SUMMARY:

• In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs
• Design ACI fabric to ensure each tenant is secured and has separation from other tenants.
• Use L3/L2 outs via common tenant to reduce TCAM and RAM utilizations
• Create L2/L3 transitions and map traffic flows for EPGs and BDs.
• Design and integrat Unified Computing System (UCS) to ACI fabric for cloud based organizations
• Create EAP to define vSwitch policy for ESXi host uplink teaming and associated the AEP to dynamic vlan pool
• Create interfaces policies group to define vPC, vSwitch and physical
• Enabling vPC end to end communication on ucs and ACI/API

TECHNICAL SKILLS:

• Layer 2 switching and both static and dynamic Layer 3 routing
• Design, build out, configure, and migrate infrastructure in multi - vendor inter-cloud data center environment
• Experience with integrating heterogeneous networking, services and security environments
• Ability to communicate with Compute, Virtualization, security, wireless, Storage Architects / Engineers, and stakeholders
• Designing Cisco data center unified fabric via Nexus 9000/7700/5500/2200 benefiting from FCoE, VDC, VRF, vPC, OTV,SDN, ACI, spine/leaf and fabric path technologies

Nexus: 1000v, 2000, 3000, 4000, 5000, 5500, 5600, 6000, 7000, 77000 and 9000

Routers: Cisco 2600, 2800, ISR 1800, 2800, 3800, 7600, ASR 1000, 9000

Switches: Catalyst 6500, 6800, 4507, 3560, 3750, 3850

MDS: 9200s, 9100s

Unified Computing: Cisco UCS B-5108, UCS Fabric Interconnects 6200s & 6300s

Load balancer: Cisco ACE 30, 4710, F5 big ip LTM 3600/4000

Security/Firewalls: Cisco ASA5500

Cloud: AWS solution architect Associate

Compliance: SOX, SOC II, HIPAA, PCI

SDN: ACI, APIC

Clos Fabric: VXLAN, VTEP, EVPN, Unicast, Multicast, MP-BGP, VNI, VNE, Spine, leaf

Wireless: Cisco AP Aironet 600, 1130, wireless controller WLC 5500

Protocols/Architecture: VDC, VPC/VSS, BGP, OSPF, EIGRP, DMVPN, IPSEC, Multicast, IPv6, EVPN, TCP/IP, STP, HSRP, VRF, OTV, NPIV, FCoE, FabricPath

ITIL: Change Management, Incident Management, asset Management, CMDB, Remedy, service now

WORK EXPERIENCE:

Confidential, Annapolis, MD

Network Architect/ Sr. Engineer

Responsibilities:

• In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs
• Design ACI fabric to ensure each tenant is secured and has separation from other tenants.
• Use L3/L2 outs via common tenant to reduce TCAM and RAM utilizations
• Create L2/L3 transitions and map traffic flows for EPGs and BDs.
• Design and integrat Unified Computing System (UCS) to ACI fabric for cloud based organizations
• Create EAP to define vSwitch policy for ESXi host uplink teaming and associated the AEP to dynamic vlan pool
• Create interfaces policies group to define vPC, vSwitch and physical
• Enabling vPC end to end communication on ucs and ACI/APIC
• Design VM domain, bare metal and create vswitch policy profile for both fabric interconnects
• Provide network troubleshooting assistance regarding VPCs and routing fabric connectivity
• Provide APIC troubleshooting assistance regarding Health Scores, Contracts and filters, Tenants, profiles, and EPGs
• Engineer features to enhance current build out via Clos and Classic architecture and in corporate VxLAN EVPN w/ MP-BGP
• Conduct network assessment to identify issues and close any gap between current architecture and best practice network
• Working with stake holders to define features and recommend best practice
• Involve in planning and execution of migration projects and work along with other teams towards the required solution
• Handle independent projects which include design, implementation, testing and documentation
• Manage ingress service requests apart from regular incidents, problem, change activities, which are strictly in-line with ITIL standards and Business Continuity/ Disaster Recovery policies
• Conduct code upgrades on Nexus 9372(super spine/border leaf) & 9508 local spine from version 7.0(3)I1(2) to version Nxos-7.0(3)I2(2b)
• Migrate cisco ace 30 modules to f5 LTM load balancer
• Deploy, implement, configure, troubleshoot and resolves issues on manage devices during the built out under change control
• PCI Compliance

Network Architect/ Sr. Engineer

Responsibilities:

• Designed New IP addressing plan, a VLAN plan, turning up routing protocols, turning up DMVPN for wan redundancy. Upgrading the network core to Nexus using vdc, vPC and HSRP to maximize performance of the server
• Deployed UCS chassis to build a scalable and resilient infrastructure
• Implemented OTV, forming A/A DCI and Fabric Path to enable blocking paths to better utilize the full bandwidth
• Configured SAN port channels and Fibre Channel over Ethernet (FCoE) to provision access to storage network
• Reactivated licenses, upgraded code on F5 BIG-IP (3600, 6400 & 6900 Series) LTM devices from 10.2.x to 10.2.4 HF9 without a loss of connectivity via HA Failover.
• Identified & resolved a DCBX communication issue during a 1 Gb to 10 GE network card migration for AIX during a within IBM P795 frame hardware via Wireshark support & disabling lldp at the Nexus 5K interface & adding flow control receive on at the vPC.
• Firewall administration rule modifications and rule analysis on Cisco ASA 55xx, SSL VPN appliances.
• Implemented two-factor authentication for user-VPN solution utilizing RSA Tokens.
• Configured and implemented ASA firewall rules using NAT on a Cisco 5555-X
• Configured and distributed Cisco AnyConnect client 3.1 for multiple users to VPN into the remote environment for the purpose of management.
• Migrated cisco ace 30, 4710 to f5 LTM load balancer
• End to End project delivery from gathering requirements, through design and deployment, to operations handover and post project support

Sr. Network Engineer

Responsibilities:

• Conducted network assessment to identified issues and close any gap between the current architecture and the best practice
• Participated in an IP Telephony migration to our Data center by authoring the L3 SVI & L2 vPC
• Participated in extending several vlans between interstate data centers via OTV & validating OTV Edge Server
• Installed redundant ISPs into the network architecture to support failover.
• Initiated, coordinated & participated in the implementation of redundant OOBM access
• Migrated the formerly physical interface gateway to a shared VIP via HSRP between two ISP carriers Cisco 7609 routers
• Configured the next hop switch to the OOBM ISP L3 access to STP root primary
• Implemented Root Guard southward per interface to prevent inadvertent bpdu elections.
• Reallocated a vpc connected pair of 5548 between zones to provide cost savings and provide 64 additional 10 GB ports.

LAN/WAN Engineer

Responsibilities:

• Architected & migrated a HQ site to a new /23 network, retired/replaced legacy switches & routers with brand new nexus hardware & optimized the L2 design on a hot site cutover.
• Worked in a large data center configured and managed vrf, vlans, vdc,port channels & vpc's on Nexus 7000, 5000 & 2k fex
• Updated both the nx-os kickstart & system code from version 4.2(x) to 5.1(x) & applied the 5.1(x) EPLD upgrade
• Configured and troubleshoot BGP between remote edge and data center routers for WAN connectivity
• Configured EIGRP for internal enterprise connectivity and OSPF for vendor extranet connectivity.
• Configured ASA firewalls to allow access for internal, external, and business partners connections
• Configured Cisco WCS and APs to provision wireless access for internal and guest users
• Swapped out multiple failing N7K-M132XP-12 cards due to failed ASICs
• Configured ACE 30 load balancer for traffic and server health check

Network Engineer

Responsibilities:

• Performed daily request modifying access layer switches granting access to the network
• Provided technical guidance and handover documentation to the Operations team
• Configured EIGRP for internal enterprise connectivity and OSPF for vendor extranet connectivity.
• Administrated Local VLANs based on department function, and configure ports with static VLAN assignment, static 802.1Q trunks, and dynamic ISL trucking using lacp for layer 2 forwarding. Utilize VLAN Spanning-Tree in conjunction with PVST+ for compatibility with Cisco switches