SUMMARY

• Cisco Certified Network Engineer wif 12 plus years of experience in Networking and security including hands - on experience in providing network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4,
• Moderate knowledge in configuring and troubleshooting Cisco Wireless networks; LWAPP, WLC, WCS, stand-alone apps, roaming, wireless security basis, IEEE 802.11a/b/g, RF spectrum characteristics.
• Experience working on Cisco ASR 9001&ASR 1006.
• Experience in implementing and troubleshooting Switch technologies such as STP, VTP, 802.1q, VLAN and MPLS.
• Configuration & troubleshooting of routing protocols:BGP, OSPF, EIGRP and StaticonCisco (7200, 3800), Juniper (MX240, MX480) series routers.
• Having experience in Migration from Cisco ASA's toFortinet’ s Fortigate firewalls
• F5 BIG-IP application load balancing subject matter expert wif particular concentration on layer 7 load balancing using I-Rule scripting in TCL.
• Hands on experience on windows server 2007, 2008, 2012.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Installation of IP Voice System PBX and Voice gateway Cisco SPA 8000
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Hands on experience on dealing wif Microsoft Azure cloud computing including implementing access lists in teh Network Security Group.
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Experience in working wif Cisco Nexus Switches and Virtual Port Channel configuration.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability.
• Experience in layer-3 Routing and layer-2 Switching. Dealt wif Nexus 7K, 5K, 2K series Cisco router
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 appliance,
• Failover DMZ zoning & configuring VLANs/routing/NAT wif teh firewalls as per teh design.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.
• Hands on expertise wif Cisco Catalyst routers/switches, Cisco Nexus equipment, Infoblox appliances, Cisco wireless, Riverbed/Cascade monitoring, and Solar winds
• Experience in designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers& Cisco Firewalls.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for teh expansion of teh MPLS VPN networks.
• Excellent in documentation and updating client’s network documentation using VISIO.
• Performed switching technology administration including Vlans, inter-Vlan routing, trucking, port aggregation and link negotiation.

TECHNICAL SKILLS

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).

Switches: Cisco Catalyst 6500, MSFC, MSFC2, 7600, 3700, 3500, Arista 7500,7050,7300series,Cisco 2948/3560/4500/3560/3750/3550/3500/2960

Cisco Switches: Nexus 7K, 5K, 2K & 1K, Cisco routers (7200, 3800, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900series)

Cisco Routers: Cisco GSR 12416, 12418, Cisco 7200vxr, Cisco 3640, Cisco 3600

Security Firewalls: ASA, FWSM, FTD, Checkpoint, Palo Alto, Fortinet.

Security Technologies: Cisco FWSM/PIX/ASDM, Juniper SRX, Palo Alto, Checkpoint, F5 Load Balancer, ASA firewall

Routing Protocols: IGRP, EIGRP, OSPF, BGPv4, MP-BGP, IS-IS, RIP

WAN Protocols: HDLC, PPP, MLPPP

Circuit switched LAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).

Packet Switched WAN: ATM, FRAME RELAY, MPLS VPNs

NetworkManagement/Monitoring: Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Etheiral / Wireshark, TCP Dump. Cisco DCNM,Firemon, MS-VISIO

Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, Wireshark, Solarwinds, SNMP

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)

Layer 2 technology: VLAN, HSRP, VRRP,GLBP,STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)

Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Operating Systems: Microsoft XP/Vista/7, UNIX, Linux (Red hat, Opens use, Fedora), Windows Servers 2003/2008Windows MS-Office, VMware ESX 5.1, VMware VSphere client, Microsoft Azure, office 365, Python

PROFESSIONAL EXPERIENCE

Confidential, New Brunswick, NJ

F5 Load Balancer Engineer

Responsibilities:

• Worked on providing management connectivitys, HA configuration, setting up RSA for MFA, license and updates management, VSYS support, L3, aggregate Ethernet and sub interfaces configuration, configuration of ECMP- OSPF on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from Brocade core to Palo Alto.
• Additional tasks include assisting wif teh day to day operations and management of othernetworkdevices such as Cisco ISE, Infoblox, Palo Alto firewalls andPanorama.
• Experience in Designs and implements Cisco Firepower and Palo Alto firewalls
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability
• Experience in Fortinet100D, Fortinet 60C,Fortinet60E,Fortinet60D, Fortinet 200E (HA), this includes teh whole UTM (app control, Web Filter, IPS, DoS, DDoS, etc.
• Implement SSL VPN solutions including Palo Alto Networks Global Protect wif single and multiple gateway solutions including integration of PKI certificates.
• Integrate multiple vendor IPSEC site to site VPNs, including Palo Alto Networks, Cisco ASA, and Juniper SRX firewalls.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Worked on data center segmentation project to create segmentation between teh user and server traffic by deploying Palo Alto firewalls (5250s) in teh datacenter including cabling to teh Nexus 7K VDCs and HA.
• Upgraded teh existing Panorama to V8.0.6. Integrating teh new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in teh environment.
• Knowledgeable in routing/concepts and networking protocols, including BGP, CDP, CLNS, VRRP(-E), HSRP/VRRP, IGRP,EIGRP, IS-IS, MPLS, NAT, OSPF, QoS, RIP, DNS, VLAN/PVLAN, TCP/UDP, IP, OTV and others.
• Placed in charge of control and maintenance of theSD-WANlaboratory environments, performing version updating before user client official updating
• In depth knowledge and understanding of teh Internet and its design (DNS, Security, IP Routing, HTTP/HTTPS, IPSEC, VPN, Email Routing, Virus Protection etc.
• Configured TCP/IP addressing scheme to assigned IP blocks and make changes to DNS, DHCP on Infoblox appliance.
• Knowledgeable in building a strong secure network wif expertise in implementing teh organizations IDS/IPS, ISE, VPN's, ACE and Firewall solutions. Including teh auditing and event management
• Establishing a baseline ISE security rules/policy working wif other service lane members
• Support network security infrastructure and controls, including, but not limited to Security Incident and Event Management (SIEM), firewalls, VPN, intrusion detection/prevention, Network Behavior Anomaly Detection, Network Level Advanced Malware Protection, TACACS, NetFlow based tools, URL filtering, NAC etc.
• Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
• Provide timely troubleshooting measures for all of our customers to ensure a satisfactory resolution is provided, including third parties. Configure, Support, update and install Checkpoint, Fortinet Firewalls,Firemon, and DLP systems. Provide monitoring of all Checkpoint firewalls and their logs / traffic.
• Experience wif configuring Nexus 2000 Fabric Extender(FEX) which acts as a remote line card(module) forthe Nexus 5000.
• Deploying and decommissioning teh VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Assist wif teh maintenance of Firewalls, Routers, Switches, Virtual Switches, Call Manager, Unity, Voice Gateways, VPN configuration, Wireless Controllers, Servers, and Security appliances for access to vital business applications in our private cloud and hosted.
• Maintain a thorough understanding of teh basics behind teh Internet and its interworking's (DNS, Firewall zones, ACL's, IP Routing, SSL, VPN, Content Filtering, etc.)
• Experience configuring, installing, and troubleshooting centralized network infrastructure such as routers, switches, ASA Firewalls, Juniper NSG, Firepower(FMC-4000, FMC-2000) etc.
• Strong knowledge on migration of DDoS attack's, IPsec & SSL implementation on Cisco and Palo Alto firewalls.
• Configure, Support, update and install Checkpoint,Firemonsystems. Provide monitoring of all Checkpoint firewalls and their logs/traffic.
• Worked wif Palo Alto firewalls PA3020, PA5020 using Panorama servers, performing changes to monitor/block/allow teh traffic on teh firewall.
• Configuring rules and maintaining Palo Alto firewalls & analysis of firewall logs using various tools.
• Solid experience wif designing and deploying security solutions for Network Access Control as well as experience wif Firewalls, IDS/IPS, WAF, Proxies, DLP, DDoS, and Malware inspections solutions
• Hands-on experience wif network Security Technologies Cisco ASA, Checkpoint R77.30, worked extensively on Checkpoint platforms (IPSO, SPLAT and GAIA), Cisco AnyConnect, IPSec VPN, Cisco CSM and ACS, BlueCoat proxies, director and Reporter, SSL/TLS, DNS, Tacacs/RADIUS, RSA, SecureID and SNMP monitoring and reporting.
• Supporting EIGRP and BGP based on teh network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Worked extensively on Cisco ASA 5500(5510/5540) Series, Nexus 7000 Series
• Involved in Configuration of Access lists (ACL) on ASA firewall for teh proper network routing for teh B2Bnetwork connectivity
• Documenting all teh projects in word documents and plotting network Design in teh Visio.

Confidential, Atlanta, GA

Network Security Engineer

Responsibilities:

• Working wif Network Design and implementation teams on various projects across North America and South America.
• Maintained Palo Alto firewalls Creating zones, adding rules and maintained teh policies on PA 220 series,3020,5220
• Experience wif manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Experience wif design and implementation of Data center migration.
• Configuring BGP, MPLS in Cisco IOS XR.
• Installation and support of LINUX (RedHat, CentOS ), UNIX, NetFlow, Syslog Python, Infoblox DNS security and Wireshark.
• Involved in migration of network from cisco catalyst switches/ASA firewalls to Palo Alto.
• Install, upgrade and configure Next-Gen Palo Alto Firewall series PA-200,PA-500
• Migrated teh policies from Cisco ASA to Palo Alto Firewalls.
• Managed checkpoint/ Enterprise-level CiscoFWSM/ASA firewall appliances
• Experience on dealing wif Cisco Application Centric Infrastructure (ACI) by integration hardware and software products as per network layout
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Experience on dealing wif office 365 including hosting Lync web Conferencing and assisting in installing office applications.
• Worked on Source Fire and Palo Alto IPS/IDS Systems
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS. Migrated existing on-premises applications to AWS
• Experience on coordinating and monitoring entire organizations Autantication, Authorization and Accounting (AAA) systems
• Installed Riverbed WAN optimizer software to run applications via WAN’s to multiple branches across east coast.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Implementation of Juniper Firewall, SSG Series, Net Screen Series ISG 1000, SRX Series.
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, and ISG 200.
• Experience on cisco wireless management systems which includes cisco 8540 Wireless controller, cisco 5520 Wireless LAN controller, and virtual wireless controllers.
• Hands on experience on Cisco ISE and various network security concepts like SSH, IPsec, firewall polices and 802.1x
• Worked on Network Automation using python scripting
• Work on F5 LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability
• Secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Configuring and Troubleshooting teh Juniper SRX100 and 110 series, Juniper Net Screen routers.
• Deploying and decommissioning Cisco switches, Cisco Meraki Products and their respective software upgrades.
• Experienced wif Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Provided proactive threat defense wif ASA dat stops attacks before they spread through teh network.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Experience in Configuring, upgrading and verifying teh NX-OS operation system.

Confidential, Salem, OR

Palo Alto Firewalls Engineer

Responsibilities:

• Involved in teh configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• F5 Big-IP load balancer configuration, layer 7 load balancing using I-Rules (TCL)
• Performed installation and upgrades of office 365 Business as per teh changes recommended by teh network architect.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for teh expansion of teh MPLS VPN networks.
• Performed Cisco ASA Firewall troubleshooting and policy change requests for new IP segments dat either come on line or dat may has been altered during various planned network changes on teh network.
• Conducted F5 Big-IP load balancer configuration, layer 7 load balancing using I-Rules (TCL)
• Extensive experience wif F5 load balancers- LTM, GTM series like 6400, 6800, 5000 and 2000 for teh corporate applications and their availability
• Worked on Palo Alto firewall migration tool.
• Troubleshooting teh Juniper SRX100 anda hundred and tenseries, Juniper NetScreen routers wif Site-Site VPN, and firewalls for Supervalu Retail sites.
• Identify, design and implement flexible, responsive, and secure technology services
• Experience wif Firewall Administration, Rule Analysis, Rule Modification.
• Implemented Positive Enforcement Model wif teh help of Palo Alto Networks.
• Innovated wif support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process dat does not impact stream processing.
• Creating and provisioning Juniper SRX firewall policies.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Documented new VPN enrollments in a database and create standard procedures for further improvement.
• ConfigureVRRP & GLBP andVLANTrunking802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Provided proactive threat defense wif ASA dat stops attacks before they spread through teh network.
• Co-ordinated wif teh Data Network and Security team and came up wif possible solutions.
• Experience on dealing wif Infoblox traffic control products to simplify DNS load balancing operations
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 wif supervisor cards.
• Monitoring and troubleshooting network issues between client site and 85 remote sites wif legacy switches and routers.
• Performed and presented network analysis as a part of network migration. Involved in knowledge transfer to vendors and provided them network support as required
• Configuration and maintenance of EIGRP and BGP network on router 7200 and 6500 MLS.
• Configuration and maintenance of 3750 stack and 6500 VSS for improved efficiency of teh data plane.
• Configuration and management of NEXUS network in teh existing network infrastructure.
• Created LAB setup wif 7k and 5K NEXUS switches and Arista 7K for application testing.

Confidential, Phoenix, AZ

Sr. Network Engineer

Responsibilities:

• Created Data-filtering profiles in Palo Alto devices which helps to prevent sensitive information.
• Firewall Policy provisioning on Palo Alto devices using Web UI as well as PANORAMA. Provided day-to-day operational support for all firewall and VPN platforms including Checkpoint and Palo Alto firewalls.
• Performed upgrades on Palo Alto OS devices in High Availability pair. Firewall OS upgrades and Maintenance of OS up maintaing dates as part of addressing Vulnerabilities on Firewalls.
• Configured rules and Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Configured and maintained teh HP Switches wif OS Upgrades and routing protocols (OSPF, BGP).
• Used Cisco Prime Infrastructure for troubleshooting and managing wireless networks.
• Provided network support for teh core network including MPLS, DMVPN and Datacenters.
• Daily troubleshooting of GRE, IPSEC, and DMVPN deployments and configurations
• Designed and configured customer remote sites utilizing site-to-site tunnels, DMVPN, MPLS on CISCO based routers and ASA's.
• Splunk log monitoring & report monitoring for Data, Network, and Application device & user activities.
• Worked on Source Fire and Palo Alto IPS/IDS Systems, Splunk log monitoring tool, Qualys vulnerability assessment tool.
• Designed layer 3 security for teh network interfaces converted all teh layer to interfaces behind checkpoint firewall. Worked on checkpoint firewalls routing, managing VRF behind teh checkpoint firewall.
• Designed network interfaces use L3 capabilities and configured anti-spoofing for teh network interfaces on checkpoint firewall
• Provided assistance in network planning, engineering and architecture wif technical solutions consistent to enterprise network strategy.
• Maintained and supported all Cisco Chassis and interfaces. Documenting teh inventory of cisco switches/routers and other network related objects.
• Supporting wif teh Lease replacement of teh Network switches Cisco Cat 4507, 3850, 3750 and all network hardware and repair.
• Worked on teh Design and Implementation of teh new firewalls for replacement of Current ASA Firewalls wif Checkpoint Firewalls.
• Experience planning and implementing enterprise security solutions using Checkpoint Firewalls.
• Configured and supported our network Core Switches Cisco Cat 6509, 6807 and also supported wif teh core switches replacement from Cisco Catalyst Switches.
• Worked, supported and implemented on teh OSPF and EIGRP Routing protocols wif 6807 cat switches. Implemented teh OSPF Instance wif multiple OSPF areas connected to teh firewalls and implemented teh routing in between Checkpoint Firewalls and Cisco Catalyst 6807 Switches.

Confidential, Detroit, MI

Network Engineer (L2)

Responsibilities:

• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problem
• InstalledPaloAltoPA-3060 firewalls to protect Data Center
• Configuring rules and Maintaining Palo Alto& Analysis of firewalllogs using various tools.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues. My responsibility
• Worked as part of a team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configuring and Upgrading Junos Space Virtual Appliance.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Experience wif configuring FCOE using Cisco nexus 5548.
• Hands-on Experience wif CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms.
• Experience wif F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs. Cisco CLI, Cisco works, Network Security, Network Analysis Tools.
• Experience in converting PIX rules over to teh Cisco ASA solution.
• Administration of ASA firewalls in teh DMZ and FWSM in teh Server Farm to provide security and controlled/restricted access.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Responsible for maintaining teh entire Routing and switching domain across teh campus / Branch to
• Head Office and also teh Layer-2 campus network across teh remote branches, which included configuring VLANs and Trunks, Spanning Tree protocol, Port-Security, VLAN-MAPs and DOT1X for switches and Wireless.

Confidential

Network Specialist

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in teh network of 100 hosts.
• Involved in analysis of client requirements to provide solutions for network design, configuration, administration, and security.
• Basic and advanced F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of teh F5 load balancers
• Troubleshooting complex Checkpoint issues, Site-to-Site VPN related. Performed upgrades for all IP series firewalls from R75-R77
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router wif HSRP.
• Created a backup and recovery policy for software application and verified peripherals are working properly.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP & OSPF routing protocol administration.
• Worked extensively on Checkpoint firewalls for analyzing firewall change requests and implementing changes into existing firewall policies, maintaining security standards
• Involved in interaction wif support services to reduce teh downtime on leased lines.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed teh IP address space using subnets and variable length subnet masks (VLSM).
• LAN cabling in compliance wif CAT5 standards.
• Worked along wif teh team in ticketing issues