SUMMARY

• CCNA CCNP CERTIFIED professional with 8 years of experience in routing, switching, firewall technologies, systems design, and administration and troubleshooting.
• Expertise in configuring and troubleshooting of PIX, ASA, Palo Alto, Juniper Net Screen & SRX Firewalls and their implementation
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Implemented security policies using Palo Alto PA-500, PA-2020, Check Point Firewalls R75, R77.20 GAIA, ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS), VTP.
• Experience with tunneling methods like GRE/mGRE, DMVPN, IPsec, L2TP, ezvpn, IKE v1 and v2 remote vpns.
• Hands-on experience of various layer 2 transport protocols including ATM & Frame Relay and MPLS, 2547bis VPN, RFC 4364, VPLS.
• Hands on experience in configuring Cisco Catalyst and Cisco Switches series, Cisco Routers, Nexus series switches, Load Balancers & Cisco Firewalls, ASA Firewalls and Cisco ACE load balancers
• Moderate knowledge in configuring and troubleshooting Wireless Network: Net gear, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics as well as WAN testing.
• Good knowledge in scripting languages like TCL/TK, Perl and Python.
• Experience in configuring and troubleshooting BIG-IP F5 load balancer LTM creating virtual servers, nodes, pools and iRules on BIG-IP F5 in LTM module.
• Hands on experience in configuring Cisco Nexus 7K, 5K,2K,1K and worked on nexus protocols VPC, VRF, VDC and FEX Links.
• Wireless/Voice Technologies - Cisco WLC, IEEE 802.1x & 802.11, WLAN, WAP, AP, SSID, LWAPP, Aironet
• Experience with various LAN and WAN technologies and protocols like: - TCP/IP, VLAN, VTP, RIP, STP, EIGRP, OSPF, BGP, IKE/IPSec VPNs, NAT, PAT, DNS, MPLS and access list.
• Well experienced in configuring HSRP, GLBP, ICMP, UDP, PPP, PAP, CHAP and SNMP.
• Extensive knowledge with VLAN’s, Trunking, RSTP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, NX-OS, IOS/XE, VMware NSX, DHCP, Wireshark etc.
• Well organized, Self-starter, Quick learner, Self-Motivated, Team player with analytical, technical and communication skills.

TECHNICAL SKILLS

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Cisco Platforms/Other platforms: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), SRX, MX, EX Series Routers and Switches, Nexus 7K, 5K, 2K & 1K

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, Cisco ACS.

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Firewall: PIX Firewall, ASA Firewall, Palo Alto, Checkpoint, Juniper SRX

Network Tools: Solar Winds, Firemont, Tufin, Netflow, SDM, Panaroma, Wireshark

Load Balancers: A10 Networks(AX2500), Cisco CSM, F5 Networks (Big-IP)

Security Protocols: IKE Version 1 and 2, IPSEC, SSL-VPN

Operating System: Windows 10,8,7/XP, MAC OS X, Windows Server 2008/2003, Basic Linux

PROFESSIONAL EXPERIENCE

Confidential, Minneapolis, MN

Network Security Engineer

Responsibilities:

• Experienced in installation, configuration and maintenance of Cisco Router, Catalyst Switches and Firewalls.
• Planning, Designing &implementing various solutions in distributed environment using Checkpoint, Cisco PIX & ASA, and Palo Alto NGFW.
• Cisco Wireless LAN Controller; Cisco Aironet 11x Access Points; Palo Alto (PAN) Firewalls, Nagios, Solar Winds Orion, Cacti, Wireshark, UPS systems, and some rack and stack.
• Configuration and Administration of Palo Alto Networks Firewall to manage large scale Firewall deployments.
• Worked on Check Point Firewalls NG, NGX, R61, R65, R70, R75, R77, R77.20 GAIA and Palo Alto PA-500, PA-2020
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, ISA, AAA (TACACS+ & RADIUS).
• Troubleshoot and worked with security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Palo Alto firewalls.
• Configured Access-Control Lists (ACL’s) to Allow or block users to access different applications.
• Configuring rules and Maintaining cisco ASA firewalls 5510, 5515X and 5525X & Analysis of firewall logs using various tools
• Planning and executing changes and upgrades to the operating systems of servers directly supporting firewall components and functionality.
• Experience in Rule analysis, Rule modification on firewalls.
• Experience in Wireless LAN Controller and Access Point configuration and deployment.
• Maintain change of passwords as a security precaution on guest Wireless LAN and to work with customers teams on building the VPN tunnels at the new co-location.
• Utilizing Cisco 3750G-24-PoE Wireless LAN Switch/Controller
• Responsible for configuring firewall rules in between DMZ’s, from external vendors to the systems in DMZ’s for TDQ (Test, Development & Quality Analysis) as well as production Environments.
• Planning, designing and implementation of moving multiple DMZ’s on FWSM’s to ASA’s by creating Multi-Context Environments on the ASA.
• Troubleshooting on various vendor devices like A10 Load Balancers, F5 LTM & GTM, Cisco ACS.
• Implementing VPN connections using Checkpoint, ASA, Cisco PIX, and Cisco Routers using site-to-site VPN’s.
• Create S2S VPN with our own offices and various clients using Juniper SRX firewalls or Cisco ASA.
• Maintained BIG IP F5 APM VPN and provided solutions for intricate issues.
• Implemented and managed remote access programs including Cisco AnyConnect, Site-to-Site VPNs for business partners, IPSEC for remote management.
• Configuring IPSEC VPN on SRX series firewalls and site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
• Configured F5 Big IPs with VIPs, Pool, IRules and SSL certificates to ensure traffic was load balanced. Tested end to end connectivity via firewalls, routers and switches.
• Install, configure Cisco 2500 Wireless LAN Controller and Cisco Aironet 1131 AG Wireless Access Points for Internal and External users
• Experience with Cisco Aironet 2600, and 2700and worked with Cisco Aironet Wireless Access Points 3600, 2600 and Cisco WAP controller.
• Worked with Cisco Aironet Wireless Access Points 3600, 2600 and Cisco WAP controller.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL).
• Serve as the first point of contact for troubleshooting hardware and software for DNS problems.
• Maintaining and updating inventory using Network Management Application layer software’s like SNMP, Wireshark, NTP, and Syslog.
• Configured and managed Networking and Network Security by performing system administration / analysis that includes installing/configuring proxies, DNS, IP addressing scheme & IP subnetting with VLSM, configuring VLANs & Trunks.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Production environment experience consisting of Global load balancing, local load balancing, SSL acceleration, HTTP compression/caching, and DNS.
• Installation and maintenance of Windows NT and 2000/2003/2008 DNS, DDNS, DHCP and WINS Servers for the DOMAIN.

Environment: Redhat Linux, Alcatel-lucent Vital QIP, Windows server manager, ESD center, HP server manager, HP open view.

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT, NAC product sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
• Create, assign and provide IP and DNS records for server and application teams using Microsoft DNS server and Infoblox Grid Manager.
• Configured DHCP scope into Infoblox for new sites which includes subnets for wireless, voice, security and data and use to bind/fixed the ip address with particular Mac address
• Designed, Implemented and Troubleshot Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
• Upgraded the data center network environment with Cisco ASA 5520. Configured ACL's on Cisco Switches as well as configured routers as terminal servers
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review, evaluate current and future design issues as required maintaining network integrity, efficient data flow
• Worked on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Experience with Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits
• Worked with Carrier to test and turn-up circuits
• Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development
• Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds etc.
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Handoffs
• Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Experience with Racking, Stacking, configuring, Nexus 5K and 2K and 7K
• Installed wireless access points (WAP) at various locations in the company

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505, 5510), FortiGate Firewall 80C, 100d, 1240b on Forti OS5.2., Checkpoint, Palo Alto, Load balancers

Confidential, Portland, OR

Network Security Engineer

Responsibilities:

• Working as Network Security engineer supporting Cisco routers, switches, Net screen Firewalls, Bluecoat proxy servers and BIGIP load balancers.
• Deployed Palo Alto Firewalls for web filtering and application control.
• Provide post breach firewall analysis on checkpoint R77.10 gain, Palo Alto firewalls to recommend two-factor authentication solution.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Performed Network Security Assessment and implemented security features such as network filtering, SSH, AAA, SNMP access lists, VTY access lists and HSRP authentication.
• Utilized SNMP-based network monitoring tools such as Nagios and Solarwinds to manage networks.
• Configured and managed updated Cisco Network Systems with routers for MPLS Client VPN, Site-to-Site VPN and Dynamic VPM (DMVPN).
• Understanding of IPSEC & GRE tunnels in VPN technology implementation using Cisco IOS and have checkpoint firewall /VPN.
• Integrating Configuring RSA Secure ID with ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.
• Performed attribute manipulation in BGP multi-homed scenario using attributes like AS-Path, MED, Local Preference and weight.
• Implementation of HSRP, IPSec, Static Route, IPSEC over GRE, Dynamic routing, DHCP, DNS, FTP, TFTP, RAS.
• Planning, designing, Installing and Configuring of Cisco Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800 and 7200, 7609) & Cisco L2 & L3 Switches (2900, 3560, 4500 & 6500).
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services and static routing using Nexus, Cat6k, ISR, ASR
• Also performed Dual-homing on nexus based platforms using the feature VPC and also managed to do Virtualization on the nexus platforms using the feature VDC and also maintained VRF’s in those VDC’s.
• Implementing changes to the network routing tables and ACLs.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Configured and installed new IP addresses for new users by using IP Addressing and Subnetting Scheme, and work on CITRIX applications.
• Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.

Environment: Cisco Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800 and 7200, 7609) & Cisco L2 & L3 Switches (2900, 3560, 4500 & 6500), F5 and CSM load balancers, Juniper SRX Firewalls, Cisco catalyst 6509, 7613, Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550, Netscreen SSG5, Netscreen 204, Netscreen SSG 320

Confidential

Network Engineer

Responsibilities:

• Reviewing, analyzing, approving and executing all changes in the network. All Configurations of Cisco Routers and Switches. Participated in a rotating 24x7 support schedule for the Network operation Center.
• Worked with Network Operations Center (NOC) to troubleshoot various network issues like TCP/IP, VLAN, MPLS, routing issues like RIP, OSPF and BGP.
• Configuring AAA Services onthe CiscoASR9000 Series Routermodule ofCiscoASR9000 Series Aggregation Services Router System Security Configuration Guide.
• Configured trunk and access ports, and implemented granular control of VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets that can extend further across the network infrastructure than with previous generation of switches.
• Build and configure monitoring systems and other network related tools such as Introscope, Splunk, MRTG, Solarwinds, and RANCID on a Linux/Windows 2003 platform.
• Team player in a data analytics environment, maintaining network capacity, integrity, and performance of client connectivity and data centers leveraging Device42, Solarwinds as the primary toolset and VPLS as the key technology.
• Implementation and Maintenance of Juniper EX 2200, M120 devices.
• Net screen firewall setup, upgrade and configuring IPSEC VPNs and NSM (Net screen security manager) management.
• Worked on troubleshooting customer issues related to MPLS VPN related issues involving PE configuration issues, PE-CE link issues such as routing protocol configuration, Layer1 / Layer2 issues, BGP4 address-family related issues, MP-BGP.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Performed IOS, IOS-XR and Junos upgrades and production network maintenance.
• Deploying new technologies to data center and branch offices including firewall, NAC, wireless and switching technologies.
• Monitoring traffic at many different points, and provide visibility into the security posture of the network using IDS/IPS tools
• Signature UpdatesDeployment on the Management Componentsand all the Individual IPS/IDS devices.
• Troubleshooting client and business partner VPN connectivity issues. Responsible for VPN access support for Executive team and data security. Password resets, granting share access and permissions to Enterprise folders for different team, e.g. Finance, HR, Ops Planning.

Environment: Palo Alto firewalls, R77.10 gain, Linux/Windows 2003, monitoring tools Nagios, solarwinds, introscope, splunk, MRTG, RANCHID, Citrix Netscale, Sonicwall, Cisco WAAS, Cisco IPS

Confidential

Network Support Engineer

Responsibilities:

• Configured and installed Cisco 2500, 3640, 7200, and 7940 Routers.
• Troubleshot network bandwidth performance, mismatched framing and line coding.
• Coordinated with LAN/WAN engineers the development and implements security policy.
• Monitored usage of network resources with Cisco works, and using sidewinder in PIX Firewall.
• Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
• Configured remote users to access corporate LAN with VPN connectivity.
• Configured Frame-Relay, ISDN, ATM, Protocols, & load balancing switches.
• Configured IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP.
• Coordinated the routing of data for Internet access via diversity, load balancing on MPLS.
• Versed in proxy servers, web servers, and VPN networks on Windows and Unix OS.
• Configuration of IP and routing technologies for various protocols such as EIGRP, OSPF, and BGP for MPLS Network.
• Troubleshooting network issue for production and disaster recovery using various diagnostic techniques,
• Troubleshooting equipment, and service providers for successful completion.
• Created Network documents, tickets and network Visio diagram for various customers.

Environment: Cisco 2500, 3640, 7200, and 7940 Routers, EIGRP, OSPF, and BGP for MPLS Network, IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP, T1, DSL, ATM/IMA, Frame Relay and ISDN

Confidential

Network Technician

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in the network.
• Studied and analyzed client requirements to provide solutions for network design, configuration, administration, and security.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP & OSPF routing protocol administration.
• Interacted with support services to reduce the downtime on leased lines.
• Troubleshoot problems on a day to day basis; provide solutions to fix the problems.
• Designed a test manual and automated test cases are perform the over Network testing tool IXIA and Spirent.
• Automate test cases for carrier grade, provider Edge and Core Routers. Validate the IP/MPLS features are consistent with client’s design and behave as expected in a multi-vendor, scaled environment
• Configure the access-list and patch on the Juniper router and Firewall for customer support.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed the IP address space using subnets and variable length subnet masks (VLSM).
• Worked along with the team in ticketing issues; responsibilities included documentation and support other teams.

ENVIRONMENT: TFTP, RIP, OSPF, IP/MPLS, VLSM