SUMMARY

• Total 5+ years of experience in Networking, including hands - on experience in IP network design providing network support, installation and analysis.
• Design, Build, and Implement various solutions on Check Point Firewalls, Blue Coat Proxies, F5 Load balancers and F5 Global Traffic Managers.
• Experience on Code Upgrade for Cisco Routers including 7200, 3900, 2900, 881, 891 and Switches including 6500, 4500,NEXUS9K,NEXUS7k,NEXUS6k,NEXUS5k,NEXUS4k, ASR 9K, ASR 1K.
• Upgrade ofCheck Pointfirewallsand management servers from Splat R75.30 to Gaia R77.20.
• Hands on experience onJuniperEX switches which includes EX2200, EX2500, EX3200 and EX4200 and QFX5100.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Worked on NEXUS 7K Core and Server Farm Switches with VSS & VPC support
• Performing theJuniperSRX 5800 deployment to replace the Crossbeam/Checkpoint firewalls
• Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies onJuniperSSG320 and SSG140 Firewalls.
• Worked with the installation of Palo Alto firewall, migrated with a team from predominantly checkpoint environment to Palo Alto global solution.
• Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and OTV and successfully implemented VSS on the Cisco catalyst switches.
• Hands-on experience in configuration of CISCO NEXUS Datacenter infrastructure with 5000 and 7000 series switches (5548, 7010) including CISCO NEXUS Fabric Extender (2232, 2248).
• Checkpoint level 3 operations support with hardware operation and fixed all problems.
• Expertise in Migration ofFirewallsfrom Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo altoand Vice Versa
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Checkpoint NGX firewall and Cisco 3800 series routers
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented
• Focused on next-gen Data Center architectures, including various fabric approaches such as Cisco DFA, ACI, and SDN.
• Good understanding of NAT & Firewall on Aruba Controllers
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco, B2B VPN client in addition to providing TACACS+ and RADIUS services.
• Worked extensively on firewalls and VPN gateways Check Point, CISCO, Juniper, FortiGate GUI and Arista equipment’s
• Firewalltechnologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70, R75, R77 and Cisco ASA.

TECHNICAL SKILLS

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600,1800,1700

Routing: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Switches: Nexus 2K/5K/7K/9K, Cisco Catalyst 2900, 3500, 3700,6500, 4500, 3850,3560

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch

Network Security: Palo Alto, Cisco ASA, ACL, IPSEC, F5 Load Balancer, Checkpoint

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400.GTM

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.

WAN: PPP, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, Frame Relay, VOIP.

Gateway Redundancy: HSRP and GLBP

WAN Optimizer: Riverbed Steelhead Appliance.

DHCP and DNS: Infoblox

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Management: Wireshark, SNMP, SolarWinds

PROFESSIONAL EXPERIENCE

Confidential, Tyson, VA

Network Engineer

Responsibilities:

• Hands on experience in Configuring overlay networks, troubleshooting networkingissues related to software-defined networking (SDN) with Open vSwitch (OVS), vRouter
• Configured the commands forQoSand Access Lists for NEXUS 7K and 5K
• Support Panorama Centralized Management forPalo altofirewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Working experience with 2600, 2800, 3600, 3800 and 7200 series routers andJuniperMX and T series routers.
• Creation of Firewall policies as per the requirements on Checkpoint, ASA, FWSM, and Juniper Firewalls.
• Working on security devices ASA, Juniper, Palo Alto Firewalls, Routers, and Switches.
• Worked with outside vendors for the proper design, monitoring, maintenance and configuration of cataloged services.
• Working experience on tools and devices like Source Fire, Fire eye, Aruba, Cisco ASA, Cisco ISE. adnistrated of server technologies HP blades, VMware, dedicated server hardware, cloud Detected and mitigated of SQL injection attacks Detected and mitigated of DDOS attacks Detected and mitigated of malware attacks, Incident response and DR Disaster recovery expert, Cisco ISE, Source fire IDS, Bluecoat, ASA firewall, F5, ICE, PCI and Cisco Security
• Proven ability to troubleshoot, resolve issues and develop knowledge resources to increase uptime and restoration of services. Cisco Firewalls lifecycle management design, config, code upgrades, Rules management
• Cisco ISE, Source fire IDS, Bluecoat, ASA firewall, F5, ICE, PCI and Cisco Security
• Cisco ISE, Source fire IDS, Bluecoat, ASA firewall, F5, ICE, PCI and Cisco Security
• Migrated legacy systems to new platforms or perform system upgrades to existing systems.
• Dealing with Change Requests and making the required customization changes as per the requirement.
• Worked with RFC Service Management and Monitoring System and Remedy IT Service Management Installation ofPaloAlto(Web Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring SRX devices and troubleshooting them, connecting them with Cisco nexus devices to test connectivity.
• Configuring VPN, clustering and ISP redundancy in Check Point Firewall.
• Experience working with High performance data center switch like nexus 7000 series
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Maintained, upgraded, configured, and installed Cisco ASA 5510, 5520, & 5505Firewallsfrom the CLI and ASDM.
• Configuring virtual chassis for Juniper switches EX- 4200 and firewalls NS 5200.
• Good knowledge of CISCO firewalls, CISCO PIX and ASA 5500 series, Palo alto Firewalls.
• Upgrading code onPalo altofirewalls PA5050/3020 to meet company security policy
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASAFirewalls.
• Responsible for the oversight ofNOCTechnicians
• Approve tickets and work withNOCTechnicians to efficiently and properly resolve incidents
• Manage NOC 24x7 incident and Trouble tickets for root cause analysis, troubleshooting of technical issues, identification of interim work-around solutions, as well as the testing and implementation of identified solutions and change on LAN network environment
• OpenStackMeraki with integration of Open Contrail 3.1.0
• Configure allPalo altoNetworksFirewallmodels (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scalefirewalldeployments.
• Manage teams at multiple locations in support of DC migrations, Network Engineering (Wireless, IPV6and ISE), Monitoring of systems and network to assure up time is maintained.
• Cisco ASA-X FirePower Platforms 5515, 5525, 5545, 5585
• Addressing technical queries for customers on Cisco Firepower.
• Design, Implement and Integration of Cisco Firepower firewall for perimeter connectivity.
• Implementation of Firepower management center in the Datacenter and integrating client firewalls.
• Understand theJUNOSplatform and worked with IOS upgrade of Juniper devices
• Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
• Juniper ContrailSDNdeployment assistance to the senior engineering team
• Juniper ContrailSDNsolution provisioning in test labs. deploying BIG-IP F5LTMLoadBalancersforloadbalancing and traffic management of business application
• Spinup new virtual hosts and appliances based on Cisco UCS and VMware ESXi
• Configured Aruba WAP and Wireless controller 66xx/57xx on Cisco Prime, VMWare NSX for proper access of Boingo wireless interne
• Integrated and evaluated Cisco ACI, VMware NSX, and Arista CVX SDN solutions
• Integrated Palo Alto next-gen firewalls with overlay VMware NSX SDN network
• Experience working on administering variousAWSServices usingAWSConsole,AWSCLI and using Amazon API (Boto3 SDK) using python
• Experience in deploying Meraki wireless in the corporate office and labs
• Designed and configured the Meraki SDWAN Full stack and upgraded the cisco end of life support devices to Meraki platform
• Responsible for installation of Meraki MX security appliance and MS switches in the client environment to support SDWAN

Confidential, Glen Allen, VA

Network Engineer

Responsibilities:

• Configured Cisco ASA 5510 for VPN Network Access Control integration with CiscoISE(Inline PEPs).
• Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, applying downloadable ACLs through CiscoISE, and Configuring Standard and Extended ACLs locally and on the upstream switches for Cisco NAC Solution.
• Hands on Experience working with security issue like applying ACL's, configuring NAT and VPN.
• Experience working Juniper T-Series, M-Series, ERX 1400, M320, MX960, J-Series Routers
• Configuring user's roles and policies for authentication using Cisco NAC/ Cisco AnyConnect and monitoring the status of logged users in network using Cisco ISE
• Configuring and modifying Access-lists (ACL), policy maps, route-maps.
• Responsible for Check Point andJuniperSRX firewall administration across our global networks.
• Provide design andSDN/NFV networking support using Open-Stack, Juniper Contrail and Big Switch Networks
• Juniper ContrailSDNCloud Computing Open Networking Open flow/ODL
• Configured Cisco ASA 5510 for VPN Network Access Control integration with CiscoISE(Inline PEPs).
• Responsible for the secure development lifecycle environment form NX-OS to Application Centric Infrastructure (ACI) in Data center, implemented in the lab environment.
• Monitored Multi-customer ISP network and troubleshooting issues in a 24 X 7 environment.
• Startup Splunk Syslog for all CDC Cisco Routers/ Switch including F5’s (LTM/GTM) Analyze intrusion detection system (IDS) and intrusion prevention system (IPS). Identify detection methods and techniques such signature based detection and anomaly based detection method.
• Worked with ASA Firewalls upgrades and build configuration for ASA Firewalls for different versions.
• Designed and implemented Firewall rules for Secure DMZ Project and deployed.
• Worked with IPSEC VPN Tunnels, S2S VPN Tunnels and Any connect VPN Tunnels Configurations and their activities for different partner net companies.
• Building new VPN tunnels and management of existing tunnels with various vendors and customers.
• Configured RIP, OSPF and Static routing onJuniperM and MX series Routers.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Hands-on experience in configuration of CISCO NEXUS Datacenter infrastructure with 5000 and 7000 series switches (5548, 7010) including CISCO NEXUS Fabric Extender (2232, 2248).
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with CiscoISE

Confidential

Network Engineer

Responsibilities:

• Worked onCiscoLayer 2 switches (spanning tree, VLAN).
• Implementing new trace protocol compatible with legacy andSDNenvironment (proposing as RFC standard)
• Configuration, operation and troubleshooting of BGP, OSPF, EIGRP, RIP,VPNrouting protocol in Cisco Routers & L3 Switches.
• Implementation configuration and troubleshooting of Check PointFirewallR 71
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client's needs.
• Worked onPalo altoFirewalls including PA 5000 and PA 3000 series
• Configuring rules and MaintainingPalo altoFirewalls & Analysis of Firewall logs using various tools
• Implementedfirewallsusing Cisco ASA, Cisco PIX, Check PointProvider-1 /SiteManager-1 NGX R65,Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
• Establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DCHP profiles.
• Worked in the process of Data center fabric migration, performed migration from legacy Catalyst 6513 Switches
• Worked on Nexus 7010 switches adhering to ITIL change Management Procedure.
• Designing, Installation and configuration of MPLS circuits, VPN and SSL VPN connections on checkpoint Firewalls, Juniper & NetScreen VPN Boxes.
• Configured IPsec VPN connections, encryption algorithms & VPN domains on checkpoint R75.
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links
• Managed network IP allocations using QIP Cisco, QIP Alcatel and DSDB.
• Participated in the installation, configuration, and post installation daily operational tasks and configuration of the deployment of Cisco Nexus equipment
• Performed "Fresh Installation" of R77.10 on Smart Event 150 appliance through the Console to establish the connection between theCheck PointManagement server to receive the logs.
• Configured and deployed MPLS connectivity and site-to-site VPN with IPSec security layer.
• Knowledge and experience with Citrix NetScaler Access Gateway configurations.
• Responsibility to build and maintain Cloud lab usingOpenStackand integration with Open Contrail. Providing consultancy for SDV/NFV and Telco Cloud solutions
• ISR 2900 series routers, Cisco 5520 ASA appliance, Wireless LAN upgrade project. Assisted infrastructure team with the installation of 60 cisco 3700 series AP, around the building.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Configured VDC's on NEXUS 7K for creating multiple logical switches and HSRP and VLAN trunking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments in data center.

Confidential

Network Administrator

Responsibilities:

• Broad Hands on Experience in Inter-vlan routing, redistribution, access-lists and dynamic NAT.
• DMVPN Technology, Performance Routing PFR, Ethernet.
• Rewrite HPNA perl module Create HPNA command scripts.
• Support remote office WAN, PFR & DMVPN technologies.
• Configured VLANs, Private VLANs, VTP and Trunking on switches.
• Administration and security of IP basednetworksusing Cisco Enterprise Class networking hardware and software
• Configure legacy route map configurations using the new Cisco IOS XR Routing Protocol Language (RPL)
• Maintaining Core Switches, creating VLANs and configuring VTP.
• Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Performed redistribution with OSPF, EIGRP, RIP version 1 and 2 to enable communication with backbone and Configured OSPF for Stub area, Totally Stubby Area and NSSA.
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Developed PERL data conversion scripts to process and convert claims data into internal data format.
• Installed and configured DHCP Client/Server.
• Support for load balancer and access policy manager.
• Work in Unix environment, verification of Logs using Unix commands, working on Putty.
• Had a chance to troubleshoot various application issues with respect to F5.
• Configured and managed networks using L3 protocols like RIPv2.