SUMMARY

• Cisco Certified Network Engineer with 8.3 years of Experience in Network engineering, designing, architecting, deploying and troubleshooting Network & Security infrastructure on Routers switches (L2/L3) and firewalls.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic layer 3 routing protocols such as EIGRP, OSPF, BGP IS - IS ability to interpret and resolve complex route table problems.
• Good Experience in Configuration and Troubleshooting of VLAN, Trunking, STP, VTP, Ether channel MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5.
• Experience on F5 load balancers, including a general understanding of routing protocols BGP, OSPF, EIGRP, TCP, SSL, and TLS.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+).
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers InfoBlox DNS etc.
• Experience with different Network Management Tools and Sniffers like SNMP, and Cisco works to support 24 x 7 Network Operation Center.
• Worked extensively in Designing, Implementing & Managing LAN, WLAN & WAN solutions for different client setups. In-depth knowledge and experience in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM & Frame Relay.
• Experience in Physical cabling, IPv4,IPv6, addressing and Sub netting with VLSM using QIP configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Staging, Lab & Production Environments.
• Experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them and Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCP dump and Linux operating system servers.
• Worked on security products such as CiscoISE
• Monitoring and runningISEreports
• Experience in Designing in application mapping and application delivery using F5 BIG IP LTM.
• Monitoring and capturing the traffic with multiple network management tools like Sniffer Infinistream, Wire shark, Net flow Analyzer, Solar winds, source fire, HP Open View, Cisco Works, Cisco ISE.
• Experience in troubleshooting DNS/DHCP issues within the LAN network.
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
• Experienced in handling Panorama firewall management tool to administer Palo firewalls.
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers InfoBlox DNS .
• Knowledge about Python Scripting Language and OS Hardening.

TECHNICAL SKILLS

Switching: Vlans, Trunking, Ether Channel, Port Fast, Up-link, STP, RSTP, PVST+, DTP, MLPPP, IEEE 802.1q, MPLS, ISL and dot1q, SMTP, Inter-VLAN Routing, Light weight access point.

Switches: Cisco catalyst Switches (2960 series/ 3560/3750/4500/5500/6500/6513 ), Nexus Series(9k/7k/5k/2k/1k), Juniper EX series.

Routing: RIP (Versions 1 & 2), IGRP, EIGRP, OSPF, BGP v4, IS-IS Static Routing, Route Filtering, Redistribution, Summarization.

Routers: Cisco1600,1900,2500,2600,2800,2900,2950,3000,3500,3600,3640,3845,5000,6500,7200,7300,7500,7600,7900,7940,1200

Network Security: VPN, NAT/ PAT, access-lists, IPSEC, Juniper SRX, TACACS+, RADIUS.

Load Balancer: Cisco CSM, F5 Networks (Big-IP) LTM 8950, GTM 6400, F5 ASM, Cisco ACE 4710

Gateway Redundancy: HSRP, VRRP, GLBP

Firewalls: Cisco PIX, ASA, Checkpoint and Palo Alto.

Network Management: Wireshark, Net flow Analyzer, Cisco Works, solar winds, Ethereal, SNMP.

Networking Features and services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP,OSI Model, TCP/IP, UDP, IPV4, IPv6, Subnetting, VLSM.

PROFESSIONAL EXPERIENCE

Confidential, Denver, Colorado

Sr. Network Engineer

Responsibilities:

• Worked on F5 BigIP GTM/LTMappliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Involved in F5 BIG IP LTM administration, familiar with enterprise local traffic managers like 6800, 3600, 1600, 3400 series.
• Documenting the CISCO ACE load balancer Servers, sticky, server-farm configurations for ACE to F5 migration.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Worked on Extensively on Cisco Firewalls, ASA 5500(5510/5540) Series.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Configuration of Cisco ISE "Identity Service Engine” to include updating iOS, full configuration of new ISE appliances, entry into the MAB, and configuration of MAC entries.
• Responsible for LAN/WAN administration and performance of hardware builds (upgrades and new machines), set up offsite backup systems, and contribute to system migrations.
• Assisting in network modelling, analysis, planning, and coordination between network and data communications hardware and software.
• Configuring & Troubleshooting Cisco Identity Service Engine(ISE) fornetworkdevices and VPN profiles for authentication, policy sets, downloadable ACLs & authorization profiles.
• Worked on Network automation using Python
• Build Logical design and Implementation of Wireless Solution.
• Planning, support, documentation for network design, and involvement into change management process.
• Tracking and documenting the server information connected to Cisco Catalyst, Nexus Switches, Cisco ACE load-balancers and BIG IP F5LTM.
• Maintaining documentation and scripts for install, back out plan.
• Converting project specifications into detailed instructions and logical steps for coding into languages.
• Monitoring network to ensure high availability, security to all system users and perform necessary maintenance to support network availability.
• Installed wireless access points (WAP) at various locations in the company.
• Troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, and BGP to interpret and resolve complex route table problems.
• Providing systems and server management and oversight of network/connectivity and software issues for local and remote users.
• Supporting Data center consist of Nexus 9K, 7K, 5k, 2k, Cisco Catalyst 6500, 4500, ASR, 45xx in spine and leaf architecture and associate installing new products and debugnetworkissues.
• Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) for managing the traffic and tuning the load on the network servers.
• Experience with Data Center Design, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel.
• Administering network security measures and ensuring compliance with requirements.
• Diagnosing, troubleshooting, and resolving hardware, software, or other network and system problems, and replacing defective components when necessary.
• Designed ultra-low latency environment using Cisco’s 4900m for routing, Arista hardware for high speed access layer.
• Designed the IPv4, IPv6 addressing scheme using VLSM and configured IP addressing Performed activities such as initial user account creation, established LAN connectivity, file and resource sharing management, internet connectivity, FAX and email service setup
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
• Experience with Bluecoat Proxy servers, LAN & WAN management.

Confidential, Wilmington, DE

Sr. Network Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, BGP v4.
• Configured IP access policies by implementing traffic filters on Cisco routes using Standard, extended Access list.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configured VLANs with 802.1q tagging, Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Performed LAN operations and troubleshooting which involves working on VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Handling the Configuration and troubleshooting nexus (9k/5/3k) different series switches.
• Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
• Allocation and designing appropriate virtual IP for F5 ADC through IPAM InfoBlox.
• Design and deploy theF5LTM and GTM configurations to migrate thousands of Applications to lower cost Data Center locations.
• Managing theF5BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Designed and Deployed F5LTM configurations in the Site.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Installed and Configured Cisco 3800 series Routers and Catalyst 3500 Switches, UPS and POD (power distribution), Server, Cisco IP Phone (VoIP) 7960 with Workstations.
• Supported for installation of Cisco Routers, Switches, ASA's,WirelessLANcontrollers(Cisco 6880 core switches, 2951 Routers, 2960 switches, ASA5510 - 5515's4404 and 5508 LANcontrollers, Aruba 7210 MobilityControllers), Arista (7000 series).
• Worked on installation and maintenance of various Aruba products and extending support to Enterprise customers and partners worldwide.
• Implemented WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Negotiate VPN tunnels using IPsec encryption standards and configured and implemented site-to-site VPN, Remote VPN.
• Working with different Security Appliances including DDoS Attack Protection, Web sense URL Filtering Firewall. Palo Alto, Fire eye, Corriero, Alert Logic WAF.
• Designed and configured several dedicated client colocations using Cisco 4900m routers and Arista 7124 switches.
• Troubleshooting with Cisco, Juniper, Riverbed, F5, Arista appliances.
• Testing new design and new Firewall policies and working with Cisco ISE.
• Monitoring and capturing the traffic using network management tools like solar winds and Wireshark.
• Configuring secured connection between routers using GRE tunneling to achieve IPsec.
• Experience in Implementation and configuration of Big-IP LTM-6400 load balancers.
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements.
• Design and deploy theF5LTM and GTM configurations to migrate thousands of Applications to lower cost Data Center locations
• Significantly improved the performance of the AAA module by reducing internal messaging overheads and identifying areas for memory optimization
• Worked on Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
• Performed on Palo Alto Firewall on network security software and hardware, security monitoring systems, encryption software, threat and vulnerability management services and software, identity management solutions and network objects on global group, clean up unused rules, decommission etc.
• Providing Technical Support and solutions for Network Problems.
• Planned, tested and evaluated various equipment’s, systems, IOSs and procedures for use within the Network / security infrastructure.
• Upgrading IOS, troubleshooting network outages.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long-term planning, implementation, project management and operations support as required.
• Configured and troubleshoot cisco WAP, and cisco prime.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel.
• Design and implemented network infrastructure and configured the entire network Infrastructure devices including Network Printers and Register.
• Hands-on experience in the network management of circuits using TDM and Frame Relay network, performing configuration and provisioning management, fault management and performance monitoring.
• Worked on Cisco Firewall ASA 5500(5510/5540) Series. Performed Security operations in terms of pushing new policies and deploying new rules.
• Experience in Handling F5 LTM, GTM series like 6400, 6800, 8800, 8950 for the corporate applications and their availability.
• Responsible for supporting older VMware infrastructure and systems, including ESXi 4 and Lab Manager.
• Team member of Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches.
• Designing and implementing wirelessarchitectures (Cisco Aironet APs and Cisco 5500 series controllers).
• Deliver IT Services Management (ITSM) solutions based on ITIL best practices that focused on the people, process, and technology, and information perspectives of providing business solutions within the IT infrastructure.
• Performed professional level documentation using Visio diagrams.
• Other responsibilities include documentation and updating changes made in networking devices as per ITIL Specifications.

Confidential, Washington, DC

Network Security Engineer.

Responsibilities:

• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Implemented traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Worked on Cisco WAP and Cisco Prime for wireless access within the campus.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Configured HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst.
• Provided port binding, port security and router redundancy through HSRP. Worked on HSRP for hop redundancy and load balancing.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210 and configured cisco chassis 4k series switches.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s Site.
• Configuring various advanced features (Profiles, monitors, Redundancy, SSL Termination, Persistence, SNATs, HA onF5BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects acrossF5and hands on withF5BIGIP LTMs/EM.
• Configured Virtual IPs and servers on F5and associated pool and pool members to it.
• Analysis on WAF operations, Attacks / Vulnerabilities in Web Applications and present analysis to relevant teams
• Experience in implementing and designing new solutions with Cisco ASA Firewall series 5505, 5510, 5512-X and Palo Alto Firewall series PA-500, PA-2050.
• Developed and deployed self-service model using Splunk to allow application teams to review and request ASM policy modifications via ASM logs.Content filtering management of Controlled access to the Internet as per the company IT Security Policy With Bluecoat Proxy.
• Provide Conditional & specific Internet access to specified groups and users as per client requirements in Bluecoat Proxy.
• Worked on firewalls Cisco PIX/ASA Appliance and Palo alto NGFW.
• Handling various trouble tickets, firewall rule changes, assisting other teams to bring the device to production, making DNS changes in InfoBloxand routing changes.
• Experience in nexus9k/5k/2k/1k devices.
• Continually monitor, assess and improve network security, test and implement new security technologies.
• Worked on F5 LTM, GTM series like 6400, 6800, and 8800 for the corporate applications load Balancing and their availability.
• Comprehensive elementary configurations on theF5Big-IP LTMs load balancer on prevailing network to divide traffic on web-servers.
• Configured and implemented remote access solution for customers: IPSEC, Site2Site, GRE tunnel end-to-end.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA Secure ID, and Proxy Radius Services to Cisco ACS.
• Configured VLAN, STP VSTP, SNMP, Port Security on Juniper EX series switches.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server client environment with resource allocation to desired Virtual LANs of network.
• Implemented NAT/PAT solutions on WAN applications
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
• Once trouble ticket has been created keep customer informed of status of ticket and estimated time to repair.

Confidential

Networking Support Engineer

Responsibilities:

• Performed network engineering, design, planning (WAN & LAN) & implementation. Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between Switches.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Designed and implemented security policies using ACL, PIX firewall.
• Implementing security ACL, IP Sec, VPN, TACACS+ and RADIUS+.
• Designed application mapping and application delivery usingF5BIG IP LTM. Configured Virtual IPs and servers onF5and associated pool.
• Provided Tier II support on Load BalancerF5BigIP Local Traffic Managers (LTM).
• Design and configuring of OSPF, BGP, EIGRP on Cisco/Juniper Routers and SRX Firewalls.
• Configured routing policy for BGP.
• Switching related tasks included implementing VLANs and configuring ISL trunk and 802.1Q on Fast-Ethernet channel between switches
• Implemented Cisco IOS Firewall IDS using 2600 series router.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Troubleshooting on network problems with Wire shark, identify problem and fix.
• Experience with configuring Nexus (9k/5k/1k) devices.
• Worked on automation of test environment using Shell, Python Scripting.
• Understand the JUNOS platform and worked with IOS upgrade of Juniper devices
• Redistribution of routing protocols and Frame-Relay configurations.
• Configuring and troubleshooting type of routing to route traffic flow per customer requirement as primary, backup/load balanced and load splitting.
• Performed the maintenance of Active Directory and replication scheme, DNS/DHCP services and time services; wrote step-by-step procedures for implementing upgrades.
• Dealt with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency, redirection of the URL.
• Configured VLANs on a switch for inter-VLAN communication. Configured VLAN Trunking Protocol (VTP) on Core Switches.
• Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches for STP, VTP Domain, VLAN, Trunking, Fast Ether Channel configuration.

Confidential

Network Engineer

Responsibilities:

• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, inter-VLAN routing, Trunking, STP, RSTP, Port Security, LAN security, port aggregation & link negotiation.
• Worked on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Configured Access List ACLs to allow users all over the company to access different applications and blocking others.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Installed and configured DNS and DHCP server.
• Involved in troubleshooting of DHCP and other IP conflict problems.
• Configured and installed Cisco 2500, 3640, 7200, and 7940 Routers.
• Troubleshooting network bandwidth performance, mismatched framing and line coding.
• Coordinated with LAN/WAN engineers to develop and implement various security policies.
• Monitored usage of network resources with Cisco works, and using sidewinder in PIX Firewall.
• Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
• Configured remote users to access corporate LAN with VPN connectivity.
• Configured and installed new IP addresses for new users by using IP Addressing and Subnetting Scheme.
• Configured Frame-Relay, ISDN, ATM, Protocols, & load balancing switches.
• Configured IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP.
• Designed network architectures and implementation of network Switches.
• Worked on a migration project which involved the removal of all static routes from core devices.
• Working on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Supporting EIGRP and BGP based network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Also, prepared documentation for various VLANS and Voice sub networks and worked on Visio for the same.