SUMMARY

• Design and Configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Juniper Networks specializes in routers, switches, firewalls, data center solutions, cloud services, and VPN solutions.
• Deployed Juniper switches EX4500 and EX4200, routers M7i and M10i and Junos OS
• Expert in design, configuration and deployment of F5 Solutions with extensive experience working with APM and ASM technologies.
• Advanced knowledge in installation and configuration of Juniper Netscreen Firewall.
• Shell Scripting for automating tasks using Python.
• Enhanced level of experience with OSPF, BGP, and TCP/IP.
• Configured and maintained IPSEC and SSL VPN's onPalo altoFirewalls
• Participated in the installation, configuration and post installation daily operational tasks and configuration of the deployment of Cisco nexus equipments.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Checkpoint NGX firewall and Cisco 3800 series routers.
• Worked with the installation of Palo alto firewall. Migrated with a team from predominantly checkpoint environment to Palo alto global solution.
• Experience with checkpoint firewall policies provisioning. Checkpoint level 3 operations support with hardware operation and fixed all problems.
• Exposure of large complex checkpoint, Cisco ASA and Palo alto environment
• Deployed Cisco FireSight,ISEusing certificate authority signed certs with pxGrid remediation module
• Proven experience in deploying, configuring, and troubleshooting network security solutions and related tools, including L2/L3 devices, Cisco ACS, CiscoISE, Cisco ASA, 802.1x, WLC and VPN deployment strategies
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls.
• Configured CiscoQOSfeatures like Classification, Congestion Management, Policing and Shaping.
• Configured ModularQOSwhich includes Class Map, Policy Map and Service - Policy
• Worked on Nexus 7K Core and Server Farm Switches with VSS & VPC support.
• Configuring virtual chassis for Juniper switches EX- 4300, firewalls NS 5200.
• Hands on experience in configuring and supporting site-to-site and remote access server, IPSec, VPN solutions using ASA/PIXfirewalls, Cisco and VPN client.
• Implemented site-to-site IP Sec VPN between two branch offices and also SSL VPN for user’s connecting from various locations. Configured client VPN technologies including Cisco’s VPN IPSEC.
• Experienced in handling and installing Palo Alto Firewalls with exposure to wild fire feature of Palo Alto Networks.
• Migrated firewall rules from Cisco ASA to Palo Alto and Checkpoint Firewalls
• Working knowledge with monitoring tools like Solar Winds and network packet capture tools like Wire-shark.
• Good knowledge of using Microsoft VISIO/Office as technical documentation and presentation tools

TECHNICAL SKILLS

Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.

Equipments (Switches&Routers): Cisco routers (7600, 7200, 3900, 3600, 2800, 2600,2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX, EX Series Routers and Switches.

Routing: OSPF, EIGRP, BGP, RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Firewalls: ASA 5500 series, checkpoint, Juniper Netscreen Firewall ISG100, 2000, SSG, SRX.

Load Balancer: ACE Module, GSS & F5 LTM

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.

Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

PROFESSIONAL EXPERIENCE

Confidential, Sacramento CA

Network Security Engineer

Responsibilities:

• Experienced working with security issues related to Cisco ASR 9K, Checkpoint and Juniper Netscreen firewalls.
• Responsible for design & management of Juniper Net screen Firewalls, Juniper Switches, Cisco Switches.
• Hands on experience with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with CiscoISE
• BGP/OSPF/EIGRP Automation of Flows NFV/SDNAT&T Open stack
• Provide design andSDN/NFV networking support using Open-Stack, Juniper Contrail and Big Switch Networks
• Juniper ContrailSDNCloud Computing Open Networking Openflow/ODL
• Configured Cisco ASA 5510 for VPN Network Access Control integration with CiscoISE(Inline PEPs).
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Configuration of Port Channels and VPC on Nexus 9K, 7K, and 5K.
• Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company
• Deployment of data center LAN using Nexus 7k, 5k, 2k switches.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Creating and provisioning Juniper SRX firewall policies.
• Configuration and Administration of Palo Alto Networks Firewall to manage large scale Firewall deployments.
• Implemented two F5s in an Active/Standby setups on BIGIP 10.2.4.
• Configuring various advanced features (Profiles, monitors, I Rules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Configured and edited policies on F5 network access control.
• Configured F5 Load balancers and monitored the Packet Flow in the Load balancers.
• Firewall filtering and NAT, Adding and modifying the policies in juniper SRX.
• Advanced knowledge in installation and configuration of Juniper Net Screen Firewall.
• Configuring SRX devices and troubleshooting them, connecting them with Cisco nexus devices to test connectivity.
• Configuring VPN, clustering and ISP redundancy in Check Point Firewall.
• Migrated Firewall infrastructure from Checkpoint R65 to Net screen ISG2000.
• Asset management, keeping inventory of every device in the data center
• Backup and restore of Check Point and Cisco ASA Firewall policies.

Confidential, San Francisco

Network Security Engineer

Responsibilities:

• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Configured VSS, Port Channels, L2 and L3 VLANS, Routing on L3 Cisco Switches.
• Worked on cisco Nexus 9000 series switches for data center.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Designed and Implemented Cisco PIX525 and ASA5550 firewall’s interfaces with FTP, DNS, HTTP servers on DMZ with different security levels.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN.
• Monitoring Traffic and Connections in Check Point and ASA Firewall.
• Configured UCS C220 M3 Rack Server for deploying VMware vSphere 6.0 for installation for Nexus 1000v.
• Configured, troubleshoot and maintained Cisco Switches 1900 through 8000 Series including Nexus switches
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Remote access and site-to-site VPN administration using Cisco ASA/ASR andPaloAlto
• Configuration of firewalls 5520 series ASA for business to business connectivity and application of ACL rules for network traffic.
• Worked on the migration project of Juniper SSG to Juniper SRX firewalls.
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design.
• Upgrading system images on Nexus 5 and 7 multi-layers switches using kick start and FTP server.
• Manage Corporate Checkpoint VPN utilizing SSLVPN and Edge technologies.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Migrate studies from the Cisco ACE Load Balancer appliance to the Citrix NetScaler Load Balancer appliance.
• Daily monitoring of network traffic using sniffers (Wireshark) and access logs to troubleshoot and identify network issues.

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Developed a Network Device Tracking Software for equipment accountability.
• Maintained Corporate Firewalls & Analysis of firewall logs using various tools. Configured and troubleshooting of HSRP on Cisco routers.
• Configured VDC and VPC on nexus 7K. Installed different line cards on nexus in production. Executed test plan for VPC redundancy on nexus environment.
• Configured juniper routers Mx-480s, Mx-960s for VRRP network routing redundancy.
• Implemented antivirus and web filtering on juniper SRX 240 at the web server
• Configured virtual chassis for juniper switches EX-4200, Firewall SRX-240.
• Configuring IPSEC VPN on SRX-3400 and SRX-3600.
• Experience with juniper JUNOS operating system and working on M and MX series routers.
• Experience with configuring Nexus 2000 & 2148 Fabric Extenders (FEX) and Nexus 5000 series to provide a flexible Access solution for datacenter access architecture.
• Implemented site-to-site IP Sec VPN between two branch offices and also SSL VPN for user’s connecting from various locations.
• Providing technical security proposals, Security Presentation, Installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Worked with Juno OS and Juniper M&T series switches.
• Configuration, Installation and troubleshooting of Juniper Netscreen.
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.

Confidential

Network Support Engineer

Responsibilities:

• Designed MPLS VPN and QoS for the architecture using Cisco multi-layer switches
• Configuring and implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Supported on CiscoNexus 5000and Nexus7000 SeriesSwitch fabric links.
• Create and testCisco router and switching operations using OSPF routing protocol.
• Innovated with support of Palo alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Experience working with Layer 1-7 switching, TCP/IP, OSPF and load balancing (Cisco L2/L3 switches, firewalls, load balancers.
• Debugged and resolved problems for serial links, Channelized T1 controllers, PR controllers.
• Worked on troubleshooting and resolving issues escalated by the NOC and internal systems, including developing, implementing and deploying emergency hot fixes within a global network environment with advanced configurations
• Implemented Positive Enforcement Model with the help of Palo alto Networks

Confidential

Network Admin

Responsibilities:

• Work on different networking concepts and routing protocols like BGP, EIGRP, OSPF and other LAN/WAN technologies.
• Checkpoint Level3 operations support with hardware operations - fixed all problems & RMA’s, taking any escalations that dealt with the equipment and its connection: interfaces,VLAN’s, routes, etc.
• Installed and managed multiple instances of a Routing table usingVRFandVRFLite.
• Installation and Configuration of Cisco Wireless LAN Controllers on Branch ISR G2 Service Ready Engines (SRE) and Virtual Wireless LAN Controllers for Central Office Infrastructure.
• Developed an addressing scheme and deployed these subnets across two carriers/routers usingBGPv6
• Implemented and configured BGP,BGPv6, using policy route-maps, prefix list to regulate advertise routes from specified Autonomous Systems. Verified BGP neighbor establishment and prefix received and converged with transit providers
• Good knowledge in using Cisco NAC Agent andISEappliances for connecting Internet.
• UNIX shell scripting experience using shell scripts like sed, awk, grep, more, etc.
• Configuringfirewallfilters, routing instances, policy options.
• Troubleshoot connectivity issues involving VLAN's, OSPF, andQoS
• Support remote office WAN, PFR & DMVPN technologies.
• Installation and configuration of Citrix access gateway.
• Used Edgesight for monitoring the citrix farms and troubleshooting the Citrix related issues.
• User admin on the firewalls, adding and deleting users as they come and go.
• Experience withQAMethodology andQAValidations to ensure the Quality Assurance Control and identifying the Test Requirements based on User Requirements and Design Specifications
• Implemented security policies using ACL, Firewall, IPSEC, SSL,VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Working experience with Load Balancers F5 LTM like 3900, 6900, 4200V over various environments.