PROFESSIONAL SUMMARY:

• Sr. Network Engineer with 8years of IT experience with a focus on designing and developing network & security solutions.
• Strong knowledge based in the planning, design, and implementation of Information Systems and Network Technologies.
• Experience on layer 3 routing and layer 2 switching.
• Experienced in design, installation, configuration, administration and troubleshooting of LAN/WAN infrastructure and security using Cisco routers/Switches/firewalls.
• Experience in Cisco Nexus 1k,2k, 5k, 7k & 9k Series, Cisco Catalyst Switch 6500, Cisco Routers 3900
• Experience on Juniper Jun OS using SRX, MX, EX series Routers/switches/Firewalls
• Enterprise Routing experience using protocols RIP v1 & 2, EIGRP, OSPF and BGP.
• Enterprise Switching with VLANs, Trunks, Spanning Tree, Port Spanning etc.
• Switching tasks include VTP, ISL/ 802.1q, IPsec and GRE Tunneling, VLANs, Ether Channel, Trucking, Port Security, STP and RSTP.
• In depth understanding of IPV4 and implementation of Sub netting.
• Strong Proficiency in SMB POP IGMP SMTP and TCP/IP protocols
• Experience in configuring Site - to-site and remote access VPN solutions.
• Serve as lead on configuration and troubleshooting VPN's on all vendor firewall devices.
• Experienced in handling and installing Palo Alto Firewalls and juniper SRX firewall.
• Network security including NAT/PAT, ACL, VPN Concentrator, IDS/IPS, and ASA/PIX Firewalls.
• Experience with convert PIX rules over to the Cisco ASA solution.
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large-scale firewall deployments.
• Configuring Checkpoint Firewall in IPSO, Secure Platform and GAIA platforms.
• Configure ISE 2.1 TC-NAC with AMP and Posture Service and device Sensor for ISE Profiling.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of checkpoint firewall R70, R75 Provider-1/Site Manager-1.
• Experience with cisco ASR 9000/CRS-1 / CRS-3/ NCS 6k for providing in-depth support and consulting services.
• In depth knowledge of MPLS (VPLS, VPWS, L2VPN, L3VPN), LDP, RSVP, IS-IS, OSPF, MP-BGP, VRFs and Multicasting.
• Experience with Cisco IP Telephony, CUCM (4.X-7.X), Gatekeepers, Voice Gateways, Cisco Unity Connection, CME, Cisco Presence
• Deployed Voice over IP Solution for various customers, each with distinct requirements including but not limited to Cisco Communications Manager centralized cluster with remote sites running SRST functionality.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Manage deployment and testing of code updates for wireless systems, such as WCS, WISM and WLC
• Familiar with 802.11 a/b/g and 802.1 Q standards and RF technology
• Experienced in troubleshooting various network related problems by using sniffing tools
• Experience on Monitoring tools like Wireshark, Solar winds, TCP Dump, Nagios, Open NMS, PRTG, Remedy, Op Net, VMware, Riverbed, SNMPv2, SNMPv3
• Assisted with scheduling, troubleshooting, and modification of TelePresence meetings through proprietary Cisco systems, as well as using third-party systems (Microsoft Outlook, etc.)
• Learned to diagnose and troubleshoot TelePresence endpoints (CTS, MX, SX, EX, TX)
• Experience in designing data communications and networks utilizing that utilize a mixture of frame relay,
• A highly organized individual, who adopts a systematic approach to problem solving, effectively analyzes results and implements solutions.

TECHNICAL SKILLS:

Routing and switching Protocols: RIP, RIP2, PPP, OSPF, EIGRP, IS-IS, BGP, H323, SIP, MGCP, SCCP, SNMP, HTTP, FTP, TFTP, HTTP, DHCP, SMTP, ICMP VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels.

Firewalls and Sniffers: Cisco PIX, FWSM, ASA, Palo Alto PA-500, PA-2k, PA-3k, PA-5k & PA-7050, Checkpoint R65/R70/R75/R76/R77, SRX210, SRX240OPNET, WIRESHARK, Solar winds, TCP dump, VMware, Nagios, SNMPv2, SNMPv3

WAN Protocols and Technologies: MPLS, HDLC, PPP, ATM, FRAME RELAY, IDSN, Metro Ethernet IPsec, GRE, NAT/PAT, ACL, IPv4, IPv6

Routers: Cisco 7609, 2600, 2800, 3800, 3640, Cisco 3745, 7200 Series, ASR 9000, CRS-1, CRS-3, Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series

Switches: Cisco 3500, 5000, 6500 Catalyst Series Cisco 7000, 2000 Nexus Series

Network Equipment: CISCO 2950,3500,4500,6500 series Switches, CISCO 800, 1600, 2500, 2600,3700,3800,7200 series Routers, Cisco wireless access points.

Operating System: Windows XP/7/8, UNIX, Linux

WORK EXPERIENCE:

Confidential, Cary, NC

Network Security Engineer

Responsibilities:

• Design, deployment and maintenance of enterprise networks and datacenters.
• Deploy ISE technology in infrastructure to establish secure and authenticated network.
• Worked on multiple projects related to Branch networks, Campus networks, extranet clients and Data Center Environments involving in data center migrations from one data center to another.
• Develop test plans, implementation plans, and project timelines for various assignments.
• Responsible for the deployment, configuration and maintenance of a Cisco Identity Service Engine(ISE) infrastructure to include Policy Admin, Monitoring and Policy Services Nodes with over 50K endpoints.
• Implemented 802.1x standards for the end user network using CISCO ISE (Identity Service Engine)
• Implement and maintain the network performance and health of the corporate network.
• Responsible for providing secure access to wired/wireless end users and guests.
• Investigate and resolve wired & wireless network issues, research analyze, isolate and resolve errors, assess and evaluate current and future systems.
• Configuring and integrating Network Access Devices(NAD), profiles and polices on Cisco ISE.
• Worked on Cisco AnyConnect client mobility (4.4) for enabling Modules Network Access Manager(NAM) and posturing.
• Upgraded the remote access (VPN) and Firewall environment for the entire organization
• Configuration and maintenance of an infrastructure to include Cisco Wireless controllers, Switches, Aps and Radius authentication.
• Writing API script for Integrating 3rd party Amilea 3rd party cloud service for Guest Access and getting authenticated with Cisco ISE.
• Experience in migrating Check point to the Cisco ASA Devices. Also, migrating from Cisco to Palo Alto.
• Develop and maintain technical documentation (design specs, architecture, configuration diagrams, standard operating procedures, processes, standards, site reference etc.)
• Responsibilities also include technical documentation of all upgrades done. Attending meetings and technical discussions related to current project.
• Write functional requirements/specifications documents.
• Perform network troubleshooting to isolate and diagnose common network Problems.

Environment: Cisco ISE, Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505, 5510) firewall.

Confidential, Chicago, IL

Sr. Network Engineer

Responsibilities:

• Experience working with market data networks and dealing with clients and deploying network designs
• Experience with converting WAN routing from EIGRP/OSPF to BGP which also involved converting from Point to point circuits to MPLS circuits.
• Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
• Experience with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP
• Experience with design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000
• Experience working with High performance data center switch like nexus 7000 series
• Experience working with Nexus 7010, 7018, 5020, 2148, 2248 devices.
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
• Experience with convert PIX rules over to the Cisco ASA solution.
• Responsible for Cisco ASA firewall administration across our global networks
• Design and configuring of OSPF, BGP on Juniper Routers (MX960) and SRX Firewalls(SRX240)
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts
• Deployed Voice over IP Solution for various customers, each with distinct requirements including but not limited to Cisco Communications Manager centralized cluster with remote sites running SRST functionality
• Integrated the Cisco Unified Wireless IP Phones (792X series) with Cisco Unified Communications Manager and Cisco Unified Communications Manager Express using IEEE 802.11 over a Cisco access point.
• Experience with video Encoder/Decoder configuration
• Experience with compressed and uncompressed digital video and audio standards, especially around H.264 and MPEG-2 technologies
• Experience with web streaming platforms (Adobe, Microsoft)
• Configure, administer, and document firewall infrastructure, working with Checkpoint/Nokia.
• Manage the firewall deployment, rules migrations, and firewall administration.
• Responsible for converting existing rule base onto new platforms.
• Thoroughly familiar with Checkpoint models, capabilities, and architectures
• Managed corporate Checkpoint Firewalls Implementing security rules and mitigating network attacks
• Daily responsibilities included design, implementation, support and administration of multiple security products running Checkpoint Provider-1 and VSX, Source Fire, and ISS Real secure.
• Deployed Site to Site and Client to Site VPNs utilizing checkpoint Firewalls-1/VPN-1
• Fully versed in the syntax of security platforms, and rule verification
• Managed theF5 Big-IP GTM/LTM/AFMappliances to include writing I Rules, SSL offload and everyday task of creating WIP andVIPs
• Involved in migrating applications from net scalars to F5 Big - IP environment
• Developed deployment solutions for network technologies including Optical VoIP VPN SAN switching and routing.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server as well as configuration of F5 Big-IP LTM-6400 load balancers and experience working withF5 technologies (LTM, GTM, APM, V9, V10, V11)
• Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, tuning (Configuration), make standardization for the topology
• Configured, installed, &managed DHCP, DNS, & WINS servers
• Implement and configured VRRP/GLBP (on distro/core switching), HSRP on different location of office on the switched network and managing the entire multilayer switched network
• Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation

Environment: Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505, 5510) firewall.

Confidential, Farmington Hills, MI

Network Engineer/Security

Responsibilities:

• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
• Configuring RIP, OSPF and Static routing on JuniperM and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Configuring IPSEC VPN on SRX series firewalls
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet
• VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and support
• Designed, configured, implemented and supported VoIP Installations.
• Provisioned and troubleshoot HLR, VLR, SGSN/GGSN registrations, and IP address assignment, DHCP services, Domestic/Roaming GSM/GPRS, Wi-Fi, Voice Mail and features.
• Commissioned wireless voice and data, IP services, Access Point Names (APN), PAPN, security, and GPRS PDP context activation, VPN for medium too large-sized corporate and individual customer.
• Gained through understanding of call center environment including call routing algorithms in ACD system.
• Installed and maintained routers and switches in various network configuration supported VLANs, Qos, VoIP and advanced Access-Lists.
• Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backup
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls
• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Experience on a mesh 6500 and 5500 series routes and switches to support the core trading system.
• Experience in designing data communications and networks utilizing that utilize a mixture of frame relay.
• Experience on Cisco ASR 9000, CRS-1/3 for providing Depth support and services.
• In depth knowledge of cisco ASR 9k, MPLS, IS-IS, OSPF, MP-BGP, VRFs and Multicasting.
• In depth knowledge of MPLS control plane protocols (LDP, RSVP, CSPF)
• Experience on Multicast in a campus network by using IGMP and CGMP on Catalyst switches
• Experience converting Cat OS to Cisco IOS on the Cisco 6500 switches
• Configured IGMP snooping on catalyst 5000 and 6000 switches.
• Installation, Configuration and Administration of ADS, DNS, DHCP and Web proxy(ISA)server
• Worked on HSRP for load balancing.
• Managed theF5 Big IP GTM/LTM/AFM appliances to include writing I Rules, SSL offload and everyday task of creating WIP andVIPs
• Maintenance of F5 Load Balancers-6600/6800
• Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements
• Worked on info lox, which is a public developer and provider of enterprise network.
• Info lox for Network landscapes for security, virtualization, cloud, SDN.
• Bluecoat proxy server’s setup, configuration, upgrade and Troubleshooting
• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations
• Managed corporate Checkpoint Firewall implementing security rules and mitigating network attacks.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
• Migrated previous corporate Checkpoint 4.0 Firewall-1/VPN-1 on Windows NT to Nokia IPSO appliance for increased performance and stability
• Taking Regular backups & testing the backups by restoring in test lab frequently
• Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
• Managing a TACACS server for VPN user authentication and network devices authentication
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.
• Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
• Monitored all Cisco equipment’s using Cisco Works
• Installed and configured the Cisco routers 2800 in two different customer locations. It includes coordinating with Verizon and AT&T in order to bring the serial interface up for T3 link. Also, configuration includes frame relay, BGP and VPN tunnel on GRE

Environment: Juniper firewalls 5GT, 208, SSG 5, 140, 550, 550M, NSM, IDS/IPS 6500/3750/3550/3500/2950 switches, Juniper (M320, T640), Load balancing, Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels.

Confidential, Ramsey, NJ

Network Engineer

Responsibilities:

• Configured Cisco Routers for OSPF, RIPv2, EIGRP, BGP, Static and default route.
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Set up VLANs and access ports connecting virtual machines using the NX-OS CLI on Cisco Nexus 1000v virtual machine and VMWare vSphere client networking.
• Worked on ASA (5540/5550) Firewalls and juniper SRX firewall. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Configured, Installed, tested and installed Cisco's enterprise telecommunications system
• Installed and maintained VoIP infrastructure components
• Worked on HSRP for hop redundancy and load balancing.
• Provided port binding, port security and router redundancy through HSRP.
• Configured the Cisco router as IP Firewall and for NAT Configured RSTP, MST and used VTP with 802.1q trunk encapsulation.
• Designing and installing Wireless Network Infrastructure.
• Performing regular maintenance of wireless network systems like periodic system testing and software upgrades
• Assisted university campus for VOIP network management and troubleshoot
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Configured FTP server for inside/outside users & vendors
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.

Environment: Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP, Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN’s, SSL.

Confidential

Network Engineer

Responsibilities:

• Configured Routing protocols such as OSPF and policy based routing.
• Create and testCisco router and switching operations using OSPF routing protocol.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Team member of Configuration ofCisco7206 router and Configuration of Catalyst switches.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configured IP access filter policies.
• Providing Technical Support and solutions forNetwork Problems.
• Involved in migration of ACE 10 and ACE 20 to ACE 30 module
• Implementing NAT solution's on Cisco IOS routers.
• Worked on Cisco Routers, Active /Passive Hubs, Switches.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel.
• Design and implemented network infrastructure and configured all the network Infrastructure devices including Network Printers and Registers

Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.

Confidential

Network Support Executive

Responsibilities:

• Network Assessment and Documentation (including technical, operational, and economic assessment)
• Provided hardware and software support to corporate users and IT staff
• Provided technical support on hardware and software to remote production sites
• Help negotiate hardware, software, and circuit contracts for customers
• Configure and implement Remote Access Solution: VPN, ISDN dial up, Fractional T1
• Configure Cisco VPN 3000 Concentrator to allow VPN clients
• Redistribution of routing protocols and Frame-Relay configuration
• Troubleshoot Windows 2000 Servers and streamlining the user policy.
• Managing User accounts using Active Directory
• Implementation of TCP/IP & related Services-DHCP/DNS/WINS
• Maintained Local Area Network connectivity including switches, routers, wiring closets, and drops to the desktops
• Managing Layer 2 switches of Cisco, V Lan configuration and assigning ports to specific V Lan as per requirement
• Configured standard and extended access-lists on network
• Implement Cisco IOS Firewall IDS using 2600 series router