SUMMARY

• Having around 7+ years of professional experience in Network engineering, performing network Security analysis, Design, implementing and capacity planning with focus on performance tuning, high availability and support of large Networks.
• In - depth knowledge and hands-on experience in Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS.
• Excellent working knowledge of TCP/IP protocol suite and OSI layers.
• Extensive knowledge in configuring and troubleshooting Layer 3 Routing protocols such as IGRP, EIGRP, OSPF, ISIS and BGP (IBGP, EBGP) and layer 2 protocols such as VTP, STP and RSTP.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200,3800, 3600, 2800, 2600, 2500, and 1800 series routers, Cisco Catalyst 6500, 4500, 3750 and 2960 series switches.
• Building Next-gen Datacenters using Spine and leaf architecture, and migrate old end of row connections to spine and leaf. platforms used CISCO nexus.
• Hands-on experience in configuring Viptela devices and creating device and feature templates on vManage required for SD-WAN implementation.
• Migrated traditional WAN solutions like MPLS and IPSec on to SD-WAN solutions
• Implemented Datacenters virtualization using VMware NSX and cisco ACI
• Routing and Switching: BGP, OSPF to include Route summarization, Route filtering and Route redistribution. Switching to include Spanning Tree and VLAN concepts.
• Architect, implement, and manage Cisco ACS / ISE migration for authentication.
• Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured WAN connections with Meraki and Fort iGATE SD-WAN.
• Competent in Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay &MPLS), Routing protocol configurations, EIGRP, OSPF, BGP).
• Implementation and Maintenance of IP features including Address Translations, Access Lists, DHCP relaying, NAT etc.
• Network Management: TACACS authentication, authorization and accounting protocols. Terminal
• Very strong expertise in VPN Technologies and dedicated security configurations (Firewalls, IDS/IPS) and best practices in Information Security policies/procedures.
• Configure, implement Cisco Palo alto edge firewalls and maintain site-to-site VPN tunnels.
• Responsible for Check Point and Palo Alto firewall administration across global networks.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Configuring Netscape Gateway on VPX/SDX instance.
• Experience in implementing Next Generation Firewalls (NGFW) such as Bluecoat ProxySG and other vendors such as Palo Alto networks NGFW for URL filtering.
• Worked on Cisco PIX 500 series and ASA 5500 series Firewall providing support and configuring for NAT, PAT advanced Firewall rules implementation. IPS on ASA's with Botnet protection.
• Adept in handling network monitoring tools such as Wire shark, Net flow, SNMP and SYSLOG.
• Experience with R&S networking. Strong routing and switching capabilities.
• Secured data transmission for company VPN, EDI, Ecommerce, and credit card transactions using Cisco PIX and Palo Alto firewalls.
• Troubleshooting various network security related issues using Cisco SDM.

TECHNICAL SKILLS

Routing: OSPF,EIGRP,BGP,PBR,IS-IS, Route Filtering, RedistributionSummarization, Static Routing, PBR, SD-WAN, Cisco ACI

Switching: VLAN, VTP, STP, RSTP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Virtual Port Channel. Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Network security: Cisco (ASA, PIX) 5530, ACL, IPSEC, VPN, Security context

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: Leasedlines SD-WAN cisco Viptela and Meraki SD-WAN palo alto Cloud Genix (E1/T1/E3/T3),Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing, FortiAP

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7), Basic Linux, Cisco 10S, NX-OS

CISCO Routers: Cisco 17XX, 18XX, 26XX, 28XX, 37XX, 38XX, 39XX &72XX series, ISR, ASR

CISCO Switches: Cisco 2960,3550, 3750, 45XX, 65XX series

JUNIPER Routers: Juniper MX480, 240, 80 series

JUNIPER Switches: Juniper EX4500, 4200

Firewalls: Cisco ASA 55XX series, Juniper SSG140, Checkpoint R75,, palo alto 3600

Various Features& Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, LLDP, TFTP and FTP Management

NetworkAccessControl(NAC) Control: TACACS+, RADIUS, Cisco Ace, Cisco ISE, Aruba clear pass

Network Management: SNMP, Cisco works LMS, MRTG/PRTG server, Network Node Manager, Solar Winds. Wire shark.

PROFESSIONAL EXPERIENCE

Confidential, Grand Island, NE

Sr. Network Engineer

Responsibilities:

• Worked on the implementation of branch routers such as JuniperMX80,MX104and perform Junos upgrades.
• Responsible for configuration, maintenance and troubleshooting routing protocolsBGP,EIGRP, and OSPF on Cisco Routers 7613, 7201, 2812, 2811 and 3945E.
• Provided 24/7 On-Call assistance to the clients in allWLANnetwork related issues on a rotation basis.
• Direct report to SeniorWLAN Engineer/AVP& Responsible for allWAN, LAN,VOIP, Security & IPT on his absence along with weekend support.
• Deploying and decommission ofVLANson coreASR 9K, Nexus 9K, 7K, 5Kand its downstream devices and configure 2k, 3k,7k series Routers.
• Working experience onPA-5020, PA-3020series Palo Alto firewalls and Panorama.
• Experience in Deploying and configuringCisco WLC 5508, 5500Series Controllers in a vastWLANproduction environment.
• Hands-on experience deploying and troubleshooting IP phone systems (Avaya wireless and Polycom).
• Good Hands on experience in deploying, troubleshooting and configuring Cisco Meraki Layer 2 and Layer 3 switches likeMS 225, MS 250 and MS 350.
• Acquired strong skills in working with cloud-based wireless technologies like 802.11a/n/g, CISCO Meraki, and Aruba wireless.
• Used CiscoACSto enhance visibility and control across the network domain, also centrally managed wired andWLANbased on network scenarios.
• Acquired knowledge in working withMerakiwireless access pointsMR 16, MR 18, MR 32, MR 42, MR 72 etc.
• Involved in physical stacking and racking of Network equipment in a huge datacenter environment.
• Given the support forRADIUSandTACACS+ servers for network device access control.
• Perform installs, configure and troubleshooting on stateful inspection firewalls and inline/passiveIPS/IDSsensors.
• Performed network hardware analysis correlated with functionality teams on all acquired network hardware appliances.Routers, Switches, Gigamon, all4G LTE, andWI FI (ARUBA).
• ProvidedDynatrace (Application Profiling) and expert for Bluecoat,Netreo OMNI,Riverbed Cascade,IXIA, andGigamon. Detailed knowledge ofNetreo,Net Scout, SevOne andSolar Windstoolsets.
• Experience in deployingSD-WANmodule (CloudGenix) in the production network environment.
• Knowledge of Intrusion Detection,DMZ, encryption, IPsec, proxy services, Site to SiteVPNtunnels,MPLS/VPN, SSL/VPN.
• Configure and Manage site-to-siteIPsecVPNwith different partners. Troubleshoot remote access services likeCisco WLANclients and for the users to access their enterprise network.
• Designed and implementedDMZfor Web servers, Mail servers &FTPServers usingCiscoASA5500Firewalls.
• Provided application level redundancy and availability by deploying F5 load balancersLTM
• Network security includingNAT/PAT, ACL, on ASAand JuniperSRXFirewalls.
• Implemented Site-to-SiteVPN sover the internet utilizing 3DES,AES/AES-256 withJuniperSRX550 Firewalls.

Confidential, Conway, AR

Sr. Network Engineer

Responsibilities:

• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for theNexus 5000.
• Work with Level 3 Engineering on software bugs and solutions involving software upgrades and feature enhancements.
• Involved in Substantial Configuration & validation prior to implementation ofNexus 7K, 5K & 2Kconnecting to blade servers.
• Experience with converting 6500 to Cisco Nexus in the Data Center environment.
• Primary responsibility is to design and deploy various network security & High Availability products lickCisco ASAother security products.
• Responsible for implementation ofCisco Nexus 2148 Fabric Extender and Nexus 5000series to provide a flexible Access Solution for Datacenter access architecture.
• Worked onF5 LTM, GTMseries like 4000, 5000 for the corporate applications.
• Management ofF5 LTMs>Ms(DNS) to improve web application delivery speed and replication through and between distributed global data centers
• Experience with building Ultra Low Latency Data Center Design End-to-end design approach.
• Deploying and decommissioning ofCiscoRouters, Cisco switches, and their respective software upgrades.
• Performing the FirewallACLrequests change for various clients by collecting source and destination details.
• Experience in Configuring, upgrading and verifying theNX-Operating system.
• Administration and troubleshooting of JuniperSRX3000, 4000, 5000 Series firewalls.
• Policy management and changes in JuniperSRXfirewall
• Experience with manipulating variousBGPattributes such as Local Preference,MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Identify, design and implement flexible, responsive, and secure technology services.
• Configure Corporate, Wireless and Lab Devices which includes Bandwidth Upgrade, Adding New Devices, Decom the Devices, Testing(Pilot).
• Performing troubleshooting on slow network connectivity issues, routing issues that involveOSPF, BGP and identifying the root cause of the issues.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation onASR 9Kredundant pair.

Confidential, Chicago, IL

Network Engineer

Responsibilities:

• Configured DHCP scopes for voice and dataVLANsegments.
• Configuration and maintenance of PIX and ASA firewall systems.
• Configured and designed Access layer switches such asCisco 4510, 4948, 4507switches.
• Configuring and resolving various OSPF issues in anOSPF multi-area environment.
• Configuration and troubleshooting ofCiscocatalyst 6509, 7613 with supervisor cards.
• ConfiguredIPSEC VPN(site to a site remote access) on SRX series firewall.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes and route filtering using Route-maps.
• Conducted site surveys and installation of wireless Area network.
• Implemented, ConfiguredBGP WANrouting, converting OSPF routes toBGP (OSPFin local routing).
• Expertise in the maintenance of layer 2 switching tasks-VLAN,VTP,RSTP, the configuration of ether channel withLACPandPAGPalong with troubleshooting of inter-VLANrouting.
• Implemented Cisco Iron Port Security Management Appliance and IronPort’sinDRsite to provide redundancy across data centers for email flow.
• Redistribution of OSPF andEIGRPintoBGPwith the correct tagging parameters from the old legacy network to route and to utilize the correct MPLS VRF VPN’s provided from the bearers.
• Planning, deployingLANs/WANsvoice interconnection using protocolsVoIP, H.323, SIP, ISDN, L1-L3.
• Designing, Implementing and Troubleshooting Cisco Routers using Static,RIPv2, OSPF, EIGRP& experience with Checkpoint,Cisco ASAdevices
• Estimated project cost and created documentation for project funding approvals.
• Experience with converting checkpointsVPNrules over to theCisco ASASolution. Migration with Cisco ASA VPN experience.
• Responsible for service request tickets generated by helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all-around technical support.
• Created and delivered internal training onBGP.
• Experience withCisco LANcontrollers (8500, 5760, 5500) Cisco AirNet Access Points (3700, 2700, 1600, 700W), Cisco Mobility Platform.
• Worked onWAN(ATM/Frame Relay), Routers, Switches,TCP/IP, Routing protocols (BGP/OSPF) and IP addressing

Confidential, New York

Network Engineer

Responsibilities:

• Maintained all servers & network equipment with current stable firmware, IOS images & access control lists.
• Expertise in configuring and troubleshooting ofCiscoRouters (2600, 3600, 3700, 2800, 7500, 3800, 7200, 7600) series andCiscoCatalyst Switches (1900, 2900, 3500, 6500, 4500, 3750, 2960) series.
• Served as the main escalation point of contact for level I team.
• Installation and Configuration of Cisco Catalyst switch 6500, 3750 & 3550 series and configured routing protocolOSPF, EIGRP, BGPwith Access Control list implemented as per Network Design Document and followed the change process as per IT policy.
• Maintained and configured all Extended Access Lists securingVLAN802.1q trunks to W2003/8 servers,STP, OSPF, Port-Channels, Classes, Group, Objects, Load-Balancing,ACS, Wireless setup for corporate office and stores.
• Experience with setting upMPLSLayer 3VPNcloud in the data center and working withBGPWANtowards the customer.
• Implemented strategies for operating systems, virus protection, mail systems and Internet services.
• IOS upgrading of 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 seriesCiscorouters usingTFTP.
• Monitoring customer network (Internet, VoIP, L2vpn, L3vpn, IBGP, and EBGP).
• Performed scheduled Virus Checks & Updates on all Servers & Desktops

Confidential

Jr. Network Engineer

Responsibilities:

• Installing, Configuring Cisco Catalyst switches 6500, 3750 and 3550 series and configured routing protocolOSPF, EIGRP, BGPwith Access Control Lists implemented as per Network Design.
• Maintained Redundancy on Cisco 2600, 2800 and 3600 routers withHSRP.
• ConfiguredRSTP, LACP and VTP on Ciscodevises.
• CreatedVLANand Inter-VLANrouting with Multilayer Switching.
• Fourth tier troubleshooting, support, and implementation forDNS/DHCP.
• Working with the client team to find out requirements for their network.
• Designing Solutions for frozen requirements usingCiscoRouters and Switches.
• PerformedRIPandOSPFRouting Protocol Administration.
• Migration of RIPv2 toOSPF, BGProuting protocols.
• Implemented ISL and 802.1Q for communicating throughVTP.
• Experience in deployingEIGRP/BGPredistribution and the changing the metrics for the primary and back up.