SUMMARY

• Over 8+ years of experience as Network Engineer in Routing, Switching and Firewall Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/Data Center communication systems.
• Strong Knowledge in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay.
• Solid understanding of OSI and TCP/IP model.
• Expertise in implementing, maintaining and troubleshooting L2 switching tasks such as VLANs, VXLAN, VTP, VLAN Trunking using ISL and 802.1Q, STP, RSTP, PVST+, Ether channel using LACP and PAgP, Inter-VLAN routing.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting.
• Expertise in static and dynamic routing, Dynamic protocols like EIGRP, OSPF, RIP, and BGP.
• Well Experienced in configuring Gateway Redundancy Protocols such as HSRP, GLBP, and VRRP
• Hands on experience in configuring Cisco Prime Infrastructure 2.1 and WCS wireless platforms.
• Design & administer public wireless using Cisco 5500 WLC and Cisco Prime for network monitoring and configuration.
• Utilize Cisco Prime to monitor network and perform upgrades and mass configurations.
• Expertise in Troubleshooting connectivity and hardware related issues on Cisco & other vendor platform enterprise Networks.
• Experience of Network Segmentation in Virtualized Environments.
• Hands-on experience on configuring both Standard and Extended Access lists.
• Experience in managing security policies with CSM, integrated with ASA 5500 devices.
• Performed security operations on ASA firewalls such as IPsec VPN’S, NAT, configuring Active/Standby Stateful failover, and any connect Web VPN.
• Experience in installing, configuring and troubleshooting of Checkpoint and Palo Alto Firewall.
• Worked extensively in Configuring, Monitoring and Troubleshooting Checkpoint security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
• Configured and managed Nexus platform devices, which includes Nexus 9K, Nexus 7K, Nexus 5K and N2Ks in data center environments.
• Experience working onArubawireless controllers.
• Designing and implementing F5 BIG-IP load balancer.
• Extensive knowledge in implementing and configuring F5 Big-IP LTM-3900, and 6900 Load balancers, these are configured as LTMs.
• Experience with Bluecoat Proxy servers and Packet Shaper Systems.
• Configured Cisco Access Control Server (ACS) to enforce security policy in User Groups.
• Configured access for all Active directory groups to get network access over WAN connections in Cisco ACS.
• Design and deploy Cisco ACS Server solutions including TACACS+, High Availability, Active Directory integration, etc.
• Experience in installing and configuring DNS, and DHCP server.
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works.
• Experience in WAN Accelerations devices like, Cisco WAAS and Riverbed.
• Performed deep packet analysis to troubleshoot application issues using tools like Wire-shark.
• Extensive knowledge in different networking application protocols DHCP, DNS, FTP, TFTP, PAP, CHAP, HTTP, HTTPS.
• Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.

TECHNICAL SKILLS

Switches: Cisco Catalyst 3560, 3750, 3850, 4500, 4900, 6500& Nexus 2K, 5K, 6K, 9K

Routers: Cisco 2900, 3600, 3800, 3900, 7200, ASR 1001X, ISR 4k, ASR 1k, CSR 1000v, ISR-G2

Routing: RIP, OSPF, EIGRP, BGP, VRFSSwitching VLAN, VXLAN, Dot1Q, VTP, STP, RSTP, PVST, PVST+, HSRP, GLBP, Port Security, Nexus VPC/VDC/OTV, FEX, MPLS

Protocols: TCP/IP, UDP, ARP, ICMP, DNS, DHCP, SNMP, HTTP

LAN-WAN: Ethernet, Frame relay, HDLC, PPP, T1, T3, OC Standard, DSL, ISDN

VPN: PPTP, L2TP, Site to Site, IPSEC, SSL

Firewalls & Security: Cisco ASA 55XX series, Checkpoint R77, Palo Alto, Blue Coat

Load balancers: F5 LTM BigIP (6400 and 6900)

Wireless: Cisco 3600 Access points and Cisco 55XX Wireless LAN controllers

AAA architecture: ACS 5.3 and Window Radius

Tools: SolarWinds, WireShark, WinSQL and GNS3

Others: Windows Server 2008/2012, MS SQL, Oracle, C and JavaScript

Operating System: Win 7 and Windows 2012 server, Linux Fedora, Mac OS X Yosemite

PROFESSIONAL EXPERIENCE

Confidential, Raleigh, NC

Sr. Network Consulting Engineer

Responsibilities:

• Provide mentoring services during the Planning, Design and Implementation phases.
• Responsible for listening to Partner requirements and understanding their needs in Enterprise Networks.
• Advise Partners to their satisfaction and meeting Cisco quality of design.
• Helping the Cisco Partners with their questions that they have during the deployment phase.
• Responsible for Enterprise Networks part of the team.
• Provided support for Cisco Content Security Solutions and (Intelligent WAN) IWAN Solutions.
• Devices like ASA with Firepower, Email Security Appliance (ESA), Web Security Appliance (WSA), and Security Management Appliance (SMA) are part of Content Security.
• IWAN also called Intelligent WAN is a Cisco Solution for SD-WAN.
• Helped in design and implementation of Next Generation IPS/IDS solution, ASA with Firepower 5500X devices. Configured various features like Advanced Malware Protection (AMP), application control and URL filtering along with monitoring and reporting.
• Experience in configuring Firepower 2100 series, 4100 series appliances. Configured using the FX-OS Firepower Device Manager and/or Firepower Management Center (FMC).
• Design/configure the ESA and WSA to fit within the DMZ network for additional security.
• Configured ESA appliance with features like Spam blocking, Graymail detection, safe unsubscribe, AMP, Data Loss Prevention (DLP) and Web interaction tracking.
• Configured WSA with features like URL filtering, HTTPS Proxy, Decryption Policies, WCCP Redirection, AMP, etc.
• Configured SMA to centralize the management, logs and reporting for both the ESA and WSA appliances with in the environment.
• Implementation of the Identity Services Engine (ISE) as Application Policy and Control for Wireless, Wired and Guest Users.
• Integrate ISE with Firepower Module, Firepower Threat Defense devices like 2100, 4100 and also the ESA and WSA appliances
• Good understanding of how IWAN works. Complete Design level knowledge on the solution.
• Expertise in configuring DMVPN tunnels for Transport Independent Design required for IWAN.
• Multiple DMVPN clouds configured for MPLS, ISP and LTE connectivity.
• Experience configuring EIGRP and/or IBGP as WAN routing protocols for IWAN.
• Configured OSPF on the LAN side when implementing IBGP on the WAN side.
• Knowledge on configuring PFRv3 for IWAN implementation
• Experience of implementing an IWAN green field deployment using APIC-EM (Application Infrastructure Policy Controller- Enterprise Module).
• Experience with configuring IWAN compatible routers like ISR 4k, ASR 1k, CSR 1000v, ISR-G2
• Experience using/configuring APIC-EM features like Discovery, Easy-QOS, PNP and IWAN App.
• Good knowledge of Grapevine CLI of APIC-EM and used it for troubleshooting various problems or accessing the logs.
• Hands on experience in configuring VMware ESXi hypervisor, vcenter and deploying various solutions on Cisco UCS-C 250 server for lab testing purpose based on Partner/Customer questions.
• Gained knowledge and expertise in various other new solutions/devices like Cisco ENCS, Prime Infrastructure and SD-Access, while working with the partners and helping them with their cases.

Confidential, Baltimore, MD

Sr. Network Engineer

Responsibilities:

• Providing consultancy in Network architecture & design for new IT projects within the organization, working with enterprise design and architect teams.
• Data centers consolidation, design, management and supporting network activities.
• Managing location specific Cisco ASA Firewalls and also data center internet gateway firewalls.
• Handling new application load balancing requirements through F5 LTM devices.
• Experience with configuring Virtual Server and configuring load balancing methods in F5 12.0 LTM.
• Configured NAT and SNAT in F5 12.0 LTM. Managed virtual servers in F5 12.0 LTM.
• New technology evaluation and implementation
• Integrating new locations with existing MPLS Network and enabling standard corporate application access.
• Designing and implementing LAN/WAN solutions across locations
• Managing the LAN/WAN devices across locations for day-to-day operations.
• Coordinating with service providers like AT&T, Verizon etc. for all network outages /restoration/new implementations.
• Implementation of Site to Site VPN s with direct vendors and customers.
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures.
• Implementing and maintaining network monitoring system (Cisco works, HP Open view and Wireshark) and experience with developing network design documentation using VISIO.
• Worked with team Managing and configuringArubaWireless controller devices (7210, 7240) and Cisco Access Points.
• Performed site refreshes on Cisco switching andArubawireless infrastructure at several locations.
• Attending weekly CAB meetings and ensuring all changes were going through the change process.
• Capacity planning and providing recommendations for infra upgrades
• Vendor/Service provider management/reviews/evaluating new vendors.
• Infrastructure upgrades and new Infra deployments.
• Managing IT Security & Disaster recovery Management

Confidential, Parsippany, NJ

Network Engineer

Responsibilities:

• Involved in configuring IP Quality of service (QoS)
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1)
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches
• Involved in designing GRE tunnels for encryption of data flow from source to destination
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP product.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Had exposure to wild fire advance malware detection using IPS feature of Palo Alto
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized Management system (Panorama) to manage large scale firewall deployments.
• Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.
• Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Monitor mitigate threats using Cisco FirePOWER IPS using custom correlation events and built-in tools
• Utilize Cisco FirePOWER policies to manage applications, Snort rules, and URL blocking
• Monitor and create correlation events using Solarwinds Logging and Event Manager
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Proficient in handling network traffic generators like IXIA and Spirant and network protocol analyzers like Ethereal, Wireshark.
• Experience configuring and troubleshooting on Citrix NetScalar Load Balancer.
• Design, install, configure, troubleshoot and maintain varies load balancers including Citrix Netscaler, Riverbed STM.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Net info, Info man Virtual Change) and experience with developing network design documentation and presentations using VISIO.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES and CSU/DSU and data circuits.
• Have experience with Cisco Works LAN Management Solution.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.

Confidential

Network Engineer

Responsibilities:

• Installed, Configured and maintained 2600, 3600, 7613 Cisco Routers and 3750, 4500, 6500, Nexus 7K series Cisco Switches.
• Implemented BGP, VRFS and other protocols on cisco 7K switches.
• Performed VSS on cisco catalyst 6500 series switches.
• Configured and managed Cisco access layer routers and switches.
• Carried out route redistribution and manipulating route updates using distribution lists, route-maps & administrative distance, and offset-lists.
• Configured routing protocols like EIGRP, OSPF & BGP and troubleshooting Layer3 issues.
• Learned and issued various BGP attributes like local preference, MED, Weight and replicated customer issues in the testing environment lab.
• Implemented route-maps for policy based routing.
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Implemented port aggregation & link negotiation using LACP and PAGP.
• Effectively managing IP addressing schemes requiring VLSM.
• Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network.
• Configured routers/ firewalls to allow voice and video traffic priority (QoS) Voice network planning, design, and standard configurations.
• Configured and deployed BIG-IP LTM 6400 for providing application redundancy and load balancing.
• Extensively troubleshot issues and outages on Trunks and Router interfaces and firewalls.
• Configured client VPN technologies including Cisco’s VPN client via IPsec.
• Involved in administration and operations of WAN consisting Ethernet Handoffs, T1, DS3 and Optic Fiber Handoffs.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solarwinds.

Confidential

Network Engineer

Responsibilities:

• Configuring and troubleshooting RIP, OSPF and EIGRP routing protocols on 2600, 2900 and 3600 series Cisco Routers
• Also implanted VTP and Trunking protocols Dot1q/ISL on 2900, 2940 series cisco Catalyst switches.
• Implemented new IP scheme (RFC 1918) in the company for present and future growth.
• Configured ACL’s to allow the right users to access the different applications all over the company.
• Experience with real-time understanding of OSI layer and TCP/IP models.
• Worked on installation, maintenance and troubleshooting of LAN and WAN when needed.
• Performed network maintenance checks as well as configured and maintained printers, copiers and other miscellaneous network equipment.
• Resolved problems such as troubleshooting operating system failures, scheduling and updating virus checks on servers and desktops.
• Assisted in the transition of services from one NOC to another and documented the company’s design, implementation and troubleshooting procedures.
• Worked on network-based IT systems such as Racking, Stacking, and also making of custom patch cables (straight through and crossover) for connections among the devices.
• Actively monitor network performance based on company’s Service Level Agreement (SLA) using various network management tools such as WireShark, Solar Winds and openNMS.