PROFESSIONAL SUMMARY:

• Around 8+ years of diversified experience in network security engineer.
• Network Security Engineer with experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall, Load Balancers using Cisco ACE, F5 LTM/GTM, Security Device Manager (SDM), Cisco Works, HP Open View, Tufin Solar Winds, Sniffer, Check Point, Palo Alto Networks Firewall models.
• Primarily worked on Checkpoint Security Gateways running R77, R76, and R75 Gaia and Fortinet Firewalls running Forti OS 5.2.
• Configured IDS/IPS on Cisco, Checkpoint and Fortinet Firewalls.
• Creating VPN tunnels per request via JUNOS, SCREENOS or Fortinet Firewalls.
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, NAC product sub - netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP, RTSP & Multicasting protocols.
• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K,7K, 5K, 2K series.
• Have In-depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIP, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP, and trucking).
• Well experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Utilized the Blue Coat Proxy, SIEM, SOC, Tuffin, IPS/IDS.
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to primary, remote site offices and VPN client users.
• Ability to work under minimal supervision, adheres to deadlines, and motivated to excel. Strong Knowledge of office365 and Office Tools such as Microsoft Word, PowerPoint, Excel and Visio.
• Experience with Blue Coat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
• Experience in Checkpoint IP Appliances R65, R70, R75, R77 & Cisco ASA Firewalls.
• Provide L3 support for checkpoint and Palo Alto firewalls.
• Involved in the integration of F5 Big-IP load balancers with Checkpoint firewalls for firewall load balancing and was responsible was troubleshooting and maintenance.
• Experienced in Migration from Checkpoint and Cisco ASA Firewalls to Palo Alto.
• Experience with Juniper NetScreen 520M Firewall and Palo Alto network firewall.
• Involved in configuring Juniper SSG-140, SRX-240, and Cisco ASA 5585.
• Worked on configuration of Palo Alto firewalls including Security policies, Application & URL filtering, Data filtering, Threat prevention and File blocking.
• In-depth knowledge in designing, implementing, configuring with best practices on NexGen IDS/IPS Firewalls such as Palo Alto, Cisco Firepower (Sourcefire).
• Handling Break/Fix situations, monitor, configure, policy creation on Checkpoint's Smart Center Server.
• Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Installation and administration of Checkpoint R 75.40 Firewall.
• Implemented firewall policy change on the Checkpoint clusters.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Working on network design for new next-generation VPN solution, migration from Checkpoint VPN to Pulse Secure VPN from network prospect.
• Experience in design, Deploying & Troubleshooting F5 Load Balancer Includes BIGIP Series 5050V, 10000V, 8900, 6900, and 3900.
• Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM. GTM, ASM, APM.
• Have experience in Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS.

TECHNICAL SKILLS:

LAN Technologies: Faster Ethernet, Ethernet Gigabit Ethernet, VTP, STP, 802.1Q Trucking, PAGP, Ether Channel, HSRP DNS, Static, VLAN

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, SSL, VPN, IPsec-VPN.

Routing Protocols OSPF, EIGRP, IBGP, EBGP Route redistribution, Route filtering, Summarization, Static route, OSPF, BGPv4.:

Switching Technologies: VLANs, Inter VLAN routing and Port Channels, VTP, IEEE 802.1q, MPLS, Spanning Tree Protocols like PVST+, RSTP+, Multi-Layer Switching, Port security. ISL and dot1q.

Network Security Technologies: Cisco ASA 5550 and 5540 Firewalls, Juniper SRX Firewall, Palo Alto firewall PA 220, 3K, 5K Check points 65, Access Control Lists, VPN, IPsec, IDS, and IPS. Firewalls Palo Alto, CheckpointNetwork Management: Wireshark, SNMP, SolarWinds, Tufin, FIREMON, Splunk, SYSLOG, TFTP NTP, DHCP, TFTP.

Load Balancers: F5 Networks (Big-IP) LTM 6400 & 6800, Cisco CSS, Cisco ACE

Redundancy Protocols: HSRP, VRRP, GLBP.

VPN Technologies: GRE Tunneling, Remote Access VPN, Site-to-Site VPN, ACL- Access Control List, IPS/IDS, NAT, PAT.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Operating Systems:Windows (98, ME, 2000, XP, Vista, Windows 7, 8.1), Linux.

PROFESSIONAL EXPERIENCE:

Confidential, Reston, VA

Sr Network Security Engineer

Responsibilities:

• Worked primarily as a part of the Security team and daily tasks included firewall rule analysis, rule modification and administration.
• Provide support for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo Alto firewalls.
• Installed, configured and troubleshooter firewall issues on the Checkpoint R77 Gaia, MDM, Smart Console, Checkpoint 12k Appliances and open platform servers.
• Configuration of Palo Alto firewalls per client topology and features such as Application & URL filtering, Security Profiles and Global Protect VPN solutions.
• Configuration of Palo Alto Next-Generation Firewall mainly VSYS per client topology and working on User-ID, App-ID.
• Worked with Palo Alto firewalls PA3060, PA5060 usingPanoramaservers, performing changes to monitor/ block/allow the traffic on the firewall.
• Configuration and Maintenance of ASA 5585 firewalls with firepower, 5540, 5525 Firewalls using Cisco SecurityManager (CSM).
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large-scale firewall deployments.
• Have experience in building different firewall vendor technologies like Checkpoint, Cisco and Paloalto from scratch.
• Experience in working with Cisco Nexus 7K, 5K & 2K Switches.
• Worked on the Vulnerability assessment tool called Nessus as per the application team requirement.
• ImplementedSourcefireAppliances in IDS mode and upgrading the platforms to the stable version.
• Updating the latest signatures on theSourceFireAppliance in IDS mode.
• Provided ongoing administration and support for authentication service using RSA SecurID and Cisco RADIUS servers for internet-based remote access vpn solution.
• Worked on the Tufin secure track and Tufin Secure change module to clean up and optimizing the security policies.
• UpgradingImpervaWAF (Web applicationFirewall) and fixing hot fixes and patches.
• Performed upgrade process for CiscoISEsoftware from version 1.0.4 to 1.1 ADE-OS, patch management and data backup management.
• Replaced old 6500 and WAN routers from DR testing site and Installed Nexus 7K andASR6800routers.
• Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Supported Infobloxappliances grid environment for DNS, DHCP and IP Address Management tools (IPv4).
• Managing AD, DHCP, DNS and Print Services for end client for different projects.
• Installed Solar Winds Network Performance Monitor with traffic analysis, application & virtualization management, configuration management and other modules additionally installed.
• Implement URL filtering requests in Bluecoat Proxy SG for website blocklist and whitelist purpose.
• Expertise in VPN configuration, routing, NAT, access-list, Securitycontexts, and failover in ASA firewalls.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) networkby tuning AS-path.
• Attended training and have Knowledge on Amazon web services (AWS).

Environment: 2Tier and 3Tier, R77 Gaia, MDM, Smart Console, Checkpoint 12k Appliances, User-ID, App-ID, PA3060, PA5060, F5 LTM and GTM, URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management, Border Gateway Protocol (BGP).

Confidential, Elpaso, TX

Network Security Engineer

Responsibilities:

• Implementing and troubleshooting firewall rules in Checkpoint R77.20 Gaia, Cisco ASA 5540, 5580 Implementing and troubleshooting firewall rules in Juniper SRX 5400, 550, 5600 Checkpoint R77.20 Gaia and VSX as per the business requirements.
• Worked on Juniper SRX Versions 300, 3400, 3600, 220 implementing new and additional rules on the existing firewalls for a server refresh project.
• Upgrade of Juniper firewalls and management servers from SRX 240 to SRX 5400.
• Established IPsec VPN tunnels between branch offices and headquarter using Juniper SRX Firewall.
• Services expert responsible for effectively communicating, educating, and positioning Infoblox service programs within the partner community and customer base.
• Responsible for all Juniper SRX firewalls consisting of SRX 3560, 1400, 550. Using CLI and/or Junos Space Security Director for management. Install, upgrade, troubleshoot, design, etc.
• Installation and maintenance of Cisco Layer 3 switches 3750, 4500X, 6500 and Cisco 3550/4500/6500 switches in multi VLAN environment.
• Expertise in the administration, support and operation of the Orion SolarWinds platform including Network Performance Monitoring (NPM), Network Configuration Manager, Server & Application Monitor (SAM), NetwFlow, Traffic analyzer and IP address Manager.
• Security Device - Palo Alto/ASA Firewalls,SourcefireIPS/IDS, Cisco Identity Services Engine (ISE), VPN.
• Monitored & administer perimeter security systems including firewalls and IDS/IPS systems likeCheckpointIPS, CiscoSourceFire, HP Tipping Point, FireEye onCheckpoint, Palo Alto's.
• IntegratingPanoramawithPaloAltofirewalls, managing multiplePaloAltofirewalls usingPanorama.
• Managed multiple Palo Alto Firewalls usingPanorama.
• Implemented Cisco ISE for delivering consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections.
• Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
• Configured Citrix NetScaler ADC for load balancing and assigned virtual server IP (VIP) address to virtual servers.
• Adding Websites to blocked list on the bluecoat proxies based upon business requirements.
• Provide support and for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo-Alto firewalls.
• Configuration of Checkpoint R77.20 series firewalls and implementation for outbound traffic via blue coat proxy server.
• Configured Citrix NetScaler responder policy and to maximize the performance and availability of all applications and data, and also provide secure remote access to any application from any device.
• Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed.
• Worked with level-2 team on migration project of CMA's from one Provider-1 to other Provider-1.
• Worked on changing global objects and global rules to local objects and local rules for migration project.
• Worked on the Algosec firewall optimization tools to clean up the security policies and remove unused objects from firewalls.

Environment: Gaia, Cisco ASA 5540, Juniper SRX Versions 300, 3400, 3600, 22, Network Performance Monitoring (NPM), Network Configuration Manager, Server & Application Monitor (SAM), NetwFlow, Traffic analyzer and IP address Manager, Palo Alto/ASA Firewalls,SourcefireIPS/IDS, Cisco Identity Services Engine (ISE), VPN.

Network Security Engineer

Confidential -Louisville, KY

Responsibilities:

• Administration of Palo Alto Network Device, Configuration of New Access Policy, Firewall Rules, QOS Rules, User ID agents, Threat Policy.
• Responsible for monitoring Large scale deployments of Palo Alto firewalls on our global network using centralized management system Panorama.
• Implemented firewall rule to set migration for Cisco ASA to Palo Alto.
• Configured SNMP on Palo Alto firewalls 3060, 5060, 7050 for receiving incident alerts and notification and wrote SSL decryption policies for decryption of traffic to provide Anti-virus, Malware protection.
• Software Upgrade for Palo Alto Devices and Integrating of Active Directory/LDAP with Palo Alto Next Generation Firewalls.
• Implemented User ID, custom App-ID and security policies for various Palo Alto series.
• Troubleshot and resolved router, switches, and network issues by analyzing packet captures, at bit level, with Wireshark.
• Implement URL filtering, SSL decryption to optimize the security as per customer's requirement.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.
• Conducted application penetration testing over various business applications.
• Administer 15 different VPN tunnels with varied crypto environments, including ISAKMP pre-shared keys and IKEv2 certificate profiles.
• Configuring High Availability (HA) on Palo Alto/Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Configured Radius, TACACS, LDAP, Kerberos servers to ensure secured login remotely when required.
• Hands-on experience on migrating from ASA, Checkpoint into Palo Alto
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Analyzed logs on Splunk, as well as Threat Intelligence analysis using Wireshark, Arcsight, and FireEye
• Create incident tickets with the Palo Alto Networks TAC/ServiceNow to troubleshoot and diagnose cases
• Enhanced Conventional incident response methods and Security Operations by employing and combining Intrusion Prevention, Cyber kill chain model analysis, and Cyber Threat Analysis.
• Proficient in understanding Application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, cryptographic attacks, authentication flaws.
• Strong experience in Black box, White box, responsive design and usability and exploratory testing, PKI (Public key Infrastructure) Encryption algorithms.
• Hand-on experience in technologies including TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, Frame Relay, VPN, Wireless LAN and VLANS.
• Upgraded and updated Cisco IOS from 12.3T to 12.4.
• Used to DHCP to automatically assign reusable IP addresses to DHCP clients.
• Contract F5 product-specific technologist role, implement the Design with engineering team. Ensuring End-to-end design, ownership, and delivery of LTM and GTM load balancing solutions built to customer specifications and which meet project delivery goals and timelines.
• Support and maintain Splunk enterprise environment in a highly available, redundant, geographically dispersed environment.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.

Environment: Palo Alto firewalls 3060, 5060, 7050, Cisco ASA5510, Checkpoint, Cisco routers: 2800,3600,3640,3845,7200 and Cisco switches: 3750,3550,3500,2960, Wireshark, WildFire,FireEye, Panorama, SolarWinds, BPDU Guard, Root Guard, Radius, Tacacs, LDAP, Kerberos, TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, NAT, Frame Relay, VPN, Wireless LAN, LTM, GTM, User-ID, App-ID,URL Filtering, VLSM, Proxy ARP,ping SSL/TLS, IPsec, SSH,Splunk ES.

Confidential, Beachwood, Ohio

Security Engineer

Responsibilities:

• Responsible for Check Point, Cisco ASA and Palo Alto firewalls configuration and administration across all the plants throughout US and Mexico.
• Responsible for firewall rule set migration from Cisco ASA to newly implemented Palo Alto.
• Provide necessary problem determination in the Checkpoint firewall environment which has Gaia R77, R75, SPLAT, Provider-1 and VSX.
• Troubleshoot firewall issues and solve them using packet capture mechanisms like TCPDUMP, FW monitor, zdebug, Wireshark, capture and smart view tracker.
• Experience working in Checkpoint Provider-1 Environment with Multiple CMA's and dozens of gateways.
• Successfully installed Palo Alto PA-3050, PA-5050 firewalls to secure zones of network.
• Install and maintain Palo Alto firewall configuration to protect cardholder data for payment card industry (PCI).
• Managed and configured all Palo Alto PA 3000 series, PA 5000 series, PA 7000 series firewalls.
• Implementing and configuring Checkpoint VSX for security gateways.
• Configured and maintained IPSEC, SSL Decryption, high availability, port mirroring, SSL VPN's on Palo Alto Firewalls.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Centrally managed all Palo Alto firewall using Palo Alto Panorama M-100 management server.
• Hands on creating security policy, application filters, App-ID, URL filter and threat prevention on Palo Alto.
• Actively use smart view tracker and Checkpoint CLI for troubleshooting.
• Firewall Policy Optimization using third party tool Tufin by running usage reports on the policies.
• Responsible for design and administration of network switches (Cisco), routers (Cisco), and firewalls (Palo Alto, checkpoint and Cisco ASA).
• Worked on Nexus platform7018, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and OTV and successfully implemented VSS on the Cisco switches.
• Responsible for setup and configuration of Site to Site VPN's, and remote access VPN's using Cisco ASA solutions (ASA 5505 and 5520).
• Working experience with virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques
• Created and configured management report and dashboards using Splunk.
• ITIL Based Service Delivery and Management
• Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
• Installed high availability Big IP F5LTM and GTM load balancersto provide uninterrupted service to customers.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Management of Infoblox DNS IPAM for Microsoft DNS/DHCP setup and management.
• Management of Infoblox Grid Manager to manage DNS Forward and Revers Lookup Zones.

Environment: Check Point, Cisco ASA and Palo Alto firewalls, Gaia R77, R75, SPLAT, Provider-1 and VSX, IPSEC, SSL Decryption, high availability, port mirroring, SSL VPN's, F5 LTM and GTM.

Confidential - Tampa, FL

Network Security Engineer

Responsibilities:

• Implementing and troubleshooting firewall rules in Checkpoint R77.20 Gaia, Cisco ASA 5540, 5580 Implementing and troubleshooting firewall rules in Juniper SRX 5400, 550, 5600 Checkpoint R77.20 Gaia and VSX as per the business requirements.
• Worked on Juniper SRX Versions 300, 3400, 3600, 220 implementing new and additional rules on the existing firewalls for a server refresh project.
• Upgrade of Juniper firewalls and management servers from SRX 240 to SRX 5400.
• Established IPsec VPN tunnels between branch offices and headquarter using Juniper SRX Firewall.
• Services expert responsible for effectively communicating, educating, and positioning Infoblox service programs within the partner community and customer base.
• Responsible for all Juniper SRX firewalls consisting of SRX 3560, 1400, 550. Using CLI and/or Junos Space Security Director for management. Install, upgrade, troubleshoot, design, etc.
• Installation and maintenance of Cisco Layer 3 switches 3750, 4500X, 6500 and Cisco 3550/4500/6500 switches in multi VLAN environment.
• Expertise in the administration, support and operation of the Orion SolarWinds platform including Network Performance Monitoring (NPM), Network Configuration Manager, Server & Application Monitor (SAM), NetwFlow, Traffic analyzer and IP address Manager.
• Responsible for Check Point, Cisco ASA and Palo-Alto firewalls configuration and administration across global networks for providing IPS/IDS.
• Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Implemented Cisco ISE for delivering consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections.
• Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate delivery of business applications.
• Configured Citrix NetScaler ADC for load balancing and assigned virtual server IP (VIP) address to virtual servers.
• Adding Websites to blocked list on the bluecoat proxies based upon business requirements.
• Provide support and for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo-Alto firewalls.
• Configuration of Checkpoint R77.20 series firewalls and implementation for outbound traffic via blue coat proxy server.
• Configured Citrix NetScaler responder policy and to maximize the performance and availability of all applications and data, and also provide secure remote access to any application from any device.
• Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed.
• Worked with level-2 team on migration project of CMA's from one Provider-1 to other Provider-1.
• Worked on changing global objects and global rules to local objects and local rules for migration project.

Environment: Network Performance Monitoring (NPM), Network Configuration Manager, Server & Application Monitor (SAM), NetwFlow, Traffic analyzer and IP address Manager, Pa-5000/3000, Cisco ASA, and Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.

Confidential, Palo Alto, CA.

Network Security Engineer

Responsibilities:

• Configuration, troubleshooting and maintenance of Palo Alto Firewalls - PA5000 and PA7000 series.
• Implemented, configured and provided support to the Palo Alto firewall for HA (High-Availability) in Active/Active and Active/Standby failover with different modes of deployment
• Design, configure and troubleshooting of Palo Alto Central Management Platform with Panorama, Deployment mainly using VSYS according to client topology, working on Content-ID, User-ID and App-ID.
• Experience with implementation and troubleshooting of URL filters, threat prevention, data filtering and security rules on Palo Alto Firewalls & Analysis of firewall logs.
• Exposure to wild-fire advance malware detection using IPS feature of Palo Alto.
• Experience on the migration of other vendor firewalls to Palo Alto by manually or using the migration tools.
• Hands-on experience with management of security rules based upon the NAT/PAT, ACL and VPN on Palo Alto firewalls.
• Configured VLANs and created zones on the Palo Alto firewalls and also implemented Fortinet Firewalls on the other side.
• Replace out-dated and old firewalls architecture with new next generation Palo Alto firewalls serving as URL and application inspection.
• Good experience with the installation and configuration of Citrix NetscalarSLB/CS/GSLB for High Availability and Load Balancing.
• Hands-on experience working on remediating security issues on firewalls to comply with yearly PCI DSS audit.
• Worked on Infoblox for creating the DNS entries, and also maintaining name lookup for A records and CNAMEs in DNS servers for security devices.
• Working on network monitoring systems like HP NNMi, HP NPS for Netflow tools, ELK for log search.
• Working on proposed changes and handling service requests assigned through ticketing systems GlobalServicenow.

Environment: Panorama, SolarWinds, BPDU Guard, Root Guard, Radius, NAT, Frame Relay, Tacacs, LDAP, Kerberos, PA5000 and PA7000, HP NNMi, HP NPS.

Confidential, Sunnyvale, CA.

Network Engineer

Responsibilities:

• Implemented, configured and provided support to the Palo Alto firewall for HA (High-Availability) in Active/Active and Active/Standby failover with different modes of deployment.
• Design, configure and troubleshooting of Palo Alto Central Management Platform with Panorama, Deployment mainly using VSYS according to client topology, working on Content-ID, User-ID and App-ID.
• Configured and troubleshoot the MP-BGP over DMVPN on Cisco ISR 4000 series routers and also configure PfR on branch routers (MPLS and DMVPN) for iWAN.
• Successfully replaced INET (DMVPN) and MPLS circuit branch routers (18xx, 1xx, 29xx series) with Cisco ISR 44xx series without impacting any ongoing traffic by failingover the traffic using BGP manipulation.
• Design dual homed WAN access by deploying the VRF technology, thereby load-balancing and increasing the bandwidth in Cisco routers.
• Configure and troubleshoot the routing policies using route-filters to change the BGP attributes like MED, AS-PATH Prepend.
• Configured and troubleshoot OSPF route redistribution in multiple areas environment and also configured OSPF Stubs.
• Installed and Managed F5 Big-IP LTM/GTM for providing high availability and configured virtual IP(VIP), Pools, nodes, irules for load balancing and Packet filters for security.
• Configure and troubleshoot BFD timers to improve the route convergence in the environment and Upgraded the capacity and bandwidth by upgrading the Routing Engines and Line cards.
• Remotely configured and deployed new network gear on various branch offices using the Cyclades serial console server.
• Worked on Infoblox for creating the DNS entries, and also maintaining name lookup for A records and CNAMEs in DNS servers for security devices.
• Designed and configured WAN optimization and acceleration using Riverbed SteelHead and BlueCoat Packetshaper appliances.
• Deployed, configured and troubleshoot the Juniper PulseSecure SSL VPN gateways (MAG series) with remote access.
• Experience onManaging/Monitoring provisioned circuits to the clients and implementing QoS (Class maps/Policy maps/Route maps/IP SLAs) for effective service.
• Experience with deployment, administration and monitoring of Solarwinds, Splunk and reporting the log and audit files.
• Good understanding and knowledge about Openstack public and private cloud technology with immense knowledge in Neutron.
• Actively working with application teams to fix the application/network latency issues using wire shark/packet analyzer.
• Worked with Python scripting language, which would evaluate list of IP addresses against the NS lookup to increase the productivity and also for automation of configuration files on the network devices.
• Working on proposed changes and handling service requests assigned through ticketing systems BMC Remedy and resolved accordingly to meet SLAs (Service Level Agreements).

Environment: Active/Active and Active/Standby, NAT, Frame Relay, MP-BGP over DMVPN, INET (DMVPN) and MPLS, CNAMEs, QoS, SLAs.