- 8+ years of experience in design, implementation, troubleshooting and maintenance of complex and security devices.
- Experience in configuring and troubleshooting of routing protocols MPLS, I - BGP, E-BGP, OSPF, EIGRP, RSVP.
- Work on extranet and intranet routing and switching, VLANs, Spanning Tree and WLANs
- Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, bridges, routers, hubs and switches
- Provided proactive threat defense with ASA that stops attacks before they spread through the network.
- Designed and Implemented Palo Alto 5220, Cisco PIX525 and ASA5550 firewall’s interfaces with FTP, DNS, HTTP servers on DMZ with different security levels
- Experienced with Cisco ASR 1000, Nexus 2k, 5k, 7k and 9k.ISR product such as as 3750, 2950 and 2811.
- Network support for various process control automation networks
- Experience in working with checkpoint, Palo Alto Next-generation firewall, Cisco ASA and Panorama M-100.
- Worked with Cisco, Palo Alto, Juniper, Splunk, Force point, Nessus, Stealth watch, Checkpoint, Zscaler and other vendors to provide a stable, high-speed, secure network.
- Configured Cisco Catalyst Switches for Dot1x support testing the IOS compatibility with ISE.
- Implemented the numerous firewalls rules on the Checkpoint with both Hide Nat and Static NAT
- Responsible for creating network configurations for Cisco ASR9k, CRS, Nexus 7000, 7609, 7613, 6509, 4509, 5500, 3550, 2620, 2621, 1720, Junipers MX960, M320 and M7i's
- Planned, documented and completed proof of concepts for Nexus 5600 and 9300 series switches and 2300/2200 series fabric extenders
- Experience in working with Python, PowerShell, Perl, Unix, Linux.
- Hands-on experienced on FortiGate, Palo Alto and ASA Firewall.
- Extensive knowledge of Contrail, OpenStack, Cisco ACI.
- Experience with Juniper (Netscreen/SRX), Proof point, Iron Port, Bluecoat (Proxy/Reverse Proxy), Zscaler, Barracuda.
- Detailed technical knowledge of either Cisco ACE, F5 load balancer technology.
- Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
- Checkpoint, Cisco ASA, Fortinet and Palo Alto installation, upgrade, Monitoring and patch management.
- Excellent Hands on experience with Cisco ISE and the Migration of RADIUS and TACACS to ISE.
- Hands-on experience in configuring Viptela devices and creating device and feature templates on vManage required for SD-WAN implementation.
- Expert with the TCP/IP and OSI internet models. A firm understanding of Distance vector and Link-state routing protocols
- Managed VPN token issuance via RSA implementation
- Design, Build, and Implement various solutions on Check Point Firewalls, Bluecoat Proxies, F5 Load balancers and F5 Global Traffic Managers
- Installation, deployment, Analysis and troubleshooting of Firewall Technologies i.e. Checkpoint, Fortinet, Palo alto, Cisco ASA, F5 (LTM).
- Worked in container based technologies like Docker, Kubernetes and Openshift.
- Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco, B2B VPN client in addition to providing TACACS+ and RADIUS services
- Expertise in the configuration and troubleshooting of Routing Protocols like RIP, OSPF,EIGRP,BGP,VRF-LITE, Redundancy Protocols like VRRP and HSRP
- Expertise in implementation of IP addressing schemes (includes VLSM) and IP services to meet medium level enterprise level network requirement
- Experience with configuring Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000
- Provide on-call support as required.
Cisco Routers: 1700, 1800,2500,2600,3600,3800,7200,7600,ASR 9K, NCS5K Cisco L2 & L3 switches 2900,3560,3750,4500,4900,6500, NEXUS 7K,5K,2K
CISCO ISE: Cisco Integrated Services Engine (ISE) 2.3
LAN Technologies: VLAN,VTP,Inter-VLAN routing,STP,RSTP,PVST,802.1x WAN Technologies HDLC, PPP, ATM, SONET, MPLS, VPN, IPSec-VPN
Containers, Clusters: Docker, Kubernetes, Openshift Cloud Technology AWS, Azure.
Network Securities: NAT/PAT, VPN, Filtering Load Balancing using F5, IPSec, Checkpoint Firewall Routing Protocols RIP,IGRP,EIGRP,OSPF,BGP,IS-IS,HSRP,IPv6
Load balancer: BIG IP F5 LTM/GTM/ASM Programming Languages Python, PowerShell
Security / Firewalls: Cisco ASA Firewalls, IPSEC & SSL VPNs, IPS/IDS, DMZ Setup, Palo Alto 5220, 3850,500, VM 220.
Network Managements: SNMP, SSH, Telnet, ICMP
Monitoring: SolarWinds, Zabbix, SevOne
IP Telephony: VOIP, FXO/FXS/E&M/T1/ISDN/PRI, Cisco UCM
Operating System: Windows, MAC,UNIX, Linux
Documentation: Visio, Lucidchart, Microsoft office
Confidential, Bryan, TX
Network Data L3
- Having knowledge of Cisco networking equipment and software - Cisco CCIE, CCNA or CCNP Routing and Switching.
- Hands on experienced in administering enterprise IP networks in mission-critical, 24x7 production environments. work on process orientation and exhibited planning, organizational and problem-solving skills. work on TCP/IP network protocols, including common application protocols.
- Experienced in high-availability networks in load-balanced, n-tier application environments.
- In depth knowledge of Cisco routers, switches, wireless controllers, WAPs and firewalls; Palo Alto Network firewalls; Blue Coat Proxy; Riverbed, Infoblox & hand on Knowledge on ACI.
- Worked on Network management tools: LiveAction; SolarWinds/Orion NCM, NPM, APM, or other SNMP tools.
- Infrastructure support experience with respect to cable plant topologies, cable media types and standards.
- Experence on BlueCoat proxy servers or other content filtering systems.
- Worked on Network infrastructure hardware and protocols (TCP/IP, switches, bridges, routers, proxy servers, VPN concentrators)
- In depth knowledge of Protocol analyzers (Wireshark and/or Wildpackets)
- Experienced in Security protocols (IPSec), encryption technologies (3DES, AES).
- Worked on LAN Protocols (10/100/1000 Mbps Ethernet, WiFi) & WAN protocols (MPLS, DMVPN, VPN).
- Having knowledge of Network problem analysis and troubleshooting.
- Creating rack elevation diagrams for IDF and MDF closets using visio diagrams.
- Perform asset tagging of all new devices and equipment as well as decommission older legacy devices.
- Racking, stacking and cabling of new devices like 3850, 9300 switches and ISR 4431 routers.
- Performing site surveys and creating heat maps for wireless access points.
- Revising configuration templates and pushing them to devices for installation.
- Configuring routers, switches, firewalls and wireless access points.
Confidential, Dallas, TX
Network Engineer/Consulting Engineer
- Design, Implement LAN/WAN from scratch, Create rack/cable design for MDF/IDF
- Design core, distribution, access layers and wireless LAN for new buildings and Manufacturing network according to cGMP standards for Biotech
- Configure and optimize multi-homing BGP configurations by influencing incoming, outgoing traffic using BGP attributes such as Local preference, AS-Path, MED and Weights.
- Performed route redistribution and manipulated routing updates using Prefix-lists, Administrative distance & amp; Route-maps in BGP.
- Performed packet level inspection captured with Spanned ports using WIRESHARK to determine root cause of issues.
- Migrate Data Center from third party to onsite and move users to new office
- Configure AV systems and Phones with WebEx calling services
- Deployed OSPF by resolving various OSPF multi-area environments, used OSPF as IGP with route filtering and route-redistribution, implemented stubs/totally stub areas,implemented features like route summarization.
- Proficient in implementing Nexus features like VDC, VPC with appropriate Modules.
- Upgrading system images on Nexus 5K and 7K multilayer switches using Kickstart and FTP server.
- Implemented GRE tunneling & site-to-site VPN between two branch offices, AWS, AZURE, and VPN access for users connecting from various locations.
- Technical assistance for LAN/WAN management and complex customer issues.
- Configured BGP for edge routers using BGP attributes for traffic engineering.
- Deployed a large scale HSRP/VRRP solution to improve the uptime of co-location customers, in the event a core switch (Nexus)/router becomes unreachable.
- In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for MPLS
- Designed ACI fabric to ensure each tenant is secured and has separation from other tenants. Use L3/L2 outs via common tenant to reduce TCAM and RAM utilizations
- Working with stake holders to define features and recommend best practices
- Refresh campus designed with Cisco switches and router as well implemented route reflector into the datacenter.
- Design, Build, and Implement various solutions on Check Point Firewalls, Blue Coat Proxies, F5 Load balancers.
- Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, also including LDAP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP.
- Troubleshooting of LAN, WAN, WLAN & VoIP networking issues using Wireshark, Syslog, data dog and other advanced tools and methodologies.
- Performed health checks of the VMware Vcenter servers and NSX Managers.
- Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering
- Worked on JUNOS platform and worked with IOS upgrade of Juniper devices
- Installation, configuration and troubleshooting of Cisco 7200VXR, ASR1K, ASR9K series routers and Catalyst 6500, 2900 series switches
- Implemented Talari SD-WAN for remote site to connect to datacenter for cost saving and batter reliability.
- Mentored several ACI engineers and contractors as they were being on-boarded to the GDC and the ACI deployment team.
- Upgrade PAN OS 7.0 and 8.1 on Physical firewall series (500, 3000, 5000) and VM-200 series and used Firewall Migration Tool to migrate firewall.
- Experience with building, delivering, and managing Cloud services in AWS and Azure.
- Configure, troubleshoot and upgrade Palo Alto firewalls, VM firewalls and Panorama management server.
- Participated and implemented Zscaler cloud firewall for all the remote offices in North America, Europe and Asia sites.
- Monitored, analyzed and cleared network alarms at NOC.
- Experience on Cisco 7600, Cisco 6500, Cisco 4503, Cisco 3750, Cisco ASA, Juniper NSM, Juniper ISG1000, Juniper IDP and Bluecoat SG cashing and web filtering.
- Knowledge with campus, datacenter and SMB switching infrastructures utilizing Force10, Dell Networking, Cisco, Brocade and VMware NSX technologies
- Experience working with High performance data center switch like nexus 9000 and Nokia/ALU 7750 series.
- Provided Consulting service with client to adopt scrum Agile methodology.
- Extensive implementation of firewall rules on Juniper SRX 3400 and NetScreen 5500 on a daily basis, using CLI
- Troubleshooting and installing of CRS, ISR, GSR, ASR9000, and Nexus devices
- Wrote PowerShell scripts to automate tasks being executed by the Active Directory & Identity Management Team
- Configure IPSEC and SSL VPN with Palo-alto, Cisco ASA, Fortinet, Checkpoint and Router.
- Identifying and provide end to end redundancy and Load balancing
- Contribute to customer awareness of automation network performance issues through the use of network
- Involved in the redistribution into OSPF on the core ASA firewall.
- Built database Model, Views and API's using Python for interactive web based solutions.
- Detailed technical knowledge of F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
- Implementation of new technologies, design and integration of Cloud computing, site integration and MPLS technology within the GE private Cloud.
- Bluecoat WAN acceleration appliance hardware/software troubleshooting and configuration.
- Configured Cisco ASR-9K, ISR 2800 & 3800 series routers with OSPF as an enterprise IGP
- Worked with installation of Palo Alto and build from scratch.
- Configuring Cisco Catalyst Switches for Dot1x support testing the IOS compatibility with ISE.
- Upgraded switches with updated Cisco IOS images and perform initial switch configuration including AAA security, generating RSA keys and configuring switch ports for various end devices.
- Generated Python Django forms to maintain the record of online users.
- Supported end user network cisco ACI infrastructure and trouble shot several implementations of LTM and APM configuration.
- Redistributing from OSPF to BGP and vice versa by implementing Hub and Spoke topology with a Frame Relay Switch
- Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
- Racking, Stacking, configuring, Nexus 5K and 2K and 7K
- Hands on experience on monitoring tools like Solar Winds, Zabbix and for documentation Visio.
IP Network Engineer
- Deployment/upgrade of network operations supported equipment
- Configured trunk links and ether channel for port aggregation
- Configured, supported VLAN and Spanning Tree for network redundancy Bind DNS server update and reboot
- Managed core network infrastructure of LAN/WAN connectivity, to include: layer 2/3 switching, Cisco routers, Cisco firewalls, Cisco VPN, and Cisco access points, WAN load balancing/high availability
- Experience with design and implementation of Data center migration.
- Successfully engineered a 2-factor VPN using Palo Alto, AD and RSA solutions
- Configured automated VM migrations using automated scripts in PowerShell
- Assist customers in troubleshooting Layer 2 & Layer 3 hardware and software related issues
- Integrating Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance perform CoA for remote VPN IPSec, SSL AnyConnect users.
- Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500, and 1800 series routers, Cisco Catalyst 6500, 4500, 3750, 2950, and 3500XL series switches.
- Configurations of Cisco/FortiGate firewall policies, application control, URL filtering.
- Design expertise for the SD-WAN (Versa &Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
- Managed firewalls like Palo-alto and Cisco ASA policy and configuration.
- Worked on configuring and managing wireless access points of multiple vendors like Cisco, Avaya and Aruba.
- Service now change management processes to implement changes
- Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow
- Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
- Worked with Nexus 9k (standalone and ACI) ASRs, N5K/2k, N7K, ASAs, UCS, ACS, ACI, VMware.
- Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
- Implemented Juniper SRX FW Interface, NAT and VLAN using SPACE
- Configuring and maintain access points through CISCO 4400 WLAN controller
- Worked with Cloud team to build the cloud environment
- Involved in Big-IP F5 load balancing for internet traffic across web servers using I-rules.
- Creating Wide IPs with various load balancing methods like Global Availability, Topology and Round Robin
- Involved in troubleshooting of DHCP and other IP conflict problems
- Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.