Sr. Network Engineer Resume
Fortworth, TX
SUMMARY
- Over all 7+ years of experience on data center environment, Support, Troubleshooting and implementation of VPC, VDC and Fabric path on Nexus 9K, 7K, 6K, & 2K Switches. Experience in Configuring, upgrading and verifying the NX - OS operation system.
- Implemented, Tested and troubleshootJuniperFirewall to establish VPNnetworkto Datacenter andwireless for localnetwork.
- Experience with design & deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.
- Configuring Client-to-site VPN using SSL Client Cisco ASA 5540, 5510.
- Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and OTV and successfully implemented VSS on the Cisco catalyst switches.
- Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies onJuniperSSG320 and SSG140 Firewalls.
- Worked with the installation of Palo Alto firewall, migrated with a team from predominantly checkpoint environment to Palo Alto global solution.
- UtilizingCisco5508wirelesscontrollers and 1131, 1142, 2602, 2702, 3602, 3702 LWAPP access points.
- Worked on NEXUS 7K Core and Server Farm Switches with VSS & VPC support
- Hands-on experience in configuration of CISCO NEXUS Datacenter infrastructure with 5000 and 7000 series switches (5548, 7010) including CISCO NEXUS Fabric Extender (2232, 2248).
- Hands-on experience in configuration of CISCO NEXUS Datacenter infrastructure with 5000 and 7000 series switches (5548, 7010) including CISCO NEXUS Fabric Extender (2232, 2248).
- Expertise in Migration ofFirewallsfrom Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo altoand Vice Versa.
- Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco, B2B VPN client in addition to providing TACACS+ and RADIUS services.
- Worked extensively on firewalls and VPN gateways Check Point, CISCO, Juniper, FortiGate GUI and Arista equipment’s
- Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
- Implemented Positive Enforcement Model with the help of Palo AltoNetworks.
- Experienced in handling and installing Palo Alto Firewalls with exposure to wild fire feature of Palo Alto Networks.
- PerformCheckpointand PIX firewall/IDS design, integration & implementation for Cyber Trap client networks.
- Worked extensively on firewalls and VPN gateways Check Point, CISCO, Juniper, FortiGate GUI and Arista equipment’s
- Hands-on experience on Checkpoint Firewall R77, Palo Alto Pa 3000 and Cisco ASA 5520 firewalls.
- Checkpoint level 3 operations support with hardware operation and fixed all problems.
TECHNICAL SKILLS
Cisco Platforms: Nexus 7K, 5K, 2K, 1K
Cisco Routers: 1700,1800,2500,2600,2800,3600,3800,3900,7200,7600
Cisco L2 & L3 Switches: 2900,3500,3560,3750,4500,4900,6500
Juniper Platforms: SRX, MX, EX Series Router and Switches
Networking Concepts: Access-lists, Routing, Switching, Sub netting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi
Firewall: ASA Firewall (5505/5510), Checkpoint, Cisco ASA
Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark
Load Balancers: Cisco CSM, F5 Networks (Big-IP)
Wan Technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3,0C3, T1 /T3 & SONET
Lan Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channelVLANS, VTP, STP, RSTP, 802.1Q
Security Protocols: IKE, IPSEC, SSL-VPN
Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6
Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix
Wireless: Ciscowirelessaccess points: AIR-CAP3702, AIR-CAP3502, AIR-CAP2602, AIR-CAP2702, WLC 5508, 4404 and WLC 4402wireless
LAN controllers: Catalyst 6513, 6509, 4006, 4003, 3750, 3560, 3550, 2950G switches
PROFESSIONAL EXPERIENCE
Confidential, FortWorth,TX
Sr. Network Engineer
Responsibilities:
- Configuring & managing around 500+Network&Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
- Deploying the old Access Points (1142 and 1242) and installing the new 3702 access points.
- Has extensive Knowledge on Cisco Wireless LAN Controllers.
- Performing awirelesssite survey to implement controller-basedwirelessnetwork.
- UtilizingCisco5500 series controllers and 3702, 3602 and 3502 LWAPP access points.
- Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
- Maintained, upgraded, configured, and installed Cisco ASA 5510, 5520, & 5505Firewallsfrom the CLI and ASDM.
- Configuring virtual chassis for Juniper switches EX- 4200 and firewalls NS 5200.
- Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
- Good knowledge of CISCO firewalls, CISCO PIX and ASA 5500 series, Palo alto Firewalls.
- Upgrading code onPalo altofirewalls PA5050/3020 to meet company security policy
- Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASAFirewalls.
- Site-to-Site IPsec based VPN Tunnels for all 020 Communications.
- Experience working with JUNOS OS on JuniperRouters and Switches
- At present working extensively with Cisco 5508 Wireless LAN controllers. Replacing 5508 Wireless LAN controller with 5520.
- UtilizingCisco5508wirelesscontrollers and 1131, 1142, 2602, 2702, 3602, 3702 LWAPP access points.
- Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
- Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series
- Dealt with monitoring tools like (Solar Winds, Cisco Works),networkpacket capture tools like Wireshark, Deployed the Nexus 7000/5000/2000 architecture.
- Implemented site to site VPN in Juniper SRX as per customer and various EX, SRX & J series Juniper devices.
- Responsible for NAT traffic flow in theJuniperSRX 3600 and supportJuniperSpace.
- Successfully installed Palo Alto PA-7050 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
- Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations. Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
- Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
Confidential, Santa Ana, CA
Network Security Engineer
Responsibilities:
- Create and test Cisco router and switching operations using OSPF routing protocol, ASA 5500 Firewalls, and MPLS switching for stable VPNs.
- Technical Knowledge on Cisco PIX/ASA series,JuniperNet screen/SRX firewall gateways.
- Implemented site to site VPN in Juniper SRX as per customer.
- Hands on experience with Cisco Nexus 7K, 5K and 2K series equipment including configuration of protocols.
- Configuring Virtual Chassis forJuniperswitches EX-4200, Firewalls SRX-210.
- Responsible for the secure development lifecycle environment form NX-OS to Application Centric Infrastructure (ACI) in Data center, implemented in the lab environment.
- Configuring and troubleshooting perimeter security devices such as Checkpoint NGX R77 Gaia, Provider-1/MDM, Secure Platform,Palo altoand ASAFirewalls.
- Installation ofPalo alto(Application and URL filtering, Threat Prevention, Data Filtering).
- Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling
- Configured static NAT, dynamic NAT, dynamic NAT overloading and experience in TACACS, XTACACS and TACACS+ servers.
- Implementing security policies using Cryptography, ACL, IPsec, VPN, and AAA Security on different series of routers.
- Load Balancing with F5 GTM and LTM across multiple data centers
- Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
- Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/ switches/firewalls
- Responsible for Check Point andJuniperSRX firewall administration across our global networks.
- Implemented site to site VPN with IPSEC via. GRE ISKAMP.
- Implemented Cisco site to site VPN for partnering with different partners around the world.
- Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Cisco ASA, Firewalls, VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall. Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
- Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
- Responsible for ASA 8.x Firewall and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
- Troubleshoot and Worked with Security issues related to Cisco ASA, and IDS/IPS firewalls. Large scale Deployment and installation of Juniper SSG5, Cisco ASA, and Fortinet firewalls.
Confidential, San Francisco, CA
Network Engineer
Responsibilities:
- Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
- Migration of servers from one datacenter to another, providing switch connections to the new servers, updating Check Point Firewall rules for the new servers, A10 to F5 load balancers Migration.
- Configured IPsec VPN connections, encryption algorithms & VPN domains on checkpoint R75.
- Successfully executed change on Nexus 9K and 7Ks to support redundant platform.
- Performed "Fresh Installation" of R77.10 on Smart Event 150 appliance through the Console to establish the connection between theCheck PointManagement server to receive the logs.
- Configured and deployed MPLS connectivity and site-to-site VPN with IPSec security layer.
- Establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
- Configuring, Installing and troubleshooting on Check Point Devices.
- Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
- Installed and configured four PIX 525 and two ASA 5505 in customer locations. In addition to that, two PIX firewall configured for the Guest access
- Configured Easy VPN server and SSL VPN to facilitate various employees; access internal servers and resources with access restrictions.
- Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
- Ability to engage with vendors to resolve equipment issues and identify future needs creating new nodes and Pools in F5 load balancers to support newly added servers in Layer 3 environment.
- Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls as per the design.
- Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls.
- Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations
Confidential
Network Engineer
Responsibilities:
- Hand on experience on IP Addressing, Sub netting.
- Experience in designing, implementation and operations of enterprise datanetworksasnetwork engineer.
- Enterprise Switching with VLANs, Trunks, Spanning Tree, Port Spanning etc.
- Installation and configuration of Citrix NetScaler MPX 8200.
- Designed, implemented and maintained WAN technologies like DWDM, MPLS, VPLS and tunneling technologies.
- Expert level Knowledge on working with Wireless LAN Controller's, Cisco NCS, Cisco AP's, LWAPS, Standalone AP's and Mesh AP's.
- Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for datacenter access architecture.
- Set up and troubleshoot secured wireless access points (WAP) and wireless LAN controller (WLC) for broadband internet.
- Configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000. Configuring VDC & VPC in Nexus 9k, 7k, 5k and 2k.
- Experience working with BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic.
- Implemented Positive Enforcement Model with the help ofPalo altoNetworks
- Expert level Knowledge on working with Wireless LAN Controller's, Cisco NCS, Cisco AP's, LWAPS, Standalone AP's and Mesh AP's.
- Configured and resolved various OSPF issues in an OSPF multi area environment.
- Installed and managed multiple instances of a Routing table usingVRFandVRFLite.
- Responsible for level 2 support of existing network technologies/services & integration of new network technologies/services.
- Working knowledge on LAN/WAN setup, installation, configuration, and troubleshooting.
- Strong hands on experience in Troubleshooting for QOS, connectivity and hardware problems on CiscoNetworks.
- Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
- Checkpoint Level3 operations support with hardware operations - fixed all problems & RMA’s, taking any escalations that dealt with the equipment and its connection: interfaces,VLAN’s, routes, etc.
Confidential
Network Admin
Responsibilities:
- Responsible for implementation and day to day operations of all associated hubs, routers, bridges, gateways andNetworkrelated equipment.
- Provide assistance toNetworkManager and serve as SecondaryNetworksupport.
- Worked on necessary tools for Linux/Unix System, and Microsoft Power shell.
- Upgraded Cisco 7200, 3600 Router IOS Software, backup Routers and Catalyst 3560, 4500 switch configurations.
- Implemented cable multi-service operator (MSO) to capture traditional Telco subscribers with IP telephony and provide relevant QOS.
- Configured EIGRP, BGP, and MPLS.
- Implemented new ultra secure networks in multiple data centers that included Cisco 6500 s, Juniper security devices, and F5 Big IP’s.
- Implemented QOS for Voice, Video against DATA by IP Precedence and DSCP.
- Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP.
- Involved in L2/L3 Switching Technology Administration including making and overseeing VLANs, Port security, Trunking, STP, Inter-Vlan directing, LAN security.
- Worked on DMVPN Technology, Performance Routing PFR, Ethernet.
- Rewrote HPNA perl module Create HPNA command scripts.
- Configured VLANs, Private VLANs, VTP and Trunking on switches.
- Administration and security of IP basednetworksusing Cisco Enterprise Class networking hardware and software.
- Monitoring and troubleshooting Server, File System management and migration.