SUMMARY

• CCNP Certified Network Engineer with 8 Years of experience in planning, implementation, configuration, network designing, troubleshooting, maintenance and management involving LAN and WAN wireless Technologies.
• In - depth experience/ knowledge in implementation, administration, and support of Cisco/Juniper devices for both networking and security.
• Designing, implementing and troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Designing, implementing and troubleshooting Cisco routers (800, 2800, 2600, 3800, 7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Cisco PIX & ASA devices.
• Experience in Cisco security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
• Configuring security policies including NAT, PAT, VPN’s and Access Control Lists.
• Implementing security policies using ACL, PIX firewall, ASA and Routers.
• Knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, Noting, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
• Experience working with High performance data center switch like Nexus 7000 series.
• Experience working with Nexus 7010, 5000 and 2000 Series.
• Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system like Remedy Ticketing System.
• Experience working with F5Load Balancer LTM and GTM module.
• Experience withIPAMin planning, tracking and managing DNS/DHCP network.
• Experience in configuration of VLANS, Trunks and VTP.
• Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wire shark and Cisco works to support Network Operation Center.
• Worked in management of DNS forDMZ/External servers manually.
• Experience with different Network Management Tools and Sniffers like Wireshark (ethereal), HP-Open view, RSA envision, and Cisco works to support 24 x 7 Network Operation Center.
• Experience with F5 load balancers and Cisco load balancers (ACE and GSS).
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
• Strong experience on Juniper SSG series Firewalls and Checkpoint R75, 76 Firewalls.
• Experience with convert PIX rules over to the Cisco ASA solution.
• Network security including NAT/PAT, ACL, VPN Concentrator.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Provides technical leadership for problem escalation and resolution.
• Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.
• Hands on experience on Up-gradation of Cisco IOS & Firmware of different Cisco devices & modules

TECHNICAL SKILLS

Cisco Routers: ASR900, ASR1000, 2600, 2900, 3600, 3800, 7200, and 7600.

Cisco: L2 & L3 Switches2960, 2900, 3550, 3560, 3750, 4510, 4900, 6500, and Nexus 5K/7K.

Routing Protocols: RIP v1/v2, OSPF, EIGRP, IS-IS, BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Switching Concepts: VLAN, STP, RSTP, VTP, Ether Channel, Port Fast, IP access Control lists, Uplink Fast and Backbone Fast, HSRP, and VRRP.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, SMTP, VLAN, Inter-VLAN RoutingVTP, STP, RSTP, Light weight access point, and WLC.

WAN Technologies: Frame Relay, PPP, HDLC, Channelized links.

Gateway Load Balancing: HSRP, VRRP, GLBP.

Various Features: IOS and Features, DNS, DHCP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Monitoring Tools: Wire Shark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, HP open view, Ethereal.

AAA Architectures: TACACS+, RADIUS, and Cisco ACS.

Facilities: DS0, DS1, DS3, OCX, T1/T3.

Load Balancers: Cisco CSM, F5 Networks (Big-IP) LTM 8900, and Cisco ACE 4710.

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7), and Linux.

Firewall & Security: ASA Firewall (5505/5510,5550), Checkpoint, Cisco ASA, Juniper net screen (500/5200), Juniper SRX (650/3600), Pix (525/535), McAfee Web Gateway, Checkpoint (R62, R65, R70, and NGX), Palo Alto, and Fort iGATE 5000-series.

PROFESSIONAL EXPERIENCE

Confidential, Philadelphia, PA

Sr. Network Engineer

Responsibilities:

• Configured Routing protocols such as EIGRP, OSPF, BGP static routing and policy based routing.
• Configured name resolution on F5 Load balancers and contributed as a consultant to teams in need of High availabilityDNS.
• Experience with the New switch/Server installations, assigning VLANs, Trunking, MST and respective port configurations including Management IPs withNX-OS, IOS
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Experience in configuring, upgrading and verifying theNX-OS.
• Design, Deploy, Manage, Troubleshoot CiscoNexus9K, 7K, 5K, 3K, Cisco Cat 6509, 4948, 3560, 3750, Cisco ASA 5585, 5525-X, 5512, Cisco ASR 9006, 1006, 1002
• Experience in working with CiscoNexus9k, 7k, 5k, 2k Switches and Virtual Port Channel configuration
• Installation of CiscoASA5500 series firewalls, Cisco 3500, 4500, 6500 series switches.
• Configured HSRP and VLAN trunking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Installed and configured CiscoASA5500 series firewall and configured remote access IPSEC VPN on CiscoASA5500 series.
• Configured Nexus 7010 includingNX-OSVirtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• Detailed knowledge of critical routing and switching features such as Class of Service/Quality of Service, Traffic and Performance Engineering, High Availability, and IP Services such as FTP, NAT/PAT, and NTP
• Configure NAT and HIDE such as Dynamic, Static, and Manual NAT policies as required for user traffics going out to the internet.
• Configured and troubleshooting Cisco unified UC560 manager VoIP systems
• Created standard access lists to allow SNMP, NTP and logging servers.
• Configuring rules and maintaining PaloAltoFirewalls & Analysis of Firewall logs.
• Implemented Zone-Based Firewalling and Security Rules on the PaloAltoFirewall.
• Researched, designed and replaced aging Checkpoint Firewall architecture with new next generation PaloAltoappliances serving as Firewalls and URL and application inspection.
• Configured and maintained IPsec and SSL VPN's on PaloAltoFirewalls.
• Investigation and resolution of 3rd line network support incidents.
• Configuration, support and administration of PaloAltoand Checkpoint and to migrate all gateways and management servers to new hardware and software
• Install, upgrade and configure Next-Gen PaloAltoFirewall series PA-200, PA-500.Installed PaloAltoPA-3060 Firewalls to protect Data Center.
• InfobloxDNSIPAMforDNS/DHCP setup and management
• Configured OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Implemented DHCP, DNS, FTP, TFTP, SSH services for monitoring and automatic IP assignments for the guest clients.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Worked on migrating the LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations.
• Worked on updating pools, members and nodes using the GUI interface for the local traffic managers.
• Addressing Change Management request and support key projects, IPAM(IP Address Mgmt.), Performance Monitoring and event management.
• Configured CiscoASA5510 Firewall to establish logical separation between legacy network & lab environment.
• Working on Cisco 4400, 5500 serieswirelesscontrollers, Cisco 1130, 1140, 3602 and 2600 Series Access point.
• Experienced in DHCPDNS, AD, NIS, NFS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LDAP, HP Network, security management and system troubleshooting skills
• Designed and ImplementedDMZfor FTP, Web and Mail Servers with CISCO PIX 525 and PIX515E
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wire shark and Cisco works to support Network Operation Center
• Managed CiscoASAfirewall appliances and updated IPS featured signatures.
• Experience with Network Automation using Perl,Python scripting

Confidential, Spring, TX

Network Data Engineer

Responsibilities:

• Experience with Designing, Implementing and Troubleshooting Cisco Routers and Switches using different routing protocols like RIP, OSPF, EIGRP, BGP, ISIS & MPLS L3 VPN, VRF.
• Hands on experience with LAN protocols like STP, RSTP, VTP, VLAN and WAN protocols like Frame relay, PPP, port channels protocols like LACP, PAGP.
• Troubleshooting for complex layer 2 and Layer 3 as well as hardware incompatibility issues on theNexusData Center Switches using bottom up approach.
• Implemented Layer 3 switching on sites using 6500 and 5500 switches that provide both L2 and L3 functionalities. Worked both on Cat IOS and IOS software, merging existing 5000 series Catalyst switches with new 6500 Series.
• Installed, Configured and Troubleshoot CiscoNexus7K, 5K, with FEX extendersnexus2K, in high availability. Configured vPC onnexus5K for redundancy,
• In-depth knowledge and proven expert proficiency in designing, engineering, configuring, and maintaining of large enterprise firewalls such as Check point, ASA and PaloAlto
• Hands on experience with new next generation PaloAltoappliances serving as firewalls and URL and application inspection.
• PaloAltodesign and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC tunnels on PaloAltoFirewalls.
• Maintained a Network with more than 600 Network devices and 20K end hosts.
• Implemented Zone Based Firewalling and Security Rules on the PaloAltoFirewall.
• Exposure to wild fire feature of PaloAlto.
• Planning and deployment of Cisco Identity Service Engine Solution.
• Migration of network devices (PaloAlto, F5, Juniper, Aruba, Riverbed, Routers& switches) from one zone to other. Changing the management IP address.
• Involved in troubleshooting ofDNS, DHCP and other IP conflict problems.
• Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher(RD), Route Target(RT), Label Distribution Protocol (LDP) & MP-BGP
• Working Knowledge of Cisco IOS, Cisco IOS-XR, Cisco CatOS, CiscoNX-OS
• ImplementedF5Local Traffic managers (LTM), Global traffic manager (GTM), APM andASMof series 8900, 6400, 6800, 3400, 5100, 3600.
• Has done the Configuration on BIG IP (F5) Load balancers and also monitored the Packet Flow in the load balancers.
• Worked as part of a team to manage EnterpriseNetworkInfrastructure as a Tier 3 SupportEngineer.
• Involved in Configuring and implementing of CompositeNetworkmodels consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configurednetworksusing routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Update and record location and IP address management information systems inIPAMand Excel spreadsheets.
• Worked on implementation and troubleshooting cisco LWAPP/CAPWAP Wireless Infrastructure
• Installed and configured CiscoASA5500-X series firewall
• Troubleshoot network issues; Racking and Stacking, Power assessment, KMV installation, cable management, raid configuration and implementation. DNS WINS, DG, IPv4/IPv4 Protocols and Subnet Classes, DFS,DMZ, DHCP, Static, IIS, VLAN and VPN Technologies, Brocade Switches.
• Worked inwirelessRF site surveys and RF spectrum analysis, documenting results, and provide recommendations on optimization and performance improvements.
• Experience working with NX-OS 7010,7018, 5020, 2148, 2248 devices
• Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
• Configured, installed, & managed DHCP, DNS, & WINS servers
• Scriptingin Perl andPythonto implement new functionalities in Cisco Intrusion Prevention and Detection
• Configuration and Maintenance ofASA, ASA5540,ASA5520,ASA5510, PIX 535, FWSM Firewalls.
• Administrating onF5LTM, GTM,ASM, APM on series 5050, 8900
• Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Pythonscriptingfor automation of difficult tasks

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 7200/3700/3600/2800/2600/2691 routers, IGRP, RIP, OSPF, BGP, VPN, VLAN, DMZ

Confidential, Irvine, CA

Network Security Engineer

Responsibilities:

• Configured and deployment of routing protocols OSPF, EIGRP & BGP over Cisco Routers in Production environment.
• Experienced with 1800, 2800, 2500, 2600, 2800, 3600, 3800, 3900, 7204, 7606 series Routers.
• Worked on Layer 2 Switching and Cisco Nexus and did implementation on multiple sites, specifically Cisco 6509, 6513, 3750, 3850 and 4510 switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Performing troubleshooting on VPN connectivity issues, slownetworkconnectivity issues, identifying the rootcause of the issues.
• Packet capturing, troubleshooting onnetworkproblems with Wireshark, identifying and fixing problems.
• Installation, configuration and maintenance of Check Point R77.XX firewalls.
• Configured and monitored Firewall logging, DMZ's and related security policies.
• UpdatedPerlcode to track down MAC addresses to a specific switch port
• Performed Checkpoint firewall upgrade of firewalls from R76 and to R77 to R77.20 and R77.30.
• Responsible for maintaining theIPAM, DNS, DHCP of the entire corporation using Infoblox
• Configuration of ACLs in Check Point 77.30 firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco'sASA5500.
• Responsibility is to design and deploy various Network Security & High Availability products like check Point R 77.XX and other Security Products.
• Responsible for building and maintaining site to site VPN tunnels from core.
• Managing a TACACS server for VPN user authentication and network devices authentication
• Configuring IPSEC VPN on SRX series firewalls
• Migrated Nortel SR1004 with Check Point R77.30 for implementing Site-to-Site VPN.
• Implemented firewall auditing for effective functioning.
• Upgrading code on Palo Altofirewalls PA5050/3020 to meet company security policy.
• Implementing firewall changes and policy pushes when necessary.
• Provided high level of security to the network by installingASA5520 along with ACLs
• Configuration and Maintenance ofASA, ASA5540,ASA5520,ASA5510, PIX 535, FWSM Firewalls.
• Performed audit for Nortel and Brocade switches used in Network
• Expert level knowledge of Cisco network security (IDS,ASA5500 Firewall), network redundancy (HSRP, GLBP and VRRP)
• Transitioned our DMZ firewalls from Cisco ASA to Palo Alto IDP, including Ciscos on Core networkswitches
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel for Brocade switches.
• Involved in Configuring and Maintaining Cisco ISE Combining authentication, authorization, accounting.
• Testing the firewall configurations before deploying at different remote sites.
• Performing firewall deployments for different remote sites like community centers and fire stations.

Confidential

Network Engineer

Responsibilities:

• Installation and Configuration of wide variety of Cisco Routers such as 3600 series and Layer 2 switches such as 1900, 2900
• Installed, Configured and troubleshooting performed on CiscoASA5500
• Configure and Troubleshooting FortiGate firewall Appliances to Restrict Inbound Traffic from Untrusted Sources as endpoint security.
• Configure the access policies and VPN policies in checkpoint firewall.
• Implementing and Troubleshooting VLANS, Trunks, VTP & STP.
• Configuration of ACLs inASA5500 firewalls for internet access for server/hosts in LAN and DMZ as requested by management
• Experience with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
• Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network.
• Configured VLANS on multiple catalyst switches performed troubleshooting on TCP/IP network problems, Administered Frame-Relay and networks.
• Configured the Cisco router as IP Firewall and for NATing Configured RSTP, MST and used VTP with 802.1q trunk encapsulation.
• Worked on Cisco routers 7200, 3800, 2800 and Cisco switches 4900, 2900
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include
• Configured Firewall logging, DMZs & related security policies & monitoring
• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
• Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco PIX Firewall
• Enabled STP Enhancements to speed up thenetworkconvergence that include Port-fast, Uplink-fast and Backbone-fast
• Configurednetworkaccess servers and routers for AAA Security (RADIUS/ TACACS+)
• Responsible for Configuring SITE TO SITE VPN on Cisco Routers between Head Quarters and Branch locations
• Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems
• Used various scanning and sniffing tools like Wire-shark
• Designed, configured, implemented site-site VPN on ciscoASA5500 firewall.
• Configured Firewall logging, DMZs & related security policies & monitoring
• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
• Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco PIX Firewall
• Hands on Experience in configuringF5objects, components and provisioning various modules like LTM, GTM,ASM, APM
• Worked on migration from F5 LTM to A10 LTM
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Provide front end on-callnetworksupport 24x7x365 for allnetworkinfrastructures in the co-operation.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Perform real-time system monitoring, traffic tracking, and trend analysis using Perlscripts to collect data on transceiver location and activity, and Cisco IOS commands.

Environment: CISCO 2600, 2800 and 3200, 3600 series routers, CISCO 1900, 2900, 3300 and 2950 switches, Routing Protocols (Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET).

Confidential 

Jr. Network Engineer

Responsibilities:

• Installation and Configuration of wide variety of Cisco Routers such as 3600 series and Layer 2 switches such as 1900, 2900
• Configure the access policies and VPN policies in checkpoint firewall.
• Implementing and Troubleshooting VLANS, Trunks, VTP & STP.
• Experience with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
• Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network
• Configured VLANS on multiple catalyst switches performed troubleshooting on TCP/IP network problems, Administered Frame-Relay and networks
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel for Brocade switches.
• Configure and setup Cisco Firewalls, VPN Concentrators and Security appliances for access to vital business applications
• Automated tasks in both Linux and Windows with scripting technologies (Perl, python).
• Maintain efficient functional systems, network, and communication connectivity for all users, keeping current on new developments for all assigned areas.
• Analyze, plan, test, implement, and trouble shoot systems, LAN/WAN Local Area Network, Wide Area Network and Communications Network Systems.
• Configure and install client and server network software for upgrading and maintaining network systems; maintain multi-site network operations
• Manage the configuration aspects of network devices such as configuration file management, inventory management, and software management.