SUMMARY

• Accomplished Network and Security engineering professional wif overall 7+ years of real time experience in designing, deploying, migrating & supporting critical multi - site redundantNetworkenvironments.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• PerformCheckpointand PIX firewall/IDS design, integration & implementation for Cyber Trap client networks.
• Hands on experience on configuring Cisco ASA 5540, 5580 firewalls.
• Performing theJuniperSRX 5800 deployment to replace teh Crossbeam/Checkpoint firewalls
• Firewalltechnologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70, R75, R77 and Cisco ASA.
• Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and OTV and successfully implemented VSS on teh Cisco catalyst switches.
• Expertise in Migration ofFirewallsfrom Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo altoand Vice Versa
• Configured policies on F5 ASM Created rules and scripts for teh automation of teh environment. Reengineered Firewall policies onJuniperSSG320 and SSG140 Firewalls.
• Strong experience on Juniper SSG series Firewalls and checkpoint R75,76 Firewalls
• Worked wif teh installation of Palo Alto firewall, migrated wif a team from predominantly checkpoint environment to Palo Alto global solution.
• Good knowledge of CISCO NEXUS data center infrastructure wif 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Experience working wif Juniper JUNOS version 12 and Version 13 for routing and switching protocols.
• Responsible for checkpoint and Cisco ASA firewall administration across global networks.
• Checkpoint level 3 operations support wif hardware operation and fixed all problems.
• Good understanding of NAT & Firewall on Aruba Controllers.
• Strong hands on experience on PIX Firewalls, Palo alto, ASA (5540/5550) Firewalls. Implemented Experience in working wif Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience wif convert Checkpoint VPN rules over to teh Cisco ASA solution. Migration wif Cisco ASA VPN experience.
• Enterprise experience wif Nexus models like 7K, 5K, 2K series.
• Experience in configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability.
• Expertise in Migration ofFirewallsfrom Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo altoand Vice Versa
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices wif secure access services 7.1/8.0.
• Performing theJuniperSRX 5800 deployment to replace teh Crossbeam/Checkpoint firewalls.
• Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Good knowledge on Juniper SRX240, SRX220 and SRX550 series Firewalls.
• Implemented Positive Enforcement Model wif teh help of Palo AltoNetworks.
• Experienced in handling and installing Palo Alto Firewalls wif exposure to wild fire feature of Palo Alto Networks.

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K, 1K

Cisco Routers: 1700,1800,2500,2600,2800,3600,3800,3900,7200,7600

Cisco L2 & L3 Switches: 2900,3500,3560,3750,4500,4900,6500

Juniper Platforms: SRX, MX, EX Series Router and Switches

Networking Concepts: Access-lists, Routing, Switching, Sub netting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510), Checkpoint, Cisco ASA

Network Tools: Solar Winds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

Wan Technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3,0C3, T1 /T3 & SONET

Lan Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel,VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

Documentation: MS Office, MS Visio

PROFESSIONAL EXPERIENCE:

Confidential, Sacramento, CA

Senior Network Engineer

Responsibilities:

• Involved in teh configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Design, configuration, and support of Cisco Nexus Platforms (Nexus 2000/5000/7000 )
• Designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Configured Cisco routers for MPLS VPN connectivity and VRF tables on edge routers for customer usage of teh MPLS network.
• Configure/upgrade wireless access points and familiar wif Cisco wireless controllers.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application
• Deploying teh policies on firewall using teh Checkpoint’s Smart Console Manager and Smart Dashboard.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability Checking and configuring Cisco 7600 routers at data center for remote sites’ issues.
• Knowledge of JUNOS platform and worked wif IOS upgrade of Juniper devices.
• Responsible for NAT traffic flow in theJuniperSRX 3600 and supportJuniper
• Working on security devices ASA, Juniper, Palo Alto Firewalls, Routers, and Switches.
• Configured Cisco routers for MPLS VPN connectivity and VRF tables on edge routers for customer usage of teh MPLS network.
• Good knowledge of CISCO firewalls, CISCO PIX and ASA 5500 series, Palo alto Firewalls.
• Upgrading code onPalo altofirewalls PA5050/3020 to meet company security policy
• Experience in analyzing network using monitoring tools like Solar winds and Wire shark.
• Built an accruing network via MPLS circuits to split teh trusted and un-trusted traffic via a Cisco ASRRouter.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Authority for purpose of scaling.
• Experience wif configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for teh Nexus 5000
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Juniper ContrailSDNdeployment assistance to teh senior engineering team
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application
• Responsible for Checkpoint firewall management and operations across our global networks.
• Implemented site to site VPN in Juniper SRX as per customer and various EX, SRX & J series Juniper devices.
• Working on security devices ASA, Juniper, Palo Alto Firewalls, Routers, and Switches.
• Implementation of secure enclaves wifPaloAltoand ASA firewalls
• Remote access and site-to-site VPN administration using Cisco ASA/ASR andPaloAlto
• Team member of Configuration of Cisco 7206 router wif VPN and Configuration of Catalyst switches.
• Implemented Site-to-Site VPNs over teh Internet utilizing 3DES, AES/AES-256 wif ASA Firewall 5505.
• Responsible for NAT traffic flow in theJuniperSRX 3600 and supportJuniperSpace.

Confidential

Network Security Engineer

Responsibilities:

• Designed application mapping and application delivery using F5 BIG IP LTM.
• Design/install/Configure Nexus 7k, 5k and 2k switches, PAN firewall and NetScaler Application load balancer.
• Installed and designed four PIX 525 and two ASA 5505 in client areas. Notwifstanding dat, arranged two PIX firewall for teh Guest access.
• Configured IPsec VPN access for client to site remote access.
• Configured and implemented Nexus 5K and 2K in lab environment
• Configuration of firewalls 5520 series ASA for business to business connectivity and application of ACL rules for network traffic.
• Configuring and managingF5ASM (Application security manager). Develop security policies.
• Creating new nodes and Pools in F5 load balancers to support newly added servers in Layer 3 environment.
• Implemented site to site VPN wif IPSEC via. GRE ISKAMP
• Implemented Cisco site to site VPN for partnering wif different partners around teh world.
• Responsible for teh secure development lifecycle environment form NX-OS to Application Centric Infrastructure (ACI) in Data center, implemented in teh lab environment
• Migrating Cisco ASA firewalls policy to new Checkpoint appliance wif support of vendor specific tool.
• Implemented Cisco site to site VPN for partnering wif different partners around teh world.
• Juniper ContrailSDNCloud Computing Open Networking Open flow/ODL
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
• Implemented Site-to-Site VPNs over teh internet utilizing 3DES, AES/AES-256 wif PIX Firewalls
• Experience wif configuring BGP in teh data center and using BGP as a WAN protocol and manipulating BGP attributes.
• Responsible for Cisco ASA firewall administration across our globalnetworks.
• Involved in teh redistribution into OSPF on teh core ASA firewall.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for teh expansion of teh MPLS VPN networks
• Coordinate activities between departments to ensure uninterrupted business operation
• Experience wifCheckpointFirewall policies provisioning.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
• Migration from Cisco toPaloAltofirewall & Cisco to Checkpoint firewall
• Worked on wireless networking hardware such as Cisco Wireless LAN Controller and AP 1200.
• Working wif Cisco ASA 5585-X firewalls wif Firewall rules,IPSec VPN, NAT, Active-Standby Failover, OSPF and Any Connect VPN technologies
• Implemented site to site VPN in Juniper SRX as per customer.
• Troubleshot VoIP issues wif Cisco Call Manager 8.6; Unity Connections and Presence.
• Experience wif converting PIX rules over to teh Cisco ASA solution.
• Maintain Security policy by monitoring PIX firewalls (515 and 520).
• Router/ Microsoft VPN Server to get to certain restricted system assets from client areas.
• Established IPSEC-VPN tunnels wif ASA 5500 series Firewall between some branch offices & headquarters.
• Experience in working wif designing, installing and troubleshooting ofPaloAltofirewalls.

Confidential

Network Engineer.

Responsibilities:

• Designing and installing new branchNetworksystems. ResolvingNetworkissues, running test scripts and preparingNetworkdocumentation.
• Configuring, Installing and troubleshooting on Checkpoint Devices.
• Successfully executed change on Nexus 9K and 7Ks to support redundant platform.
• Implemented Zone Based Firewalling and Security Rules on teh Palo Alto Firewall.
• Working wif Juniper JUNOS on M and MX series routers.
• Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls.
• Worked on migrating teh F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations
• Responsible for Working in high availability Nexus Environment and provide Layer 3 Network.
• Configuring and troubleshooting perimeter security devices such as Checkpoint NGX R77 Gaia, Provider-1/MDM, Secure Platform,Palo altoand ASAFirewalls.
• Installation ofPalo alto(Application and URL filtering, Threat Prevention, Data Filtering)
• Implemented teh network segmentation for PCI network which utilizes MPLS VPN andVRFLite.
• Experience configuring Catalyst (2900, 3500, 3700 and 6500 Series), NEXUS (7000, 5000 and 2000 Series) Switches, and Routers (2800, 3600, 4400 Series) and Wireless AP's (1260, 3600) using CLI and GUI.
• Migrated Cisco ASA firewall to next generation Palo Alto firewalls.
• Working wif wireless technologies troubleshooting and configuration.
• Establishing VPN Tunnels using IPSec encryption standards and configuring and implementing site-to-site VPN, Remote VPN.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing wif teh firewalls as per teh design.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Translating Cisco IOS Route maps to Cisco IOS XR Routing policies.
• Working wif Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
• Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP.

Confidential

Network Engineer

Responsibilities:

• Installed, and configured Cisco routers (7200, 3600, and 2800) and Cisco switches (6500, 4500, 2950 and 1900 series).
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Implemented static routing, routing protocols (OSPF, and BGP), switching (VLANS, VTP Domains, STP, and Trunking).
• Installation and configuration of Citrix NetScaler MPX 8200.
• Successfully installed Palo alto PA 3060 Firewall to protect data center and provides L3 support for routers/switches/firewall.
• Deployment of enterprise firewalls (Palo altonetwork, Cisco ASA, Check Point) in production environment.
• Successfully executed change on Nexus 9K and 7Ks to support redundant platform.
• Expert level Knowledge on working wif Wireless LAN Controller's, Cisco NCS, Cisco AP's, LWAPS, Standalone AP's and Mesh AP's.
• Knowledge and skill of 802.11 a/b/g/n LAN normal for wireless Technology.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco basednetworks.
• Performed Port channeling and LACP between downstream devices for VPC configuration.
• Installed and configured CISCO ASA and Checkpoint firewall.
• Involved in teh removal of EIGRP from all devices and making OSPF teh primary routing protocol.

Confidential

Network Admin

Responsibilities:

• Had a chance to troubleshoot various application issues wif respect to F5.
• Configured and managed networks using L3 protocols like RIPv2.
• Designed and implemented remote dial up solution for clients
• Upgrading and managing Linux Kernel on Red Hat Linux 5 &6 & ESX Reboots.
• Configuring IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Networks.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Efficient in cabling as per co-location contracts wif loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures.
• Installed and configured teh ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
• Created VLAN and Inter-Vlan routing wif Multilayer Switching.
• Installed and configured teh ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
• Apache Web Server & MRTG, BIND DNS Server configuration and optimization over UNIX and Active directory implementation of Windows 2003 Server.
• Efficient in cabling as per co-location contracts wif loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Real time monitoring and network management using Cisco Works LMS.
• Monitoring and troubleshooting Server, File System management and migration.
• Worked on necessary tools for Linux/Unix System, and Microsoft Power shell.
• Prompt technical support to customers on routers and switches.