SUMMARY

• 7+ years’ Experience in Network infrastructure planning, designing, deploying, troubleshooting and analysis.
• In - depth understanding on implementation of LAN/WAN network routing environments
• Strong working knowledge in complex configurations, troubleshooting network connectivity and Cisco IOS version integration issues.
• Worked on Cisco Catalyst Switches series, Responsible for Checkpoint and Cisco firewall administration across global networks.
• Successful in resolving Routing, Switching and WAN connectivity escalation issues using various ticketing tools
• LeverageQradar,SecurityOnion, and Bro to gather network forensic artefacts and for retrospective analysis
• Thorough experience in OSI model, TCP/IP, UDP, IPv4/IPv6 sub netting, NAT concepts
• Expertise in configuring RIP, IGRP, EIGRP, OSPF, BGP and MPLS protocols.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience in Deploying and decommissioningCisco switches,Cisco MerakiProducts and their respective software upgrades.
• Hands-on experience of various layer 2 transport protocols including ATM & Frame Relay and MPLS, 2547bis VPN, RFC 4364, mVPN, VPLS.
• Cisco ACI (Application Centric Infrastructure) deployed, monitored, and managed in a way that benefits different teams in the IT organization including SDN Network, Cloud and and Security.
• Network Virtualization engineer with SDN/ NFV solutions based on Juniper Contrail & Openstack architecture.
• Expertise in designing, implementing and troubleshootingCisco3750, 3550, 3560, 2924, 6509 - V-E, 6513, 6504, 6503, 6506, 6500 series switchesandARISTA (7100, 7500) Seriesswitches.
• Manage implementation complex LB design server farms, firewalls, IDP & IPS devices using Cisco ACE
• Design and implement an SDWAN solution for a medium sized company maintaining 468 locations throughout the United States
• Extensive experience with data center design with MLAG/VSS/vPC, BGP, OSPF, creating complex ACLs for multiple FW policies, Active Directory, IPSEC VPN tunnels, SIEM, ethical hacking, penetration testing, firewall, automation, TCP/IP, OSI model, PCI compliance, monitoring network with netflow/sflow, and wireless installs.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience. experience as a Data Network & Security Engineer with expertise in design, development, implementation, troubleshooting and maintenance of Network & security environments with mixed vendors Routers, Switches Firewalls, Proxy, VPN's, IPsec, NAT, Load Balancer's, and Nexus Switches.
• Expertise in design, configuring, supporting and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers (F5) and firewalls.
• Strong hands on experiences Cisco Routers 4300, 4400, 4500, 2900, 3800, Switches 3850, 4500, 9300, 9400, 9500, 6500, 6800 series.
• Set up VSS cluster, ether channel, VLAN trunking, VTP and inter-VLAN routing on 6506.
• Test Planning, writing, lab setup and certification of features Network Management of IPv4 devices, IPv6 devices, BGP Multihoming, VPLS, SAVPN, BGP Multihoming with VPLS,VPWS and CFM,VRRP, RADIUS and management protocols like DHCP, TELNET, FTP, SNMP, TFTP, RADIUS,RMON,TACACS
• Network Security administration & management of devices: Juniper NSM IDP & Tipping Point IPS
• Network Virtualization engineer with SDN/ NFV solutions based on Juniper Contrail & Openstack architecture.
• Strong hands on experience on Cisco Catalyst (1900, 2900, 3550, 3750, 6500) series switches, VSS technology, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, PIX Firewall (506, 515, 525, 535)/ ASA (5505/5510), Cisco Firewalls, Cisco ISE (Identity Service Engine), Load Balancers using Cisco ACE, F5, Security Device Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer.
• Led IT Audit efforts to facilitate a) findings b) recommendations c) risk remediation and ultimately passing US Government CMS reviews of Network security controls, compliance with SOX, Confidential, redundancy, application development involving SDLC, SOX sect. 4 internal controls assessments, IT physical security of operations and co-location data center, IT management reporting structure and internal audit committee functions as well as future IT audit.
• Switching tasks include VTP, ISL/ 802.1q, IP sec and, VLANs, Ether Channel, Trunking, GRE Tunneling, Port Security, STP and RSTP.
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Working knowledge of AWS and MS Azure Cloud Security.
• Ample knowledge in configuring networking protocols including VM’s, DHCP, DNS, NTP, FTP, VOIP (SIP, H.323, MGCP) and Quality of Service (QoS)
• Backup & Recovery (Symantec, VEEAM, Barracuda)
• Possess good experience in configuring and troubleshooting WAN technologies like MPLS, T1, T3, DS3 and ISDN.
• Implementing security Solutions using Palo Alto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Proxy Services - Zscaler, Blue Coat Proxy
• Configurations and issue detection of HSRP, VRRP, GLBP redundancy protocols
• Proficient in configuring WLAN, VLAN, VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Spanning Tree Protocol (STP), RSTP, and PVST.
• Expertise in installing, configuring and troubleshooting Juniper Routers (MX-480, MX960) and Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509 catalyst switches.
• Implemented and configured Panorama PA-100 modules for centralize Mgmt of Palo Alto security infrastructure.

TECHNICAL SKILLS

Firewall: Cisco ASA 5520,5540,5585

Routing Protocols: OSPF, EIGRP, BGP, ISIS, VRF, PBR, Cisco 2600, 3600, 3800, 7200, 7600, Meraki series MX series, Route Filtering, Redistribution, Summarization, Static Route

Switches: Cisco 2960, 3750, 4500, and 6500 and Nexus 2K/3K/5K/7K series, Meraki MS 250, Meraki MS 225

Network Security: Cisco ASA, ACL, IPSEC, SSL, Ixia Breaking Point, Fortigate Firewalls(30D,60D),ACL, checkpoint, Meraki firewall 2.5 version

Protocols: TCP/IP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS.

Juniper Devices: Juniper EX Series 2200, 2300, 3300, 2400, 4200, 4300, 4550, 4600, 8200, 9200 QFX Series 5100, 5200, 10000, ACX Series ACX 500, 1000, 1100, 2100, 2200.

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet

WAN: VPN, IPSEC-VPN, MPLS, ATM, Frame Relay

Redundancy protocol: HSRP, VRRP, GLBP, EBGP

Network Management Tools: Wireshark, Net flow Analyzer, SNMP, HP open view.

Security Server Protocols: TACACS+, SIM/SIEMS tool -QRadar, Splunk & Arcsight.

Load Balancers: F5 Networks (BIG-IP) LTM 5050

Operating Systems: Windows Vista, Windows 7/8, Linux

PROFESSIONAL EXPERIENCE

Confidential, Houston TX

Sr. Network Engineer

Responsibilities:

• Installation and configuration of Cisco ACS and migration from Microsoft IAS for AAA.
• Consolidation from multiple Internet service providers to leverage partner relationship.
• Design, installation, and migration for transition from full mesh VPN to nationwide Metro for WAN connectivity.
• Upgrade and migration of client VPN to geographically redundant solution.
• Designed, Installed & configuredLAN, WANcomponentsCisco Catalyst switches 6500, 4500, 3750 seriesandCisco ASRrouters 9001, 1006according to the Network Design along with theData Center topology.
• Provided a Flexible Access Solution for Data Centerwith CiscoNexus 2148 Fabric Extender&Nexus 7010
• ManagedCisco Nexus 5kand9300/9500switches for the data center inCisco Data Center Network Manager (DCNM)and timely upgrades ofCisco IOS XR, Nexus OS.
• Worked on data center Core switches for configuringNexus9k, Nexus 5k, 4500, 4900, 6500series switches
• Basic Knowledge on Meraki switches MS220 & building stack and core connection toMS425on dashboard.
• ConfiguredOSPF, BGPprotocols onCisco ASR 9001/1006, Cisco 7200and troubleshot them.
• Subject Matter Expert for 802.11r, CAPWAP, Guest Access, webAuth features
• Call Manager and Unity upgrade adding Unified Presence (Jabber), Webex, and Telepresence for all sites.
• Installation and migration to Solarwinds and LiveAction network monitoring systems.
• Maintenance agreement trueups
• Network Architecture, Security & troubleshooting: OSI Layer 2 to Layer 7 (VLANs, VPLS, E-pipes, QoS, ACLs, Routing and Switching)
• Configuring/Troubleshoot devices such as Source Media Router, Mediaplex for multiplexing the signal coming in different source: ATM, T1,ASI, and Fiber
• Creating and deleting policies in fortigate UTM devices.
• Design expertise for the SD-WAN (Versa & Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
• Customization with automation of various network management systems within cloud infrastructure frameworks.
• Proficient in LAN/WAN Network, TACACS, Radius, CSACS, VPN, Frame Relay, MPLS, TLS, EIGRP, OSPF, BGP, ISDN, IPSec, GRE, VLAN, STP, VTP, LWAPP, CAPWAP Cisco IOS/Catalyst OS, SIP
• Campus Switching and Routing Hardware includes - Cisco 3750, 3850, Cat 9K, 4500, cisco ISR routers, 2300, 7200 series routers Juniper EX 4300, 3400 in access and EX 4600 in Distribution. Aruba 2530, 2540, 3810 and 5400R switches. Cisco Layer 2/3 networking knowledge.
• Managed and troubleshoot NET Cloud, Cradle Point and Aruba access points wireless devices on Citrix and Airwave. Aruba VPN, customer public and private wireless networks. Aruba mobility and Clearpass training.
• Experience on Cisco 7600, Cisco 6500, Cisco 4503, Cisco 3750, Cisco ASA, Juniper NSM, Juniper ISG1000, Juniper IDP and Bluecoat SG cashing and web filtering
• Maintain functional and technical knowledge of the VeloCloud SD-WAN product line. installation/commissioning and handover to NOC team for service delivery with Acceptance Test sign off.
• Contributed to create the Managed service template for telecom managed services which include NOC manpower support, Total NOC management, Resident Engineering, Field support Engineers for I&C as well as routine O&M.
• Monitoring and analyzing of bandwidth utilization using fortigate 620B UTM, PRTG and speed test.
• Provided second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Plan, organize, direct and control small, medium and high value Financial Services, CMS governed Health Insurance Industry, Pharmaceutical and Manufacturing Client audits, business projects and risk assessments involving Project Management Body of Knowledge PMBOK / PMI standards, IT Audit internal controls, SCADA Cybersecurity, Confidential, SOX, HIPAA, HITRUST, NERC-CIIP 007 R2, CSIRT, DIARMF, SIEM, CVE, SAP, application development and systems development life cycle SDLC.
• Deployment and support of Nexus Switches, UCS R&S, Fabric Path (Trill) to forward Layer 2 and Layer 3 Packet from Classical Ethernet to Fabric Path mode
• Hands on experience in Virtual standard switch, Virtual Distributed switch, VLAN mapping into VMware
• Worked with configuration management tools such as puppet or orchestration frameworks such as Fabric
• Worked in data centers and proficient with configuring and supporting Nexus switches, Fabric Extenders (FEX), VPC and OTV.
• Experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 5K, 2K series, Cisco router models like 12k, 10k, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series, Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches and Aruba router model switches like Aruba 3810M.
• Implement, Configure, Maintain, Fine Tune Troubleshoot Network Access Control NAC Solution.
• Familiarized with working knowledge of Cloud Computing Engineering, concepts, service models IaaS, PaaS, SaaS, deployment models, practical implementations, operations, security and future trends
• Actively involved in design & deployment of a new datacenter using Cisco Nexus 9000 platform in spine & leaf architecture utilizing VXLAN fabric & BGP-EVPN overlay technologies
• Experienced in enterprise and Data Center switching technologies such as trunks, DTP, VTP, STP, RSTP, PVSTP, MSTP, SVI’s, Etherchannels, PAgP, LACP, MEC, VPC, VSS, FHRP, HSRP, VRRP, GLBP, Object tracking, Pseudo Wire, EoIP, OTV, FEX, DHCP Snooping, ARP inspection, SPAN, RSPAN, FC, FCoE..,
• Provided pen-testing techniques including dictionary and brute force attacks and scanned networks for security vulnerabilities in network design using NMAP and Nessus.
• Cisco routers, 1700, 3600, 7200 series L2 and L3 switches 2900, 3700, 6500 series PIX firewalls VPN Concentrator ASA5500 Local Directors Fortinet UTM Firewall Palo Alto firewalls Juniper EX-Series switches and M-Series routers Infoblox DNS/IPAM Opengear Remote Access Device Windows2003 Server/Windows XP/Windows 7/Windows 8.
• Design, evaluate, test, implement and support new CAPWAP (wireless) network consisting of series AP’s, 4 (standalone) 5508 WLCs, 2 MSE, and WCS/NCE
• Actively managing tasks assigned to transition from legacy Switches to Cisco ACI (Data Center Application Concentric Infrastructure) device
• Assisting and maintaining Cisco ACI devices

Confidential

Network Engineer

Responsibilities:

• LAN/WAN infrastructure, consisting of Cisco routers, switches and firewalls using OSPF to communicate over a mixture of Ethernet-based MAN Metropolitan Area Network and dedicated-connection switching-based ATM Asynchronous Transfer Mode technology.
• Extensive work history in IT working as a System Software Engineer, System Analyst, supporting LAN WAN SAN NAS Windows, VMware Esxi, Cloud, VMware View, Windows Server 2003/2008/2012 , Solaris, Exchange 2010/2013, Office 365, Office 2013, SharePoint, IIS, PowerShell Scripting, Active Directory Commvault, Legato, HP Data Protector, Symantec, McAfee/Intel Endpoint Security, HBSS, MacAfee Sidewinder, Cyber Security, Bluecoat, McAfee/Intel Endpoint Security, HBSS, SideWinder, Firewall
• Creating configuration for new devices moved into ACI fabric
• Working with multiple OSI Layer 2 and Layer 3 routing protocols (i.e. EIGRP, ATM, TCP/IP, BGP, OSPF, and MPLS in order to bring new routers into the production environment for Network Augmentation Team.
• Replaced Cisco 6500, 4500 and 3800 to Aruba 4510 and 3810 stack switches
• Technology Used: Routing, Switching, Firewalls, VPN Tunnels, GRE, STP, HSRP, SNMP, VLANS, BGP, Natting
• Test plan development and Standardizing for DHCPV6 addressing modes, NTP, DNS, DDNS, IPSEC tunneling, TCP/IP, Dual Stack features on Confidential Multi-Functional printers in Wired and Wireless mode.
• Troubleshooting the complex VPLS/IPAG setup in the Lab including routing protocols BGP,MPLS,OSPF,LDP and switching protocols VPLS,VLAN,VPWS
• Deployed and grew Active Directory Network from company inception
• Configure Cisco VPNs that includes the customer requirement to quickly learn Cisco new flex VPN.
• Using knowledge of Army approved IA tools Retina, Nessus, BNA for DISA STIGS for task. Implementing of DOD, FISMA and NIST standards.
• Experience in layer-3 Routing with, ASR 9K, ASR 1K, Confidential 7600, 7200, 3810, and 3925 series.
• Interacting with Cisco to provide implementation of Cisco ACI into Confidential Network Infrastructure
• Design and build of network for new state of the art on-demand apparel production and distribution facility.
• Design and implementation of network for new prospective client relations office.
• Design and build and phased migration of network for east coast corporate headquarters and customer service center.
• Assist with risk analysis and other vulnerability testing, assisting with the new SIEM/ security center ACAS running compliance/vulnerability scans from the centralized ACAS center using Nessus
• Replaced Cisco 6500 Switches with Cisco 6880-X and 6807-X switches in VSS/FHRP environment.
• Implemented VSS on Cisco 6800 switches with enhanced PAgP.
• Deploying SDN/NFV POC's for application team for migrating the high reality network for latest technology.
• Assessment and redesign of VoIP and data LAN and WAN for 15 corporate sites, four distribution centers and two Corporate data centers.
• Juniper Experience Devices with SDN-ready MX2010, MX2008Edge Router, PTX5000, PTX3000, EX 9200, EX4300, EX4600, SRX 5400, SRX 3000 series, MX routers.
• Aruba 802.11ac wireless access points deliver superb Wi-Fi performance, Aruba 330 series, 501 wireless client bridge, 7220, 7010 MOBILITY CONTROLLER.
• Worked on Arista 7300 Data Center Switch Series, Arista 7010T Gigabit, HPE FlexNetwork 5820 Series, HPE FlexNetwork 5510 HI Series.
• Deploy and manage with advanced security and network management tools like Aruba ClearPass Policy Manager, Aruba AirWave and cloud-based Aruba Central.
• Configured VEEAM backup and cross-site replication for disaster recovery for large municipality
• Installed and configured VEEAM backups to DR4100 appliance with replication for DR
• Implement, Configure, Maintain, Fine Tune Troubleshoot Network Access Control NAC Solution
• Troubleshoot the devices for NM and BGP VPLS VPWS Multihoming issues.
• Design, develop and validate solutions based on 3GPP specifications
• Successfully added NFV License Management to the ETSI-ISG new work list despite opposition
• Patching, security updates, install applications, create local accounts, create share Directory, access rights to folders, mount drives and make a snapshot of the virtual server.
• Full knowledge of RF, light (laser) ASI, SDI, IP, multicasting, unicast, anycast, and various transports and equipment.
• Privilege Access Management & Self Service Password Synchronization support from infrastructure and application level
• SiteSpect engineering and implementation for key sites.
• Assessment and redesign of network for two production eCommerce data centers.
• Operational support of multiple production eCommerce data centers using Cisco Nexus switching, ASR1000 routers, ASA5500-X firewalls, F5 3600, Viprion 2400 load balancers with ASM.
• Integration NASCAR trackside LOB office and fulfillment center in Charlotte, NC.
• Architecture of Dev, QC, and Prod internal Corp and customer facing Ecommerce VPCs for AWS cloud environment

Confidential

Sr.Network Engineer

Responsibilities:

• As a part of LAN, WAN and WLAN architecture team, I was responsible for designing, managing, troubleshooting and configuring Layer 2 and Layer 3 network equipment such Cisco routers 7200, 3800, 3700, 2900 and Cisco Catalyst switch series 6500, 4500, 3500XL
• Performed Switching Technology Administration including VLANs, inter-VLAN Routing, Trunking, STP, RSTP and Port Aggregation on Cisco catalyst devices and Arista 7K.
• Performed on-the-fly switch upgrade and installed new Cisco router. Also, performed wireless site survey for new Meraki install.
• Worked and have Strong knowledge of Microsoft Active Directory, XP and Server platforms (2003/2008), Global Catalog, Microsoft PKI experience, services knowledge, group policies, LDAP, Windows Server 2008
• Hands-on expertise to assist with Firewall automation using Ansible in AWS environment
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, configuration, upgrades, patches and fixes with all around technical support in complete LAN development.
• Deployment of API gateway on cloud platforms.
• IT, Vsphere, Vcloud, View Manager, Active Directory, Windows 2012 R2, 2008 R2, Microsoft, System Center 2012 R2, SQL 2012, SCCM, SCOM
• In-Depth Knowledge and experience of various wireless 802.11 standards, controllers, Access Points, Wi-Fi analytics from various vendors (Cisco Meraki, HPE /Aruba, D-Link and Netgear), SD-WAN (MX 65, MX100, MX400).
• Actively participated in upgrading Fast Ethernet, Layer 3 switched/routed LAN Infrastructure from Cisco 3640 to Cisco 2811 ISR Routers and Switches at access level to 2950, 3550.
• Worked in the process of Data centre fabric migration, performed migration from legacy Catalyst 6513 Switches
• Implementation, configuration and deployment of Active directory, IIS, DNS, DHCP, WINS, ISA, VMWARE, WSUS and windows Exchange 2003/07 server on server site.
• Operational experience withCisco ACI and Arista Cloud Vision, Spine Leaf Architecture, VXLAN, Bridge Domains, VTEPS, VNI, BGP route Attributes, Route Targets, Route Distinguishers for MAC address learning.Experience withCisco Meraki.
• Experience of deploying, analyzing, maintaining and troubleshooting Windows Server 2003, Windows Server 2008, 2008 R2 Windows Server 2012.
• Proficient in NetBackup monitoring and tuning to increase performance.
• Provide expertise with incident response, security event monitoring, vulnerability management, asset security compliance and data loss prevention utilizing McAfee Nitro (SIEM), McAfee ePO, McAfee DLP.
• Developing Validation procedures for migration ofQRadardata to Splunk
• Good knowledge in configuring and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (IBGP) and external BGP (EBGP).
• Extensive hands on Experience with Complex routed LAN networks, CISCO Routers and Switches.
• AWS Resource Access Manager, Implemented ISAM on Azure Cloud Infrastructure.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Configured WAN connections with Meraki and FortiGate SD-WAN.
• Create Technical documents like HLD, LLD based on the business requirements.
• Experience in Alcatel-Lucent defining business requirements and creating technical documents (i.e. HLD, LLD, Use Cases)
• Experience with WLAN management (Apogee, Meraki, Aruba) • Experience working with teams responsible for HLD, LLD & BoM
• Configured and managed Nexus 2k fabric extender, 5K and 7K switch network at the client's location.
• Configured EBGP for CE to PE route advertisement inside the office environment
• Experience working with design and deployment of MPLS Layer 3 VPNV4(MP-BGP) cloud, Involving VRF, Route Distinguisher(RD), Route Target(RT), Label Distribution Protocol (LDP), Super backbone, SHAM Link, MPLS PE-CE connection troubleshooting.
• Actively involved in Switching Technology Administration including creating and managing VLANS, Port security- 802.1x, Trunking 802.1Q, Inter-VLAN routing, ether channels and LAN security on Cisco Catalyst Switches 3800,3900,4507R+E, 6509-E
• Strong experience on NetBackup command line usage.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Configuring Static EIGRP, and OSPF Routing Protocols on Cisco 2600, 2800, 3600, 3800, 7300 series Routers
• Experience working with Nexus 9504, 7010, 5548, 5596, 2148, 2248 devices.
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 9504
• Worked with Cisco Nexus 2148 Fabric Extender and Nexus 9300 series to provide a Flexible Access Solution for datacentre access architecture.
• Worked on latest cisco switches like Nexus 9000, 7018, 5548, 5020 and 5010, implemented advanced features like VDC, VPC (Virtual Private Cloud), OTV (Overlay Transport Virtualization) and configured top of the row Fabric Extenders 2248 and 2232.
• Integrated Palo Alto next-gen firewalls with overlay VMware NSX SDN network.

Confidential

Network Security Engineer

Responsibilities:

• Migration of Palo Alto firewalls from Cisco ASA 5585 and Juniper SRX 3600 & NetScreen 5400. PANDB migration and code upgrades for Palo Alto Firewalls.
• Redesigned the LAN & WAN network from a flat network to a tiered structure (STP, VTP, and 802.1q, HSRP, EIGRP and BGP).
• Switching in Campus and Data center environments usingCisco, Juniper, HP, Dell, Arista and Extreme networks Routing experience on Cisco, Juniper and Arista routers in Distribution, Core, WAN and Internet connectivity.
• Integrating Panorama with Palo alto firewalls, managing multiple Palo Alto firewalls using Panorama
• Palo Alto App ID migration from the legacy-based port rules for PA 5060, 7050
• Implementation, configuration and deployment of Active directory, IIS, DNS, DHCP, WINS, ISA, VMWARE, WSUS and windows ExchaVEEAM ge 2003/07 server on server site.
• Performed migration from Cisco ASA 5505 to Palo Alto Firewall PA-200.
• Upgrade of Juniper firewalls and management servers from SRX 3750 to SRX 6509.
• Implemented port aggregation& link negotiation using LACP and PAGP
• Migrated hundreds of client servers from old environment to new target master using netbackup 6.5,7.0 in various data centers of the company
• Performed migration of security appliance from ASA 5510 to Palo Alto security device.
• Experience in negotiating VPN tunnels using MPLS standards, configuring and implementation of site-to-site VPN and Remote VPN
• Provide technical expertise and support of network devices and security peripherals including Cisco routers and switches Support Cisco ASA 5520 firewall and F5 load balancers.
• Router disaster recovery from crashes, checking logs to locate the reason for crash and verifying the hardware or software issues on production routers
• Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed.
• Experience in configuring & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, and BGP and also configured IP access filter policies for restricted access
• Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network.
• Configured PVSTP+ for loop prevention and VTP for Inter VLAN Routing.
• Managed various teams involved in site surveys, cabling specifications, network installation and configuration