Sr. Network Engineer Resume
Dayton, NJ
SUMMARY:
- CCNA CCNP CERTIFIED professional with over around 8 years of experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
- Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, IS - IS, BGP and MPLS.
- Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, NAT, PAT, Inspections, VPN’s, DHCP, Wireshark etc.
- Expertise in configuring and troubleshooting of Palo Alto, Juniper NetScreen& SRX Firewalls and their implementation
- Working Knowledge of Cisco IOS, Junos& basic Nexus (7K, 5K&2K).
- Switching tasks include VTP, ISL/ 802.1q, VLAN, Ether Channel, STP and RSTP.
- Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
- Responsible for Check Point and Cisco ASA firewall administration across global networks.
- Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
- Experience in installing and configuring DNS, DHCP server, IPAM- IPv4, IPv6
- Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
- Expertise in installing, configuring and troubleshooting Juniper Routers ( J,M and MX-series)
- Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
- In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, IPAM FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
- Experience in Net Scaler Platform for SDN.
- Experience in site-to-site and remote access VPN solutions.
- Experience working with Nexus 7K, 5K and 2K.
- Experience withvirtualized ISE deployment across two network enclaves
- Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
- Experience indesign, implementation, and support of F5’s Big-IP Access Policy Manager (APM) software component in a complex enterprise environment
- Knowledge on F5’s BIG-IPApplication security management and Edge Gateway Solution
- Worked extensively on Palo Alto, Juniper Net screen, Fortinet and SRX Firewalls.
- Knowledge on cryptosystems such as RSA and AES.
- Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS
- Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
- Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
- Knowledge on complex Checkpoint, Cisco ASA & Palo Alto firewalls Environment.
- Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
- Experience in RIP, OSPF, BGP, EIGRP.
- IOS/JUNOS upgrade for Cisco & Juniper routers cum switches.
- Experience in testing Cisco & Juniper routers cum switches in laboratory scenarios and deploy on site for production.
TECHNICAL SKILLS:
Network Protocols: MPLS, VRF, OSPF, BGPv4, EIGRP, HSRP, VRRP, Policy- Based Routing (PBR), Route Redistribution, Static Routing, Web Cache Communication Protocol (WCCP), MPLS, Metropolitan Area Network (MAN), Wavelength Division Multiplexing (WDM), ISDN, PPP, VTP, STP, RSTP, VLANs, 802.1q/ISL, CDP, LACP:
Cisco Router Platforms: 1841, 2611, 2621, 2800, 3600, 3845, 3900, 7206VXR
Cisco Switch Platforms: 2900XL, 2950, 2960, 3500, 3550, 3560, 3760, 4500, 6500, Nexus 4k, Nexus 5k, Nexus 2k, Nexus 1k, Nexus 7k
Routing Protocols: EIGRP, BGP, OSPF, RIP, MPLS
LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, Port Channel, TCP/IP,VLSM, Cisco/Catalyst L2/L3 Switches, Wireless (802.11 a/b/g/n) Juniper/Netscreen/Cisco Firewalls:
WAN Equipment: Cisco/Juniper Routers, Silver Peak NX-7xxx WAN Accelerators, OC-192, OC-48, FRAME RELAY, PPP, T1/E1, HDLC, MPLS, DS3, Leased Lines,DSL Modems, ISDN(PRI/BRI), Fiber technology, Copper Cabling Technology
Network Management Tools: Cisco Works, Silver peak GMS, RSA Security Console, RSA Operations Console, VMware vSphere Client,TFTP, FTP, SSH IXIA, Spirent
Security Access Control/Policy: Cisco Secure ACS for Windows, RSA, AAA, TACACS+, Radius,IPSec, GRE, NAT/PAT, ACLs, Juniper SA SSLVPN w/DUO, Cisco Altiga SSLVPN, VeriSign:
Operating Systems: Windows 2003, Windows 2008, Linux
Languages: C, C++, python scripting, Bash, Assembly, HTML, SQL, Oracle 10g
Software: Microsoft Visio 2010, Microsoft Office, AutoCad, Matlab
Network Operating Systems: Cisco IOS, Nexus OS, CATOS, Junos
Documentation Tools: Microsoft Office, Visio, Project, SharePoint
PROFESSIONAL EXPERIENCE:
Confidential, Dayton, NJ
Sr. Network Engineer
Responsibilities:
- Worked with Cisco Layer 3 switches 3750,4500,6500; Cisco Nexus 5596 and 7010 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, ether channel
- Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
- Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
- Configuring and Maintaining TACACS+ for AAA.
- Migrated AAA server to ISE 2.0 from legacy ACS servers
- Managed IP addressing and implemented IP Access Lists.
- Worked extensively on Palo Alto, Cisco Firewalls, Cisco PIX &ASA 5500(5525/5585) Series.
- Knowledge on Palo Alto- OS: Version 5,6,7
- Experience with Firewall Administration, Rule Analysis, Rule Modification.
- Monitoring network access rules usage on Tufin Secure Track.
- Configuring Tufin and network devices for monitoring network rules.
- Experience with administering, troubleshooting and configuring / implementation (Cisco and Checkpoint) firewalls.
- Supported Cisco TrustSec Early-Field-Trial program, supported UHC with their deployment queries and assisted them in ensuring smoother TrustSec field deployments.
- Involved in Switching technology Administration including creating and managing VLANS, Port security, Trunking, RPVST+, Inter-VLAN routing, LAN security etc.
- Worked on Disaster Recovery (DR) test plan and build anIPSEC tunnel site to site.
- Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
- Set up VSS cluster, ether channel, VLAN trunking, VTP and inter-VLAN routing on 6506.
- Configure VDC and vPC on Nexus 7010 and Nexus 5596.
- Configures and managed Nexus 2248 and 2400 series of wireless controller.
- Implemented port aggregation & link negotiation using LACP and PAGP.
- Configured site to site VPN technologies using IPSEC.
- Upgraded legacy Catalyst switches to 3750X for MACSEC and CTS rollout
- Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched Network.
- Worked with Routing Protocols of OSPF, and BGP.
- Implementation of name resolution using WINS &DNS in TCP/IP environment
- Knowledge on DNS zone migration and DHCP scope migration
- Administer IP control Appliances for DNS/DHCP services
- Worked on F5 BIG-IP LTM 6900, configured profiles, and provided and ensured high availability
- Worked on F5and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance
- Established an SSL VPN connection to F5 Networks' BIG-IP ASM security management, Edge Gateway, BIG-IP APM, and FirePass controllers.
- Implemented lead for load balancingsolutions on Capital One projects leveraging F5 LTMs & GTMs to improve webapplication delivery speed and replication through and between distributedglobal data centres.
- Hands on experience with phpIPAM IP address management
- Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5585 Firewalls.
- Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance, troubleshooting etc.)
- Worked for change management procedure and implementation of configuration changes during non-production window
- Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication,RSA authenticationand HSRP authentication.
- Maintained an 8 node virtualized ISE deployment providing access layer security across two network enclaves for over 5000 end points
- Implementation of Juniper Firewall, SSG Series, Netscreen Series ISG 1000, SRX Series
- Implementation of HA-JSRP in JUNOS devices, SRX Series Router/Firewall in both A/A and A/P mode
- Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
- Used internal network monitoring tools to ensure network connectivity and Protocol analysis tools to assess the network issues causing service disruption.
- Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments in data center
- Consolidated remote and LAN access and wireless connections within a single interface to streamline access management.
- Provided Breakthrough Approach to Unifying and Optimizing Access to the Data Center using F5’s BIG-IP Edge Gateway Solution
- Implementation of name resolution using WINS & DNS in TCP/IP environment
- Ability to analyze, configure and troubleshoot networks
Confidential, TX
Network Engineer
Responsibilities:
- Complete ownership Self-Hosted Openstack environment comprised of EqualLogic 10GbE; Force10; Cisco Routing, Nexus Switching, and ASA firewalls; and Foritnet Firewalls
- Design an available and secure firewall solution for the Cloud program
- Performed Proxy testing which serves Layer-7/ HTTP traffic and other Proxy features like HEADER ERICHEMENT, TFD, LTMI and Video Optimization.
- Worked on call flows involving IMS architecture - VOLTE, IP messaging (RCS)
- Lead the testing team on Virtualized Proxy which supports port 80 traffic in connected car project.
- Also migrated from the hierarchical tree networking model to leaf-spine design using Ethernet fabric network.
- Optimized spine-and-leaf topologies with integrated gateways to provide greater efficiency and transparent mobility for physical and virtual machines and services along with end-to-end visibility.
- Involved in test case design, execution and also analyze the traces and perform root cause analysis on issues.
- Experience and worked on protocols: SIP, DIAMETER, HTTP, GTP, RADIUS, and TCP/IP.
- Working closely in sync with other node teams for integration, functionality and understanding.
- Worked on Tools like Netscout, IRIS EPC/IMS analyzer, JDSU, Wireshark, HPQC
- Worked on Traffic generating tools, IXLOAD and LANDSLIDE SPIRENT
- Integration, Testing, Verification and Software upgrade of Ericsson’s Multi Server Proxy (MSP) Solution in AT&T’s Core Network for optimizing HTTP, MMS and video traffic.
- Providing ongoing customer support throughout implementation as well as driving new solutions development forMSP.
- Solution deployment and implementation was done on various Servers running on Linux
- Configured network interfaces, routes, DNS, DNAT, NTP, IPAM and SNMP on traffic servers and VLAN on network switches.
- Implementation of name resolution using WINS &DNS in TCP/IP environment
- Performed troubleshooting of networking issues inMSPsystem using tools like TCP dump, traceroute, and netstat, nslookup and SQL queries.
- Configuration and management of various Virtual Servers.
- Created Test Plans and executed regression and call-flow testing between Mobile Proxy, RADIUS Server, LDAP server, F5 Load Balancer and Webserver using Wireshark and Pureload.
- Migrated AAA server to ISE 2.0 from legacy ACS servers
- Optimized the IP network with the F5 BIG-IP platform
- Worked on Net scaler MPX, VPX and SDX.
- Experience with Palo Alto - Firewall Administration, Rule Analysis, Rule Modification
- Performed Deep packet inspection using Wireshark for various protocols like RADIUS, HTTP, LDAP and SSL.
- Responsible for addressing all issues on core nodes (MSS, MGW, SGSN, MME, CPG,MSPand IMS) related to performance, capacity and QOS and provide sustainable technical solutions through engineering and/or tools for AT&T.
- Involved in migration of virtual machines from VMware ESX 4.1 to ESX 5.0/5.5.
- Involved in Corporate Sponsored Data and SOCKS, Toggle Voice testing
- Worked on Sd interface testing and performance testing, failover resiliency
- Dealt with EAP-AKA authentication
- Implementation of EAP-AKA protocol on voice over WIFI calling
- Implemented DER and DEA, Post challenge request messages for authentication on AAA and HSS
- Implementation of Radius and Diameter (RFC 3588,RFC 4072) interface with EAP for AAA Controller
- Integration of EAP module with R6 module.
- Created and designed network layout and documented network system design with detail information using Visio
- Configured and managed VLANs, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for Layer-2 and Layer-3 switching domains as per the organization's requirement plan
Confidential, Sacramento, CA
Network Administrator
Responsibilities:
- Responsible for entire LAN and WAN maintenance and troubleshooting of the company network
- Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements
- Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
- Worked with the data center planning groups, assisting with network capacity and high availability requirements
- Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments in data center
- Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 7010 5000 series to provide a Flexible access Solution for a datacenter access architecture
- Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
- Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer
- Design an available and secure firewall solution for the Cloud program
- Involved in project planning, deploying and reviewing based on the requirements within the existing network
- Reviewing all changes to network configuration for technical accuracy and providing solutions to Multi-Protocol Network problems
- Configured and managed VLANs, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for Layer-2 and Layer-3 switching domains as per the organization's requirement plan
- Experience Working on Traffic generating tools like IXIA and LANDSLIDE SPIRENT.
- Worked with F5 Load-Balancers and the following software modules: LTM, ASM, AFM, GTM
- Tested various BGP attributes like local preference, MED, Weight and replicated customer issues in the testing environment lab
- Routing protocol configuration such as OSPF, IS-IS, EIGRP and BGP, Router redundancy configuration (HSRP, VRRP and GLBP)
- Wireless LAN (Access point, LWAPP)
- Administrated LAN and WAN with of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
- Multicasting, Route redistribution, Route Filtering using Distribute list
- IP Allocation for all applications and servers with high availability throughout the company
- Configured ASA 5540 to ensure high-end security on the network with ACLs and Firewall
- Experience working on Net Scaler platform for SDN. Also worked on Network automation, HPNA
- WAN Technologies (PPP, Frame Relay, ATM, ISDN, Site to Site VPN)
- Exposure to building frameworks based upon SDN/NFV functionality.
- Provided application level redundancy and availability by deploying F5 6500 series LTM load balancers
- Worked on F5 BIG-IP LTM 6900, configured profiles, and provided and ensured high availability
- Experience indesign, implementation, and support of F5’s Big-IP Access Policy Manager (APM) software component in a complex enterprise environment
- Involved in designing WAN infrastructure for redundancy in case of link failure
- Responsible for technical evaluation, troubleshooting, overall project management, problem solving and turn-up of the service with the ISP
- Created and designed network layout and documented network system design with detail information using Visio
- Implementation of HA-JSRP in JUNOS devices, SRX Series Router/Firewall in both A/A and A/P mode
Environment:Cisco3750/3550/3500/2960 switches andCisco7200/3700/3600/2800/2600/2691 routers, EIGRP, OSPF, BGP, VLAN,CiscoPacket tracer and GNS3 simulators for Network design, KIWI for Network Management
Confidential
Network Engineer
Responsibilities:
- Configured CIDRIP RIP, PPP, BGP and OSPF routing.
- Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
- Identify, design and implement flexible, responsive, and secure technology services
- Experience with Firewall Administration, Rule Analysis, Rule Modification
- Troubleshoot traffic passing managed firewalls via logs and packet captures
- Configured and resolved various OSPF/IS-IS issues in an OSPF/IS-IS multi area environment.
- Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
- Worked with telecom vendors in regards to network fault isolation.
- Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
- Installed different software on the systems. Install and managing network devices including Hubs, Switches.
- Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
- Applied Linux expertise to correct a major fault with an ISE monitoring node where logs had filed the partition causing the node to operate or boot.
- Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
- Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope
- Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
- Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO
- Design, implementation and operational support of routing/switching protocols in complex environments including IS-IS, BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
- Estimated Project costs and created documentation for project funding approvals.
- Planned resources and presented project status to higher management.
- Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
- Configured egress and ingress queues for ISP facing routers using CBWFQ.
- Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
- Ability to analyze, configure and troubleshoot networks
Environment: Cisco 6509/ 3750/3550/3500/2950 switches, Cisco 7200/3845/3600/2800 routers, Checkpoint firewalls(SPLAT), Net Flow,TACACS,EIGRP,RIP,OSPF,BGP,VPN,MPLS,CSM,SUP720, Ether Channels, Fluke and Sniffer.
Confidential
Network Engineer
Responsibilities:
- Provided port binding, port security and router redundancy through HSRP.
- Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
- Provided testing for network connectivity before and after install/upgrade
- Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
- Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
- Worked on HSRP for hop redundancy and load balancing.
- Configured the Cisco router as IP Firewall and for NATing Configured RSTP, MST and used VTP with 802.1q trunk encapsulation.
- Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
- Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
- Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
- Routing protocols OSPF, RIP & BGP
- Implementation of name resolution using WINS & DNS in TCP/IP environment
- Configured FTP server for inside/outside users & vendors
- Environment: Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP, and Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN’s, and SS
- Installing, Configuring, Administering and supporting the Windows 2003 Server, Windows 2003 Server, Windows 2000 Server, Windows 2000 Advanced Server, IDS server, SQL Server and Active Directory
- Responsible for virus detection and spyware removal
- Conducted and implement Network and software installations and upgrades