Palo Alto URL Category and added malicious URLs and Blacklisted IP addresses to the group.
• Managing and configuring Aruba Wireless devices and Confidential Access Points.
• Created firewall rules on Imperva Securesphere.
• Responsible for operating and maintaining Symantec Endpoint Security Manager
• Blocking malicious urls and IP addresses on Chronicle
• Worked on Zabbix which is RL Monitoring tool.
• Configured Confidential ISE for Wireless and Wired 802.1x Authentication on Confidential Wireless LAN Controllers, Catalyst Switches
• Integrating Configuring Confidential Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.
• Design and Implementation of 802.1x Wired/Wireless User Authentication using Confidential ISE Radius Server.
• Responsible for creating weekly, ad hoc and monthly reports using Nexpose rapid 7 vulnerability tool to analyze reports using excel to create pivot charts to show trends. worked on Thales Vormetric 6000 and ON Prem environment for data at rest encryption and Key management requirements.

Environment: Confidential ASA 5500, Panorama 9.1.3, PA-VM 300, ForcePoint, Imperva Securesphere, Symantec Endpoint Security Manager, Arc Sight Logger, SNOW, Chronicle, Confidential ISE, Zabbix, Rapid 7, Thales Vormetric 6000.

Confidential

Network Engineer

Responsibilities:

• Maintain and managing a LAN/WAN network, ensure connectivity between all datacenters including Monitor, troubleshoot and document any network issues.
• Resolve any network issues by implementing change control and providing support where and when required.
• Extensive troubleshooting on a case-by-case basis with deep understanding of networking/firewall concepts which include connectivity issue pertaining in WAN, LAN, VPN tunneling and Security devices.
• Hands on Experience with ticketing system ServiceNow and Service First.
• Implemented firewall policies and routing changes per business project/request Troubleshoot and resolve network issues between business users, clients, partners and customers.
• Experience with Palo Alto and Forti-Gate Firewall policy provisioning experience with Firewall Administration, Rule Analysis, Rule Modification
• Experience with Palo Alto PANOS 8.0.20 and Forti-Gate Firewall 1500D v5.4 policy provisioning experience with Firewall Administration, Rule Analysis, Rule Modification and upgraded FortiGate firmware from v5.2.2 to v5.4.4.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance.
• Experience with IP Networking - Routing, Switching, BGP, MPLS, OSPF etc., Confidential, Juniper, Brocade.
• Leading daylight SD WAN conversion project portion of a 8 person crew on 2800 branch Viptela over VMware and Confidential network, each site served by Private MPLS / Broadband / LTE.
• Managing and configuring Aruba Wireless devices and Confidential Access Points.
• Troubleshoot and Worked with Security issues related to Palo Alto firewalls
• Site to site based and userbase SSL VPNs on ASA Firewalls
• Hands-on experience troubleshooting BGP issues related to extranet vendor connectivity.
• Experience with working with Forti Manager and Forti Analyzer.
• Hands on Experience to configure and implement hide NAT, Static NAT no NAT, ACL etc.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Provision VPN connections on Confidential ASAs and implement MACs Move Add Change per business requirements.
• Implemented load balancing solutions on F5 local Traffic Manager.
• Create team specific Agile process flow in JIRA to move tasks from one activity to another.
• F5 LTM appliance with abilities to create VIP, configuration changes, troubleshoot and perform packet captures.
• Provision DNS services using Infoblox for DNS, DHCP and IP address management IPAM, ARECORD, MXRECORD, DMARC, Text Record and Domain creation.
• Ensure all network devices (Router, Switch, Firewall, Load Balancer, Proxies) are running healthy which include upgrading to latest version, patch update, upgrade (GETVPN)
• Collaborate with vendor network architects on network optimization. Escalation of problems as appropriate to management.
• Experience in working on MPLS networks, Implementation of QoS for Voice and Citrix traffic, Implemented MPLS/VPN to connect the Enterprise branches.
• Participate in the post-mortem investigation of catastrophic events associated with security tools faults or outages and prepare incident reports documenting the findings.
• Implement URL filtering requests in Bluecoat Proxy SG for website blacklist and whitelist purpose.
• Adding users to Various AD groups on Symantec Proxy SG as per Barclays Request Ticket.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short- and long-term planning, implementation, project management and operations support as required.
• Ensure all network devices (Router, Switch, Firewall, Load Balancer, Proxies) are running healthy which include upgrading to latest version, patch update, upgrade (DMVPN, HTTPS etc.).
• Confidential ISE architecture includes the following components:
• Nodes and persona types
• Configure Confidential ISE node with the Monitoring persona functions as the log collector and stores log messages from all the Administration and Policy Service nodes in a network.
• Configured Confidential ISE for Wireless and Wired 802.1x Authentication on Confidential Wireless LAN Controllers, Catalyst Switches
• Integrating Configuring Confidential Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.
• Design and Implementation of 802.1x Wired/Wireless User Authentication using Confidential ISE Radius Server.
• Provides all the configuration, authentication, and policy capabilities that are required for network model, and the secondary Confidential ISE node functions in a backup role.
• Centralized authentication, authorization, and accounting (AAA) operations between clients and the primary Confidential ISE node are performed using the RADIUS protocol.
• Ability to split the load in this way directly reduces the stress on each Confidential ISE node in the system
• Designed ACI fabric to ensure each tenant is secured and has separation from other tenants. Use L3/L2 outs via common tenant to reduce TCAM and RAM utilizations
• Used Confidential ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Experience deploying ACI in Network-Centric model, Data center Architecture; SDN/ACI.
• Implemented Confidential Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.
• Used Confidential ACI Fabric which is based on Confidential Nexus 9000 series switches and Confidential Application Virtual Switch (AVS).
• ON-CALL rotation - Provide support for 24x7 for any major incident or incident escalate from Command and control.
• Blue Coat Web Proxies - Proxy SG, Proxy AV, Director and Symantec Management Center
• Utilize tools such as SevOne, Spectrum Network Alert Monitoring tool and Splunk for improved network support
• Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.
• Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries.
• Configured Syslog server for the forwarding the logs to Splunk server via network protocols like TCP and UDP.
• Monitor latency, bandwidth utilization, and the general condition of the WAN reporting on problems to the Trading teams on a real-time basis

Environment: Confidential ASR 9K routers, Nexus 2K/5K/7K, F5 Big-IP 5250F, Confidential ASA 5506, FortiGate 5.4.4, build1117 (GA), LAN, Symantec/ Blue Coat Proxy SG, Symantec Management Center, Forti Gate WAN, OSPF, BGP, EIGRP, VLAN, MPLS, STP, RSTP, Infoblox, SevOne and Splunk, Confidential ISE, Confidential ACI, Palo Alto PANOS 8.0.20

CITIZENS BANK, Providence, RI

Network Engineer

Responsibilities:

• Network Troubleshooting and providing support to Accenture Data Network Team.
• Work with multiple teams to identify bottlenecks and other network configuration issues.
• Troubleshooting various network problems that arise daily, such as Network Latency, Outages as part of my day-to-day work.
• Making External DNS changes in AKAMAI AT&T Portal as per Citizens Bank requirement.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Provide 24*7 support for network infrastructure in an on-call rotation
• Ensuring maintenance of Service Level Agreements (SLA) with the Business.
• Coordinating with network L3 team for Major configuration changes and maintenance activities to ensure network Uptime.
• Experience with Troubleshooting issues with Confidential and Brocade Switches/Routers.
• Design WAN solution using the AutoVPN technology with Confidential Meraki MX security appliances including DC to DC failover and SD WAN capabilities
• Configured EIGRP MD5 Message Authentication between sites to prevent unauthorized insertion of routes into the domain. Integrate manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain the routing table.
• Supported wireless networking team working on Aruba wireless.
• Responsible for the day-to-day administration and maintenance of various mission critical multi-area network infrastructures in an enterprise LAN/WAN environment.
• Troubleshooting of complex LAN/WAN infrastructure, including routing protocols EIGRP, OSPF & BGP.
• Troubleshooting various network related issues with Service providers (Verizon and AT&T).
• Deployed and decommissioned the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices
• Configured OSPF, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Lab testing & validation prior to implementation of Nexus 7K, 5K & 2K connecting to blade servers.
• Hands-on experience on Confidential Network Hardware like Confidential switches, Confidential ISR G2/ASR routers, Confidential Wireless Access Points & SD WAN Platforms experienced configuring and deploying from scratch and fixing them with various modules like Gig card, VPN SPA Card, T1-WIC card and other modules.
• Replacing branch hardware with new 2851 routers and 2960 switches.
• Performing security audits of perimeter routers, identifying missing ACL’s.
• Created and refreshed all long-lived documentation on Confluence wiki.
• Creation of firewall policies as per the requirements on Checkpoint, ASA and Juniper firewalls.
• Configuration & Management of VLANs, 802.1Q trunks, VTP, Security policies .
• Strong working knowledge of Nexus 7K/5K /2K.
• Created and maintained Visio network diagrams and supporting documentation.
• Responsible for Confidential ASA 5500 firewall administration, Rule Analysis, Rule Modification.
• Perform network analysis using various tools like Wireshark and Solar winds.
• Configuration of Access List ACL (Std., Ext, Named) to allow users all over the company to access different applications and blocking others.
• Experience in VIP creation, updates, POOL creation and POOL Member modification.
• High-level understanding of multi-tiered application traffic flow, server load balancing and global load balancing.
• Good knowledge on F5 GTM including Wide IP and Pool Load Balancing methods and Monitors.
• Experience with F5 technologies (LTM, GTM, V9, V10 and V11).
• Configured user roles & policies for authentication via NAC & monitored status of logged users in Confidential ISE
• Performed large scale (600+ APs) wireless deployments including device posturing & profiling in Confidential ISE
• Radius server setup using Confidential ISE server to support Wi-Fi security protocols
• Configured Confidential ISE for Wireless and Wired 802.1x Authentication on Confidential Wireless LAN
• Configuration and Integration of Confidential Identity Services Engine (ISE) 1.2
• Deploying ISE Wired and Wireless Authentication, Authorization and Accounting.
• Managed the F5 Big IP backup and VIP creation.
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
• Configuring firewalls for site to site tunnels, any-connect VPN, zoning.
• Document LAN/WAN infrastructure, such as network topology, subnets, firewall and router configurations, and other systems deemed to be critical.
• Add/modify rules in firewall as per application team requirement.
• Good knowledge of Checkpoint firewall technologies.
• Experience with Checkpoint Firewall R61 version
• Managed Confidential firewalls from both the Command line and ASDM.
• Experience in designing and assisting in deploying enterprise wide Network SSL Security and High Availability Solutions for ASA
• Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
• Experience in monitoring firewall traffic in Qradar.
• Deployments, each node can perform its own specific operations, such as network admission or device administration, and still perform all the AAA functions in the event of a failure.
• Centralized logging for large Confidential ISE networks
• Centralized management model helps maintain a consistent, synchronized AAA policy.
• Configure and ensure that Confidential ISE can interoperate with network switches and that functions from Confidential ISE are successful across the network segment.
• Experience with remote access and VPN technologies
• Worked extensively in Configuring, Monitoring and Troubleshooting Confidential 's ASA 5500.
• Controlling the URL access by using the Bluecoat proxy servers.
• Experience in Confidential ASA 5500 series and PIX installation, configuration and maintenance.

Environment: Confidential ASR 9K routers, Nexus 2K/5K/7K, F5 Big-IP LTM-6400 load balancer, Checkpoint R61, Confidential ASA 5500 LAN, WAN, HSRP, RIP, OSPF, BGP, EIGRP, VLAN, MPLS, STP, RSTP, Akamai, Infoblox, Qradar and Zenoss, Confidential ISE

Confidential, Windsor, CT

Network Engineer

Responsibilities:

• Configured Routing protocols such as OSPF, EIGRP, static routing and policy-based routing.
• Configuration 7500, 7200 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Troubleshooting the Network Routing protocols (BGP, EIGRP and OSPF) during the Migrations and new client connections.
• Configuration and troubleshooting link state protocols like OSPF in single area and multiple areas.
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements.
• Configured and managed VLANs, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for Layer-2 and Layer-3 switching domains as per the organization's requirement plan.
• Optimized performance of the WAN network consisting of Confidential 3550/4500/6500 switches by configuring VLANs.
• Experienced in Confidential ASR 1000, 7200, 2700, 2900, 3900, 1800 Routers, Confidential Catalyst 4500, 2900, 3700 Switches
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Confidential 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Strong working knowledge of Nexus 7K/5K /2K.
• Design and Implementation of Disaster Recovery Co-location consisting of Nexus 7K switches, ASR 1002, Confidential ASA Firewalls, Confidential 3925 routers etc. Successfully implemented OTV for VLAN Extension
• Experience working with Nexus 7010, 5020, 2148, 2248 switches.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers
• Installation and administration of Checkpoint R 75.40 Firewall.
• Implemented firewall policy change on the Checkpoint clusters
• Verified and Validated the Firewall policy on Checkpoint R75 clusters for unused rule and helped consolidating rule
• Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port-based authentication.
• Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• Technical assistance for LAN/WAN management and complex customer issues.
• Provided support for troubleshooting and resolving Customer and user reported issues.
• Worked with Network Engineer’s in the installation and configuration of firewalls.
• Performed route redistribution & manipulated route updates using distribute lists, route-maps & administrative distance, offset-lists.
• Involved setting up the TFTP server for backing up the IOS images and configuration files of Confidential Routers and Switches and troubleshooting the file servers.
• Responsible for network evaluations, troubleshooting a variety of network problems, and implementing various software and hardware upgrades efficient performance.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Confidential ASA5500 Firewalls.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Provided redundancy to the network, implemented hot standby routing protocol (HSRP) and Load sharing for effective utilization of routers.
• Configuring, implementing and troubleshooting VLAN’s, VTP, STP, Trunking, Ether channels.
• Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
• Implementing, configuring, and troubleshooting various routing protocols like EIGRP, OSPF, and BGP etc.
• Performing network monitoring, providing analysis using various tools like Wireshark, SolarWinds etc.
• Confidential ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network.
• Responsible for Confidential ASA 5500 firewall administration, Rule Analysis, Rule Modification.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Providing 24*7 on call support for all P1 and P2 Incident calls.

Environment: Confidential ASR, Nexus 2K/5K/7K, F5 Big-IP LTM-6400 load balancer, Checkpoint R75, Confidential ASA 5500 LAN, WAN, HSRP, RIP, OSPF, BGP, EIGRP, VLAN, MPLS, STP, RSTP.

Confidential, Bloomington, IL

Network Engineer

Responsibilities:

• Hand on experience the configuration and implementation of various Confidential Routers and L3 Switches.
• Extensive experience in configuring and implementing EIGRP, OSPF and BGP.
• Supported core network consisting of Confidential 7200 series routers running multi area OSPF.
• Worked on 2600, 3500, 7613 Confidential Routers and 4500 and 6500 series Confidential Switches.
• Configured and deployed BIG-IP LTM 6900 for providing application redundancy and load balancing
• Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution.
• Responsible for service request tickets generated by the helpdesk such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Supporting EIGRP and BGP for problems of L2/L3 in internal teams & external customers.
• Upgrading Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Support customer with the configuration and maintenance of PIX and ASA firewall systems
• Build Site-Site VPN Tunnels on Confidential ASA Firewalls 5506.
• Mutual redistribution of OSPF and BGP routes using route maps.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security
• Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope
• Worked on documentation to create Visio diagrams using MS Visio.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Worked on F5 load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Created VIP, Pools and Nodes on Big IP F5 Load Balancer as per application Team requirement.
• Configuration of Access List ACL (Std., Ext, Named) to allow users all over the company to access different applications and blocking others.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Hands on experience with Nexus Switches 2K, 5K and 7K.
• Implemented rules on Juniper SRX 550 at the server farm.
• Worked on extensively on troubleshooting multiple issues and driving Incident calls to resolution by doing packet capture techniques and performing other troubleshooting scenarios.
• Creating and provisioning Juniper SRX firewall policies.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Documented new VPN enrollments in a database and create standard procedures for further improvement.
• Troubleshoot traffic passing managed firewalls via logs and packet captures.
• Configured multiple domain name services (DNS), email services (Exchange Server), web, and file transfer protocol services (FTP) for various platforms including line leasing through DHCP servers.
• Networking protocols worked with included but not limited to TCP/IP, DNS, WINS, DHCP, VPN, Terminal Services, Routing and Remote Access, Network Design, wiring and cabling.

Environment: Juniper SRS 550, F5 BIG, IPLTM 8900, ISDN, Frame relay, NAT, DHCP, TCP/IP, VPN, LAN, WAN, RIP, OSPF, EIGRP, OSPF, BGP, VLAN, MPLS, Confidential ASA 5500.

Confidential, Chicago, IL

Network Engineer

Responsibilities:

• Worked on Confidential Layer 2 switches (spanning tree, VLAN).
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Configuration and troubleshooting of Confidential 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WAN network consisting of Confidential 3550/4500/6500 switches by configuring VLANs.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Configured and troubleshoot OSPF and EIGRP.
• Troubleshooting IOS related bugs based on history and appropriate release notes.
• Work on different connection medium like Fiber and Copper Connectivity.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Planning and configuring the routing protocols such as OSPF, EIGRP, and Static Routing on the routers.
• Performed and technically documented various test results on the lab tests conducted.
• Planning and configuring the entire IP addressing plan for the clients' network.
• Assist the team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.
• Working knowledge of firewall technologies Palo Alto.
• Experienced in facing the Bluecoat and Palo Alto product lines, up to presales type of function.
• Supported networks, which are comprised of 2000+ Confidential devices.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Follow process & procedures for change & configuration management.
• Supported nationwide LAN infrastructure consisting of Confidential 4510 and catalyst 6513.
• Deployed the switches in high availability configuration with HSRP.
• Configured UDLD, port-fast, uplink fast and other spanning tree features.
• Support various Series of Confidential Routers like 7200/7600 series.
• Support Complex 0 Series Switches.
• Implement the Global Protect VPN, IPSec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity.
• Configure, Manage and Monitor Palo Alto firewall model PA-5050.
• Implemented firewall rules using Palo Alto panorama.
• Experience with Blue Coat SG 400 URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
• Performing backups and upgrades from time to time on different type of firewalls mostly on Palo Alto and Confidential ASA firewalls.
• Worked on troubleshoot and packet capture analysis on Palo alto firewall and Confidential ASA firewalls.
• Created Lab demonstrations for new technology deployments with loaner equipment from various vendors and presented the findings to upper management.
• Troubleshoot network problems using Packet Analysis tools like Wireshark.
• Worked extensively in Configuring, Monitoring and Troubleshooting Confidential 's ASA 5500
• Configured BGP and OSPF routing.
• Worked on ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall
• IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Efficient at use of Confidential VISIO/Office as technical documentation and presentation tools.
• Experience working with Nexus 7010, 7018, 5020, 2148, 2248 devices.
• Experience working with High performance data center switch like nexus 7000 series.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.

Environment: : Palo Alto 5050, Confidential ASA 5540/5500, EIGRP, OSPF, BGP, LAN, WAN, MPLS, F5 BIG - IP LTM 3900, Nexus 2K/5K/7K, MS Visio, PPP, VLAN, VPN, Blue Coat Proxy SG 400.