SUMMARY

• Around 7 years of hands on experience innetworkengineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• I have various security tools experience including ISE, Wireshark, Akips, Netbrain, etc.
• Experienced configuring Virtual Local AreaNetwork(VLAN), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Spanning Tree Protocol (STP), RSTP, MST and Per VLAN Spanning Tree (PVST), Virtual routing and Forwarding (VRF).
• Implemented MPLS/VPN services for various customers.
• Experience in Layer 3 Routing Protocol configurations: RIP, OSPF, BGP, EIGRP and MPLS.
• Experience in Layer 2 routing Protocol Configurations: ARP, RARP and VPN technologies: IPSec & SSL.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experience in designing, implementing and Managing LAN, WAN solutions for different client setups.
• Checkpoint - R88.10 software version with hardware Checkpoint 11000, 21000 series with VSX environment.
• Checkpoint software Blades (IPS, Anti-Bot, Anti-Virus, Identity Awareness and DLP) with managed by Checkpointsmart dashboard in smart domain manager/Provider-1 environment & separate Syslog servers.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Extensive work experience with Cisco Routers, Cisco Switches, Juniper routers, Nexus routers, HP and Brocade switches, Load Balancers, Zone Based firewalls and implementing different failover mechanisms on Palo Alto (PA 5030), Juniper, ASA 55XX & Checkpoint R77 firewalls.
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
• Checkpoint VPN-1/ Firewall-1, IPSO, SPLAT and GAIA initial setup on open servers, Nokia devices, Crossbeam/Checkpoint hardware devices.
• Implemented traffic filters on CISCO routes using Standard Access List and Extended Access list.
• Familiarity with WAAS, VoIP, wireless, security, next-gen datacenter networking (SDN, Cisco ACI).
• Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
• Strong knowledge on mitigation of DDoS attack's & SSL implementation on Cisco and Palo Alto firewalls
• Handled Load Balancing using F5Networks.
• Hands on experience with Citrix load balancers.
• Experience in configuring Virtual Local AreaNetwork(VLAN), spanning tree protocol (STP), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Per VLAN spanning Tree (PVST) and 802.1x authentication in access layer switches.
• Strong knowledge in HSRP, VRRP redundancy Protocols.
• Worked on high end cisco devices like ASR 1k, 5K, ASR 9000, CRS-X, Cisco 7200 series, Juniper Routers.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Access control server configuration for RADIUS & TACAS+.
• Experience with 802.11x wireless technology.
• Ability to Install, Manage & Troubleshoot LargeNetworks& Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)

TECHNICAL SKILLS

Router: Cisco Routers series 7300, 4000, 3800, 2000, 1900Routing Fundamentals and Protocols Routed and Routing protocols EIGRP, OSPF, BGP; IPv4, and IPv6 addressing, Subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, Redistribution, Port forwarding.

Switch Platforms: Cisco Catalyst series 2960, series 3850, 4500, 6500, 7000; Nexus series 2K, 5K & 9K.

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, MulticastRSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto (PA series 2K, 3K, 5K & 7K)

Security Protocols: Standard and Extended ACLs, IPsec, VPN, DMVPN, Port-security, SSH, SSL, IKE, Confidential, Prefix-lists, Zone-Based Firewalls, NAT/PAT, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, Router Security, SNMP trap.

Network Management and Monitoring: Wireshark, and TCP Dump.

Load Balancers: F5 (BIG-IP) LTM 6400, 6800.

Automation: Python scripting.

Other Networking Protocols and Fundamentals: DHCP and DNS server, NTP, TCP, UDP, Network Implementation, Troubleshooting techniques, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACAS+.

Cabling: CAT 5, CAT 5e, CAT 6, CAT 6a.

Operating Systems: Windows 10/7/XP, MAC OS, Windows Server, Nexus OS, Cisco IOS, JunOS, Linux.

Microsoft Office: Visio, Excel, PowerPoint, Word

PROFESSIONAL EXPERIENCE

Confidential - CA

Responsibilities:

• Configuring Border Gateway Protocol (BGP), Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF) routing protocols on Cisco ISR and ASR series routers.
• I have various security tools experience including ORDR, ISE, Wireshark, Akips, Netbrain, etc.
• Configuring Virtual Local Area Networks (VLANs), VLAN Trunking Protocols (VTPs), DHCP Snooping and Port Security mechanisms on Cisco Access Layer Switches (3800, 4500 and 6500 Series).
• Deploying Cisco Identity Services Engine (ISE) and implementing profiling and posturing features based on the requirement.
• Generate Authentication reports in Cisco ISE and determine the 802.1X and MAC Address Bypass (MAB) failures. Adding/Modifying the policy and/or profiling features in order to fix the failures.
• Assess, implement and troubleshoot Cisco Wireless Access Points (WAPs). Analyze wireless traffic and provide solutions for better wireless signal strength
• Resolving Service Now tickets in a timely manner so that there is minimum impact to the end users in case of a Network Outage.
• Configuring and Maintaining Infoblox for IP Address Management. Variable Length Subnet Masking (VLSM) mechanism is used to create subnets. Integrating Domain Name System (DNS) and DHCP for centralized management.
• Performing packet captures in order to study the Network traffic flow between source and destination. Each packet is inspected to troubleshoot packet drops, latency and other Network connectivity issues.

Environment: Cisco routers (7200, 3800, 4500, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505,5510) firewall

Confidential - CA

Network Engineer

Responsibilities:

• Worked extensively with Cisco 6500, 4500, Nexus 7000, 5000 series switches, cisco 2960s series switches and cisco 3560/3750s switches.
• Responsible for Date Centre migration and its operation including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 5k, and 7k.
• Implemented and Managed Cisco Nexus 7018, 7700 and Nexus 5596UP Switches configured with FEX 2248 extenders.
• Involved in switching Technology Administration including creating and managing VLAN'S, port security, Trucking, STP, Inter VLAN routing, LAN security etc.
• Installation and troubleshooting of firewalls Cisco ASA.
• Experience with Cisco Firepower 9300 and 4120 Fire Sight.
• Supported the technologies like IWAN solutions, APIC-EM, prime Infrastructure and Cisco ASA.
• Deals with creating VIP pools, nodes and created custom iRules for the virtual server like cookies persistency and redirection of URL on F5 ASM cookies issues and configures ASM polices.
• F5 VIRRION hardware products like LTM, GTM series like 6400, 6800, 8800.
• Complete implementation of Firepower Firewall protect threat from External attack. Unified Threat Management, Configuration of Remote VPN connectivity to remote location.
• Implemented various routing protocols such as BGP, EIGRP and OSPF on Cisco Router & Juniper MX routers also taking care of issues such as discontinuesnetworks.
• Leads the team to consistently accomplish organizational and corporate goals, as measured by consistent adherence Service Level Agreement.
• Providing escalated Tier-2 and Tire-3 technical support on datanetwork.
• Installingnetworkapplication on server, maintaining, tests, researches and resolving the problem.
• Work in the incident team to solve emergency and high priorityNetworkissues.
• Preparingnetworkdiagrams and drawing to document and assist in communicating current operational status ofnetworks.
• Configured various BGP attributes such as Local Preference, MED, Extended communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Configured Cisco ASA 5555-X in HA Pair, migrated all the sites to sites VPN'S from Cisco routers, Palo Alto firewalls.
• Key responsibility of LAN and WAN maintenance and troubleshooting anynetworkrelated problems.
• Tuned according to the requirement of the organization for developing and maintaining the routers and switching.
• Provided high level of security to thenetworkby installing ASA 5520 along with ACLs.
• Adhered to weekly and monthly maintenance schedules to servicenetworkdevices and associated equipment.

Environment: Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP),ASA (5505,5510) firewall

Confidential, CA

Network Engineer

Responsibilities:

• Configuring, Maintaining the Routers and Switches and Implementation of EIGRP, OSPF, BGP routing protocols and troubleshootingRemote infrastructure management of offices in different locations nationwide.
• Administrating and managing ASA 5545 firewall.
• Implanting VLAN routing and VPN security
• Experience working on ServiceNow ticket tool for Incidents, task and change request.
• Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS (Radius and TACACS+), and Cisco Prime Infrastructure.
• Address, ISE Endpoint Information, which is used to estimate the failure, risks before change windows.
• Security policy review and configuration in Palo Alto and Junipers Firewall in US offices and Datacenter. Designed and configured of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800).
• Utilized Tufin for user authentication and encryption.
• Intergrade Cisco ISE with Cisco FirePOWER to enable automated remediation.
• Built site-to-site IPSec VPNs & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures.
• Deployed Intrusion Detection system (IDS), Intrusion prevention system (IPS), Advanced Malware protection system (AMP) and URL Filtering for 17 Firewalls in the entirenetwork.
• Strong hands on experience on ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, Confidential (TACACS+ & RADIUS).
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
• Data center migration was involved from Access, Distribution and Core layers to Compaq design.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP . Configured IP access filter policies.
• Upgrade Cisco 6500, 3750, 2960s, Nexus 5000, Nexus 2000, Nexus 7000 switch IOS software.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Experience working on Big IP/F5 load balancer, Citrix NetScaler, Cisco ACE load balancer and Juniper Equipment.
• Monitorednetworkfor optimum traffic distribution and load balancing using Solar winds.

Environment: Cisco Catalyst 2960/4500/6500 Series Switches, Cisco 2800/2900/3000 Series ISR's and Cisco 3640/ 0/3845/3600/2800 routers, Citrix NetScaler, Cisco Nexus 7K, Cisco ASA 5500, Checkpoint, windows server 2003/2008, F5 BIGIP LTM/GTM, ACL, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP.

Confidential, NY

Network Engineer

Responsibilities:

• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Extracting the policies and contracts in an ACI fabric.
• Worked on ACI fabric node process crash troubleshooting.
• Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backup. paths for the packet prioritization and EIGRP tuning.
• Experience on a mesh 6500 and 9500 series routes and switches to support the core trading system. Involved.
• Work on Next Generation Devices ASR Cisco 4451/4351/4451, Cisco ASA 5516/5525/5555- X with Fire power configuration and implementation.
• Installations, configuration and troubleshooting Cisco Router, Switches, Firewalls, Bluecoat and Wireless Controller.
• This unique position has allowed me to Deploy, Implement and configure Nexus 7000, 5000 and 200 series switches, 2148T fabric extenders, Cisco 4500 modular switches with SUP6-E supervisors, Cisco 4948 switches.
• Designed MPLS VPN and QoS for the architecture using Cisco multi-layer switches
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment
• Configuring IP, EIGRP, OSPF and BGP in routers.
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Handled Corporate and Review Audits from the perspective of IT Security for Network Devices and Servers under our control.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Upgrades and backups of Cisco router configuration files to a TFTP server
• Configuring OSPF and Static routing on JuniperM and MX series Routers
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Involved in iRule management like loading rules, writing iRule syntax using TCL language
• Hands on Experience testing iRules using Browser(IE), HTTP watch
• Created engineering configuration, Security Standards, documenting processes and Network documentation using Microsoft Visio.
• Implemented the concept of Route Redistribution between different routing protocols
• Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet
• Involved in SNMP Network management. Worked on various scanning and Sniffing tools like Ethereal
• Implementing and maintaining backup schedules as per the company policy
• Experience working with Nexus 7010,7018, 5020, 2148, 2248 devices
• Experience working with High performance data center switch like nexus 7000 series
• Managing a TACACS server for VPN user authentication and network devices authentication
• Installed and configured the Cisco routers 2800 in two different customer locations. It includes coordinating with Verizon and AT&T to bring the serial interface up for T3 link. Also, configuration includes frame relay, BGP and VPN tunnel on GRE
• VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and support
• Configured IPSec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations
• Taking Regular backups & testing the backups by restoring in test lab frequently.

Environment: Router series (2800, 3800, 7200) and switch series (3750, 3550, 4509E, 6509E), Cisco ASA (5505, 5510) firewall, Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP,VSS), Site to Site VPN, Remote Access VPN, Cisco VPN 3000 Concentrator, Cisco ACS 4.x, Load Balancers(F5), PaloAlto Networks.