SUMMARY

• 6+ years of experience in Cisco/Juniper Networking, Security which includes designing, Deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols.
• Experience in the design, configuration/implementation, management, maintenance and support of Cisco, Check Point and Juniper firewalls.
• Implemented security policies using a Firewall, IP Sec, VPN, AAA Security TACACS+, and Radius on different series of routers.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Strong knowledge on Wireless Standards and Technologies, i.e. Ethernet, WAN, LAN, IEEE … b, g, n (Wi - Fi). Cisco Wireless Management system, Cisco Meraki Products, PCI standards
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, IS-IS, EIGRP, RIP, BGP v4, MPLS.
• Responsible for the setup of SAN Fabric, comprising ofMDS 9506/9216 switchesfor the expansion of fabric with minimum downtime to the host applications.
• Good knowledge in configuration of Voice VLAN’s (VOIP) and had experience in prioritizing the voice traffic over the data traffic.
• Involved in troubleshooting of DNS, DHCP and TFTP other IP conflict problems.
• Configured Security policies, Including NAT, PAT, Route-maps and Access Control Lists.
• Experience withCiscoenterprise directors like Cisco MDS 9513/9509/9506 and 9120/9140 departmental switches.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
• Implementation of HSRP, VRRP, GLBP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP for Default Gateway Redundancy.
• Expertise in OSI layer model TCP/IP.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Worked extensively in Configuring, monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Hands-on experience on Checkpoint Firewall R77, Palo Alto Pa 3000 and Cisco ASA 5520 firewalls.
• Hands on experience in, VLAN, VTP, STP, NAT, VPN, Stacking and stack wise 480 and OSI Layers.
• Implemented traffic filters using Standard and extended access-lists, Distribute-Lists, prefix lists and Route Maps.
• Designing and configuring of OSPF, BGP on Juniper Routers (MX960) and SRX Firewalls (SRX240).
• Good knowledge of using Microsoft VISIO/Office as technical documentation and presentation tools
• Working knowledge with monitoring tools like Solar Winds and network packet capture tools like Wire-shark.

TECHNICAL SKILLS

Routing Protocols: RIP, IGRP, EIGRP, OSPF, IS-IS, BGP, HSRP, VRRP & GLBP.

Routers: Cisco 17XX, 18XX, 26XX, 28XX, 37XX, 38XX, 44XX &72XX series.

Switching Protocols: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Switches: Cisco 3550, 3750, 45XX, 65XX series.

Nexus devices: 7010,7018, 5020, 2148, 2248.

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240.

LAN Technologies: like Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, LAN Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation,802.1Q.

WAN technologies: like Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Security / Firewalls: Cisco ASA Firewalls, IPSEC & SSL VPNs, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, ACL, IOS Firewall features, IOS Setup & Security Features

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Infrastructure services: like IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management.

IP Telephony utilizing: Cisco routers, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager (publisher & subscriber).

PROFESSIONAL EXPERIENCE

Confidential, New York, NY

Sr. Network Engineer

Responsibilities:

• Providing Level 3 Support of NIDS systems (Network Intrusion Detection Systems), Checkpoint firewalls and appliances, Vulnerability Assessment Software, and Computer Misuse detection systems.
• Designing and deployment of Partner IPSEC VPN tunnel.
• Performing troubleshooting on slow network connectivity issues, routing issues that involve OSPF, BGP and identifying the root cause of the issues.
• Configuration and implementation of Juniper andPaloAltofirewalls.
• Cisco APIC-EM (IWAN) Deployment using CSR1000v Switch and VMware.
• Implementing security Solutions using Palo Alto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Hands on experience with Cisco Unified Applications like (CUCM, CUC, CER, UCCX, Presence, WebEx, Wireless, Video, etc.)
• Performed Nexus In-Line Service upgrades and deployed advanced nexus features VPC and VDC. BGP routing & WAN link troubleshooting on cisco ASR9ks in MSIT Datacenters & on 6500 devices in specific MSIT branches
• Performed risk assessment and network and security configuration optimization (using Nessus, NMAP, TCP dump, Wireshark/Ethereal).
• Trunking using 802.1Q. Implementing security Solutions using Palo Alto Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM
• Design solutions using Cisco DMVPN/IWAN features. Involved in the troubleshooting aspects of complex network infrastructure using the routing protocols like EIGRP, OSPF & BGP.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.
• Working with ITS networking teams to install an Avaya VoIP phone system and tested the phone system connectivity and functionality.
• Worked extensively on Data Center Palo Alto firewalls and F5 BIG-IP LTM.
• Configured Site-Site VPN on Palo Alto Firewall on one side and Fortinet on the other side.
• Install and maintain Cisco routers and switches, experience TCP/IP, OSI Model Layer 1, 2, 3.
• Implemented many number of security policy rules and NAT policy rules on Palo Alto, created Zones, Implemented Palo Alto Firewall interface, Palo Alto IDS and VLAN.
• Test and turn-up IWAN link and disable the 2 existing T1 circuits, running branch on IWAN only.
• Responsible for troubleshooting and resolving firewall software and hardware issues, including VPNs, connectivity issues, logging, cluster configurations, and hardware installations for Checkpoint and Palo Alto firewalls.
• Setup monitoring ports and conducted packet capture with Wireshark for troubleshooting
• Manage project task to migrate from Cisco ASA firewalls to Checkpoint firewalls.
• Configures, deploys, and supports over 500 VOIP Avaya phones.
• Configured and performed troubleshooting on link state protocols like OSPF in single area and multiple areas.
• Installation & configuration of Microsoft Proxy Server 2.0& Blue Coat Proxy
• Worked in projects converting P2P circuits into MPLS circuits, commissioning and decommissioning of the MPLS circuits for branch offices.
• Provided technical assistance to third-party and client operational staff.
• Managed remote access IPSEC VPN on Check Point firewalls.
• Experience with different Network Management Tools and Sniffers like Wireshark (ethereal) Cisco works to support 24 x 7 Network Operation Center
• Implemented high-availability and load-balancing on Cisco and Check Point firewalls.
• Performed requirement analysis, configured and implemented new firewalls and management servers on Check Point for multiple branch offices.
• Experience with Juniper JUNOS operating system and working on M and MX series routers

Confidential, Glen Allen, VA

Network Security Engineer

Responsibilities:

• Member with project team in design and implementation of Data Center Migration for external Connections.
• Implemented new networks in multiple data centers that included Cisco 6500 s, Juniper security devices, and F5 Big IPs.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts.
• Good understanding of Panaroma, which is a centralized management for multiple Palo Alto Firewalls. Configuration of Palo Alto firewalls in High Availability.
• Configuring EIGRP and BGP in routers.
• Good understanding of Wildfire and creating various policies on Palo Alto (PA 5050, PA 500).
• Implementing and troubleshooting firewall rules in Juniper SRX 5400, 550, 5600 Checkpoint R77.20 Gaia and VSX as per the business requirements.
• Worked on Juniper SRX Versions 300, 3400, 3600, 220 implementing new and additional rules on the existing firewalls for a server refresh project.
• Configured and deployed VPC between Nexus 7010 and Nexus 5596, 5548 switches along with FEX 2248.
• Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
• Involved in Replacement of FPCs, PICs on Juniper M320 and T640 router.
• Working knowledge of SNMP, SNMP Traps and Syslog.
• Worked with Infoblox for securing and managing DNS, DHCP and IPAM.
• Management of Infoblox Grid Manager to manage DNS Forward and Revers Lookup Zones.
• Used Solarwinds for network performance manager to monitor network performance & improved the performance of the network by reducing the outages.
• Used Solarwinds Netflow Traffic Analyzer for monitoring the bandwidth of the Network.
• Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies.
• Provided high level of security to the network by installing ASA 5510 along with ACLs.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Migration with both Checkpoint and Cisco ASA VPN (Checkpoint R75.30 to Gaia R77.30 GA version).
• Installation and troubleshooting of company's WIFI network with added security and Cisco VOIP.
• Troubleshoot the network problems related to DHCP IP Address scheme.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, MPLS, NAT, DHCP, TCP/IP)
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+).
• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
• Performed Security operations in terms of pushing new policies and deploying new rules. Performing security troubleshooting in terms of checking ACLs, ACEs, and traffic flow analysis using packet capture features.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 6500.
• Involved in the configuration and maintenance of IPsec Site-Site VPN.
• Maintained work relationships with customer technology groups to ensure compatibility between implanted solution and emerging business requirements. Created network documentation for production site support and engineering, packaging for change control.
• Configuration of IPsec based VPN tunnels for site to site communication for e-commerce based agents.
• Configure Syslog server in the network for capturing the log from firewalls.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco PIX and ASA Firewalls.
• Continuously working in building new security designs to block intruder's access into e-commerce servers on various locations.
• Follow ITIL based Service Delivery and Management Process.

Confidential

Jr. Network Engineer

Responsibilities:

• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Designed and implemented the Cisco VoIP infrastructure for a large enterprise and multi-unit office environment. Met aggressive schedule to ensure a Multi-office reconfiguration project, which was successfully delivered.
• Provided Load balancing solutions to clients for using F5 Load balancers.
• Implemented redundancy in BigIP F5 load balancers to provide uninterrupted services to clients.
• Involved in L2/L3 Switching Technology administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Updated the HP open view map to reflect and changes made to any existing node/object.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Worked on a broad range of topics such as routing and switching, dedicated voice access, planning and implementation, large-scale high-visibility outages, change management coordination, proactive monitoring and maintenance, disaster recovery exercises, and core network repairs.
• Worked in OSI model, TCP/IP, UDP, IP addressing and Sub netting.
• Providing daily network support for wide area networks consisting of MPLS, VPN and point-to point site.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• ConfigureVRRP & GLBP andVLANTruncking802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Network Cabling, dressing, labeling and troubleshooting various network drops on-site.
• Managing Cisco Secure ACS for TACACS+, RADIUS authentications
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Working on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.

Confidential

Network Admin

Responsibilities:

• Design, integration, configuration, maintenance, performance monitoring and security of network infrastructure including local area networks (LAN), wide area networks (WAN), firewalls, DHCP, DNS.
• Designed, installed and configured network devices and monitoring tools, core network switches, routers, firewalls and proxy servers.
• Installing the Network devices in datacenter environment and clearly articulate complex network designs and drawings through documentation (Visio) as well as verbal training sessions.
• Experience in Configuring Site-to-Site and Remote Site VPNs, NAT/PAT policies
• Maintenance and Troubleshooting of connectivity problems using PING, trace route.
• Experience in designing and troubleshooting of EIGRP routing issues
• Thorough understanding and knowledge of network hardware and software concepts, Network protocols UDP and TCP/IP, OSI model layer and peer-to peer communication between host to host.
• Switching related tasks included implementing VLANS, VTP and configuring ISL trunk on Fast - Ethernet channel between switches.
• Performed IOS upgrades on Catalyst 3550, 2950, 1900 switches, and 3600, 2600 and 2500 routers.
• Interacting with Carriers for installation of new WAN circuits at Customer premises and make sure circuit installed with no issues and ready to use before users move into the branch
• Providing Teir-3 technical support for LAN/WAN issues and on-call for technical escalation on a rotational basis. Well experienced in troubleshooting bug related issues with the help of Cisco TAC service
• Providing networking services, coordinate tasks and ensure their execution and documentation in accordance with established corporate standards.