SUMMARY

• Around 8 years of Experience wif in designing, deploying and troubleshooting Network & Security infrastructure on routers, switches L2 firewalls of various vendor equipment.
• Extensive work experience wif Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
• Experience in layer - 3 Routing and layer-2 Switching. Deals wif Nexus 7K, 5K, 2K series Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches
• Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800)
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550)
• Expertise in configuration of routing protocols and deployment of OSPF, EIGRP, BGP and policy routing over Cisco routers.
• Experience working on Palo alto Firewalls
• Experience wif design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLSQOS.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability.
• Performing onsite data center support including monitoring electrical power, switch alarms, network alerts and access logs.
• Experienced wif Juniper: EX-2200, EX-4200, EX-4500, MX-480, and M Series, SRX210, SRX240. provide support for Aruba Wireless devise
• Worked on F5 BIG-IP LTM 8900,CitrixandNetscalarconfigured profiles, provided and ensured high availability.
• Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520 ver8.2
• Configured ASA 5520 Firewall to support Cisco VPN Client on Windows 7/XP/Vista.
• Installation, advanced configuration and troubleshooting of Cisco and F5's load balancing devices.
• Experience wif designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP
• Implemented redundancy wif HSRP, VRRP, GLBP, Ether channel technology (LACP, PAGP) etc.
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Experience working wif Cisco IOS-XR on teh ASR9000 devices for MPLS deployments
• Efficient designing of IP Addressing Scenario using VLSM and Subnetting.
• TEMPHas done teh Configuration on BIG IP (F5) Load balancers and also monitored teh Packet Flow in teh load balancers.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Extensive experience using Microsoft suite like Word, Visio, Excel, PowerPoint
• Excellent technical and project management skills combined wif strong communication skills.

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K & 1K

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, IPsec, VLAN, VPN, WEP, WAP, MPLS.

Firewall: PIX Firewall (506/515/525/535 ), ASA Firewall (5505/5510)

NetworkTools: Solar Winds, SNMP, Cisco Works, Wire shark

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE

Confidential, Thornton CO

Sr. Network Engineer

Responsibilities:

• Experience working wif Nexus 7018/7010, 5020, 5548, 2148, 2248 devices
• Expertise in installing, configuring and troubleshooting Juniper EX switches (EX2200, EX2500, EX3200, EX4200, EX4500 series).
• Involved in upgrading switches from 6500 E to 4500-X
• Implementation of BGP to optimize WAN routing on teh core and edge routers.
• Mutual redistribution of OSPF and BGP routes using route maps.
• Involved in upgrades to teh WAN network from existing 7200vxr wif ASR1004, ASR9000 and 3845/3945 routers.
• Implementing security Solutions using Palo Alto PA-5000, Checkpoint Firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Implemented Positive Enforcement Model wif teh help of Palo Alto Networks.
• Deployed Palo Alto Networks PAN-5050Designed and configured teh commands for QoS and Access Lists for Nexus 7K and 5K
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working wif Checkpoint Support for resolving escalated issues
• Upgrading branch network connectivity wif total refresh of teh network infrastructure wif new 3845 routers and 2960 switches.
• Providing technical security proposals, detailed RFP responses, security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures
• Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in network environment
• Responsible for nightly maintenances including Big F5, ACS, all Cisco ASAs,CitrixNetscalar.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Managed F5 BigIP LTM appliances to load balance server traffic in critical serval access silos.
• Configuration of Virtual Servers, Nodes, and load balancing Pools
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in teh enterprise. Managed teh F5 BigIP LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
• Configure and Manage site-to-site IPSEC VPN wif different partners. Troubleshoot remote access services likeCitrixNetscalar, Cisco VPN clients and for teh users to access their enterprise network
• Configuration and extension of VLAN from one network segment to their segment between Different vendor switches (Cisco, Juniper)
• Configuring IPSEC VPN on SRX series firewalls
• Convert Campus WAN links from point to point to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 autantication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for teh expansion of teh MPLS VPN networks
• Experience wif configuring BGP in teh data center and also using BGP as a WAN protocol and manipulating BGP attributes
• Performed basic security audit of perimeter routers, identifying missing ACL’s, writing and applying ACL’s.
• Engineering teh configurations for teh different branches, campus locations
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting teh user ports to non-Trunking, deployed port security when possible for user ports
• Responsible for Cisco ASA firewall administration across our global networks
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Involved in teh redistribution into OSPF on teh core ASA firewall.
• Involved in teh removal of EIGRP from all devices and making OSPF teh primary routing protocol.
• Involved in teh modification and removal of BGP from teh MPLS routers.
• Worked on Orion for analysis and monitoring purposes
• Also prepared documentation for various VLAN’s and Voice subnetworks and worked on Visio for teh same.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling

Confidential

Sr. Network Engineer

Responsibilities:

• Experience wif configuring Cisco 6500 VSS in Distribution layer of teh Data center network
• Configuration and Administration of Cisco and Juniper Routers and Switches
• Experience working wif Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Implemented Site-to-Site VPNs over teh internet utilizing 3DES, AES/AES-256
• Experience wif setting up MPLS Layer 3 VPN cloud in data center and also working wif BGP WAN towards customer
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance.
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Configure and troubleshoot Juniper EX series switches and routers
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 701
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in teh enterprise. Managed teh F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Migrated Juniper EX series switches to Cisco 3500 series and 6500 series switches
• Experience wif moving data center from one location to another location, from 6500 based data center to Nexus based data center.
• Maintenance and configuration of Cisco ASR series routers at data center and deployment of 3900, 3800, 2951 and 2821 for branch connectivity.
• Network Redesign for Small Office/Campus Locations. This includes changes to both teh voice and data environment.
• Administration of ASA firewalls in teh DMZ and FWSM in teh Server Farm to provide security and controlled/restricted access.
• Configured Client VPN Technologies such as Cisco’s VPN Client Via IPSEC. Configured Cisco ASR, ISR 2800 & 3800 series routers wif OSPF as an enterprise IG
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9Kredundant pair.
• Network security including NAT/PAT, ACL, and ASA Firewalls.
• Responsible to build configurations for various connectivity types, which involves port configuration on Cisco ASR for MPLS circuit termination.
• Good knowledge wif teh technologies VPN, WLAN and Multicast.
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP wif Access Control lists implemented as per Network Design Document and followed teh change process as per IT policy It also includes teh configuration of port channel between core switches and server distribution switches
• Experience wif communicating wif different wif different customers, IT teams in gathering teh details for teh project
• Installed dual DS-3 SAN replication WAN wif Riverbed Interceptors and 6050 Steelhead appliances to optimize teh traffic
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools
• Replaced aging Checkpoint firewall architecture wif new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Experience in installing and configuring DNS, DHCP servers.
• Replace branch hardware wif new 3900 routers and 2960 switches.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting teh user ports to non-trunking, deployed port security when possible for user ports
• Involved in configuring Juniper SSG-140 and Check point firewall
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 autantication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed

Confidential, Tampa FL

Sr. Network Engineer

Responsibilities:

• Involved in conversion of PIX firewall to ASA firewall.
• Experience in adding firewall rules, Network address Translation and also in creating multiple security contexts (virtual firewalls).
• Worked wif F5 Balancers and their Implementation in various Networks
• Involved in setting up IP sec VPN between ASA firewalls.
• Experience wif implementing Cisco 6500 VSS on teh User distribution switches.
• Upgraded IOS on teh ASA 5520 firewalls
• Working wif MPLS Designs from teh PE to CE and also configuring VRF on PE routers
• Experience wif designing and deployment of MPLS Traffic Engineering
• Configuring RIP, OSPF, EIGRP BGP, MPLS, QOS, ATM and Frame Relay.
• Design and deployment of MPLS QOS, MPLS Multicasting per company standards.
• Implemented site to site VPN in Juniper SRX as per customer.
• Implemented various EX, SRX & J series Juniper devices.
• Installed controller and light weight access point coordination wif JTAC.
• Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multilayer Switching.
• Worked on different phases of testing such as Sanity Testing, Functionality Testing, Smoke Testing, System Testing, Installation Testing, Compatibility Testing, Regression Testing, Stress Testing and UAT Testing.
• Writing Test cases & Test scripts for teh application functionality
• Testing routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Dealt wif monitoring tools like (Solar Winds, Cisco Works), network packet capture tools like Wire shark
• Maintained a Network wif more than 600 Network devices, some 25,000 end hosts, and teh other Network devices like DHCP, DNS servers, Firewall servers.
• Co-ordination wif Hardware vendors, software vendors and service Providers.
• Assisted in backup, restoring and upgrading teh Router and switch IOS.
• Attended Team meetings and provided comments on existing network and teh recommendations to improve teh current network Performance.
• Maintaining teh health of 250+ wireless Access points in two locations.

Confidential

Network Engineer

Responsibilities:

• Used TFTP server to backup Cisco configuration files.
• Provided technical support for expansion of teh existing network architecture to in corporate new users.
• Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout teh company
• Configured STP for loop prevention on Cisco Catalyst Switches
• Configured VTP to manage VLAN database throughout teh network for Inter-VLAN Routing.
• Worked in setting up inter-vlan routing, redistribution, access-lists and dynamic routing.
• Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
• Implemented various Switch Port Security features as per teh company’s policy
• Configured OSPF, and EIGRP on 2901 and 3925 Cisco routers.
• Configured VLANS to isolate different departments
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configured IPSEC VPN on SRX series firewalls
• Design, installation and troubleshooting networks wif hand-on experience wif OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches
• Worked wif snipping tools like Etheiral (Wireshark) to analyze teh network problems.
• Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
• Performed replacements of failed hardware and upgraded software
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Implementing Routing and Switching using teh following protocols; OSPF, BGP onJuniperM series routers.
• Involved in Local Area Network (LAN) implementation, troubleshooting, and maintenance as per company’s requirements.