SUMMARY

• Seeking a challenging position as a network engineer, where I can increase revenue and productivity for your company by showcasing my expertise working in the networking field for 8+ years
• Expertise as a Network Engineer with 8+ years of experience in Network designing, Troubleshooting, implementation, Deployment and supported production environment
• Worked extensively on Cisco Firewalls, Cisco PIX &ASA 5500(5525/5585), Palo Alto 200 Series.
• Extensive experience in VOIP, SIP, MGCP which are used for voice over internet communications.
• Experience in implementing Next Generation Firewalls (NGFW) such as Bluecoat ProxySG and other vendors such as Palo Alto networks NGFW for URL filtering
• Used Arista EOS software platform for network programmability, and worked with Arista 7504R/7508R modular spline switches in high performance data centers and routing scalability
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5585 Firewalls
• Scripting in python, perl and ansible used for automating various tasks in Cisco IOS
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
• Updated and maintained inventory of all network hardware, Management and Monitoring by use of Secure Shell (SSH), Syslog, SNMP, NTP.
• Designed Cisco Routers, Cisco Switches, Load Balancers and Firewalls with practical experience
• Configured ACLs, VLSM, NAT, Subnetting, Syslog Server, DHCP Server, DHCP relay on Cisco routers
• Implemented, configured and troubleshot various Routing Protocols like RIP, EIGRP, OSPF, BGP with real time hands - on experience
• Configured 802.1d Spanning Tree Protocol (STP) for loop prevention and VTP for Inter-VLAN Routing.
• Implemented various Switching Technologies STP, RSTP, VLAN & VLAN Trunking Protocol (VTP), Inter-VLAN routing, Ether channel using LACP, PAgP along with Failover Mechanisms such as HSRP&GLBP on Layer 2 Setup
• For security purposes, enabled Authentications such asWPA2,PAP/CHAP, and AAA model for authorization, authentication and accounting purposes
• Extensively used Route Reflectors, Route Influence by Attributes, Multi homing, Route dampening, and Optimization of BGP.
• Experienced in working on Cisco Catalyst (CAT) switches2900,3750, 4500, 6500series
• Worked on Nexus FEX-2K (2248, 2232), 5K (5548, 5020, 5010)and 7K (7018, 7010) series switches
• Expertise in VPC (Virtual Port Channel), used VDC (Virtual Device Contexts)to enable virtualization and to present the physical switch as multiple logical devices, Fabric path and OTV configurations.
• Routed Cisco 7600, 7200, 3810, 3925, 2811, 1800 series with layer 3 routing
• Experience in implementation of Cisco ACS Servers & configuration of TACACS protocols.
• Experience in T1/E1/T3 technologies and different LAN&WAN technologies.
• Implemented traffic filters using Access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
• Expertise in structured cabling, IP address management, Racking, Stacking, UCS management.
• Experience on conducting Change Management on weekly / daily basis without any DOWNTIME in LIVE NETWORK and managing Business Continuity Plans (BCP).
• Proficient in using MS Visio for documentation purposes.

TECHNICAL SKILLS

Cisco Routers: 7600, 7200, 3925, 3810,3600, 2800 Series

Firewalls & Load Balancers: Cisco ASA 5540 series, IPSEC, SSL VPN & F5 big-IP LTM 6900

NEXUS Features: VDC, VPC, Fabric extenders FEX, F&M series line cards

Cisco Switches: Catalyst 6500, 4510, 4500-x, 3800, 3750x, 3550, 2960s & Nexus 2k, 3k, 5k, 7k’s

Juniper switches: QFX5100

Scripting: Python, Perl, Ansible, Unix, Linux, git for version control, gerrit for code review with server side experience

IP Routing Protocols: Multiprotocol BGP (MP-BGP), EIBGP, EBGP, OSPF, EIGRP, RIP v1 & v2, Route redistribution, Route filtering, Summarization, Static route

Protocols: IPv6, IPv4, TCP, UDP, ICMP, NAT, DHCP, SNMP, IPSEC, HTTP, SSH, DNS

IP Services: HSRP, DHCP, GLBP, VRRP

MPLS: LDP/TDP, MPLS VPN, RSVP, VRF, MPLS- QoS

LAN Switching: RSTP,STP, VTP, VLAN & Inter-VLAN routing, Dot1q, QoS

WAN /Core: Frame Relay, PPP, HDLC, Channelized links (E1/T1/E2/T2)

Security Server Protocols: Radius, TACACS+ servers

Quality of Service: Queuing (CBWFQ, LLQ), Traffic Shaping, RED/WRED

Network Monitoring Tools: Wireshark, CiscoWorks, Solar Winds, Cisco WAN Manager, HP Openview

PROFESSIONAL EXPERIENCE

Confidential, Reston, VA

Sr. Network Engineer

Responsibilities:

• Installed and configured latest Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per business requirements.
• Defined policies, NAT and anti-spoofing for internal, external networks well as Internet gateways in Checkpoint firewall 4.1
• Hands-on experience with firewalls, IDS/IPS, malware, forensics,Proxy and network security devices
• Implemented Symantec endpoint encryption (SEE) to prevent data breaches for lost and stolen devices
• Have well-rounded hands-on knowledge in areas such as Windows, Unix, Networking, Firewalls, Intrusion Prevention Systems, Proxies, and Security Vulnerability and Monitoring Tools
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Used Cisco ACI Fabric which is based on Cisco Nexus 9000 Series Switches and the Cisco Application Virtual Switch (AVS)
• Implemented Cisco ACI infrastructure for supporting rapid application change by reducing complexity with a common policy framework that can automate provisioning and resource management.
• Configured ACLs, VLSM, NAT, Subnetting, Syslog Server, DHCP Server, DHCP relay on Cisco routers
• Used ACLs for authentication of EIGRP, BGPto ensure high network security.
• Used Juniper QFX5100 switches for high performance and low latency in virtualized data center environment.
• Hands-on experience in configuration of firewalls - Palo Alto, Cisco, Fortinet, and Firefly
• Expertise with JUNOS (Juniper OS) which provide more capabilities than Cisco IOS
• Used checkpoint firewall and imperva to combat theft, fraud and mitigate risks in data center
• Used Bluecoat ProxySG for URL filtering, which is more enhanced than NGFW
• Used Cisco Prime monitoring tools for alarm generation in case of network failure and for issuing major critical warnings in the network.
• Used Arista EOS software platform for network programmability, and worked with Arista 7504R/7508R modular spline switches in high performance data centers and routing scalability
• Deployment and maintenance of Arista Networks using 7100 and 7150 switches
• Implemented and configured Load BalancingforF5 Big-IPLTM 6900
• Worked in the deployment of Cisco 6500 to Nexus in a data center environment.
• Experience configuring VPC(Virtual Port Channel), VDCin Nexus 7010/7018
• Used Cisco ASA 5540firewall for Enterprise security, configured access lists ACL’s to ensure high security on the network.
• Implemented and configured IPSECVPN and GRE tunnels.
• Experience with configuring FCOE using Cisco nexus 5548.
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
• Performed migration from legacy Catalyst 6513 Switches to Nexus 7010 switches adhering to ITIL change Management Procedure during data centre fabric migration process
• Configured and maintained VPCs with 7010/7018 and 5548 in the network.
• Also configured and maintained VDCs in 7010/7018 switches, maintained VRFs in separate VDCs.
• Worked with Sup 2E for 7010 switch, F series line cards for L2 switching and few M series line cards for L3 proxy routing purposes for F cards.wire
• Used Fabric Extenders like 2248TP GE series for the top of the rack solution and used 5548P for the end of the row solution.
• Scheduled maintenance of Nexus(2248, 5548, and 7010) switches so that there are no Orphan ports in the network, and to ensure all users to be dual homed with sufficient redundancy.
• Used DHCP to dynamically assign reusable IP addresses to DHCP clients via INFOBLOX IPAM and resolved IP address conflicts.
• Worked on OTV to extend L2 VLANs between data centres over IP on Nexus 7010 switches.
• Experience in layer-3 Routing with, Cisco 7600, 7200, 3810, 3925, 2811 series.
• Involved in complete LAN, WAN development including but not limited to IP address planning, designing, installation, configuration, testing and maintenance.
• Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter-Vlan routing, LAN security etc.
• Configured HSRP and VLAN trunking 802.1Q, VLAN routing on catalyst 6500 switches.
• Worked on TACACS+ servers for AAA authentication and userauthentication.
• Configured Cisco access points 1142 AP, 1252 AP and WSM.
• Downloaded,Upgraded and updated Cisco IOS.
• Used Network monitoring tools such as HP Open View to ensure network connectivity.
• Prevented DDoS(Distributed Denial of Service) attacks on the enterprise network.

Confidential, Owing Mills, MD

Network Engineer

Responsibilities:

• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Deployed new data centres with Cisco 6506’s, F5 load balancers.
• Provided full fault resolution to backbone infrastructure running BGP, OSPF, RIP and MPLS routing protocols.
• Configured BPDU Guard,BPDU filter,port-fast,uplink fast, backbone fastof spanning tree STP
• Provided full ‘enable’ support to backbone network infrastructure, which consists of Cisco 72xx, 39xx Series Routers, ACS terminal servers, 2950, 3750, 3800 and 65xx Cat switches.
• Configuring and modifying Access-lists, policy maps, route-maps.
• Configuring OSPF, BGP, RIP, MPLS and static routes, and NAT pools on the edge routers.
• Utilized CiscoBGP communities and advanced route filtering on Cisco IOS.
• Diagnose MPLS protocol problems including VRF and COS issues to full resolution.
• Deployed and installed various 3925 Series ISRs as Branch CE routers.
• Designed Campus branches and data centres.
• Implemented with Cisco Layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Performed VSS on cisco catalyst 6500 series switches.
• Configured and managed Cisco access layer routers and switches & carried out route redistribution& manipulated route updates using distribute lists, route-maps & administrative distance, and offset-lists.
• Designed, consolidated and installed local server farms in multiple branch locations with Cisco 4500-X at distribution and 4948’s replacing the 3750’s at access level.
• Implemented LACP and PAGPfor port aggregation & link negotiation.
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fibre Handoffs.
• Resolve and escalatesystem alertsissues appropriately from start to completion.
• Performsystem maintenanceto proactively tune various network issues prior to occurrence.
• Dispatch field technicians on various sites, and provide guidance for network devices connections, configurations and troubleshooting.
• Create, open, resolve and close escalated troubleticketsusingclarify and freedom.
• Investigated, analyzed anddocumentedtechnical issues, providedadvice to upper management
• Provide 24/7 support and troubleshooting of a variety of network related issues including Guests’ connectivity and devices operability.
• Configure,monitor, and insure connectivity of LAN, and WAN sites.
• Configuring and troubleshooting Vlans, STP, Trunking, Ether channel, DTP on the LAN switches.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tool’s such as Solar winds.

Confidential

Network Support Engineer

Responsibilities:

• Defined policies, NAT and anti-spoofing for internal, external networks well as Internet gateways in Checkpoint firewall 4.1
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Worked with Network Engineer’s in the installation and configuration of firewalls.
• Implemented VTP, trunking protocols (802.1q and ISL) on cat 3560, 3750 and 4500 switches.
• Provided technical assistance for LAN/WAN management and resolved customer issues.
• Worked on OSPF using features like TSA, SA, NSSA and route summarization. Configured EBGP/IBGP policies also tested BGP attributes such as Local preference, MED, AS-PATH, Community and Weight.
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Responsible for implementing,engineering, & level 2 support of existing network technologies / services & integration of new network technologies / services.
• Major contribution in improving OSPFconvergence by controlling SPF algorithm and LSA/SPF throttling in the WAN infrastructure.
• Expertise in creating Access control lists for layer-3 security and providing resilient network using protocols like HSRP and GLBP.
• Troubleshooting issues and outages on Trunks and Router interfaces and firewalls extensively.