- 9+ years of experience in Designing, Implementing and Troubleshooting Service Provider Networks and Enterprise Networks. High level understanding of LAN, WAN, ISP circuits, Network Security, Application Delivery Controllers, SSL VPN and Wireless LAN.
- Expert in Switching, routing, Network Security, Application Delivery, Wireless Virtualization and SDN.
- Worked on projects that include deployment of new devices, life cycle projects, migration from legacy to new solutions, Engineering, Operations, Software upgrade procedures in various client environments.
- Thorough Understanding of Switching and Routing protocols in Campus and Data Centers environments with Multi - vendor equipment.
- Expertise in installing, configuring, and maintaining Cisco Catalyst 2960, 3560X, 3750X, 3850, Cat 9K, 4500-X, 6509, Nexus 2k, 5K, 7K and 9K. Juniper Switches that include EX and QFX series. Aruba Campus Switches.
- Expertise in installing, configuring, and troubleshooting of Cisco Routers (ASR9K, 7200vxr, 3900, 3800, 3600, 2900, 2800, 1800, 800 series), Juniper MX series routers, Arista 7000 Series and 7150’s low latency Routers.
- Design, troubleshooting and configuration experience with OSPF, IS-IS, EIGRP and BGP protocols on multi-vendor routers. Worked on Traffic path manipulation using various attributes, redistribution of routes, ISP peering, WAN connections, MPLS and DMVPN.
- Thorough understanding of redundant features in different layers which include VPC, VSS, MEC, M-LAG, Port-Channels (LACP, PAGP), VDC.
- Experience with legacy and Next Gen Firewalls that include Cisco ASA (5500 Series), Palo Alto (5000 Series), Check Point and FortiGate Firewalls, Worked on Installation of firewalls from scratch, migration and configuration of policies end to end.
- Exposure to Centralized management (Panorama, Forti-Manger, Smart Console) of firewalls in the environment, Log monitoring, generating reports, config backups, Perimeter firewalls, Server Farm firewalls.
- Worked on Security Policies, NAT Policies, URL Filtering, SSL forward Proxy, APP ID, Threat ID, User ID, Wildfire, Signatures, Zones, Virtual Systems, IDS and IPS features in perimeter and Cloud firewalls.
- Experience with IronPort, Bluecoat and Zscaler cloud Proxies for Internet Web Security. Worked on migration project from IronPort’s to Zscaler Internet Security. Experience with ZAPP, Blacklist and Whitelist policies based on location, AD groups. Integration with Azure AD for SAML Authentication.
- Worked on Zscaler Private Access- ZPA for app based per user VPN. Experience with APP connectors, access policies, APP segments, LSS connectors in ZPA.
- Worked on Application Delivery Controllers that include F5 LTM, GTM and ASM, Citrix NetScaler, Cisco ACE, GSS load balancers. Worked on Configuring virtual servers, one arm and two arm LB Architecture, iRules, Monitors, DNS based topology load balancing, Persistence Profiles, SNAT etc.
- Worked on AWS and Azure cloud configurations with respect to network connectivity and Security. Worked on configuring VNETs, Security Groups, Direct Connect, Express Routes, troubleshooting EC2 instances, Installation of Infoblox, Palo alto firewalls in different AZs.
- Experience with Aruba and Cisco Wireless LAN controller Worked on integration of WLAN with RADIUS servers like ISE and ClearPass. Worked on configuring AP profiles, SSID, Authentication roles, RF parameters on WLAN controllers, Experience with Master, local controllers, Anchor controllers, Instant AP, Remote access points.
- Worked on monitoring tools that include SolarWinds, Netcool, WhatsUp Gold.
- Experience with SNMP V2C and V3. Worked on Log Collectors that include Splunk and ArcSight.
- Experience with Python and Ansible for network automation tasks that include automatic backups, config templates, tasks automation like software upgrades etc.
Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP, SDN, SDWAN, SDN
Networking Hardware: Cisco Switches, Cisco Routers, ASA/Pix firewalls, IronPort, Load Balancers, Arista
Routing Protocols: OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting
Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat
Network Management Tools: Cisco Works 2000, Wireshark, HRping, Dynatrace, SolarWinds, Netcool, WhatsUp Gold, SCCM, Eclipse, GNS3, Cisco Packet Tracer, Toad, SQL
Operating Systems: Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR
Routers: CISCO 2600, 2800,3600,3800,7200, Juniper M & T Series, Cisco CRS-1, CRS -3, GSR
Load Balancers: Cisco CSM, F5 Networks (BIG-IP), Citrix NetScaler
Capacity & performance: Cisco works
Switches: CISCO 2900, 3500,4500,5000,6500, Nexus 7k,5k,2k, Catalyst, Arista
Programming Languages: C, C++, Perl, Power Shell, Java, Python, Ansible
Simulation Tools: GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence
Firewalls: Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.
AAA Architecture: TACACS+, RADIUS, Cisco ACS
Features & Services: IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics
Confidential, Austin, TX
Wireless Network Engineer
- Worked on POC to Migrate from DMVPN to SD-WAN solution using Versa and Viptela solution. Worked on Versa Director and Cisco Viptela.
- Working on Spine Leaf Architecture with VXLAN overlay, BGP or OSPF underlay. Implementation of VTEPS, VNI, Bridge Domains, Tenants, EPG, EVPN, Symmetric IRB. Configuration experience in Cisco ACI and Arista Cloud Vision.
- Installed, configured Cisco Meraki equipment and web-based monitoring platform for MR32 wireless access points.
- Worked on Cisco ACI, provisioning Leaf’s and Spine switches using Nexus 9K, Configuration through APIC.
- Assisted in the migration from DMVPN to Cisco Viptela SDWAN, consisting of V-SMART controllers, V-BOND edge routers.
- Automation of production tasks using Ansible/Napalm, Python scripts for configuration management, deployment and reporting for both the network and server environments.
- Applied BGP configs, ACLs and NATs on low latency Arista 7150 switches based on customer requirements.
- Used FortiGate to whitelist customer’s destination addresses, set up FQDNs, Virtual IPs, new security policies, etc
- Arista Cloud Vision on a POC. Knowledge on Spine leaf Architecture in Data center.
- Provides immediate complex network resolutions during the daily trading window (15 mins) while complying to strict change control policy.
- Support Quality Inspections and Operational Test (OT) events related to the 2GWLAN Aruba Networks Controllers, and 3800, 1562, Access Points. (Aruba 6000 controller, Aruba AP65,70,124,85,125) system.
- Working withAWS (VPC, Transit Gateway, EC2, Cloud Formation Stacks, Cloud Watch logs, Cloud Trail, IAM policies, Route 53, Direct Connect, Global Accelerator, Cloud Front, Network Load Balancers and Application Load Balancers).
- Responsible for migrating current inventory information to an open-source web application NetBox which helps in managing and documenting Confidential ’s network devices details.
- Maintained a 24/7 on-call status for production network, systems. As well as managed proactive monitoring system for full network and system health.
- Setup resource groups, Vnets, NSGs, Vnet Peerings, Network Load Balancers in AWS Cloud.
- Worked on complete hardware recycle project in access and Distribution switches in Campus and remote sites. Migrated from cisco 3850 to Cat 9K switches. Worked on Cisco 4500 series switches in Distribution with VSS.
- Worked on SD-WAN implementation for remote site connectivity over MPLS. Worked on Viptela Solution in assisting architecture team in deploying vManage, vEdge, vBond and vSmart components.
- Worked on FortiGate firewalls. Worked on migration from Cisco ASA to FortiGate Firewalls. Worked on deploying site to site VPN tunnels, Security policies, NAT policies, URL filtering, VDOM, Forti Manager, User ID based Security policies, SSL forward proxy, SSL decryption.
- Implemented and maintained Direct Connect Connections between On Premises and AWS VPCs for the MPLS connectivity.
- Worked on Zscaler cloud proxies. Migration from Bluecoat Proxies to Zscaler cloud solution.
- Implemented GRE tunnels from Data Centers on F5 to Zcloud, Configuration of Policies, AD groups, Azure AD authentication, Whitelist, Blacklist and SSL inspection rules, Configuration and troubleshooting experience in Cloud based apps like office365, Box, WebEx, Workday, Service-now etc,
- Installation of Pzens (Zscaler) for Source IP anchored traffic.
- Deployment and troubleshooting on Nexus 9k switches in Non-ACI mode. Configuration of OSPF routing, VPC, VDC, FEX on Nexus 5K and 2K in access layer. Worked on Juniper MX series router and cisco ASR. Configured BGP, Prefix lists, redistributions in to OSPF, ISP connections fail -over.
- Operations on F5 LTM, GTM, APM, ASM modules for internal and external load balancing of vendor based and proprietary applications. Worked on NetScaler for Citrix based applications like Xen Desktop, Xenweb, VDI, remote access gateway. ICA proxy.
- Worked on Cisco WLAN controllers for configuration of AP profiles, Access points, RF parameters, 802.1x integration with ISE, SSID, BYOD policies, wireless VLANs on Distribution switches.
- Worked on Infoblox DHCP, IPAM and DNS solutions. Worked on SolarWinds for SNMP monitoring and Scripting for Alert triggers, adding nodes, SNMP v3.
- Worked on Basic scripting in Python and Ansible for automating configuration templates and other process.
Environment: Cisco ASA Firewalls, F5 ADC, Cisco Routers, Cisco Catalyst switches, Juniper SSG-140, Palo Alto Wildfire, Juniper EX series switches, NetScaler, AWS, Python, Nexus 9k, 7k, 5k, ASR 9k, ASR 1k, Nexus 2000 FEX, Juniper SRX, Routing Protocols: BGP, OSPF, AAA (TACACS+ & RADIUS), TCL Scripting, ACL Configuration.
Confidential, Seattle, WA
Data Center Network Engineer II / Cloud Network Engineer
- Worked on differentAWSaccounts which includes creating S3 buckets for static website hosting and redirecting applications using Route 53.
- Established IPSEC site to site VPN tunnels betweenAWSVPCs and On Premises network devices.
- Worked extensively on Access, Distribution and Core layers in Data center, IDF and MDF environments. Experience with Spine and Leaf Architecture using Cisco ACI and Arista Cloud Vision.
- Created Security groups and NACLs at EC2 instance and subnet levels, respectively.
- Setting up account/user permissions, group policies and Multi factor authentication for additional security in IAM onAWSconsole.
- Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto.
- Expert with Tenants, VRF, Bridge Domains, subnets, APP Profiles, EPG, Contracts, Access group policies on cisco ACI for various segmentation purposes.
- Deploying Cisco Aironet 2700, 3700 Series, Cisco Meraki Enterprise Cloud Access Points and Wireless Bridges/Repeater for LAN Expansions.
- Responsible for handling Tier-3 service tickets generated by the helpdesk during its life cycle - troubleshooting, maintenance, upgrades, patches, fixes (On-call support).
- Implemented Gateway Load Balancers (new service) in the existing architecture to eliminate the VPN tunnels between the firewalls in Transit VPC and TGWs.
- Deployed AWS Transit Gateways for multiple projects for the communication between VPCs and also for the traffic inbound/outbound Internet. Eliminating VPC peering connections with Transit Gateway for Equal Cost Multi Path and Scalability.
- Manipulated traffic inter VPC and Internet traffic using VPC route tables and transit gateways route tables.
- Implemented and maintained Client VPN endpoints for the access between On Premise and AWS VPCs.
- Implemented NACLs for filtering traffic in VPC and Security Groups for filtering traffic at the instance levels.
- Created and maintained Network Load Balancers for Layer 4 traffic and Application Load Balancers for the Layer 7 Traffic. Created multiple target groups using path-based routing on the ALB.
- Created AWS resources using Cloud Formation Templates Stacks.
- Setting up IPSEC Site to Site VPN tunnels both with multiple vendors which includes route based and policy based on the Checkpoint Firewalls. VPN tunnels between the AWS Transit Gateway and the Checkpoints.
Environment: AWS, Cisco ACI, VPC, VPN, Firewalls, F5 ADC, Cisco Routers, Cisco Catalyst switches, Juniper SSG-140, Palo Alto Wildfire, Juniper EX series switches, NetScaler, Python, Ansible, Nexus 9k, 7k, 5k, ASR 9k, ASR 1k, Nexus 2000 FEX, Juniper SRX, Routing Protocols: BGP, OSPF, AAA (TACACS+ & RADIUS), TCL Scripting, ACL Configuration.
Confidential, Kansas City, MO
Sr Tech, Network Operations
- T-shoot Cisco ASR 5k, 9K MSR’s, NX-OS 9k MME’s, PCRF’s, Juniper-Leaf-Spine-QFX, EX, MX, SRX firewalls.
- Implemented VTP and Trunking protocols (like 802.1q and ISL) on cat 3560, 3750 and 4500 switches.
- Configured first hop redundancy protocols GLBP and VRRP for high availability.
- Installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k), Arista and Juniper Routers (E, J, M, and T-series).
- AWSEC2 instances, VPCs, VPC Peerings, Direct Connect, VPN, Load balancing techniques inAWS.
- Executed troubleshooting with protocols like BGP, OSPF, EIGRP, DMVPN and MPLS.
- Made changes on Thunder ADC A10 load balancers by adding ports, creating service-groups and virtual servers.
- Key contributor in resolving latency issues by conducting in-depth packet capture forensics and deep packet inspection daily.
- Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
- Attend ‘Hot cut bridge’ to provide resolution for outage in conference call providing RCA (Root Cause Analysis)
- Created RMA’s for Cisco and Juniper devices parts like SFP’s, PEM, Line cards & making audit for routers.
Confidential, Chicago, IL
Network Security Engineer
- Troubleshoot traffic passing managed firewalls via logs and packet captures.
- Installed and configured Juniper MX series router along with juniper switches QFX series.
- Configured and resolved various OSPF issues in an OSPF multi area environment mostly on IPv4 and to some extent on IPv6.
- Managed fast L3 switched/routed LAN/SD WAN infrastructure as a part of network team.
- Troubleshoot traffic passing managed firewalls via logs and packet captures.
- Implementation of continuous integration through Jenkins. Deployment using various CI tools like Chef/Ansible.
- Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, OTV, LDP, EIGRP, RIPv2, BGP v4.
- Provided training and support to first data users to stage and request new firewall and Bluecoat proxy requests on Tufin.
- Pushed Firewall rules staged during the day to respective CMAS at night.
- Pushed includes the checkpoint firewalls and Blue coat Proxy through SSL interception for ICAP, DLP.
- Configured and implemented voice gateways (H323/MGCP/SIP), SRST for remote sites, CUCME and CUE distributed design.
- Configured Fortinet firewalls (100D and 200C) including policies, SSL inspection, IPSEC VPN tunnel configuration, SSL VPN configuration. Web proxies, web filtering.
- Performed troubleshooting, fixed and deployed many Python bug fixes of the two main applications that were a main source of data for both customers and internal customer service team.
- Deployment of Palo Alto firewall into the network.
- Configured IP access filter policies.
- Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
Confidential, Wilmington, DE
- Remote site/Extranet Connectivity using IPSEC tunnels. Configuration of security rules on Cisco ASA. Worked on Switching and routing in Campus and Data Center environments. Worked on Campus refresh project. Worked on IDF/MDF refresh with Cisco 3850, 2960 switches, 4500, 6500 and Nexus 7K.
- Exposure to WAN, MAN and MPLS circuits.
- Worked on Bluecoat Proxies. Manage polices on Bluecoat proxies, PAC file changes, traffic logs, Splunk, explicit proxy setup, group policies etc.
- Worked on ACE to F5 migration from scratch. Installation of F5 LTM in One arm and two arm architectures for internal and external application load balancing.
- Installation of F5 GTM in Data centers in sync group and integration with Windows DNS.
- Worked on ISP connectivity, BGP, OSPF, STP, RSTP, HSRP, VRRP, SSL, DNS, DHCP, MPLS, IPSEC, ACL, NAT, GRE, Wireless.