SUMMARY

• Cisco Certified Network Engineer over 7 plus years of Experience in Network engineering, designing, architecting, implementing, configuring and troubleshooting Network & Security infrastructure on routers, layer2/layer3 switches and firewalls
• Hands - on experience on ASA (5505/5510) Firewalls. Implemented security policies using ACL, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS) and worked on Cisco ACS version 5.x
• Proficient in setting up IT infrastructure including wide area networks (WAN), local area networks (LAN), security management systems network device administration
• Experience in implementation and troubleshooting of VLAN, STP, MSTP, 802.1Q, RSTP, PVST, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5 and VTP
• Strong practical experience in layer-3 Routing and layer-2 Switching. Dealt Cisco routers and Cisco catalyst series switches
• Designed and worked with new networkmanagement tools to enhance the capacity to monitor e-mail services, availability of resource, and networktraffic
• Troubleshoot and verified routers and switches with VLANs and inter-switch communications
• Enterprise Routing experience using protocols RIP v1 & v2, EIGRP, OSPF and BGP
• Upgrading IOS for Cisco routers and switches
• Deployed Positive Enforcement Model with the help of Palo Alto Networks
• Efficient designing of IP Addressing Scenario using VLSM and Sub-netting
• Testing Cisco routers and switches in laboratory scenarios and deploy on site for production
• Worked on Nexus 7K, 5K, 2K switches, NXOS, IOS and IOS-XR BXB to N7K-NXOS(MPLS) system test
• Assisted working with cisco ASR 9k, 1k
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series
• Detailed Knowledge about IP Multicast, IGMP, IGMP version 2 and 3, CGMP, IGMP Snooping, PIM-Sparse and Dense Mode
• Extensive experience in Tier II ISP Routing Policies, Network Architecture, IP Sub-netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits
• Experience with configuring Nexus 2000 FEX (Fabric Extender) which acts as a remote line card (module) for the Nexus5000
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Experience in configuring and troubleshooting of Juniper SSG series
• Configured F5 BIG-IP,LTM,GTM load balancers and implemented it to maintain global and local traffic
• Assisting in implementing enterprise wide network security and high availability solutions for ASA
• Worked with convert Checkpoint VPN rules over to the Cisco ASA solution, Migration with both Checkpoint and Cisco ASA VPN experience
• Good communication skills and a team player, Effective inter-personal skills, adaptable to any environment with the latest technologies and provide solutions as an individual and as a team member

TECHNICAL SKILLS

Switches: Nexus 2K/5K/7K, Cisco Catalyst 2900, 3500, 3700,6500, 4500, 3850,3560, 3750, 2960

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Etherchannels, Transparent Bridging.

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600,1800,1700

Routing: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: PPP, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, Frame Relay, VOIP

Network Security: Cisco ASA Firewalls, Juniper, ACL, IPSEC, F5 Load Balancer, Checkpoint

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400.

Gateway Redundancy: HSRP and GLBP

WAN Optimizer: Riverbed Steelhead Appliance

DHCP and DNS: Infoblox

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Management: Wireshark, SNMP, Solar winds

PROFESSIONAL EXPERIENCE

Confidential, Ada, OK

Sr. Network Engineer

Responsibilities:

• Involved in the activity of DATA-Center migration of regular Cisco catalyst switches with the new Nexus 2148, 2224T, 5548, 6018, 7010 using F3/M3 line-cards with 10GE & 40GE interfaces and Supervisor 2E
• Configuring and deploying Cisco Catalyst 6506, 4948E, 4510 switches and Cisco 3660, 3845, 7609 routers
• Applied ACLs for Internet access to servers using Cisco 5550 ASA firewall and performed NAT
• Performed Security operations in terms of pushing new policies and deploying new rules. Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features
• Designed and implemented DMZ for Web, Mail and FTP Servers using Cisco ASA 5500 Firewalls
• Experienced in installation, configuration and maintenance of Cisco Nexus 7K, 5K switches in standalone as well as in V-BLOCK infrastructure
• Good knowledge and hand on experience of implementing firewall policies on Cisco ASA
• Performed migration from Legacy Catalyst 6509 with SUP-720, Catalyst 4507 with SUP-6 to Nexus 7k with SUP-2E as part of the data center refresh
• Extensive knowledge and experience in vPC, ether channel, STP, VTP, and HSRP also VRRP protocols
• Experienced in Cisco ASR 1000, 7200, 2700, 2900, 3900, 1800 Routers, Cisco Catalyst 4500, 2900, 3700 Switches
• Performing troubleshoots on complex network infrastructure using routing protocols EIGRP, OSPF and BGP
• Experienced in working with Cisco NX-OS and IOS
• Hands on Experience in Checkpoint UTM-1, Checkpoint Smart Center R.75, Nokia Voyager IPSO-390
• Applied ACLs for Internet access to the servers using Cisco 5520 ASA firewall, performed NAT
• Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario
• Configured and Maintained BGP features such as load balancing, Route Reflectors, BGP metrics such as maintaining the Enterprise IP Addressing scheme with allocation of new IP Pools for user subnets, and updating the port on the switches MED, AS Path, Local Preference, Communities
• Create and test Cisco router and switching operations using OSPF routing protocol, and MPLS switching for stable VPNs
• Worked on Cisco Routers, Active/Passive Hubs, Switches, Cisco PIX Firewall, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches
• Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs
• Involved in the troubleshooting aspects of complex network infrastructure using the routing protocols like RIP, EIGRP, OSPF, ISIS and BGP
• Implementing and troubleshooting (on-call) IPsec VPNs tunneling and SSL for various business lines and making sure everything is in place
• Involved in the configuration and maintenance of IPsec Site-Site VPN
• Hand on experience in Juniper secure gateway SA-4500 7 SA-2500 for VPN
• Deliver in-depth diagnostics and root-cause analysis for networkimpacting issues on Juniper Networks routing products (Internet backbone routers) to large Internet Service Provider and/or enterprise customers
• Deployment and configuration of Sourcefire 3D Sensor 8250 and Defense Center 3500 with Port SPAN also creating IPS/IDS policies and intrusion report generation and monitoring
• Design and implementation of Main Data Center Move project from one location to another location with minimal down time using traditional DCI with vPC and In-box configurations with same HSRP group for redundancy on four Nexus 7k switches, two on each side
• Design and Implementation of Disaster Recovery Co-location consisting of Nexus 7K switches, ASR 1002, Cisco ASA Firewalls, Cisco 3925 routers etc. Successfully implemented OTV for VLAN Extension
• Deployed VSS on Cisco Catalyst 6509 switches and provided post-deployment support for issues
• As part of Data Center fabric remediation/refresh project, deployed Cisco Nexus switches and implemented features like FEX Links, VPC and VDC
• Configured and deployed VPC between Nexus 7010 and Nexus 5596, 5548 switches along with FEX 2248
• Provided access to User machines and partners exterior to the network using IPsec VPN tunneling and SSL
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability
• Involved in the configuration and maintenance of IPsec Site-Site VPN
• Dealt with the service providers in the case of WAN outages
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900
• Responsible for simulating network operations with the usage of packet analyzer like Wire shark, and use to resolve tickets whenever there is an issue
• Had hands on experience in configuring and implementing Prefix-lists, Route-maps, Ether-channels

Environment: Cisco Catalyst Switches with Nexus 2148, 2224T, 5548, 6018, 7010, Cisco Catalyst 6506 E, 4510 Switches, Cisco 3660, 3845, 7609 routers, Cisco ASR, Checkpoint firewall, Cisco 5500, 5550 ASA firewall, F5 Load Balancers, Bluecoat proxy, Reverbed, IPS/IDS, Cisco Wi-Fi technologies, Cisco prime Microsoft Lync, RTP, RADIUS, TACACS+, EIGRP, OSPF, BGP, VPN.

Confidential, Los Angeles, CA

Sr. Network Engineer

Responsibilities:

• Performed network implementation that includes configuration of routing protocols, leased lines, ISDN lines, VLANs and IOS installations
• Onsite and remotely troubleshooting the network issues depending on the severity of the issues
• Installed and testedCisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs
• Worked on Heterogeneous networks such as Frame Relay, Ethernet, Fiber, etc.
• Prepared Check Point firewall configurations for conversion to Cisco ASA 5585-series firewalls
• Primary Network Security Engineer for Fiserv Firewall/VPN Support and Management on Checkpoint (Crossbeam and VSX), PIX, ASA
• Involved in Configuring and implementing of Composite Network models which consists of Cisco7600, 7200, 3800 series routers
• Responsible for all aspects of TCP/IP functionality across multiple enterprise environments
• Deployed and decommissioned the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices
• Had hands-on experience with WAN (ATM/Frame Relay), Routers, Switches and IP addressing
• Worked and implemented L2 and L3 switching technology architecture and functionality, which involves the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security
• Team member of Configuration ofCisco7206 router with VPN and Configuration of Catalyst switches
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links
• Deployed Cisco Nexus 5K Series to support Virtualization, SAN Infrastructure, and high performance computing environments.
• Implementation and Proactive Monitoring of MPLS (MPLS-VPN), QoS (Layer2 and Layer3) and BGP technology
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, and Cisco 3800 series routers
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and Cisco 2950, 3500, 5500, 6500 Series switches
• Worked with ASA 5500-X Series firewalls to provide high performance and secure connectivity between sites
• Supported core network running multi area OSPF routers consisting of Cisco 7200 series
• Experience using diagnostic security and networking tools such as NMAP, WireShark etc.
• Utilize Wireshark, NMAP and Command Line Prompts on a daily basis
• Involved in a project for a re-design of the LAN network (Cisco Catalyst 2960 and Nexus 5000 switches) and the virtualization of some systems
• Working with vendors such as Cisco to address any configuration issues
• Worked with Juniper net Screen 500/5200 and also Juniper SRX 650/3600
• Installed and testedCisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs
• Configured EIGRP and OSPF as interior gateway protocols with route filtering and route redistribution.
• Troubleshot complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF and BGP
• Redesigned Internet connectivity infrastructure for meeting bandwidth requirements
• Experience with hardware load balancer administration and support, preferably with F5 and CiscoACEload balancers
• Experience in configuring Load balancers and Riverbed WAN optimizers
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC
• Configured OSPF, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches
• Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs
• Configured and deployed BIG-IP LTM 6900 for providing application redundancy and load balancing
• Troubleshot issues and outages on Trunks and Router interfaces and firewalls extensively
• Performed administration on WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Handoffs
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture
• Monitored and analyzed Intrusion Detection Systems (IDS) & Intrusion Prevention System (IPS) to identify security issues for remediation
• Provided technical assistance to manage LAN/WAN & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds
• Performed Network Address Translation on Cisco ASA 8.2 and 8.3
• Used DHCP to assign reusable IP addresses to DHCP clients automatically
• Configuration and troubleshooting of Cisco switches 2000, 3000, 6500, 7004, 7009, 7700 Series
• Performed ACL request changes for various clients by collecting source and destination information from them
• Created MOPS (Method of procedures) and sought the approval of peers to perform configuration changes

Environment: Cisco ASR 9K routers, Nexus 7K, 5K routers, Cisco Switches, Cisco ASA 5500 firewalls, OSPF, EIGRP, MPLS, HSRP, VRRP, IPSEC VPN, VPN, QOS, Juniper Netscreen, Riverbed, IPS/IDS Load balancer, Ethernet Handoffs, T1, DS3, Optic Fiber Handoffs VLANS, VTP, RSTP, ACL, NAT, SIP, RTP, RADIUS, TACACS+, CRS, IPV6, Cisco ACE, Cisco prime Cisco IP phones

Confidential, Seattle, WA

Network Engineer

Responsibilities:

• Configured HSRP between VLANs, configuring Ether Channels, Port Channel on 6500 catalyst switch
• Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS, static routing and policy based routing
• Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.
• Validate existing infrastructure and recommend new network designs
• Installed and maintained Cisco and F5 Load Balancer documentation
• Responsible for network design, bandwidth allocation, IP address allocation, supervising installation, configuration and maintenance on major network technologies
• Configured and troubleshot link state routing protocols like OSPF in single and multiple areas
• Worked with various internal organizations during pre/post deployment phase of different type of circuits
• Installed and configured Cisco 2600, 2800, 3600, 3800 routers and 2950, 3700, 6500 switches
• Performed data center migration in Access, Distribution and Core layers
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture
• Daily monitoring of network traffic using sniffers (Wireshark) and access logs to troubleshoot and identify network issues
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, port aggregation
• Route redistribution and route update manipulation using route-maps; distribute lists and AD manipulation and link negotiation
• Configured Standard, Extended, and Named Access Lists to allow users all over the company to access different applications and blocking others
• Provided technical support and solutions for network problems, NAT solution on WAN applications
• Performed configuration and troubleshot EIGRP and BGP
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features
• Providing Tier II support in the provisioning, end-to-end test and turn-ups and maintenance of the major accounts. Optimizing Network by continuously and extensively working with customer to upgrade and optimize network and Circuit Move Add Changes including detailed design documentation
• Performed Layer I, II and III troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for BGP, OSPF, RIP, RIPv2, EIGRP, Static and default route in a VPN environment using MPLS
• Implemented and troubleshot the MPLS network
• Performed troubleshooting of connectivity problems using PING, and Trace route
• Upgraded Cisco ASA 5510 firewalls using 6500/7600 catalyst modules for enhanced performance, security and reliability. Upgraded IOS, troubleshot network outages
• Implemented changes and upgrades to network equipment and perform quality assurance reviews of those upgrades. Reviewed all changes to network configuration for technical accuracy and impact
• Provided Network Support in the designing and implementation of Point to Point over T1s Frame Relay, DSL over ATM and IP over Frame Relay and Gigabit Ethernet
• Documentation of network resources, systems, peripherals, procedures and policies for optimization of IT resources and security
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route
• Migrated IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), NAT64, DS-Lite and DNS64
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems
• Co-ordinated with the Data Network and Security team and came up with possible solutions
• Work on Physical site Inventory verification, gather information of various Cisco Network devices and Security Devices to develop Run book and Spec Book
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
• Provided on-call support for installation and troubleshooting of the configuration issues
• Planned and implemented Subnetting, VLSM to conserve IP addresses
• Configured STP for loop prevention and VTP for Inter-VLAN Routing
• Provided technical support for improvement, upgradation, and expansion of the existing network architecture
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO
• Estimated Project costs and created documentation for project funding approvals
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment
• IOS upgrade 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series Cisco routers using TFTP
• Installed and configured DHCP server, troubleshot of DHCP and other IP conflict problems
• Configured ACLs (Standard, Extended and Named) to allow users all over the company to access different applications and blocking others
• Displayed excellent troubleshooting skills and customer centric approach

Environment: Cisco 2900, 3500, 6500/7600 catalyst Switches and Cisco 2500, 2600, 3600 routers, Cisco ASA 5510 firewalls, Microsoft Lync, Cisco Unified Video Conferencing, Unix commands, IPV6, Cisco IP phones, ACL, STP, VTP, HSRP, Subnetting, VLSM, NAT, RIP, OSPF, EIGRP, BGP, MPLS, ATM, PPP TRT Cisco IOS CLI.

Confidential

Network Engineer

Responsibilities:

• Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy based routing, infrastructure and configured the entire network Infrastructure devices including network printers.
• Managed 5000 user accounts and group policies for users belonging to various accounts such as Citibank using Active Directory server, and Internet Information Services (IIS), Mail and File servers, DNS and DHCP servers.
• Troubleshot Lotus Notes and Exchange mailbox issues, software issues and network connectivity issues.
• Participated in design and implementation IPv4 Subnetting in the company network.
• Worked with Network Operations Center (NOC) by managing and monitoring LAN/WAN network services.
• Scheduled maintenance for routers/servers by running maintenance commands through SSH connections.
• Performed Windows server 2003 and 2008 administration, desktop support and network maintenance.
• Created Virtual Machine templates for Windows server 2003/2008 using VMware vSphere and cloned them.
• Performed switching tasks and implemented VLANS, VTP, RSTP and Port security.
• Provided 24/7 rotational on call supports for branch offices.
• Implemented security measures using ACL and configured NAT according to the connectivity requirement.

Environment: Cisco Routers, Cisco Switches, Routing protocols (RIP, OSPF, EIGRP), VLAN, VTP, RSTP, NAT, ACL, SSH, Cisco CLI, QOS, Subnetting, IP Phones, Microsoft Lync, Server Administration, Cisco Access Points, VMware.

Confidential

Network Engineer

Responsibilities:

• Configured IP routing using a combination of static and dynamic routing protocols like OSPF and EIGRP
• Configured VLANs with IEEE 802.1q tagging, private VLANs, VTP on Cisco 4500 and 6500 series switches
• Configured STP for switching loop prevention and VLANs for data and voice along with configuring port security for users connecting to the switches
• Worked on issues related to static and dynamic routing protocols like RIP, EIGRP (Variance and unequal cost load balancing) and OSPF
• Configured trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture
• Worked on PRTG Network monitoring tool to monitor and troubleshoot various issues in the network
• Worked on issues related to VLAN, VTP and HSRP failovers
• Created network diagrams and proper documentation for the network architecture

Environment: Cisco 6500, 4500 switches, Cisco routers, Cisco IOS CLI, VTP, VLAN, HSRP, STP, Net Flow, TACACS, EIGRP, RIP, OSPF, CSM, Ether Channels.