SUMMARY:

• Having 8+ years of experience in the Network Designing, Security and Implementation of Routing, Switching, Firewall technologies and troubleshooting of Complex Network systems.
• Experience in configuring protocols HSRP, VRRP, GLBP, ICMP, HDLC, & SNMP, configuring & troubleshooting routing protocols RIP v1/v2, EIGRP, OSPF, IS - IS, VRF, BGP & MPLS and installing & configuring DNS, DHCP server.
• Security experience in deploying VPN Solutions like IPsec (site-site and client-site) & SSL VPN implemented across multiple vendors
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Addressing, Subnetting, ARP, VLSM, TCP/IP, MPLS, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits.
• Experience in authentication protocols PAP, CHAP, 802.1x and Port Security and Configuring Security policies including NAT, PAT, VPN (DMVPN, GRE), Route-maps, prefix lists and Access Control Lists
• Implemented IT network projects consisting of installation, configuration along with maintaining Network services, hardware systems and peripheral equipment/devices
• Administered servers and server clusters which demanded managing system back-up, database and restoring protocols
• Support customer with the configuration and maintenance of PIX and ASA 5585-X firewall systems and Checkpoint firewalls.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600 series routers, Load Balancers & Cisco Firewalls.
• Worked on F5 LTM/GTM, BIG-IP, load balancing, iRules, and WAN acceleration.
• Worked on Cisco ACE load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
• Experience securing and managing remote access using various VPN technologies like IPsec, SSL, and GRE Experienced in handling and installing Palo Alto Firewalls.
• Monitored the network performance regularly to improve performance and functionality
• Monitored network/software security, controlled access to the IT network and updated security programs as a part of the security procedure
• Configured Remote Desktop connectivity to various devices in Local Area Network.
• Experience in installing & maintaining network monitoring tool IBM Tivoli & network analyzers - Wire shark tool
• Troubleshooting Layer 2 issues, Spanning Tree protocol, RSTP, MST, VTP, VLAN on Cisco - 6500 series switches and Juniper EX 4200 switches.
• VPN - Responsible for creating site-site VPN tunnels and providing technical support for IPSEC VPN tunnels.
• Juniper SRX 3600 and Net Screen SSG-550 firewall administration across global networks.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Implemented security policies using ACL, Firewall, IPsec, VPN, AAA Security TACACS+, and Radius on different series of routers.
• Exposure to Blue coat Proxy
• Working knowledge of security products such as Cisco ISE
• Experience with convert PIX rules over to the Cisco ASA solution.
• Responsible for Cisco ASA firewall administration across our global networks
• Handled multi-Vendor / platform Security technologies including Firewall, IDS-IPS, VPN, Proxies
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
• Worked on INFLOBOX for Network Device Monitoring. Setting up Infoblox for local DNS and DHCP Configurations.
• Proactively used monitoring tools (Netcool Solar Winds trending graphs) to determine production issues

TECHNICAL SKILLS:

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).

Routing Protocols: RIP, IGRP, EIGRP, OSPF, IS-IS, BGP v4, MP-BGP

Routing/ Switching: Cisco routers (7206 VXR, 4431, 4331, 3945, 3925, 3845, 2901, … 1900, 1800, 800) Cisco catalyst switches (6800, 6509, 6506, 6513, 3750, Catalyst 37xx stack, 3550, 2960, 2800, 1900 series), Cisco CSR 1000V,Cisco ASR 1000, 9000, Cisco Nexus (7000 series 10- slot switch, 5548P, 5548 UP, 2248TP. 2248TP-E, 2232PP), Juniper MX960 VPC, VDC, OTV, AS4.

WAN Protocols: HDLC, PPP

Circuit switched WAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).

Packet Switched WAN: ATM, FRAME RELAY

Security Technologies: Cisco FWSM/PIX/ASDM, Checkpoint, F5 Load Balancer, Blue coat proxy server

Cisco Routers: Cisco 3640, Cisco 3600

Redundancy & management: HSRP, VRRP, GLBP, RPR, NSF/NSR, Wireshark, Solarwinds, SNMP, Firemon.

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)

Layer 2 technology: VLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)Layer 3 Switching CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Switches: Catalyst 6500, 3700, 3500

Operating Systems: Microsoft XP/Vista/7, Windows Servers … MS-Office. Microsoft project server 2013

Programming Language: Perl, Python.

PROFESSIONAL EXPERIENCE:

Confidential, Collegeville, PA

Network Security Engineer

Responsibilities:

• Knowledge of F5 Best Practices, used iHealth, SSL offloading, Route Domains, GTM Sync Group.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Implemented first hop redundancy protocols (FHRP) i.e., GLBP and VRRP.
• Enabled OSPF between Access routers and Core routers and used area-range command to summarize the prefixes.
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds.
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN
• Configured VLANs, Private VLANs, VTP, Dot1.Q trunking on switches Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing, LAN security.
• Worked extensively in configuring, Monitoring and Troubleshooting CheckPoint R77.XX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design.
• Supporting EIGRP and BGP based company network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Implemented Zone Based Firewalling and Security Rules on the Checkpoint Firewall.
• Installed checkpoint and F5 load balancers in VMware workstation and VSphere.
• Involved in troubleshooting software, hardware and network problems.
• Responsible for Cisco ASA firewall administration across our global networks.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series
• Configured GLBP load sharing between VLANs.
• Configured L2/L3 Ether-Channels to increase bandwidth on core and distribution switches.
• IOS Upgrade in CISCO 6500 switch and 2800, 3845, 3945 routers.
• Primary responsibility is to design and deploy various network security & High Availability products lick Cisco ASA other security products.
• Support customer with the configuration and maintenance of ASA firewall systems.
• Worked on Cisco Firewalls, Cisco ASA 5500(5510/5540) Series.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Predominantly set up, configured and maintained a Windows server and Network Equipment on a TCP/IP network.
• Working knowledge of configuring routing protocols such as RIPv2, EIGRP, OSPF and BGP.
• Worked on INFLOBOX for Network Device Monitoring. Setting up Infoblox for local DNS and DHCP Configurations.
• Worked with Firemon policy manager to configure and monitor the firewall changes.

Environment: Cisco 2948/3560/4500/3560/ 3750/3550/3500/ switches and Cisco 3640/12000/7200/ 3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA, Checkpoint 77.xx, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP.

Confidential, East Hanover, NJ

Network Security Engineer

Responsibilities:

• Worked extensively in configuring, Monitoring and Troubleshooting Check Point R77.XX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design.
• Configured and played with various BGP attributes such as Local Preferences, MED, Extended Communities, AS path manipulations, Route-Reflector clusters, Route-maps and route policy implementations.
• VRF lite Implementation: Research and implementation of VRF lite on all customer ingress routers
• Configuration of VLAN's, VRF's for logical separation of high bandwidth interfaces and LACP for increasing the bandwidth.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Experience with using F5 Load balancer in providing worldwide data and file sharing, continuous internet connectivity, optimized web performance.
• Configuring and implementing F5 BIG-IP Load balancer.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Knowledge on multiplex techniques such as DWDM.
• Knowledge of F5 Best Practices, used iHealth, SSL offloading, Route Domains, GTM Sync Group.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Implemented first hop redundancy protocols (FHRP) i.e., GLBP and VRRP.
• Enabled OSPF between Access routers and Core routers and used area-range command to summarize the prefixes.
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds and OpNet.
• Configured FTP server for inside/outside users & vendors
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN
• Configured VLANs, Private VLANs, VTP, Dot1.Q trunking on switches Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing, LAN security.
• Worked extensively in configuring, Monitoring and Troubleshooting Check Point R77.XX security appliance, Failover DMZ zoning & configuring VLANs / Routing / NATing with the firewalls as per the design.
• Supporting EIGRP and BGP based company network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Install, Configure and Troubleshoot issues that arise in replacing cisco 7200VXR with ASR1002X or ASR1004
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Installed checkpoint and F5 load balancers in VMware workstation and VSphere.
• Involved in troubleshooting software, hardware and network problems.
• Responsible for Cisco ASA firewall administration across our global networks.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series
• Configured GLBP load sharing between VLANs.
• Configured L2/L3 Ether-Channels to increase bandwidth on core and distribution switches.
• IOS Upgrade in CISCO 6500 switch and 2800, 3845, 3945 routers.
• Primary responsibility is to design and deploy various network security & High Availability products lick Cisco ASA other security products.
• Support customer with the configuration and maintenance of ASA firewall systems.
• Worked on Cisco Firewalls, Cisco ASA 5500(5510/5540) Series.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Predominantly set up, configured and maintained a Windows server and Network Equipment on a TCP/IP network.
• Working knowledge of configuring routing protocols such as RIPv2, EIGRP, OSPF and BGP.
• Extensive network troubleshooting experience and understanding of quality of service from LAN through WAN.
• Configured and maintained Secure Shell (SSH) on routers using RSA.
• Provided immediate resolution of issues such as application of ACL's for anti-spoofing, route re-distribution and blocking of known Cisco IOS vulnerabilities.
• Arranged RMA's for faulty hardware and liaise with AT&T Labs for permanent network design changes.
• Provided direction to System Engineering on migrating Backhaul DS3 circuits from one Location to another Location
• Migrating NetScaler infrastructure from Rack space to a new data center and integrating it with their Palo alto firewalls.
• Hands on experience of Nexus 7k, 5k and 2K FEXs and Cisco switch 3560.
• Configured datacenter technologies like VPC, VDC on Nexus 7010 Core Switches.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR
• Worked on F5 LTM/GTM, Big-IP, load balancing, iRules, and WAN acceleration.
• Managed VPN, IPsec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls
• Knowledge of F5 Best Practices, used iHealth, SSL offloading, Route Domains, GTM Sync Group.
• Worked on private DMVPN WAN to provide fast local SAN based backups/restores including remote offsite backups to our local Datacenter.
• Provide local software and hardware support requiring complex integrated configurations in the areas of high-speed Wan Routing including MPLS VRF technologies
• Configure/setup NetScaler SDX pair for data center.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links
• Worked extensively on Juniper MX Series Routers and EX series Switches
• Worked with Juniper MX480, 240 series.
• Working on Arista 7050T switch to explore security options using it programmability capability.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, Spanning Tree, 802.1q. Configured IP access filter policies.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• ERP Implementation, Setup & Support - Core member for setting up new ERP systems- EPICOR
• Controller based High density Wi-Fi network. Models of experience, 6000, 470x, 7200. Master/
• Local controllers with redundancy. Extensive knowledge of Aruba technology.
• Prevented unauthorized access by monitoring port traffic, monitored and maintained over 900 Cisco network devices, and maintain WAN OSPF& BGP network and VPN LAN to LAN connections.
• Upgrading and downgrading Nexus and Arista devices to meet other devices and new codes (images) requirements.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GetVPN.
• As part of Data Center fabric remediation/refresh project, deployed Cisco Nexus switches and implemented features like FEX Links, VPC and VDC.
• Lead Engineer for Network refresh project for Multinational insurance company. Providing remote assistance for replacing exiting switches with new Cisco switches.
• Build Logical design and Implementation of Wireless Solution.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Building the VPN tunnel and VPN encryption.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Installed and configured Cisco 2600, 2800, 3600, 3800 routers and 2950, 3700, 6500 switches.
• Maintained and managed networks running OSPF and BGP routing protocols.
• Configured route redistribution between OSPF and EIGRP in a multi-area OSPF network.
• Daily monitoring of network traffic using sniffers (Wireshark) and access logs to troubleshoot and identify network issues.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Implementing security policy configurations and nodes via Juniper SRX-3400 FW and NetScreen 5500.
• Configure, monitor and trouble-shoot Juniper Netscreen firewall.
• Design and Implementation of F5 GTM based on topology load balancing methods.
• Implemented F5 ASM for Internet Facing LTM virtual servers providing applications layer 7 firewall protection, configuring and managing F5 Web Accelerator module and Application Security Module (ASM) technology or with similar/competing ADC and Security product solutions
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates, iRules, and SNATs on the F5 Big IPs using the Web GUI and CLI.
• Planned, designed and executed ground up new multi-domain Active Directory forest including Exchange and migration of employees with zero downtime in the process. This included having a team that executed the migration while business.
• Worked in Primary Environment: SRX220, SRX650, SRX3600 and Checkpoint R77.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V- E, 6513, 6504, 6503, 6506,6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR.
• Interact directly with the Avaya's IT organization to plan, implement and deploy application updates into our corporate production environment.
• Senior platform engineer for the configuration, deployment and migration of the production VM-ware infrastructure from existing Dell platform to UCS blade center.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Knowledge of implementing and troubleshooting complex L2/L3 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP, MPLS and MST.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Implementing IPsec and GRE tunnels in VPN technology.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/ 0/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, F5 Load Balancer Cisco Nexus7K/5K, Checkpoint, Cisco ASA

Confidential

Network Engineer

Responsibilities:

• Dealt with implementation of deployment related to Cisco devices and applying security policies on it.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
• Implemented various Switch Port Security features as per the company's policy
• Configured RIP, and EIGRP on 2901 and 3925 Cisco routers.
• Configured VLANS to isolate different departments
• Co-ordinated with global Security Management teams and support teams as required and completed Palo Alto and Checkpoint Firewall rule add, modification, and delete.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configured IPSEC VPN on SRX series firewalls
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation.
• Design, installation and troubleshooting networks with hand-on experience with OSPF, ISIS, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches
• Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems.
• Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
• Performed replacements of failed hardware and upgraded software
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Implementing Routing and Switching using the following protocols; IS-ISOSPG, BGP on Juniper M series routers.
• Involved in Local Area Network (LAN) design, troubleshooting, and maintenance as per company's requirements.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP)
• Hands on experience with Cisco based L2/L3 Ethernet Switches and Routers
• Performed network QA test, executed system analysis and troubleshooting in order to resolve problems on servers, workstations and other network devices
• Planned & executed 802.11 Wireless LAN adapter testing to model customer setups and deploy wireless solutions
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for security
• Configured Trunk groups, ether channels, and Spanning tree to create Access/distribution and core layer switching
• Configuring, administering and troubleshooting the Check Point, Palo Alto and ASA Firewalls.
• Provided Technical support for improvement, upgradation, and expansion of the existing network architecture
• Hands-on experience in Open Flow, which is a combination of Ethernet and TCP/IP
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment
• Monitored the network performance regularly to improve performance and functionality
• Configured static routes, default routes, Frame Relay and provided security by using ACL, NAT
• Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes
• Configured site-to-site IPsec VPN to provide communication between the branch office and headquarters