OBJECTIVE:

• Seeking a challenging position of network engineer which will give me an opportunity to prove potential in me and educate me more in the field of networking and to help reach the goal of the organization and its growth.

SUMMARY

• Over 8+ years of experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
• Extensive knowledge in configuring and troubleshooting Layer 3 Interior Gateway Routing protocols such as Link - State routing protocols (OSPF and IS-IS) and Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP).
• Good knowledge in configuring and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (iBGP) and external BGP (eBGP).
• Extensive knowledge of WAN technologies such as T1, T3, DS3, OCx, SDH, SONET, LTE, Fiber and Frame relay.
• Hands on experience in configuring high end routers like GSR 12000 series, 7500 series and Catalyst Switches like 7600, 6500, 4500 series.
• Extensive experience in upgrade, backup and password recovery of Cisco IOS.
• Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
• Substantial knowledge, including the configuration, of Spanning Tree Protocol (STP), SIP/H.323 protocols, Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+)
• Thorough experience in configuring Virtual Local Area Networks (VLAN) with IEEE 802.1Q, VLAN trunking protocol (VTP), shortest path bridging, Multiple VLAN Registration Protocol and VLAN Cross Connect (CC).
• In-depth knowledge and hands-on experience in Tier 2 ISP Routing Policies and Firewalls.
• Good knowledge of IPv4 and IPv6 Addressing, Fixed Length and Variable Length Subnet Masking (VLSM), OSI and TCP/IP models.
• Experience in migration of IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), NAT64, DS-Lite and DNS64.
• Experience in installing and configuring NAT, DHCP server and DNS in large networks.
• Wide exposure to LAN/WAN setup, installation, configuration and commissioning of network devices.
• Good understanding of SNMP, IP SLA and Network Monitoring with experience in tools like PRTG.
• Working experience with 2600, 2800, 3600, and 3800 and 7200 series routers and juniper MX and T series routers.
• Expertise in configuring IP routing protocols which includes EIGRP, OSPF and BGP over Cisco routers in production environment.
• Experience in configuring security policies including NAT/PAT, VPN and ACL’s.
• Experience in Network Cabling, IP addressing and Subnetting with Variable Length Subnet Masking (VLSM), Route Summarization and Route Redistribution.
• Hands on experience on configuring Cisco ASA 5540, 5580 firewalls.
• Experience in installing, configuring and troubleshooting Checkpoint Firewalls
• Experience in using different area types in OSPF which includes SA,TSA,NSSA and Virtual Links
• Good knowledge on juniper SRX240, SRX220 and SRX550 series Firewalls.
• Experience in VPN technologies such as IPSEC (Site to Site and Client to Site) and Secure Socket Layer (SSL) VPN
• Good understanding of Palo Alto firewalls which includes PA 5000 and PA 3000 series.
• Configuring F5 BIG-IP LTM-3600 load balancers. Configured Clientless-Secure Socket Layer (SSL) VPN using self-signed certificates.
• Experience in installing, configuring and troubleshooting tools and techniques like Vulnerability scanning
• Hands-on-experience in using Cisco's Adaptive Security Device Manager (ASDM) to manage the Cisco ASA security appliances and Smart dashboard for checkpoint firewalls.
• Good experience in using NetScaler to provide level 4 load balancing
• Improved network capabilities and reliability by evaluating, testing, purchasing and implementing new SONET, SDH, DWDM, IP/MPLS, Ethernet and Wireless technologies.
• Experience with Synchronous Optical Networking (SONET) over optical fiber.
• Analyzed different types of attacks on Secure Socket Layer/ Transport Layer Security (SSL/TLS) which includes Crime, Beast, and Breach and Time attacks.
• Experience in network troubleshooting and analysis using Wireshark.
• Experience using Microsoft Visio to create and update network diagrams.
• Possess strong network troubleshooting, interpersonal and communication skills.

TECHNICAL SKILLS

Firewalls & Load Balancers: Cisco ASA 5585, 5550, 5540, Juniper SRX 5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Check point, Palo Alto PA-3060/2050, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810, A10 Load Balancers.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600), Cisco L2 & L3, Juniper routers (M7i, M10i, M320).

Switches: Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 5548 &7010)

Routing: RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing.

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI.

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems.

Secure Access Control Server: TACACS+/Radius.

VOIP Devices & Wireless Technologies: Cisco IP phones, QOS, Avaya, CUCM, UCCX, CIPC and UCS.

Wireless: LWAPP, WLC, WCS, Standalone APs, Client Roaming, Wireless Security Basics, AP groups, WLANS, Cisco Prime Site Maps.

Network management: SNMP, Cisco Works LMS, HP Open View, Solar winds, ACI, Ethereal.

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN.

Redundancy protocols: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

QOS: CBWFQ, LLQ, WRED, Policing/Shaping.

Monitoring Tools: Voyence, packet tracer, Wireshark, Opnet, GNS3, Info Blox and Solar winds.

Security Technologies: Cisco FWSM/PIX/ASDM, Nokia Checkpoint NG, Juniper SRX, McAfee proxy servers, Fortinet, Bluecoat.

Operating Systems: Microsoft XP/Vista/7,10, UNIX, LINUX,Redhat.

PROFESSIONAL EXPERIENCE

Confidential, Washington, DC

Sr. Network Engineer

Responsibilities:

• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Involved in the activity of DATA-Center migration of Cisco catalyst series 4500, 6500 switches with the new Nexus 2148, 2224T, 5548, 6018, 7010 using F3/M3 line-cards with 10GE & 40GE interfaces and Supervisor 2E.
• Involved in migration from Legacy Catalyst 6509 with SUP-720, Catalyst 4507 with SUP-6 to Nexus 7k with SUP-2E as part of the data center refresh.
• Configured and deployed VDC and VPC between Nexus 7018 and Nexus 5596, 5548 switches along with FEX 2248. Have a good understanding of Fabric Path.
• Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works).
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Experience working with High performance data center switch like nexus 7000 series.
• Forcapacity planning, I used like modeling tools such asOPNET, Packet Tracer, NetSim, Netflow and sFlow Analyzerthat project the impact of new applications.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4.
• Configuring HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst.
• Working with Checkpoint Support for resolving escalated issues and replace branch hardware with new 2851 routers and 2960 switches.
• Conversions to BGP WAN routing, which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client's needs.
• Hands on experience in functional knowledge of F5 advanced feature modules including Web Accelerator, Application Security Module, and Application Policy Module.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• Worked on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO.
• Design and implementation of GET VPN architecture used for multicast and unicast communication on an existing IP VPN.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems.

Environment: Cisco 4510, 4948, 4507 switches, F5, NGX R55 and R65, Checkpoint, Fortinet, Bluecoat, Nexus 2148, 2224T, 5548, 6018, 7010 Cat 6509, VPC, VDC, VRF, VSS, Cisco ASA, BGP,VPLS, OSPF, EIGRP, QOS, VPM, Solarwinds, STP, VLANS, VTP, Port-Channel, andSwitch Stacking.

Confidential, Newark, NJ

Sr. Network Engineer

Responsibilities:

• Performing standard network operations via ITIL standard with Incident Management and Change Management.
• Configuring and managing layer-2 technologies like VLANs, STP, VTP & port-security.
• Providing gateway redundancy using HSRP & creating ACL for layer-3 security.
• Configuring and troubleshooting layer-3 routing protocols like OSPF, EIGRP & BGP.
• Creating IP-prefix-list, route-map, offset-list and distribution list for performing route manipulations.
• Working experience in Design Large scale enterpriseWirelessnetworkswith AirMagnet, Visiwave and ekahau,Wirelessplanning and Management Tools like Aruba Airwave and Cisco Prime Infrastructure.
• Worked on functional understanding of DNS DDOS, DOS threats, mitigation techniques and DNSSEC.
• Migrated catalyst 45XX and 65XX switches to Nexus 7000 switches, where 7018 being the core and 5000, 2000 as the distribution layer switches for data center requirements.
• Performed Enterprise refresh on Switch block that involved replacing legacy catalyst devices with Cisco NEXUS 2000 series fabric-extenders, 5000 series Fabric Interconnects and Nexus 6000, 7000 series core switches. Implemented features like VPC, VDC, OTV and Fabric Path for high availability and redundant server farm environment.
• Worked with Sup 2E for 7018 switch and F cards for L2 switching and few M cards for L3 proxy routing purposes for F cards.
• Worked with Nexus 6001T switch which is used for low port-to-port latency in the data center using cut-through feature architecture. And configured VPC+ on these switches along with Nexus 2200 Fabric extenders.
• Worked on OTV to extend L2 VLANs between data centers over IP on Nexus 7018 switches.
• Configured IPSEC Site-to-Site VPNs to provide secure remote access to vendors and partners using SPA modules on Cisco 6500.
• To secure configurations of load balancing in A10, F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measure.
• Cisco ASA/Checkpoint Firewall troubleshooting, McAfee proxy servers and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Experience with convertCheckpointVPN rules over to the Cisco ASA solution. Migration with both Checkpointand Cisco ASA VPN experience.
• Deployed Cisco 6500 series switches with SUP32 & SUP720 and, implemented VSS.
• Maintained Checkpoint 41000 and 61000 systems, juniper SRX3600 and PA-5050 firewalls.
• Worked on Enterprise application load balancing using A10, F5 BIG-IP LTM 6400 and Cisco CSM. Worked with application and system teams to investigate application high availability requirements to deploy the optimum Load Balancing mechanism and provided network oriented support for end-to-end application life cycle management.
• Worked on Firewall rule management as part of network operations to take care of Firewall ACL requests. Maintained ASA 5580 to ensure high end security on the network with ACLs and Firewall. I also performed firewall troubleshooting to resolve application issues in DMZ and server farm.

Environment: Check point Firewalls, ASA, Blue coat, VPN, VLANs, DMZ, Cisco IOS-XR, STP, RSTP, PVSTP, Citrix NetScaler, VTP, HSRP, Ether-Channel, BGP, OSPF, EIGRP, MPLS, ATM, PPP, HDLC, SNMP, TACACS+.

Confidential, Tempe, AZ

Network Engineer

Responsibilities:

• Installed various branch Cisco devices including switches and routers.
• Experience in implementation, analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Implemented PORs (port open requests) based on the requirements of various departments and business lines.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• Added and modified the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Configure and troubleshoot network and security equipment’s like routers and switches, firewalls, UNIX and Windows servers etc.
• Designed IP Addressing schemes and Switch port assignments, Trunking and Ether-channel implementation.
• Provided daily network support for Global wide area network consisting of MPLS, VPN and point-to point site.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• On-call support for SAN infrastructure and storage services.
• Provided 2nd level support for all Linux-related issues.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• Experience with F5 load balancers andCiscoload balancers (CSM, ACE and GSS).
• Performing network monitoring, providing analysis using various tools like Wireshark, Solarwinds etc.
• Configure Linux servers to access SAN and NFS.
• Troubleshoot Network Issues onsite and remotely depending on the severity of the issues.
• Troubleshooting of connectivity problems using PING, Trace route.
• Implemented and troubleshoot (on-call) IPsec VPNs for various business lines and making sure everything is in place.
• Monitored traffic and access logs in order to troubleshoot network access issues.

Environment: Cisco 6505/2950/3550/3500/2960 Switches, Cisco 6500/7500/7200/3800/2800 Routers, Nexus5K, 7K, LTM, GTM, F5 Load balancer, Switching Protocols STP, VTP, RSTP and VLAN; Checkpoint, ASA, OSPF, BGP, EIGRP, RIP, LAN, WAN, SSL/VPN.

Confidential

Jr. Network Engineer

Responsibilities:

• Performed IOS upgrades/Password recovery on Catalyst 1900, 2900 series switches and 2500, 2600 series routers.
• Did racking, stacking, and cabling network-based, IT systems.
• Configured Access List ACL (Std., Ext, and Named) to allow users all over the company to access different applications and blocking others.
• Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Troubleshot the issues related to L1 and L2 levels.
• Network maintenance checks, configure and manage printers, copiers, and other miscellaneous network equipment.
• Involved in trouble shooting of DNS, DHCP and other IP conflict problems.
• Responsible for Data Backup, System Update, Recovery and Restore, and Spyware removal.
• Assisting Junior and Senior Engineers, on-site management of cable-wiring technicians.
• Troubleshoot problems on a day to day basis and documented every issue to share it with design teams.
• Providing documentation by creating MOPs and VISIO diagrams for the network designing team.

Environment: Cisco Routers 2500, 3600; Cisco Switches3500, 2900 and 1900 series; Catalyst 1900,2900 series switches; Routing protocols RIPv2, EIGRP, OSPF; Firewall Security Protocols: ACL, NAT, PAT.

Confidential 

Network Administrator

Responsibilities:

• Configuration, LAN/WAN, Switch/Routing protocols.
• Troubleshooting complex LAN /WAN infrastructure that include routing protocols EIGRP, OSPF.
• Configured Access-lists, Distribution-lists, Offset-lists and Route Redistribution.
• Configured Ether channels, Trunks, VLans, HSRP in a LAN environment. Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Implemented port aggregation & link negotiation using LACP and PAGP.
• Responsible for performing administration on OSPF routing protocols. Implemented route redistribution between OSPF and EIGRP.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Performed IOS upgrades on various catalyst series switches and maintained latest IOS versions according to company’s policy.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP). Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Worked on network-based IT systems such as racking, stacking, and cabling.

Environment: BMC Remedy, Cisco ASA 5540, BIG-IP LTM 8900, QOS, Policy-maps Class-maps,Vlans,STP,RSTP,PVSTP,VTP,HSRP,EtherChannel,BGP, OSPF, EIGRP, MPLS, ATM, PPP, HDLC. SNMP, TACACS+, DNS, DHCP.