SUMMARY

• Over 7 years of Networking and Security experience, includes providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.
• Highly skilled in implementing and troubleshooting complex layer 2 technologies such as VLANs, VTP, Ether channel, STP, RSTP and MST and gateway redundancy protocols like HSRP, VRRP, GLBP.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP - BGP, OSPF, EIGRP, RIP, BGP v4, MPLS.
• Peering inbound and outbound through BGP.
• Experience in designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Competent in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers & Cisco Firewalls
• Hands on experience in configuring and supporting site-to-site and remote access server, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Experience in site to site VPN configurations using Cisco ASA 5500 series firewalls
• Experience in working wif Cisco Nexus Switches and Virtual Port Channel configuration also wif Nexus 7K, 5K, 2K devices.
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Involved in data center migrations from one data center to other.
• Troubleshooting the Network Routing protocols (BGP, EIGRP and OSPF) during the Migrations and new client connections.
• Worked on VOIP on Session Initiation Protocol to provide a comfortable abstraction to the VOIP application layer, so dat it may focus on the application logic and communications protocols
• Design and Implementation of complex networks related to extranet clients.
• Involved in migration of Frame-relay connections to MPLS based technology wif the extranet clients.
• Involved in topology diagrams of network environment and network infrastructure.
• Co-operation wif service providers in Installing, Troubleshooting T1, DS3,OC3 and OC-12 circuits.
• Involving in VPN (IPSEC and GRE) migrations and new designs for the clients.
• Creation of change tickets and implement according to the customer requirements.
• Working noledge on configuring access lists, NAT and troubleshooting DNS/DHCP issues wifin the LAN network.
• Have good experience in Active Directory 2010 administration.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, WireShark, TCPdump, and Linux operating system servers.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT wif the firewalls as per the design.
• Experience wif convert Checkpoint VPN rules over to the Cisco ASA solution. Migration wif both Checkpoint and Cisco ASA VPN experience.
• Knowledge in preparing Technical Documentation and presentations using Microsoft VISIO/Office.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.
• Manage operational monitoring of equipment capacity/utilization and evaluate the need for upgrades; develop methods for gathering data needed to monitor hardware, software, and communications network performance.
• Ensures the project will achieve targeted dates to ensure business continuity. Involved in meetings wif engineering teams to prepare the configurations according to the client requirement.

TECHNICAL SKILLS

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation)

Routing Protocols: IGRP, EIGRP, OSPF, BGP v4, MP-BGP, IS-IS, RIP

WAN Protocols: HDLC, PPP, MLPPP

Circuit switched WAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full)

Packet Switched WAN: ATM, FRAME RELAY, MPLS VPNs

Security Technologies: Cisco FWSM/PIX/ASDM, Nokia Checkpoint NG, Juniper SRX, Palo Alto, Checkpoint, F5 Load Balancer.

Cisco Routers: Cisco GSR 12416, 12418, Cisco 7200vxr, Cisco 3640, Cisco 3600

Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, Wireshark, Solarwinds, SNMP

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)

Layer 2 technology: VLAN, HSRP,VRRP,GLBP,STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)

Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Switches: Catalyst 6500, MSFC, MSFC2, 7600, 3700, 3500

Operating Systems: Microsoft XP/Vista/7, UNIX, Linux (Redhat, OpenSuse, Fedora), Windows Servers 2003/2008Windows MS-Office.VMware ESX 5.1, VMware Vsphere client

PROFESSIONAL EXPERIENCE

Confidential, Santa Clara- CA

Sr. Network engineer

Responsibilities:

• Configuring Static, IGRP, EIGRP, OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Configured VLAN’s, Private VLAN’s.
• Configured Site to Site IPsec, VPN tunnels to peer wif different clients and each of the client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured Easy VPN server and SSL VPN, to facilitate various employee’s access internal servers and resources wif access restrictions.
• Responsible for entire company network infrastructure dat includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Configuration of inside ACL, outside ACL, NAT and PAT policies.
• Configuration and troubleshooting of EIGRP, OSPF, BGP.
• Designing the OSPF areas for reliable Access Distribution and for Core IP Routing.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, and Cisco 3800 series routers
• Project on the design and implementation of industry standard network protocols and used to implement the VOIP
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN
• Troubleshooting wif wireshark identifying Session Initiation Protocol Errors and identify separate TCP conversation wif TCP stream index
• Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
• Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port based autantication.
• Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• Negotiated VPN tunnels using IPSEC encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Worked on F5 BIG-IP LTM 3900, configured profiles and ensured high availability
• Implemented various OSPF scenarios on networks consisting of 7600 routers
• Configured policy based routing for BGP for complex network systems
• Configured Multiprotocol Label Switching (MPLS) VPN wif Routing Information Protocol (RIP) on the customer’s site
• Tuned BGP internal and external peers wif manipulation of attributes such as metric, origin and local preference.
• Deploy and configure the networking components per the detailed design.
• Support the project manager in defining the work and the associated effort, duration, and resource needs to deliver the solution.
• Communicate status to the project manager to provide completion status of assigned tasks, estimate to complete for remaining effort, and associated issues/risks.
• Based on defined technical requirements and architecture blueprints work wif a cross-functional team to develop the network detailed design and associated network specifications as part of an overall solution design.
• Document test cases, perform operational readiness testing to ensure the networking environment performs as required and document actual results.
• Documented all the work done by using Excel & MS word.
• Create proper noledge transfer documentation and run books of environment (based on project requirements and design/build criteria) and conduct noledge and ownership of environment to client Operations team.

Environment: RIP, OSPF, BGP, EIGRP, VLAN, MPLS, F5 Load Balancer 6400, STP, RPVST, LAN, WAN and HSRP, Juniper SRX, Juniper EX, LAN, WAN, VPN, DNS, DHCP, FTP, HTTP, CISCO ASA

Confidential - NYC - NY

Sr. Network engineer

Responsibilities:

• Participated in all technical aspects of LAN, WAN, VPN and security internetworking projects including, short and long term planning, implementation, project management and operations support as required.
• TEMPHas expertise in LAN/WAN technologies (fast Ethernet, Layer2 & 3 switched/routed LAN, and Frame Relay). Implemented NAT solution's on WAN applications.
• Involved in the improving the Wide area network performance by delivering optimization (WAN optimization) using the Riverbed technology.
• Assisted wif troubleshooting all network issues wif routers and switches when necessary and consulted wif on call tech as needed for client.
• Installed and maintained Cisco and Load Balancer and documentation.
• Managed network device configurations, logical names and addresses, network design and implementation.
• Routing Protocols, Networking Layer1, 2, 3 Switching concepts, LAN/WAN technologies, Wireless Networking, TCP/IP concepts.
• Team member of Configuration ofCisco7206 router wif VPN and Configuration of Catalyst switches.
• Configuration 7609, 7606 wif OSPF and catalyst 6505, 4500, 3550 switches wif various VLAN.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers and Juniper M series Edge Routers
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs. Cisco CLI, Ciscoworks, Network Security, Network Analysis Tools
• Modified router configurations wif additional VLANs, port assignment
• Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS static routing and policy base routing.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Utilized Project Management training and experience as the lead in the final phase testing of the entire voice over IP solutions we designed and implemented.
• Provided Technical Support and solutions forNetwork Problems.
• Dedicatedly Improved OSPF convergence by controlling SPF algorithm.
• Configuration and troubleshooting link state protocols like OSPF in single area and multiple areas
• Worked on Cloud Technologies like Microsoft Azure, Openstack
• Highly skilled in TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Extensively worked on Checkpoint Support for resolving escalated issues
• Experienced in virtualization technologies like VMware, OpenFlow
• Designed a solution for IDS/IPS (Intrusion Detection System/Intrusion Prevention System) on ARADA wireless stack. It covers the detection and prevention mechanisms for DoS attacks in 802.11 networks, rogue AP and EAP level attacks.
• Extensively worked on Nexus 5k and 7k, troubleshooting and configuration.
• Configured and managed Cisco IDS/IPS, Cisco secure Intrusion Prevention System (IPS/IDS)
• Expertise in developing Complex Automated Script Framework, utility functions manually for HTTP(S) Protocol as per CMMI level 5 standards using Network Sniffers like HTTT Watch, and Firebug.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network
• Hands-on experience in the network management of circuits using TDM and Frame Relay network, performing configuration and provisioning management, fault management and performance monitoring.
• Planned, tested and evaluated various equipments, IOSs and procedures for use wifin the Network/ security infrastructure, upgraded IOS, troubleshootnetworkoutages.
• Participated in all technical aspects of Internet security Service projects including, short and long term planning, implementation, project management and operations support as required.
• Validate existing infrastructure and recommend new network designs.
• Estimated Project costs and created documentation for project funding approvals.
• Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.
• Planned resources and presented project status to higher management.

Environment: CiscoASA5510,Checkpoint,OSPF,BGP,VLAN,HSRP,LAN,WAN,IPV4,CheckpointNexus 7K/5K/2K

Confidential, Princeton - NJ

Sr. Network engineer

Responsibilities:

• Highly involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre configuration of network equipment, testing, and maintenance) in both Campus and Branch networks
• Tested routers and done Performance Analysis of both LAN/WAN infrastructure.
• Configuring layer-2 technologies like STP, VTP wif suitable parameters as per the network environment.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switches.
• Worked on different networking concepts and routing protocols like RIP,BGP, EIGRP, OSPF and other LAN/WAN technologies.
• Configured VLAN’s, Private VLAN’s.
• Creating VLANS and enabling inter-VLAN routing.
• Configuring routing protocols like EIGRP, OSPF & BGP and troubleshooting layer3 issues.
• Responsible for designing and implementation of customer’s network and Security infrastructure.
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Configuring Static, IGRP, EIGRP, OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Experience wif configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing wif the firewalls as per the design.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Configuration and troubleshooting of Firewalls like ASA 5520, ASA 5510, and Juniper firewalls SSG 140 & 550M etc.
• Worked extensively in Configuring, Monitoring and Troubleshooting Check point security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing wif the firewalls per design
• Involved in iRule management like loading rules, writing iRule syntax using TCL language
• Identify, design and implement flexible, responsive, and secure technology services
• Experience wif Firewall Administration, Rule Analysis, Rule Modification
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Responsible for Cisco ASA firewall administration across our global networks
• Support customer wif the configuration and maintenance of PIX and ASA firewall systems
• Configured Site to Site IPsec VPN tunnels to peer wif different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured ASA 5540 to ensure high-end security on the network wif ACLs and Firewall. Assigned a security level (0-100) on Cisco ASA and the number vary wif the trust issues. For trusted it is 100 and less trusted it is 0. Worked wif firewall SRX550 services gateway security for routing, switching and WAN connectivity.
• Used IPSec VPN tunneling to provide access to user machines and partners in other network. Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Experience wif convert Checkpoint VPN rules over to the Cisco ASA solution. Migration wif Cisco ASA VPN experience

Environment: Cisco 2900/3550/4500/6809 switches, Cisco 1600/2600/2800/3600/7300 routers,Cisco ASA5510, Checkpoint, Cisco ASA, PIX, LAN, WAN, RIP, OSPF, EIGRP, BGP, Nexus 2K/5K/7K,VLAN, F5 BigIP GTM/LTM.Juniper SSG 140

Confidential

Sr. Network engineer

Responsibilities:

• Configured STP for loop prevention and VTP for Inter-VLAN Routing
• Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 and 4500series Cisco Catalyst switches
• Configured RIP and EIGRP on 2600, 2900 and 3600series Cisco routers
• Performed troubleshooting of connectivity problems using PING, and Trace route
• Planned and implemented Subnetting, VLSM to conserve IP addresses
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment
• Provided on-call support for installation and troubleshooting of the configuration issues
• Configured Standard, Extended, and Named Access Lists to allow users all over the company to access different applications and blocking others
• Provided Technical support for improvement, upgradation, and expansion of the existing network architecture

Confidential

Jr. Network engineer

Responsibilities:

• Worked on network-based IT systems such as racking, stacking, and cabling
• IOS upgrading of 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series Cisco routers using TFTP
• Involved in switching related tasks implementing VLANs
• Performed network troubleshooting, technical support, and recording of backup operations.
• Prepared the technical specifications in operation manuals
• Served as a main escalation point of contact for level me team
• Coordinated wif higher-level support and external vendors for resolution
• Maintained all servers & network equipment wif current stable firmware, IOS images & access control lists
• Implemented strategies for operating systems, virus protection, mail systems and Internet services
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Resolved all computer related problems, monitored and maintained system functionality and reliability by identifying ways to prevent system failures