SUMMARY

• Eight (8) years of experience in Network Engineering and administration.
• Five (5) years of experience in Designing and implementing the Wireless Infrastructure using 802.1x Authentication using CISCO ACS and ISE Servers
• Planning, design, implementation and maintenance of Fast Ethernet based Local Area Networks (LAN’s), Wireless Networks (WLAN’s) and Wide Area Networks (WAN’s).
• Five (5) years Hands on Experience in Installation and Configuration of Cisco ACS 4.2 and Cisco 5.0/5.1/5.1, Cisco ISE 1.x
• Hands on experience on Checkpoint UTM and NGX series Firewall and Application URL filtering and strong understanding knowledge on PALO ALTO Product firewall.
• RSA SecurID Two - Factor authentication using RSA SecurID Authentication Manager 8.x
• Working knowledge on Cisco Prime Infrastructure 1.2, 1.3, 2.0, 2.2 physical appliances by configuring, monitoring and Troubleshooting.
• Planning designing, Installation, configuration and maintenance of 802.11a/b/gWireless Networks and Wireless Access points.
• Hands-on- experience on IP addressing, sub netting, and Ping concepts.
• Expertise in troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF & BGP.
• Strong working and configuration knowledge in Cisco 2800, 2500, 2400 series Routers, ASR Routers and Cisco Switch’s 6500s, 4500s, 3750, and 2900s.
• Good working and configuration knowledge in Cisco 3750, 4500, 6500 series switches.
• Expert level knowledge in troubleshooting Network Connectivity issues in Local Area Networks (LAN), TCP/IP, and VPN Dial-up connections. Expert level knowledge about TCP/IP and OSI models.
• Configuration and administration of DNS and DHCP servers on infloboxes
• Administering the Microsoft Windows Server Environment, Managing disk space, user profile creation and user rights managementManaging user profiles and system policies in Active Directory.
• Excellent configuration practices of Dell and HP system hardware and Server Operating Systems (Windows 2003/ 2008, & Storage Servers) and maintenance of procedural documentation.

TECHNICAL SKILLS

Network Equipment: Cisco routers (2800, 2500, 2400 Series), Cisco Switches (6500s, 3750, 2960, 2950, 2924 Catalyst), Dell 2708 Switch, NetgearProSafe VPN Firewall-FVG318, D-Link Wireless Router WBR-1310, Trendnet TEW-432 Wireless Router Firewall. Cisco 4400s Wireless Controllers, Linksys Wireless Access Point WAP54G, Cisco WRT54G2 Wireless Broadband Router.

Protocols: TCP/IP, RIPv1, RIPv2, OSPF, BGP, EIGRP, VLAN, VTP, Port fast, Switch Port Security, Standard and Extended ACL’s, DNS, DHCP, POP3, SMTP, FTP, TFTP, NAT.

Operating Systems: Windows XP/Vista, Windows 7, Windows 2000/2003/2008 Servers, Windows Storage Server 2003, Linux Operating Environments.

Cisco ISE Devices: Cisco Identity Service Engine 3300s Appliances with software release of 1.0.3/1.0.4 MR, Cisco Identity Service Engine on VMware ESX 5.0 with software release of 1.0.3/1.0.4 MR,1.2.x

Cisco ACS: Cisco ACS 4.2, Cisco ACS 5.0/5.3/5.4

ForeScout CounterAct: CT/AS 1000/2000/4000 s and CounterACT on VMware

Routers & Switches: Cisco Routers (3800, 2800, 2500, 2400 Series), Cisco Switches (6500, 4500, 2960, 2950, 2924, 3700, 3500), and ASR

Firewalls &Checkpoint Firewall UTM Series and Cisco PIX 500 Series and ASA 5500 Series:

VPN: Cisco 5500 Series ASAs, PALO ALTO firewall devices.

Wireless Equipment: Cisco Wireless LAN Controllers (WLC) 4400 Series (4402 & 4402) 5500 Series (5508), Cisco Aironet Wireless Access Points ( Series), Cisco Wireless Control Systems 5.2 Plus (WCS)

VMware: ESXi 5.1/4.2, VMware VSphere, VMware Workstation 8, VMware view, Virtual Desktop Interface.

Network Tools: Microsoft Monitoring tool-Network Analyzer, Wire Shark, Packet Sniffer

Applications: MS Office 2003/2007- Word, Excel, Power Point, MS Outlook, Outlook Express, Windows Live Mail, VNC PC Anywhere, Team Viewer, LAN Guard Network Scanner, Real VNC.

Hardware: Dell PowerEdge Series Servers, Sony, Dell, HP Server Systems, Desktops and Laptops, Cisco Small Business Network Storage Systems, Ricoh Network Printers, Brother Printers and HP Printers.

Security Checkpoint Firewall: UTM/NGX Series and Cisco PIX 500 Series and Cisco 5500Series ASAs, Cisco Web Security Appliance (WSA) S360/370,660/670, S000V/100V/300V, Cisco EMAIL security Appliance (ESA) C370/650/670, C000V/100V/300V, ForeScout CounterAct CT/AS 1000/2000/4000 s and CounterACT on VMwareAntivirus Kaspersky Server/Client stations, AVG, Norton 360, McAfee AV

PROFESSIONAL EXPERIENCE

Confidential, Minneapolis, MN

Network Security Engineer

Responsibilities:

• Working as Network Security Engineer CISCO Wireless and Check Point Firewall.
• Configuring policies, Firewall Rules, Web filtering using checkpoint smart dashboard and Initial configuration of Palo Alto Firewall.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Troubleshooting, Analyzing network connectivity and Application and URL filtering using Smart track viewer and Smart track monitor
• Design and Implementation of 802.1x Wired/Wireless User Authentication using Cisco ISE Radius Server.
• Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA SecurID, Proxy Radius Services to Cisco ACS, RADIUS and TACACS.
• Configuration & Maintenance of Cisco ISE for Certificate based authentication for BYOD, Guest authentication and Corporate Mobile Device Authentication using Xenmobile MDM
• Design and Implementation of 802.1x Wired/Wireless User Authentication using Cisco ISE Radius Server.
• Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA SecurID, Proxy Radius Services to Cisco ACS, Juniper Steel Belted Radius and Radiator Radius.
• Configuration &Maintenance of Cisco ISE for Certificate based authentication for BYOD and Corporate Mobile Device Authentication using Xenmobile MDM
• Worked on NX-OS series 2000,3000,4000,5000,6000,7000 switches by configuring and upgrading in data centers
• Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VMware’s.
• Performed IOS Software upgrades on switches 6500, 3750 and 4500s and Cisco ASR for compatibility with Cisco ISE 1.0.3/1.0.4 setup.
• Configured 6500, 3750 and 4500 for Network Access Solution integration with Cisco Identity Service Engine on ESX 5.0 VMware and physically with Cisco ISE appliances.
• Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access.
• Planning, designing and configuration of various Cisco ISE strategies (Standalone, Distributed Setups).
• Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, Applying downloadable ACLs through Cisco ISE, and Configuring Standard and Extended ACLs locally and on the upstream switch’s for Cisco ACS
• Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies and Rules for Checking the devices coming ontoNetwork, Remediation Process, Access and Controls, and Segmenting the Global Networks for NAC Solutions for both Cisco and Forescout NAC Appliances.
• Worked extensively on designing PKI Infrastructure for EAP-TLS Protocol using certificate based authentication.
• Extensively worked on Microsoft Certificate Authority Server for ROOT/Intermediate Issuance of certificates, securing the certificate exportability.

Confidential, Southborough, MA

NAC Administrator

Responsibilities:

• Working as Network Access Controls (NAC) Administrator in planning and designing our Clients global network for Network Access Solution.
• Worked extensively on policy design and implementation for NAC solution and integrated NAC with various Network infrastructures for successful deployment of NAC solution.
• Worked on ForeScout policies for auto-remediation of non-compliant devices, classification of devices, etc.,
• Configuring and Maintenance of Checkpoint UTM 1040,1070 and 2200 Next Generation with R70/R75/R80 Series
• Configuring policies, Firewall rules, Web filtering using checkpoint smart dashboard and Initial configuration of Palo Alto Firewall.
• Troubleshooting, Analyzing network connectivity and Application and URL filtering using Smart track viewer and Smart track monitor.
• Design and Implementation of 802.1x Wired/Wireless User Authentication using Cisco ISE Radius Server.
• Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA SecurID, Proxy Radius Services to Cisco ACS, Juniper Steel Belted Radius and Radiator Radius.
• Configuration & Maintenance of Cisco ISE for Certificate based authentication for BYOD and Corporate Mobile Device Authentication using Xenmobile MDM
• Worked extensively on data center upgrades of Cisco Catalyst Switch 6500s, 4500s,
• Worked on NX-OS series 2000,3000,4000,5000,6000,7000 switches by configuring and upgrading in data centers
• Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VMware’s.
• Performed IOS Software upgrades on switches 6500, 3750 and 4500s and Cisco ASR for compatibility with Cisco ISE 1.0.3/1.0.4 setup.
• Woked on Cisco Unity, Unity Express, Call Manager & Call Manager Express.
• Configured 6500, 3750 and 4500 for Network Access Solution integration with Cisco Identity Service Engine on ESX 5.0 VMware and physically with Cisco ISE appliances.
• Involved datacenter migration and consolidation project.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access.
• Configuration of Cisco IP phones (7900s, 6961s, 9900s) for device profiling and Cisco Call Manager phone registration via Cisco ISE, Printer Profiling, Mobile device profiling etc.,
• Planning, designing and configuration of various Cisco ISE & Forescout NAC deployment strategies (Standalone, Distributed Setups) and rollout to production environment.
• Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, Applying downloadable ACLs through Cisco ISE, and Configuring Standard and Extended ACLs locally and on the upstream switch’s for Cisco NAC & Forescout NAC Solution.
• Assisted Tier 4 support on support issues and also involved while configuringBIG IP F5Load balancers.
• IP addressing and design schemas for a variety of IP Pools using DHCP scope or local IP pools for NAC Controls.
• Configuration of High Availability (HA) for inline Cisco ISE appliances and High Availability on ESX 5.0 VMware ISE for distributed setups with various node setups - Primary & Secondary Administration Node setups, Primary & Secondary M&T Node Setups and Primary & Secondary Policy Services Node Setups.
• Worked and participated alongside with Design architects for NAC Solution design for Guest Network and Mobile Access Network for ForeScout CounterAct NAC Solution.
• Involved in finalizing the design for Guest Network and Mobile Access Network for NAC Solution, comprising of an Anchor Wireless LAN Controller solution in DMZs/Internet Gateways with ForeScout CounterAct NAC Appliances for NAC.
• Involved in finalizing the design for Corporate Wireless Network Access for NAC Solution, comprising of ForeScout CounterAct NAC Appliances in all WAN Consolidation Points, and Data Centers.
• Worked extensively on Network Traffic SPANS and TAPS for monitoring Network traffic, and Virtual Firewall ACL rules and policies in CounterAct NAC Appliances for Network Access Controls.
• Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies and Rules for Checking the devices coming ontoNetwork, Remediation Process, Access and Controls, and Segmenting the Global Networks for NAC Solutions for both Cisco and Forescout NAC Appliances.
• Actively worked alongside with ForeScout Team for setting up the CounterAct NAC Appliances for design build out sessions, POC, and for Production Deployments.
• Worked on setting up the Ether-Channel interfaces between Cisco Switch’s 6500, 3750 in line with NetOptics TAP devices for capturing the Network Traffic and is set to be monitored with the ForeScout CounterAct NAC Appliances.
• Worked extensively on Microsoft Visio for designing the Cisco ISE & Forescout NAC Network Architecture and for POC setups.
• Provided assistance in configure policies and documented the entire deployment notes and policy sets.
• Provided helpdesk training and facilitated the handover of NAC Project to the managed services provider.
• Worked on Cisco Prime Infrastructure Network Application experience monitoring using dedicated dashboards and view for high-level and granular analytical data presented from various perspectives such as an endpoint, a site, a device or an interface.
• Worked on Cisco Prime Infrastructure High-level customizable dashboards with contextual navigation into interactive analysis views and Out of box summary reports, prepackaged reports for sites, applications, devices ad end user experiences.
• Extensively utilized Microsoft’s Visio 2007 for design analysis and project planning.
• Worked extensively on designing PKI Infrastructure for EAP-TLS Protocol using certificate based authentication.
• Extensively worked on Microsoft Certificate Authority Server for ROOT/Intermediate Issuance of certificates, securing the certificate exportability.
• Configuration of Android & iOS Mobile devices for Certificate based authentication. Extensively worked on scripting the authentication process, web based content.
• Network Administration tools - In House Confidential tools EasyIP, Vital and Zabix for Network Engineering Day-to-Day activities in Confidential Global Networks.
• Configured RSA SecurID authentication manager 8.x for Two Factor Authentication, On-Demand & Risk Based Authentications.
• Hands on Experience in configuring McAfee ePOLICY ORCHESTRA (ePO) and McAfee Suite.
• Hands on Experience in Confidential CX3-10/20/40/80, CX4 series Storage Array Network Systems.
• Hands on Experience in Installation and Configuration of Checkpoint Firewall UTM Series Appliances

Confidential, Elkhart, IN

Network Administrator

Responsibilities:

• Involved in designing, configuring, implementing, maintenance and troubleshooting issues relating to routers and switches in LAN, WLAN and WAN.
• Performed IOS Software upgrades on switches 6500, 3750 and 4500s
• Designed and deployed networks as per the company’s requirement. Handled different tasks such as network address assignment, assignment of routing protocols, etc.
• Worked on NX-OS series 2000,3000,4000,5000,6000,7000 switches by configuring and upgrading in data centers
• Handling the network infrastructure of NOC LAN/WAN, migration & configuration of network client workstations. Addressing performance bottlenecks & ensuring maximum network efficiency and uptime.
• Planning designing, Installation, configuration and maintenance of 802.11a/b/gWireless Networks and Wireless Access points.
• Implemented, Monitored and troubleshoot the protocols EIGRP, OSPF and Static Routes.
• Configuration and Installation of ASA 5520 firewalls.
• NAT, VPN and Traffic filter implementation in Cisco Firewall.
• Implemented traffic filters using Standard and Extended Access Control lists. Handled Route-map, Re-distribution list & access-list configurations.
• Access distribution and core layer switching architecture, created VLANS, Firewall Services Module (FWSM) and STP configuration.
• Experience with Cisco Voice and Unified Communications Solutions (CUCM 8 ).
• Deployed unified communication solutions for the corporation with Cisco 2900, 3900, 3900E routers.
• Hands on experience with voice protocols like MGCP, H323 and SIP.
• Hands on experience with various gateway models like Cisco Voice Gateway 200, Cisco Access Digital Trunk Gateway and Cisco Analog Trunk Gateway.
• Experience with CUCM services such as Unified Messaging, Multimedia Conferencing, and Collaborative Contact Centers.
• Good working and understanding knowledge with Netscreens and NSM and SRX.
• Assisted in building Netscreen and SRX firewalls (interface creation, routing, policy, etc.)
• Worked in team in migrating from Netscreen to SRX platform
• Good knowledge on managing Netscreen and SRX deployed in HA mode
• Good understanding knowledge in managing code levels on Netscreen and SRX platforms, Knowledge of SPACE
• Addressing issues like routing problems, route announcements/advertisements, and security access issues.
• Used tools WireShark, Packet Sniffer and Microsoft Network Analyzer for monitoring Local Area Network connections (LAN’s) and Wide Area Network Connections (WAN) for Network connection and failure issues.
• Administrative responsibilities including the installations, additions, updates and changes to Microsoft Windows 2003 and Windows 2008 servers.
• Administering the Microsoft Windows Servers and managing disk space, user profile creation and user rights management.
• Maintain and create user accounts and policies within Active Directory, Configure/maintain Internet filtering and security on public access pc’s.
• Configuration and maintenance of DNS & DHCP servers.
• Maintained accurate network documentation for moves, adds, changes, and deletes. Properly documentation of problem situations and resolutions.

Confidential, North Brook, IL

Network & Systems Administrator

Responsibilities:

• Analyzed, configured and troubleshoot the LAN/WAN networks. Monitor Network traffic and access logs in order to troubleshoot network access issues. Use network analysis tools to monitor and shape traffic for optimum performance.
• Perform configuration and maintenance of LAN\WAN technologies such as Ethernet and Fast Ethernet. Securing the network with access lists applied on interfaces.
• Planning designing, Installation, configuration and maintenance of 802.11a/b/gWireless Networks and Wireless Access points.
• Implemented traffic filters using Standard and Extended Access-lists. Handled Route-map, Re-distribution list & access-list configurations.
• Implementing IP Routing protocols EIGRP, OSPF, RIPv1 and RIPv2.
• Configuring and managing Windows Firewalls, Cisco PIX and Checkpoint firewalls.
• Performed IOS Software upgrades on switches 6500, 3750 and 4500s
• Cisco Load balancers, VPN concentrators and implementing QoS and performing traffic engineering.
• Daily administration of Windows servers including creation/deletion of new user accounts, print services, backups. Installed and Maintained software license agreements.
• Handled all orders as per the company needs, Add, Change, Terminate, Relocate etc. Coordinated with engineering team and onsite technician for remote configuration of Cisco routers and Switches
• Providing End-user support for configuration and troubleshooting of hardware, software and Windows operating systems related issues, Network connectivity issues, Remote access setup and VPN connection issues.
• Participating in disaster recovery testing, maintaining system documentation logs and assisting in troubleshooting and diagnosis of system problems.
• Executing email administration, backup, data recovery, and preventive maintenance in addition to routine software installation and troubleshooting functions.
• Experience with Cisco Voice and Unified Communications Solutions (CUCM 8).
• Deployed unified communication solutions for the corporation with Cisco 2900, 3900, 3900E routers.
• Hands on experience with voice protocols like MGCP, H323 and SIP.
• Served in computer maintenance, performed all types of hardware, software maintenance and engineering in addition to systems selection, backup and technical support.
• Installing, Configuring and updating of Antivirus packages (Kaspersky and AVG).
• Installation, maintenance and troubleshooting of various laser and Network and Local Printers.

Confidential

Computer Systems & Network Administrator

Responsibilities:

• Network Planning and implementation between the Main Head office and branch offices located across USA and India. Design and Implement Remote access management and VPN access between the sites.
• Configured T1 interface and Channelized T1 interfaces between Cisco 2800, 2400 and 2500 series routers. Cisco IOS upgrades on routers.
• Create end-user VPN accounts with appropriate access. Installed and configured for VPN IPSEC and VPN Dial-up connections for remote users.
• Installation, Maintenance and Troubleshoot DNS, DHCP Servers and System issues. Managed and maintained DNS, DHCP protocols and Active- Directory Infrastructure.
• Configuration and installation of wireless networks using access points, and Wireless LAN cards of Wi LAN, Dlink, Linksys, and Cisco AG APs.
• Installation, Configuration and maintenance of Network Printers.
• Disaster Recovery, backup and restoring Data using R-TT Disk Imaging Software.
• Providing End-user support for configuration and troubleshooting of hardware, software and Windows operating systems related issues, Network connectivity issues, Remote access setup and Management issues, and VPN connection issues.
• Experience in installing SQL 2005 Database server and Internet Information Server (IIS) 6.0 on Windows 2003 and Internet Information Server (IIS) 7.5 on Windows 2008 Server.
• Installation of SAP R/3 4.7E, ECC 6.0 System and hosting remote access management to the server for employees based in USA.
• Assisted in the installation process of SAP R/3 4.7 and 6.0 Systems, performance tuning and monitoring of the SAP (4.7, ECC 6.0) on Windows 2003 with Oracle 10g as the database.
• Actively provided desktop configuration and phone support for software and hardware related issues. General end user desktop and laptop support.
• Back up policies on Cisco Network storage systems.