SUMMARY:

• Network engineer over 8 years of experience in Routing, Switching and Firewall Security including network planning, implementing, configuring and troubleshooting network devices.
• Hands on experience in configuring Cisco Catalyst 2 960, 3750, 4500, 6500 series, and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Cisco Nexus 7000 series, 5000 series, 2000 series data center switches, Juniper EX/ MX/ SRX series.
• Implemented and configured Palo Alto Networks Firewall models, Cisco PIX (506E/515E/525), ASA Firewall (5505/5510), Juniper SSG series Firewalls, Checkpoint R75, 76 Firewalls, Security Device Manager (SDM) and centralized management system to manage large scale firewall deployments.
• Experienced working on network monitoring and analysis tools like SOLAR WINDS, CISCO works, RIVER BED and Wireshark.
• Extensive knowledge and experience in configuring protocols like TCP/IP, Routing Protocols (RIP v1/v2, OSPF, BGP, IGRP and EIGRP).
• Troubleshooting of complex network systems including high - end routers: CISCO GSR, ASR1K, ASR9K, 2600, 2800, 3600, 7200, 12000 Series Routers, and Catalyst 4500, 6500, and 7600 switches
• Proficient in Configuring Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• Experience with F5 load balancers for load balancing and network traffic management for business applications.
• Experience with Cisco ASA/Checkpoint/Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
• Good working experience with Aruba controller configuration.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
• Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
• Exposed to handling and troubleshooting issues on NAT.
• Strong Knowledge in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay.
• Working knowledge on configuring access lists. Troubleshooting DNS/DHCP issues within the LAN network.
• Expertise in IP subnetting and worked on various designing and allocating various classes of IP address to the domain.
• Worked extensively in Configuring, Monitoring and Troubleshooting F5 BIG-IP load balancer, Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design
• Experience on Cisco ASA 5500 and ASA 5550, Palo Alto PA-500, PA-3060, PA-5060 series firewalls
• Responsible for Check Point and Cisco ASA firewall administration across global networks
• Strong knowledge of access control server configuration for RADIUS & TACAS+.
• Good knowledge on Bluecoat proxy server SG
• Knowledge of advanced technologies like VOIP, H.323, SIP, QOS, Multicasting, MPLS and MPLS-VPN
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Configured and deployed QOS and defined class of service (COS) WRED and WFQ for bandwidth management.
• Experience on-site analysis, identification and resolution support of IBM System-X server.
• Provided troubleshooting and diagnostic support at L2/L3 level using different technologies and tools such as spunk 6 (Log tool), server monitoring and BMC Remedy ticketing tool.

TECHNICAL SKILLS:

Cisco Routers: Cisco1800, 2500, 2600, 2800, 3600, 3750, 3800, 7200, ASR 1K and 9K.

Cisco Switches: 6500, 7600, 5800, 2900, 4000, 3500, 4500, 5000, Nexus 2K, 3K, 5K and 7K, MSFC, MSFC2.

Cisco Nexus: 5020, 5548, 5596T, 2148, 2248TP, 2348UPQ, 7010, 7702

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192.

Network Security: Cisco ASA, ACL, IPSEC.

OS products/Services: DNS, DHCP, Windows (2000/2003/2008, XP), UNIX, LINUX.

Routing Protocols: OSPF, EIGRP, BGP, ISIS, VRF, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Gateway Load Balancing: HSRP, VRRP, GLBP, EBGP

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wireshark, Netflow Analyzer, Cisco Works, Ethereal, SNMP, HP open view.

Security Server Protocols: TACACS+, RADIUS.

Facilities: DS0, DS1, DS3, OCX, T1/T3

Load Balancers: Cisco CSM, F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Cisco ACE 4710.

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7/8), Linux, UNIX, WINTEL

Firewall & Security: Checkpoint (R62, R65, R70, NGX), Cisco ASA, Palo Alto, Juniper SRX, FortiGate 5000-series.

PROFESSIONAL EXPERIENCE:

Confidential, Richmond, VA

Sr. Network Security engineer

Responsibilities:

• Extensive work experiences on Cisco Switches , Cisco Routers , Load Balancers and Cisco Firewalls .
• Managing and Troubleshooting Cisco ASR 9K, 7600 Routers and Cisco 4510, 4500-X, 4948, 3560 X, 3750X and 2960S Switches for deployment on network. Support network access issues with other enterprise support groups.
• Managing data center and network by using solar winds NPM, NTA, NCM and F5 load balancer, Citrix load balancer also working on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices
• Performing system upgrades on 3K (3650, 3750 and 3850), 4K (4800, 4948) series Catalyst, 7600 and ASR9K (9010, 9922) series routers.
• Experience in deployment of Layer-2 technologies like VLANS , VTP , STP, RSTP , Inter- VLAN routing , VLAN Trunking , Ether Channels , VLAN access-maps and port security.
• Configuration, Troubleshooting, and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Worked on Migration of Juniper SRX firewalls for isolation of network segments and VPN's, ARS(9k,901,903)
• Experience with working on latest cisco switches like Nexus 2000, 5000 and 7000 series switches while implementing advanced features like VDC , and VPC .
• Deployed BIG-IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
• Configured EBGP load balancing and Ensured stability of BGP peering interfaces
• Design and Implement Remote access VPN server using Checkpoint NGX R60 and NG R 55 & Cisco ASA
• Worked on F5 BIG IP LTM 3600 load balancers to configure Nodes, Pools and VIP’s on a need basis
• Troubleshooting, optimizing and documenting LAN/WAN technologies and T1/T3 WAN technologies.
• Deployed Cisco ASA and Bluecoat ProxySG (Web Security Appliance S200/S400/S500) for URL Filtering Policies.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Configured Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Successfully installed Palo Alto Next-Generation PA-500, PA-3060, and PA-5060 firewalls to protect Data Center with the use of IPS feature.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Working on to set up OSPF dynamic routing on ASA by using and following their current network structure.
• Working on as security devices ASA, juniper, Palo Alto firewalls, routers, switches
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Redistributed required routes from OSPF into BGP. OSPF cloud is present in the US and is connected to all our customers over Sprint’s Frame Relay backbone.
• Used SAN (Storage Area Network) to Increase storage utilization and improve data protection and security also to enhance application performance.
• Installed and configured ESXi to deploy virtual machines and perform administrative tasks to manage hosts.
• Upgraded Virus definition on messaging and enterprise servers MacAfee.
• Working on firewall technologies like ASA 5580 and various Checkpoint Appliances .
• Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.
• Serve as part of a team of network engineers responsible for base wide network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches.
• Design, implement and administer IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers.
• Worked on Juniper MX 480, MX960
• Worked on migrating the LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations
• Utilized Check Point smart-dash board for Firewall and troubleshooting.
• Monitoring performance of network appliances and WAN utilizing using network analyzer like Wireshark.
• Design Aruba WLAN for remote airfield access utilizing solar-powered access points
• Efficient in configuring and implementing load balancers like Cisco ACE , and A10.
• Configured VPN routers for remote sites access with correct security policies.
• Hands-on experience in deploying GRE tunnels , Remote Access VPN and Site-to-Site VPN .
• Creating IP-prefix-list , route-map , distribution list for performing route manipulations.
• Created users, manage user permissions, maintain User & File system quota on Linux servers.
• Maintain documentation of various changes made on devices and submits them for approvals and works along with alerts team and intimates them the changes to be made.

Confidential, Jackson, MI

Sr. Network Engineer

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Installing, Maintaining and Troubleshooting Cisco ASR 9K, 7600 Routers and Cisco 4510, 4500-X, 4948, 3560 X, 3750X and 2960S Switches for deployment on production network
• Deployed on Nexus 7000, 5000 and 2000 series with V-Block servers and Cisco UCS E-series.
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience in configuring, upgrading and verifying the NX-OS.
• Configured Checkpoint firewalls with cluster gateways including pushing policies and processing user requests to allow access through the firewall using Smart Dashboard and identify unused rules and schedule change to mark it for permanent deletion at later point of time.
• Installed and configured ASA 5500 Firewall.
• Building site-site VPN connections for third party connectivity using ASA Firewalls
• Successfully installed Palo Alto PA-3060 firewall then configured and troubleshot using CLI and worked with Panorama management tool to manage all Palo Alto firewall and network from central location.
• Implementation and deploying BIG-IP F5 LTM load balancers for load balancing and network traffic management for business applications.
• Creating MOP’s to perform system upgrades on 3K (3650, 3750 and 3850), 4K (4800, 4948) series Catalyst, 7600 and ASR9K (9010, 9922) series routers.
• Scheduling maintenance windows for applying various network related configurations, patches, service packs (ASR 9K) and implementing best practices
• Expansion and implementation of current data center for different phases of migration.
• Perform extensive testing around the upgrade, migration and configuration functionality of our software.
• Configured Easy VPN server and SSL VPN to facilitate various employee’s access internal servers and resources with access restrictions.
• Used troubleshooting applications and tools such as Checkpoint Smart View Tracker, Smart View monitor, Wireshark, Tcpdump, Trace route, Solarwinds, NetScout and command line utilities to identify, report and provide resolution to all kinds of firewall and VPN related connectivity issues
• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Installed new Aruba wireless Network infrastructure utilizing Aruba 3400 and 3200 controllers.
• Migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Proficient in handling Network traffic generators like IXIA and Spirant and Network protocol analyzers like Wireshark.
• Transitioned Load Balancing efforts for Citrix products from F5, to NetScaler.
• Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM
• Configuring and implementation of Juniper Firewall, SSG Series, NetScreen Series ISG 1000, SRX Series.
• Implementation of Site-to-Site VPNs and DMVPN over the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Managing and troubleshooting of Juniper M320 routers including installation, upgrade, configuration and network management.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Creation of firewall rules on Checkpoint Smart Dashboard and install policies.
• Management of corporate Checkpoint Firewall implementing security protocols and alleviating network attacks
• Deployed Palo Alto Firewalls for web filtering and application control.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Worked on FortiGate 5000-series security appliance to maintain SSL Inspection, Application control, Firewall and VPN management.
• Extensive use of NSM (Network and Security Manager), FortiOS 5 and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of the implementation plan.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• I have installed Switches, 3850 series and 4500X, wireless APs (3802)
• Worked on Cisco Prime and Wireless controller to manage all WAPs
• Monitoring and configuring device inventory using Cisco prime.
• Scheduling tasks on number of devices and adding deleting of nodes with cisco prime.

Confidential, Atlanta, GA

Network Engineer

Responsibilities:

• Troubleshooting the TCP/IP networks for connectivity, outages and slow network issues and recommended appropriate and cost-effective solutions for the congestion.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K, 2k and its downstream devices
• Network consists of Heavy Cisco equipment such as: Cisco 3560, 2950, 2924 switches, Cisco 6509, 6513, 5500 series Layer 3 switches, Cisco 3825, 3640, 7200 series routers, Cisco Pix firewall 500 series and Wireless Access points Cisco 1230.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Responsible for deploying various network security & High Availability in Checkpoint Firewall.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGP V4.
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Build Logical design and Implementation of Wireless Solution.
• Experience with configuring VMware and managing and maintenance of VMs (virtual server).
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Checkpoint and Cisco ASA VPN experience.
• Migration of 7200 to ASR1004/1006 for cisco client
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability
• Configured IPv4 and IPv6 PIM Sparse Mode, Source Specific Mode and Bidirectional to test Multicast in a VSS environment using IXIA as the Traffic generator.
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance
• Configured the Cisco ASR to use the VRF routing functions to completely split the traffic through the network
• Responsible for Cisco ASA firewall administration across our global networks
• Experience with migration of Checkpoint R54 to SPLAT.
• Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configured Nexus 5020, 5548 7010 and 7702 with multiple distribution VDC’s running EIGRP for route propagation between them.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) hitch acts as a remote line card (module) for the Nexus 5000.
• Continual network monitoring of data center support, troubleshoot and diagnose hardware problems.
• Configured various Router interfaces like ATM interface, T3 & Channelized T1 interfaces.
• Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416, 21418(with PRP and RPR processors).
• Configuring and implementing F5 BIG-IP LTM, GTM load balancers to maintain global and local traffic.

Confidential, Charlotte, NC

Network Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies. Cisco CLI, Cisco works, Network Security, Network Analysis Tools.
• Experience with Checkpoint Firewall policy provisioning.
• Develop, design and implement firewall infrastructure surrounding Checkpoint and Cisco Firewalls and a good experience with security tools and protocols like NERC/CIP and SOX.
• Troubleshoot traffic passing managed firewalls via logs and packet captures.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Tracking of Chix services and maintaining Autoport server.
• Monitoring server image files and responsible for server data backup for disaster recovery.
• Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Estimated Project costs and created documentation for project funding approvals.
• Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.
• Planned resources and presented project status to higher management.
• Deployed 7613 as PE and CE routers and configured the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Created and delivered internal trainings for BGP.
• Configured egress and ingress queues for ISP facing routers using CBWFQ.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Ability to analyze, configure and troubleshoot networks.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support using BMC Remedy online ticketing tool.
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.

Confidential

Network Engineer

Responsibilities:

• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Connected switches using trunk links and Ether Channel.
• Installation and maintenance of IBM servers, Microsoft windows Server and RAID configuration for data redundancy.
• Supported business applications like Juniper Network’s Junos Pulse client, IBM lotus notes, Sccm, Microsoft exchange, share point, Lync, SafeNet client and SAP Application using the BMC remedy online ticketing tool.
• Responsible for maintenance and utilization of VLANs, Spanning-tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches.
• Implemented redundant Load balancing technique with Internet applications for switches and routers.
• Support Network Technicians as they require training & support for problem resolution including performing diagnostics, & configuring network devices
• Used Network Monitoring tool to manage, monitor and troubleshoot the network.
• Provided support to end users relating to hardware and software, computer/server applications, LAN components and peripherals.
• Carried out on-site analysis, identification, and resolution of server errors for end users.
• Onsite support for IBM System-X server to troubleshoot hardware or software related issues.
• Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.
• Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.
• Worked with monitoring team to create alert for SQL servers using various threshold for memory usage, I/O usage, disk capacity, long running queries, jobs failure which include backups, maintenance and jobs for periodical data movement on database.
• Worked on Microsoft active directory to manage network resources, provide roles and access to user.
• Provided troubleshooting and diagnostic support at L2/L3 level using different technologies and tools such as spunk 6 (Log tool), server monitoring and BMC Remedy.
• Actively involved in incident tickets, problems and service outage management process.
• Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.
• Experience in new employee mentoring, training and coaching.