SUMMARY

• 8 years of professional experience in Network Designing, Deployment, Administration, Configuring, Troubleshooting and Testing of networking system
• 4 years of Hands on experience in installation and configuration of Confidential ACS and Confidential ISE 1.x.
• Three (3) years Hands on Experience in Installation and configuration of VMware ESXi 4.2/5.1 Environments, VMware VSphere, VMware Workstation 8, VMware view, Virtual Desktop Interface.
• Expertise in troubleshooting Network Connectivity issues in Local Area Networks (LAN) using Packet Capturing Methods (Wireshark).
• Expert level Knowledge on working with Wireless LAN Controller’s, Confidential NCS, Confidential AP’s, LWAPS, Standalone AP’s and Mesh AP’s.
• Experienced in wireless/RF communications with knowledge and experience in technology integration of Wireless Broadband/Convergence (IEEE 802.11, WiMAX, BYOD, etc.)
• Two (2) years Hands on Experience in Installation and Configuration of Confidential ACS 4.2 and Confidential 5.0/5.1/5.1 ACS.
• Implementing filters on Confidential routers and Catalyst Switches using Standard and Extended Access Control - List.
• Expertise in Confidential ACS, Juniper Steel Belt, Radiator and Confidential ISE Authentication, Authorization and Accounting Protocols. Expert Hands On Experience in Confidential ACS & Confidential ISE for 802.1x, AAA Configurations.
• Working experience in cloud access and control usingBlue Coat hybrid.
• Experience with designing, deploying and troubleshooting LAN, WAN, Ether Channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP
• Experience in layer-3 Routing and layer-2 Switching. Confidential router models like 3800, 3600, 2800, 2600, 2500, 1800 series and Confidential catalyst 6500, 4500, 3750, 3500, 2900 series switches
• Strong hands on experience on ASA (5540/5550) & Checkpoint Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, NIPS/IDS, AAA(TACACS+ & RADIUS)
• RSA SecurID Two-Factor authentication using RSA SecurID Authentication Manager 8.x
• Designed & Deployed Confidential ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA SecurID, Proxy Radius Services to Confidential ACS, Juniper Steel Belted Radius and Radiator Radius.
• Expert level understanding of BIG IP F5 Load Balancers.
• Expertise in installing and maintaining VPN,LoadBalancer,Firewall.
• Configured RSA SecurID authentication manager 8.x for Two Factor Authentication, On-Demand & Risk Based Authentications.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools
• Working knowledge with monitoring tools like Solar Winds &network packet capture tools like Wire-shark.
• Experience on working with Dynamic Multi Point (DMVPN).
• Provided 24x7x365 availability and on-call support as required by the projects
• Excellent working knowledge of TCP/IP protocol suite and OSI layers
• Excellent Knowledge on TCP/IP, SNMP, FIBRE, Ethernet, Gigabit/10-Gigabit, RADIUS/AAA.
• Good Knowledge on VoIP, VLAN, STP, 802.1Q, QoS, VoIP, VLAN, STP, 802.1Q/P, IPSEC, L2TP, L2CP, LACP.
• Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments
• RSA SecurID Two-Factor authentication using RSA SecurID Authentication Manager 8.x.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Well experienced in troubleshooting and optimizing performance in Confidential based routers and switches. Have worked in NOC environment for more than 5 years.
• Excellent problem solving and debugging skills with good verbal/written communication and presentation skills.

TECHNICAL SKILLS

Routers: Confidential 7600, 7200, 3800, 3600, 2900, 2800, 2600, ASR 9K, ASR 12K, CRS

Routing Protocol: OSPF, EIGRP, BGP, RIP v1/v2, MPLS PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Switches: Nexus 2K/5K/7K, Confidential Catalyst 6500, 4500, 3850,3560, 3750, 2960

Switching Protocols: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging

Multicast Protocols: IGMP, IGMP version 2 and 3, CGMP, PIM-Sparse and Dense Mode.

LAN technologies: Ethernet, Fast & Gigabit Ethernet, VLANS, VTP, STP, RSTP, 802.1W, Confidential Prime

WAN technologies: Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN and ATM

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400

Network security: Confidential ASA 5540, ACL, IPSEC, F5 Load Balancer, Checkpoint, IPsec, VPN, GRE VPN

Network Management: Solar Winds, Proteus, Xilinx 9.21, HP Open-view, Wireshark, Spirent, SNMP

Operating systems: Windows XP/ 7/ 8, Windows Server 2003/ 2008, Mac OS X and Linux

Language skills: C, C++, Python, Bash, XML, SQL

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP

Applications: MS (Office, Word, Outlook, Excel, PowerPoint, Visio), VMware, Adobe Photoshop and Illustrator

PROFESSIONAL EXPERIENCE

Confidential - Minneapolis, MN

Sr.Network Engineer

Responsibilities:

• Working as Network Access Controls (NAC) Administrator in planning and designing our Clients global network for Network Access Solution.
• Worked with WIPS/NIPS based infrastructure.
• Configured and performed software upgrades on Confidential Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Confidential ISE.
• Lead Engineer for multiple deployments ranging from small office environments to large scale Warehouses, multi-location enterprise deployments, and overall 802.11 theory expert. I oversaw projects that I lead from the design phase to the final implementation phase.
• Worked on larger projects, I was in charge of junior level personnel, overseeing new cabling and wireless access point placement. Well versed in multiple Confidential wireless LAN products including: Wireless Control System (WCS), Mobility Services Engine (MSE), 2700 Series Location Appliance, 5500 and 4400 Series Wireless LAN Controllers and lightweight access points, as well as legacy autonomous wireless LAN solutions.
• Expert level WLAN design work, being a subject matter expert with 802.11 concepts, and using AirMagnet for predictive design.
• Extensive Work on cloud optimization using Blue coat access control.
• Designed, Implemented and Maintenance of Forescout CounterACT NAC Solution across Wireless, SSL-VPN and Wired Networks.
• Fine-tuned NAC policies for the Wired Deployment and Posture Compliance on all Corporate Devices.
• Worked extensively on policy design and implementation for NAC solution and integrated NAC with various Network infrastructures for successful deployment of NAC solution.
• Configuration & Maintenance of Confidential ISE for Certificate based authentication for BYOD and Corporate Mobile Device Authentication using Xenmobile MDM
• Configured 6500, 3750 and 4500 for Network Access Solution integration with Confidential Identity Service Engine on ESX 4.0 VMware and physically with Confidential ISE appliances.
• Configured Confidential ISE for Domain Integration and Active Directory Integration.
• Configured Confidential ASA 5510 for VPN Network Access Control integration with Confidential ISE (Inline PEPs).
• RSA SecurID Two-Factor authentication using RSA SecurID Authentication Manager 8.xConfigured RSA SecurID authentication manager 8.x for Two Factor Authentication, On-Demand & Risk Based Authentications.
• Designed & Deployed Confidential ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory,RSA SecureID,Proxy Radius Services to Confidential ACS,Juniper Steel Belted Radius and Radiator Radius.
• Assisted Tier 4 support on support issues and also involved while configuring BIG IP F5 Load balancers.
• Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Confidential ISE and AD mapping with various attributes and levels of authorizations and Network Access.
• Worked extensively on lab build for POC comprising of Confidential Catalyst Switch 6500s, 4500s, 3750, Nexus 7000s, and Confidential ISE 3300 Appliances and 1.0.4 Confidential ISE software on VMware’s.
• Performed upgrade process for Confidential ISE software from version 1.0.4 to 1.1 ADE-OS, patch management and data backup management.
• Experience with Network Redesign for Company Campus Locations and Moving from 6500 based Data Center to Nexus based Data Center.
• Experience with design and configuring Overlay Transport Virtualization (OTV) on Confidential NX-OS devices like Nexus 7000
• Experience working with ASR 9000 series switches with IOS-XR
• Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher(RD), Route Target(RT), Label Distribution Protocol (LDP) & MP-BGP
• Experience with design and configure on Fiber channel over Ethernet on Confidential Nexus 5548 devices.
• Experience working with Dynamic Multi Point (DMVPN).
• Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
• Worked extensively in Configuring, Monitoring and Troubleshooting Confidential 's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts
• Experience with migrating from Confidential ASA 8.2 version to Confidential ASA 8.4 Version
• Experience with convert PIX rules over to the Confidential ASA solution.
• Responsible for Confidential ASA firewall administration across our global networks
• Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decomof existing Data Center, which involved working with Partner Companies.
• Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports.

Confidential, San Jose, CA

Sr.Network Engineer

Responsibilities:

• Planning, designing and configuration of various Confidential ISE deployment strategies (Standalone, Distributed Setups) and rollout to production environment.
• Expert level knowledge on configuring Aruba Mobility controller, Airwave, Aruba Clear pass, Confidential Prime Infrastructure, WCS/NCS, ISE & MSE. Worked extensively configuring Security over Wireless by Implementing Confidential ISE and Aruba Clear Pass at many client locations.
• Based on network requirements defined a detail capability requirements for access equipment, Wireless LAN Controllers, Access Points and services management platforms Like Aruba Airwave and Prime.
• Provided guidance and solutions for implementation of Confidential WIPS and Mobility services.
• Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, Applying downloadable ACLs through Confidential ISE, and Configuring Standard and Extended ACLs locally and on the upstream switch’s for Confidential NAC Solution.
• IP addressing and design schemas for a variety of IP Pools using DHCP scope or local IP pools for NAC Controls.
• Configuration of High Availability (HA) for inline Confidential ISE appliances and High Availability on ESX 4.0 VMware ISE for distributed setups with various node setups - Primary & Secondary Administration Node setups, Primary & Secondary M&T Node Setups and Primary & Secondary Policy Services Node Setups.
• Worked as ISE Network Engineer in planning and designing Confidential ISE 1.3 Deployment for Confidential Internal Wireless Connectivity (Blizzard & Hurricane).
• Worked extensively on policy design and implementation for ISE solution various Network infrastructures for successful wireless, extranet and VPN Connectivity.
• Worked and participated alongside with Design architects for NAC Solution design for Guest Network and Mobile Access Network for ForeScoutCounterAct NAC Solution.
• RSA SecurID Two-Factor authentication using RSA SecurID Authentication Manager 8.x
• Configured RSA SecurID authentication manager 8.x for Two Factor Authentication, On-Demand & Risk Based Authentications.
• Experience with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP.
• Configured Confidential ASA 5510 for VPN Network Access Control integration with Confidential ISE (Inline PEPs).
• RSA SecurID Two-Factor authentication using RSA SecurID Authentication Manager 8.x
• Configured RSA SecurID authentication manager 8.x for Two Factor Authentication, On-Demand & Risk Based Authentications.
• Experience with design and configuring Overlay Transport Virtualization (OTV) on Confidential NX-OS devices like Nexus 7000
• Experience working with ASR 9000 series switches with IOS-XR
• Experience converting Cat OS to Confidential IOS on the Confidential 6500 switches
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
• Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backuppathsfor the packet prioritization and EIGRP tuning
• Experience on a mesh 6500 and 5500 series routes and switches to support the core trading system. Involved Indesigning data communications and networks utilizing that utilize a mixture of frame relay, point to pointT1, T3 & OC3lines
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Experience working with High performance data center switch like nexus 7000 series
• Installed and configured the Confidential routers 2800 in two different customer locations. It includes coordinating with Verizon and AT&T in order to bring the serial interface up for T3 link. Also, configuration includes frame relay, BGP and VPN tunnel on GRE
• VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and support
• Configured IPSec site-to-site VPN connection between Confidential VPN 3000 Concentrator and Confidential 3800

Confidential

Network Engineer II

Responsibilities:

• Installation and Configuration of Confidential Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches.
• Authentication, authorization, accounting (AAA), posture, and profiler configuration and implementation using Confidential ISE 1.1/1.2/1.3.
• Configured Confidential ASA 5510 for VPN Network Access Control integration with Confidential ISE (Inline PEPs).
• Configured and performed software upgrades on Confidential Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Confidential ISE.
• Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Confidential ISE and AD mapping with various attributes and levels of authorizations and Network Access.
• Configuration of Confidential IP phones (7900s, 6961s, 9900s) for device profiling and Confidential Call Manager phone registration via Confidential ISE, Printer Profiling, Mobile device profiling etc.,
• Planning, designing and configuration of various Confidential ISE deployment strategies (Standalone, Distributed Setups) and rollout to production environment..
• Provided comprehensive guest access management for Confidential ISE administrators, sanctioned sponsor administrators using BYOD & Guest Management Portal Configuration.
• Experience with Synchronous Optical Networking (SONET) over optical fiber.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Confidential 2950, 3500, 5000, 6500 Series switches.
• Responsible for day to day management of Confidential Devices, Traffic management and monitoring.
• Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Confidential IOS
• Installation, Configuration and troubleshooting Confidential switches and Firewall on multi-mode context based environments
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Installed and configured fourPIX525 and two ASA 5505 in customer locations. In addition to that, two PIX firewall configured for the Guest access
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Confidential Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Troubleshoot and Worked with Security issues related to Confidential ASA/PIX, Checkpoint, IDS/NIPS and Juniper Netscreen firewalls.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.

Confidential

Network Engineer

Responsibilities:

• Installed and configured Confidential ASA 5500 series firewall and configured remote access IPSEC VPN on Confidential ASA 5500 series
• Setting up Test environment for EDA1200 Broadband Access
• Testing various Layer 2 protocols like DHCP, IGMP,L2CP,Multicast, VLAN, 802.1q/p, IPSEC, IPv4, PPP, LACP, LAG, STP, and RSTP.
• Have worked on various traffic analyzers from Spirent, Agilent and IXIA and have automated actions on the same.
• Performance, Load testing, Scalability Test.
• Checking Robustness and Stability of the Ericsson DSLAM - EDN 312/612/624/524 , FIBER NODE- EFN324/432 SWITCHES - ESN 310,410,212,108.
• DELL - 2850, HP - ProLiantservers installation and configuration.
• Testing solutions already being used by Major customers of EDA-1200 like SWISSCOM, TELIA, ZEITUS etc.
• Operation and Maintenance of Sybase. (Backup and Restore) and Configuring Sybase 15.
• IPv6 feasibility study.
• Trouble Reporting, Manual Testing of the System.