SUMMARY

• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509 - V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Knowledge and experience wif F5 ADC, Palo Alto, Dell Force10, Brocade, Meru/Aruba WLAN, Splunk, TACACS.
• Experience wif design and implementation of Virtual Switching System (VSS).
• In-depth noledge of Linux Kernel Programming (Module Programming).
• Network security including NAT/PAT, ACL, VPN Concentrator.
• Experience in configuring, implementing and troubleshooting F5 load balancer in the enterprise network.
• Involved in Data center migration including subnet migration, VPNs migration, network and security device configurations Experience wif Bluecoat Proxy and VPN Technologies including B2B and Remote.
• Configuring and managing Blue Coat Proxy Servers.
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Experience wif handling DNS and DHCP servers.
• Experience in configuring protocols like TCP/IP, Routing Protocols (RIP, OSPF, BGP, IGRP and EIGRP), PPP, PPTP and L2TP.
• In depth noledge of IPv4 & IPv6 addressing and Subnetting.
• Extensive experience in layer-3 Routing and layer-2 Switching.
• Deal wif Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series, Cisco catalyst 6500, 4500, 3750, 3500 and 2900 series switches.
• Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540/5560) Series.
• Hands on experience working wif Cisco Nexus 7K, 5K & 2K Switches.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and Troubleshooting on LTMs and GTMs.
• Implementing F5 load balancer using Cisco UCS director.
• Administration and diagnostics of LAN and WAN wif in-depth noledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may has been altered during various planned network changes on the network.
• Managed inventory of all network hardware, management and monitoring by use of SSH, Syslog, SNMP, NTP.
• Working wif Riverbed for WAN optimization.
• Experienced wif Windows 2008/2012 active directory design installation and migration.

TECHNICAL SKILLS

Operating system: Windows, Linux Servers

LAN and Administration: TCP/IP

Active Directory: Cisco IOS, Routers, Switches

Designing and debugging: MS-Outlook, Outlook Express

Proxy Routing: RIP, OSPF, DNS, DHCP, VoIP, IDS, IDP BGP, EIGRPSimulation, SNMP, SSL

Troubleshooting, Upgrading: FTP, HDLC, IVR, ISDN, FDDI

Load Balancer: WAN Optimization

Routing Protocols: Juniper EX Switches

Juniper Routers: PaloAlto

Simulation Tools: Security/ Firewalls

AAA Architecture: Features & Services

Ticketing Tool: Migration,Managing

Frame Relay: Traffic Inspection

PROFESSIONAL EXPERIENCE

Sr. Firewall Engineer

Confidential - DETROIT, MI

Responsibilities:

• Strong hands on and exposure to PaloAltoon a regular basis.
• Successfully installed PaloAlto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured and maintained IPSEC and SSL VPN's on PaloAltoFirewalls.
• Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.
• Created virtual systems (firewalls) in the PaloAlto Environment.
• Created security system rules and opened ports as per the user request.
• Has experience working on the migration from Juniper Net screen (SSG 140) to PaloAlto 3020 Upgraded the RSA Authentication Manager, halped colleague on upgrading the SEPM client servers from SEPM 12.1.2 MP5 to SEPM 12.1.6 MP5.
• Created external and internal DNS records as per the user request for a domain.
• Whitelisted IP's as per the user request on bluecoat proxy servers.
• Created firewall policies and NAT rules to provide access for websites internal and externally on PaloAlto and Juniper firewalls.
• Configured VPN tunnels on Juniper security system clusters and tested tunnel negotiations.
• Creating design and configurations for needed network SDWAN solutions; Design and architect of Implementation steps and procedures for the Hub/Spoke deployments using a v1000 appliance structure.
• Involved in the discovery, design, and implementation of the client’s network in relation to SDWAN.
• Performed nightly and day-to-day operations checks, configurations, and maintenance services on the Versa SDWANsystem, and networking components that made up the SDWAN infrastructure.
• Experience working wif Network security manager (NSM) to access the Juniper firewalls.
• Worked on Juniper Net screen firewalls such as SSG5, ISG1000.
• Researched, designed, and replaced aging Checkpoint firewall architecture wif new next generation PaloAlto appliances serving as firewalls and URL and Application inspection.
• Configuration, deployment and Administration of Checkpoint, PaloAlto Firewalls to manage large scale firewall deployments.
• Configuring rules and Maintaining Checkpoint, PaloAlto& Analysis of firewall logs using various tools.
• Migration from Cisco firewalls to PaloAlto firewalls platforms PA 4000and PA 500 and PA- 200 firewalls.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Maintained and Configured Check Point VSX wif firewall virtualization.
• Configured and maintained IPSEC and SSL VPN's on PaloAlto Firewalls.
• Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.
• In depth noledge of multi-vender platforms such as Cisco, Checkpoint, Fortinet, F5, Blue Coat (web/socks proxy), MacAfee web gateway.
• Conducted SD-WAN Proof of concept for future adoption.
• Provided a SSL VPN solution to replace PPTP VPN.
• Design solutions and proof of concepts (POC) and troubleshooting Support for Fortinet UTM/Firewalls.
• Maintained and Configured Check Point VSX wif firewall virtualization.
• Converted Checkpoint VPN rules over to the Cisco ASA solution and worked on RSA secure IDs to providing VPN Token to Company USERS, Migration wif Cisco ASA VPN experience.
• Configured Client VPN and RSA Token ID technologies including Cisco's VPN client via IPSEC.
• Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication wif Active Directory, RSA Secure ID, Proxy Radius Services to Cisco ACS.
• Configured the F5 LTM to operate correctly wif Cisco ISE PSN nodes.
• Installed ESXi 6.5 on Cisco UCS-C220-M4S server and following Vms:Cisco ISE 2.4 and windows server.
• Deploy Cisco ISE on Nexus 5000/7000 routers, Cisco Switches, and Cisco ASA firewalls.
• Complete Cisco ACS to Cisco ISE 2.2 migrations automated and manual processes for an international port.
• Implementing F5 load balancer using Cisco UCS director.
• Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual server.
• Implementation of OSPF wif BGP during migrations and new connectivity.
• CSU/DSU loop testing in examining WAN link issues by implementing hardware and software loops.
• Extensive Packet level debugging and troubleshooting on PaloAlto Firewalls to resolve numerous network issues.
• Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the PaloAlto Firewalls placed in the Data Center wif MS Visio.
• Configure and maintain security policies on Fortinet firewall and managing Fortinet Analyzer.
• Hands-on experience in configuration of firewalls - PaloAlto, Cisco, Fortinet, and Firefly.
• Expertise in configuring and troubleshooting of PaloAlto, Fortinet, Juniper Net screen & SRX Firewalls and their implementation.
• Configure and maintain security policies on Fortinet firewall and manage Forti Manager/ Forti-Analyzer.
• Provisioned various Cisco Meraki & Fortinet firewalls.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Offered authentication accounting authorization to all network devices using Cisco Secure Access Control Server (ACS).
• Design, Configuring and troubleshoot F5 LTM load balancing.
• In depth understanding of implementing and configuring F5 Big-IP LTM, GTM (11.x, 10.x).
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Knowledge on configuration of iApps (BIG-IP) application service in implementing F5 load balancer.
• Using F5 load balancer for traffic filtering and network optimization.
• Documenting F5 logs and sending to weekly report to management.
• Linux Kernel configuration changes (Device Tree, make file, Brocade platform specific changes) for the platform.

Firewall Engineer

Confidential - FREEPORT, ME

Responsibilities:

• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Adding and removing Checkpoint firewall policies based on the requirements of various project requirements.
• Administer Checkpoint firewalls wif cluster gateways including pushing policies and processing user requests to allow access through the firewall using Smart Dashboard and identify unused rules and schedule change to mark it for permanent deletion at later point of time.
• Checkpoint Firewall Log review and analysis and troubleshoot connectivity issues.
• Configuring HA on Checkpoint security gateways using cluster XL and VRRP.
• Upgrading Checkpoint security gateways in cluster wif minimal downtime.
• Perform SSL Offloading on LTMs and web accelerators wif 2048-bits VeriSign certificates.
• Also, renewing certificates to ensure the security of websites.
• Assist customers wif troubleshooting network attached storages, softwareRAID, configuring SMB shares, joining to Active Directory, configuring iSCSI, as well as basic network troubleshooting.
• Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN1 NGX R55/R65/R70.Performed upgradation from old platforms to new platforms R65 to R75.45 Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server wif SPLAT operating system.
• Setup Cisco ACI Fabric (Spine/Leaf/APIC) Configure ACI APIC controller.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewalls.
• Provided proactive threat defense wif ASA that stops attacks before they spread through the network.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may has been altered during various planned network changes on the network.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP IPv4/IPv6 and configured IP access filter policies.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Worked wif PaloAlto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Migration from Cisco firewalls to PaloAlto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls.
• Configured IPSec tunnels wif PaloAlto to enable secure transport and cloud based/site-site VPN to both Azure and AWS.
• Configured High availability, User ID on PaloAlto firewall.
• Configured, Deployed & performed Maintaining PaloAlto Firewalls & Analysis of firewall logs using various tools.
• Editing and Changing PaloAlto Polices and Monitoring threats on firewalls.
• Analyzed traffic pattern and implemented URL filtering, using the PaloAlto Firewall.
• Troubleshooting and configuring PaloAlto FW's 3060 & 5060.
• Designed security policies on PaloAlto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
• Configured and maintained IPSEC and SSL VPN's on PaloAlto Firewalls.
• Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.
• Troubleshoot on security related issues on Cisco ASA/PIX, Checkpoint and IDS/IPS.
• Configured Multiprotocol Label Switching (MPLS) VPN wif Routing Information Protocol (RIP) on the customer's stage.
• Worked and performed troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, and BGP ability to interpret and resolve complex route table problems.
• Experience wif Security- Firewalls, NAT / PAT, IPSEC, S2S.
• Experience wif ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP Worked wif ITIL (Information and technology information library) for managing our services.
• Working wif ITS networking teams to install an Avaya VoIP phone system and test phone system connectivity and functionality.
• Knowledge of wif API's for troubleshooting Network issues using Wireshark and NTOP.
• Configured static NAT, dynamic NAT, dynamic NAT overloading.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
• Configured and perform trouble shooting on Dell Power Connect Switch 5548 used to connect VM Servers and Flex Systems.

Network Engineer

Confidential

Responsibilities:

• Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Ensure connectivity and communication among networks, servers and clients inside and outside department.
• IOS upgrade for Cisco routers & switches.
• Created and maintained topological changes for Test Labs, Data Center and Switch port assignment in Visio.
• Backup, restoring and upgrading the Router and switch IOS.
• Document all changes, upgrades, maintenance, procedures.
• Worked wif network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc Worked wif F5, CISCO ACE 4710 Load balancers, GSS and Wireless networks.
• Deployed Cisco Catalyst 6500, 4500, 4000, 3750, 3850, 3560 switches Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls Worked wif Juno OS and Juniper M&T series switches.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Experience working wif Nexus 7010, 5020, 2148, 2248 switches.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers Created virtual systems (firewalls) in the PaloAlto Environment.
• Experienced in facing the Bluecoat and PaloAlto product lines, up to pre-sales type of function.
• Demonstrated experience wif Check Point, Cisco, and PaloAlto Networks Solutions Experience wif convert Checkpoint VPN rules over to the Cisco ASA solution.
• Migration wif Cisco ASA VPN experience Load balancing using F5 products.
• Checkpoint Firewall Log review and analysis and troubleshoot connectivity issues.
• Configuring HA on Checkpoint security gateways using cluster XL and VRRP.
• Experience in different VPN platforms, IPSec, SSL & Web VPN.
• Mobile VPNs solutions from Cisco and Checkpoint.
• Converted Checkpoint VPN rules over to the Cisco ASA solution.
• Migration wif both Checkpoint and Cisco ASA VPN experience.
• Configured ASA 5510 appliance and VPN.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.

Network Admin

Confidential

Responsibilities:

• Planning and Designing of Network infrastructure, Servers, Link, and bandwidth monitoring (Network tool), analyze incidents and troubleshooting of network related issue.
• Configuration and Troubleshooting on site-to-site VPN and Remote VPN on CiscoASA 5540 security system.
• Work on CiscoACS (TACACS+) Server for Providing Access on Network and Security Device's.
• Troubleshooting various LAN and WAN issues related to STP, VLAN, VTP, HSRP, VRRP, GLBP, ACL and routing protocols Installation, configuration & troubleshooting of CISCO Routers (1751, 2600, 3600).
• Configuration and Testing of Cisco switches (2950,1900 series).
• Managing WAN&LAN and Administration of TCP/IP based network.
• Negotiate VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.
• Regular basis Implementing Network Changes on Schedule time wifin Window.
• Participation in various conference call, meeting related to Project work, interaction wif clients for resolving issues or for their old or new concerns.
• Schedule changes and work through maintenance requests over weekends.
• Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
• Responsible for evaluating impact and performance on the network server Managing Layer 2 switches of Cisco, VLan configuration and assigning ports to specific VLan as per requirement.
• Involved in designing GRE tunnels for encryption of data flow from source to destination.
• Hands on experience wif Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them wif various modules like Gig card, VPN SPA card, WIC card.
• Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience wif Cisco ACS 4.x servers.
• Monitor and tune network to ensure acceptable levels of performance.
• Evaluate applications connectivity requirements Configuring various clients like Outlook Express, MS-Outlook 2003 & 2007 Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured policy-based routing for BGP for complex network systems.
• Negotiate VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.