SUMMARY

• 8+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70, R71, R75 and R77), Juniper Firewalls (SRX5400, SRX5600and SRX5800), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3kand PA-5 k).
• Provided scalable, supportable military grade TCP/IP security solutions along wif expert TCP/IP network designs that enable business functionality.
• Good knowledge on Endpoint incorporates a rules-based firewall, as well as an anti-malware technique also worked on F5 LTM/GTM, BIG-IP, load balancing, I Rules and WAN acceleration.
• Administration, Engineering and Support for various technologies including proficiency in LAN/WAN routing, switching, security, application load balancing and wireless.
• Working experience on tools and devices like Gigamon, Sourcefire, Fire eye, Aruba, Cisco ASA, Cisco ISE.
• Experience in creating User/Group Accounts and attaching policies to User/Group Accounts usingAWSIAMservice.
• Managed all network and devices to include Cisco routers, switches, VPNs, SSL, Check Point, Cisco PIX, Cisco ASA, Cisco FWSM as well as content delivery networks (CSS, Citrix NetScaler and F5 Big IP LTM and GTM 1600 and 3400 load balancers) enterprise environment.
• McAfeeePO 5.1.1administration (VSE, SAE, DLP), PM on OpenDNS deployment, incident management of threat alert concerning,McAfeeproducts, Fire Eye, Sourcefire, establishing best policy and procedure for incident management.
• Provides technical support, development and implementation expertise and leadership in Antivirus and Malware prevention services (presentlyMcAfeeePO 5.3endpoint securities (ENS)suite).
• Knowledge of web application firewalls and data loss prevention technologies.
• Configuration and troubleshooting of CISCO & ARUBA wireless devices
• Aruba Airwave Manager, ClearPass Policy Manager Server
• Worked on Juniper Net Screen Firewalls NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
• Experience in Deployed Check Point Provider-1 NGX and configured CMAs
• Responsible for Checkpoint and Cisco firewall administration across global networks.
• Worked on Cisco Catalyst Switches 6500/4500/3500 series.
• Policy development and planning/programming on IT Security, Network Support and Administration.
• Experience in Configuring and Troubleshooting BIG-IP F5 LoadBalancer LTM.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Experience wif Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances
• Experience in analyzing security logs generated by Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, network flow systems, Anti-Virus and/or other security logging sources.
• Monitor SIEM and IDS/IPS feeds to identify possible enterprise threats. Actively investigate, respond to and remediate security incidents.
• Experience in implementation of F5 GTM based on topology load balancing methods.
• Experience in migration of data to cloud environment. Good working knowledge of Azure and AWS.
• Experience wif Bluecoat Proxy servers, LAN & WAN management.
• Excellent knowledge in Routing, Switching, Firewall and Gateway technologies, system design, wireless design, data network design, capacity management and network growth.
• Deployed the Cisco 3500 Access Points using Cisco Wireless controllers 5500 and 2500 and WCS System.
• Experience in working wif Cisco Nexus Switches and Virtual Port Channel Configuration.
• Experience wif Checkpoint VSX, including virtual systems, routers and switches.
• Experience in Network LAN/WAN deployment.
• Experience wif DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
• Experience wif management platforms such as Panorama, Juniper NSM and Smart Center.
• Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox)
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
• Experienced wif routing protocols (RIPv1/2, IGRP, EIGRP, OSPF, BGP), switching (VLANS, VTP Domains, STP and trunking),
• Extensive experience in Windows 2008 R2/2008/2003 Wintel Servers at single or multi-domain platforms.
• Provide consultancy services to customers on a variety of network security products including firewalls, VPNs, autantication, load-balancing, data loss prevention and security information and event management.
• Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8Professional Client Operating Systems
• IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
• Optimize, secure and control the delivery of all enterprise and cloud services and maximize the end user experience for all users including mobile clients using NetScaler.

TECHNICAL SKILLS

Networking: OSI, TCP/IP, Cisco IOS, IOS-XR, LAN/WAN interconnection, Frame-Relay, ISDN, RIP, OSPF, EIGRP, IS-IS, BGP, Air Magnet, JNCIA, RMA, MPLS, STP, SDN, RSTP, MST, VTP, CAN, NAT, ACLs, VPN, IP-Sec

Network Monitor Tool: Wire Shark

LAN and WAN protocols: Ethernet, TCP/IP, CDP, STP, RSTP, VTP, Fast Ethernet, Frame Relay, PPP, HDLC.

Hardware Routers: Cisco (1800/2600/3600/3800/7200/7600 series), CISCO ISR and CISCO ASR.

Routing Protocols: OSPF, EIGRP, BGP, RIP

Switches: Cisco (2900/3500/3700/5500/6500 Series, Nexus 2k,5k,7k,9k)

Switching Technologies: VLANs, Inter VLAN routing and Port Channels, VTP, Spanning

Tree Protocols: PVST+, RSTP+ and Multi-Layer Switching.

Load Balancer: Citrix, F5 Load Balancer.

Security/Firewalls: Cisco ASA (5510,5540), Checkpoint R65, R70, R75, R77 Gaia, Juniper SSG, SRX, VPN, Palo Alto.

Application Layer: FTP, HTTP, DNS, DHCP, SMTP, SNMP.

Application Protocols: SNMP, Telnet, SSH, DHCP, DNS, ARP, HTTP, FTP, TFTP

Redundancy Protocols: HSRP, GLBP, VRRP.

Tunneling Protocols: L2TP, IPSec, PPP, MPLS, IEEE 802.1Q

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Other Tools: Tufin Secure Track, Forescout CounterACT, F5 Big IP (LTM/GTM/ASM), DNS, Bluecoat Proxy, Solar Wind, Wireshark, BMC Remedy, Citrix NetScaler, Cisco Prime, VM Ware

Operating Systems: Cisco IOS commands, Windows (2000, XP, Vista, Windows 7, 8, 10), Linux,Solaris, Red Hat

Documentation: MS Office

PROFESSIONAL EXPERIENCE

Confidential, IA

Sr. Network Engineer

Responsibilities:

• Worked wif client engineering groups to create, document, implement, validate and manage policies, procedures and standards that ensure confidentiality, availability, integrity and privacy of information.
• Performed site refreshes on Cisco switching and Aruba wireless infrastructure at several locations. Configurations, implementation and troubleshooting issues on Checkpoint R77.10 Gaia, R75, Cisco ASA 5540, 5000 series firewalls for the client environment.
• Reviewed logs and reports of all security tools including Firewall, Routers, Switches, SIEM, ePO Servers, NAC, IPS.Upgraded existing switching and IPS systems to Cisco ASA and HP ProCurve switches.
• Worked closely wif developers to find defect causes and verify defect fixes to ensure product reliability and quality. Performed customer scenario tests, measured CPU and memory usage by DDos feature enabled, reported results and analysis for development team.
• Provide Level 3 Support for converged infrastructure (Vblock 740s/540s - VMWARE vSphere 5.5, Cisco UCS, Nexus 5Ks, Cisco MDS, EMC XtremIO/VMAX3s) and non-vBlock Storage - VNX2, ECS (cloud), Isilon (FILE), Pure Storage, HP3Par.
• Provided design and Contrail SDN/NFV networking support using Cisco ACI, Cisco wireless controllers, Open-Stack, Juniper Contrail and Big Switch Networks LABs using Apple Configurator. Provided (ODL) Open daylight, Docker Swarm container support using LINUX and Heat Orchestration and controlling network flows for Automation update using Docker, Ansible Playbooks Yang model and NETCONF devOps tools.
• Extensive working knowledge of routing protocols including MPLS, BGP, QOS and Cisco ASA/VPN Tunnel as backup connectivity solution between remote locations.Repaired broken workstations, notebooks & servers. Handled warranty issues & RMA requests.
• Configured routers and switches including but not limited to IP Subnetting, VTP, VLAN, DHCP, DNS, NAT, BGP, EIGRP, OSPF, static routing, QoS, ACL, VPN, IPSec Tunneling, STP and VRRP to support UcaaS services provided by the company.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls. Deploying of Cisco ISE on Nexus 5000/7000 routers, Cisco switches, and Cisco ASA and Firepower firewalls.
• Worked in virtualizing four of the Mercer call centers utilizing Cisco UCCE VoIP for contact solution theirby creating a failover protocol wifin four call centers for overflow and disaster situations.
• Installing new equipment to RADIUS and worked wif MPLS-VPN wif configurations. Analyzed and resolved issues relating to MPLS networks.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto, Cisco ASA Firewalls. Also responsible for administering and troubleshooting the Checkpoint, Palo Alto and ASA firewall.
• Configured IPSec VPN (Site-Site to Remote Access) on Cisco ASA (5200) series firewalls. Working wif the rule base and its configuration in Cisco ASA, Palo Alto, Juniper (RMA) and Checkpoint firewalls.
• Worked on Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600,2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Managing Firewall products - Checkpoint Appliance 2200 Gateways, Provider-1 and VSX environment. (R77.10 and 77.20) and ASA environments. Responsible for Check Point and Cisco ASA and Cisco UCCE firewall administration across global networks.
• Designed and implemented a POC of Cisco ISE vs Aruba ClearPass NAC solution for the corporate network wired.
• Responsible for configuring, supporting, and troubleshooting L2 / L3 (EIGRP, OSPF, BGP) adjacency and reachability issues by capturing, and analyzing of frames, packets using Wireshark, nmap, and Cisco's built in debugging utilities.
• Completed configuration, implementation and turn up of Cisco ASR 5000, Nexus 7010, Cisco 7609, Cisco 3945 terminal servers, DS3 OAM port. Deployed 4G/LTE Spirent iTest execution utilizing TightVNC application server connection for automation and development test. Completed intrusive and non-intrusive test cases of ASR, DNS, IPS, MSP/VOLTE, and SDG/VOLTE and analyzed/validated test results.
• Rule consolidation and rule lockdown process in the ASA firewalls. Deployment of Cisco ASA firewalls and migration of end of life ASA firewalls to New ASA firewalls.
• Design and Install UCP Select for VMWare vSphere wif Cisco UCS and Cisco Unified Fabric Switching. Experience in creating multiple policies and pushing them into Checkpoint Firewall (Gateways) and hands-on experience in managing the Checkpoint Management Server and Gaia operating system.
• Defining, tracking and maintaining the standard baselines and configuration sets of security devices and implementing industry best practices wif regards to Firewall, IDS/IPS, IPsec VPN, SSL VPN.
• Support Citrix NetScaler F5 platform, configuring, implementing, & troubleshooting Citrix NetScaler VIP configuration wif health check, policy configurations Access Gateway. Configuration of F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors.
• Distributed applications that run across datacenters usually replicate data for the purpose of synchronization, fault resiliency, load balancing and getting data closer to users (which reduces latency to users and increases their perceived throughput) via SDN.
• Working knowledge and experience in CUCM, Unity connection, Prime Collaboration Provisioning (PCP) and Prime Collaboration assurance (PCA).
• Physically deployed new Cisco Nexus devices, Catalyst and Nexus replacement blades, FWSMs, Cisco ASAs, Citrix NetScaler MPX and SDX chassis. Verify Firewall status wif Checkpoint Monitor. Creation and implementation of Application delivery architectures which includes load balancing on F5 BIG IP modules.
• Worked wif F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
• Involved in F5 LTM GTM and ASM planning, designing and implementation. Development of network design standards for conversion of a Cisco Metro E platform to Ciena Z series SDN network to achieve OpEx cost reductions and network standardization.
• Applying downloadable ACLs through Cisco ISE and Configuring Standard and Extended ACLs locally and on the upstream switches for Cisco ACS.

Environment: Cisco ASA 5580/5540/5520, Aruba Wireless, CheckpointR70, R75, R77.20 Gaia, Palo AltoPA-5000/3000, Juniper SSG, SRX, RMA, CAN, SD-WAN, Big IP F5 LTM/GTM, SPE, Python, JNCIA, Nexus switches, Routers, TCP/IP, VPN, Bluecoat Proxy servers, IDS/IPS. SIEM and monitoring, Netscalar,BMC Remedy, Cisco Prime, CUCM VOIP, Forescout CounterACT, Tufin.

Confidential, NJ

Network Engineer

Responsibilities:

• Configuring and troubleshooting of routing protocols such as OSPF and EIGRP for TEMPeffective communication on Cisco 3900, 3800 series routers.
• Worked on configuration, deployment and administration of Checkpoint firewalls versions R77.0, R75.46.
• Configured Juniper SRX series firewalls for policy management, and Juniper SSL VPNs.
• Extensively managed Network ACL's, EC2 and Security Groups in migrating traditional on-premises infrastructure to AWS cloud services which now hosts 20+ AWS services.
• Created monitors, alarms and notifications for EC2 hosts using Cloud Watch.
• Provisioned the highly available EC2 Instances using Terraform and cloud formation and wrote new plugins to support new functionality in Terraform.
• Configured AWS Identity Access Management (IAM) Group and users for improved login autantication.
• Utilized Cloud Watch service to monitor the QA/on demand instances, S3 metrics, configuring alarms for performance environments during load testing.
• Configuration of VLANs on cisco switches 3850, 3650 and troubleshooting IP addressing issues, updating IOS images and other hardware installations.
• Implemented traffic filters using Standard and Extended Access-lists, Distribute-Lists, and Route-Maps.
• Installing and configuring VPNs for the clients (site to site) and Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Gained strong experience and knowledge in investigating incidents related to firewall and VPN.
• Manage installations, configuration and administration of Cisco equipment in IT architecture of organization.
• Gained advanced knowledge on multiple security technologies Anti-virus, malware, Firewalls, VPN, proxies, vulnerability, DLP.
• Review and analysis of emerging threats and vulnerabilities, risks and business requirements for detection and remediation measures.
• Strong experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure wif concerned teams.
• Working wif Juniper JUNOS operating system and working on M and MX series routers.
• Working knowledge wif white listing webpages and blocking webpages wif Blue coat Proxy SG and Blue coat reporter.
• Establishing and maintaining of setup to Build and deploy the application to the Cloud AWS.
• Circuit upgrades for T1's and Ethernet circuits. Scheduled maintenance notification. Cradle point, Broadband.
• Worked on Monitoring and analysis of ProxySG performance.
• Administration knowledge on Symantec Bright mail Gateway, Symantec Endpoint protection (12.1.6) and Symantec PGP.
• On daily basis worked wif Juniper SRX 650 and Palo Alto 5050 Firewalls.
• Planning a strategy for Moving from vShield to NSX - including introducing NSX into a VDI designed around vSphere 6.5 and Citrix.
• Strong understanding of Network Virtualization and experience implementing NSX Security.
• Design the layout for cable installations.
• Worked wif up gradation of Firewalls (Juniper SRX, Palo Alto and FortiGate Devices).
• Participate in day to day DLP maintenance activities and analyse DLP incident and report on findings.
• Experience on Data Loss Prevention (DLP) and information security.
• Worked on manual Penetration testing of client systems, web sites and discovered network vulnerabilities.
• Built Cisco Device Profiles using CUCM. dis includes being part of the team whom rolled out Cisco VOIP phones when transitioning over from Avaya. We deployed 1500+ phones throughout the campus.
• Implemented 8x8 VOIP solutions on site and run network diagnostics test and network assessment test.
• Configured network services equipment Riverbed accelerators in compliance wif security policy.
• Worked on security policies of juniper SRX and Palo Alto and policy clean-up of firewalls.
• Comprehensive working knowledge of switches, switching technology, LAN/WAN security, LAN/WAN design, capacity planning, server technology, LAN/WAN troubleshooting, Voice over IP (including T1, DS3, OC-3, routing protocols, TACACS, RADIUS).
• Worked wif Bluecoat and Infoblox.
• Provide support for security solutions related to Bluecoat Proxy, configuring solutions in the development, test and production environment.
• Gained good knowledge and hands on experience wif routing and switching protocols such as OSPF, CIDRIP, BGP and STP.
• Worked on MPLS between Data center and offices.
• Strong hands on experience wif f5 BIG-IP GTM and LTM and Worked on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
• Involved in F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers. Configuring and implementing F5 BIG-IP, LTM, GTM load balancers to maintain global and local traffic.
• Worked to implement new data center as well as migrated old Switches Nexus 5000 to new Switch Nexus 7000.
• Worked on Blue Coat's proxy architecture for the elevated level of web security.
• Worked on Cisco ASA 5500 series firewalls, Nexus 7000, 5000 series switches
• Experience in troubleshooting Nexus switches
• Administer and support Juniper Firewalls Using NSM (Net Screen and ISG firewalls).
• Dealt wif NAT configuration and troubleshooting issues related to access lists and DNS/DHCP issues wifin the LAN network
• Troubleshooting VLAN, Spanning Tree Protocol, Switch trunks and IP conflict issues
• Coordinated wif senior engineers in BGP, CIDR routing policies and designs
• Monitoring Network infrastructure using SNMP tools
• Gained good knowledge on integration of logs into Splunk.
• Gained experience wif using NSM, SEP, IPS and IDS.
• Worked wif Juniper M320 multiple edge router.

Environment: F5 Local Traffic Managers (LTM) 5000, 7000 series, GTM load balancers, Spanning tree protocol, VLANs, STP, DNS/DHCP issues, Palo Alto firewalls, Cradle Point, CIDR, BGP, AWS, MPLS, VoIP, ETHER channels, checkpoint, Bluecoat, Nexus, JUNOS, Juniper.

Confidential, CA

Network Engineer

Responsibilities:

• Day-to-Day work involves scheduling firewall policy provisioning and working wif users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Implementing Security Solutions in Juniper SRX and Net Screen SSG firewalls by using NSM.
• Juniper Firewall Policy Management using NSM and Screen OS CLI.
• Provide VOD Method of Procedures documentation to customer for software upgrade downgrade release.
• Maintained the following Cisco platforms 7600, 7500, 7200, 7000, 3560, 2900, 2801, 2000, ASA5500, Catalyst 6500, 4500, 3560 and 2900.
• Experience as a Sales QA Representative in Production Environment for Network Based Firewall Based Wireline Applications and interact wif Net bond team who establishes a firewall connection on a VPN to the Cloud Portal.
• Participate in the installation and configuration of new VOD equipment.
• Configured and utilized many different protocols such as OSPF, ISIS, BGP/MP-BGP, OER, MPLS, LDP, Multicast, IPv4/IPv6 protocols.
• Utilized knowledge of Spanning Tree Protocol, BGP, MPLS, OSI model layers 1-2 to create network layouts.
• Acts as local liaison to identify, correlate, communicate and verify customer impact for nationally managed care team events impacting Video, VOD, network transport, or related IP services.
• Daily technical hands-on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly wif customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Creating and ProvisioningJuniper SRX firewall policies.
• Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
• Experience on ASA firewall upgrades to 9.x.
• Configured Panorama web-based management for multiple firewalls.
• Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
• Configuring rules and maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools.
• Network hands-on installation experience of (Cisco routers, switches, ASA 5505 firewall, VPN)
• Understand the flow of traffic through the Check Point Security Gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Use Tools such as SKYBOX for Firewall Policy optimization and rule base Clean up.
• Build and configure Active/Standby Failover on Cisco ASA wif stateful replication.
• Configure and tweak the inspection policies on Firewall to allow legacy application traffic.
• Understand different types of NAT on Cisco ASA firewalls and apply them.
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Support Blue Coat Proxy in explicit mode for users trying to access the Internet from Corp Network.
• Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
• Involved in Upgrading Bluecoat proxy servers from SG s to SG B.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• FWSM configurations in single/multiple contexts wif routed and transparent modes.
• Support Data Center Migration Project involving physical re-locations.

Environment: Juniper (SRX, JUNOS, ScreenOS, Net Screen SSG), Cisco (CheckPoint, ASA Firewalls), Palo Alto Firewalls, Big IP F5 LTM/GTM, TCP/IP, FortiGate, Service Now.

Confidential

Jr Network Engineer

Responsibilities:

• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• Performed penetration testing internally for our clients.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE. Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis.
• I worked on Check Point Security Gateways and Cisco ASA Firewall.
• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Designed and developed SDN OpenFlow for forwarding plane based on EZchip NP4 NPU.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Experienced on Cisco ISE and advanced technologies like QOS, Multicasting, MPLS and MPLS-VPN and Bluecoat proxy server SG.
• Experience using Cisco ASR 1K, 9K series switches.
• Upgrade of Checkpoint Gateways in Cluster wif Minimal downtime.
• Working on MPLS switches, and routing protocols like BGP, OSPS and EIGRP. Design and Implemented OSPF and BGP on various sites for routing enhancement, high availability and reducing administrative overhead.
• Experienced in troubleshooting various WAN technologies like Frame-Relay, MPLS, T1, DS3 and ISDN.SD
• Knowledge of DOS/Terminal functionality, Windows XP/7/8, iOS devices, Unix/Linux, Basic Perl/Python, Nmap, ESXI 5.1, VMware vSphere 5.0, Metasploit wif Armitage, Penetration Testing, and usage of Qualys Guard Vulnerability Management/Policy Compliance/WAS/ Asset Management / PCI.
• Basic knowledge of Multi-Protocol Label Switching (MPLS), Voice over IP (VoIP), Firewall PIX, Cisco Call Manager and routing protocol BGP.
• Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Upgrade of Cisco ASA Firewall in Active/Standby mode wif no down time.
• Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, building FortiGate High Availability using FortiGate Clustering Protocol (FGCP).
• SDN switches can be used for RGDD via installation of rules that allow forwarding to multiple outgoing ports.
• Firewall Compliance and Rule remediation for compliance such as SAS 70 Audit.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and Port channels creation.
• Working wif OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, Inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Documentation and Project Management along wif drawing network diagrams using MSVISIO.

Environment: CISCO routers and switches, Access Control Server, RIP V2, OSPF, EIGRP, VLAN, Trunk Protocols, CISCO ASA, DHCP, Perl/Python, SDN, DNS, Spanning tree, Nimsoft.