SUMMARY:

• A Network Enterprise Team Leader with 9 years of experience and knowledge working for a variety of diverse industries, including Banking, Financial, Retail, Pharmaceutical, Insurance, Auditing Compliance, and E - commerce .
• Cisco Certified Network engineer expertise in Designing, Implementing and troubleshooting various Network Technologies.
• Strong hands on experience on Cisco Catalyst (1900, 2900, 3550, 3750, 6500) series switches, VSS technology, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, PIX Firewall (506, 515, 525, 535)/ ASA (5505/5510), Palo Alto Firewalls, Cisco ISE (Identity Service Engine), Load Balancers using Cisco ACE, F5, Security Device Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer.
• In-depth knowledge and experience in W ForAN technologies including OC3, E3/T3, E1/T1, PPP, HDLC, MPLS and Frame Relay
• Experience in Configuring and implementing VLAN, VTP domains, LAN switching and STP/RSTP/MSTP
• Experience in Cisco QoS on multicast VPN
• Experience in Cisco: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, BGP)
• Strong knowledge on VoIP Telephony, Cisco Call Manager, Cisco Unity voicemail and Cisco Meeting Place.
• Strong experience in Cisco Gateway and Gatekeeper configurations and administration.
• Experience with Call Recording solution such as NICE call recording.
• Advanced VOIP Troubleshooting (SIP / MGCP), Trunk Installation, Configuration, Test and Turn up (SIP and ISUP)
• Proficiency in configuration of VLAN setup on various CISCO Routers and Switches.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Worked on Cisco Aironet 1410 Series Wireless Bridge , Cisco Aironet 1310 Access Point Bridge , Cisco Wireless Controllers 5508 , Cisco Meraki Appliance MX (400, 80, 60) and Meraki wireless Access points (MR66, MR18)
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MSTP.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP. Also used Active directory.
• Experience through Hand-on Experience with configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay and VoIP (Voice-Over Internet Protocol).
• Configured and managed Nexus 2k fabric extender, 5K and 7K switch network at the client’s location.
• Aggregating switch links using LACP and PAGP protocols.
• Implementation and Troubleshooting of WAN authentication protocols- PPP, CHAP and PAP.
• IP addressing and IP address scalability by configuring NAT/PAT.
• Working knowledge with monitoring tools like Solar Winds & network packet capture tools like Wire-shark and Opnet. Experience working with McAfee antivirus, Storage Area Network (SAN) and data storage system
• Working on Core Devices which is mention as Network Planner(OPNET)
• In depth understanding of using FortiGATE firewalls and fortiweb firewalls for IPS and other virtual web applications.
• Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Experience with IP address management(IPAM) such as Infoblox, Solar winds etc.
• Experience on load balancing strategies/techniques, expertise in application switching/traffic management, knowledge of persistence and SSL certificates.
• Experience in developing and maintaining security standards, procedures, and policy surrounding WAF technology (Akamai Kona), and Network firewalls (Cisco ASA, Juniper, Imperva, Fortiweb) in coordination with application, information security, and networking teams.
• Knowledge in Akamai CDN, CDN support and deploying, Cloud flare in website caching, Server load balancing and Maintenance methods.
• Experience in implementing and configuring F5 Big-IP LTM and GTM load balancers.
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Experience with Cisco WebEx for online meeting and Video conferencing. Also with the Security information and event management (SIEM).
• In depth understanding of Wireless Access Gateway (WAG), ITIL, Virtualization and also Resolution Tree.
• Have knowledge on various advanced technologies like VoIP, H.323, SIP, SS7, QOS, IPv6, Multicasting, and MPLS
• Expertise in OSI layer model as well as TCP/IP
• Experience with Cisco ACI fabric networks.
• Hands on experience with ACI (Application Centric Infrastructure) with spine and leaf architecture
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience with Blue Coat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers with Site-Site VPN, and firewalls
• Excellent in documentation and updating client’s network documentation using VISIO.
• Implementation of Juniper Firewall, SSG Series, Net Screen Series ISG 1000, SRX Series.
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, and ISG 200.
• Hands on experiences on McAfee EPO with deploying and removing agent on client’s machine, removing virus and manually updating DAT files.

TECHNICAL SKILLS:

Routing Technology: RIPV1, RIPV2, IGRP, EIGRP, IS-IS, OSPF and BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Network Devices: Cisco Routers 1700, 1800, 2500, 2600, 2800. Cisco High End Routers 3600, 3800, 7200,GSR 12010, GSR 12404. Juniper ACX series, CSE2000, CTP. Cisco Switches 1900, 2950,2950, 2960G. Cisco Campus Switches 3550XL, 4948 Core Catalyst 4503, 4507 RE, Catalyst 6500/6503/6507, Nexus 2000, 5000, 7000 series. Cisco CRS, ASR 9000, Cisco GSR 12000, Juniper EX, SRXSeries, QFX 5100-48S Series, EX 4200 VC &EX 4300VC Switches.

Antivirus & Endpoint protection: Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC SSM, FWSM, Fortigate, Cisco CSM, NetScaler, ACL-Access Control List, VPN, IPSec-VPN, IPS/IDS, NAT, PAT, Cisco ACS, AAA, WAF (Akamai) Juniper Net Screen firewall, Palo Alto Firewalls, Windows Patch Management (WSUS).

LAN Switching Technology: IEEE 802.11, Token Ring, ATM, Workgroup, Domain, HSRP, DNS, Static, VLAN, STP, VTP, PVST+, RPVST+, VXLAN, Inter VLAN routing & Multi-Layer Switch, Ether Channel, GRE, Tunneling, Trunks, Transparent Bridging.

WAN Technologies & Infrastructure: Leased Line, ISDN/Dial-Up, PPP, X.25, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, T1/E1, PPP, SolarWinds, ATM, SONET, PathView MPLS, Frame Relay, Metro Ethernet.

Load Balancer: Cisco CSM, F5 Networks (Big-IP) LTM, GTM and F5 Viprion

Gateway Redundancy: HSRP and GLBP

AAA Architecture: TACACS+, RADIUS, CISCO ACS

VoIP: HPQA/QC, Cisco Unified Communication Manager, CER e911, Unity Connections, and CUCM 7.1.

Wireless & Wi-Fi.: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), D-Link Access Point, Cisco 1200 series Access Point, and Linksys, Wireless/Wi-Fi Router. Cisco Aironet 1410 Series Wireless Bridge, Cisco Wireless Controllers 5508, Cisco Aironet 1310 Access Point Bridge, Meraki wireless Access points (MR66, MR18) and Cisco Meraki Appliance MX (400, 80, 60)

Network Management: Wireshark, SNMP, Netflow, Solar winds, Spirent, VMware, Opnet, Cisco Prime, IXIA. Cisco ACI.

DHCP and DNS: Infoblox (NetMri)

Various Features & Services: IOS and Features, IRDP, NAT, CDN, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP.

Operating Systems & Tools: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, MS Exchange server, Windows Server 2008-2012, VMware, VcloudNFV, Open Stack, Path View, OpenDayLight, Cloud Management Platform(CMP)

Programming: Unix shell scripting, Java Scripting, HTML

PROFESSIONAL EXPERIENCE:

Confidential,Wilmington, DE

Sr. Network Engineer

Responsibilities:

• Prepare equipment orders based on templates and develop detailed template-based plans including: implementation, testing and back out procedures for all network implementations, upgrades and modifications.
• Assist in creating network design standards for hardware and software.
• Developing and maintain Network Documentation such as Visio diagrams, Excel spreadsheets, Word documents, etc.
• Configure and troubleshoot network elements in a test environment.
• Experience working with market data networks and dealing with clients and deploying network designs
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the VPN networks
• Configured IPSec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
• Experience working with Nexus 7010,7018, 5020, 2148, 2248 devices
• Installed and configured Meraki (MX80,MX60) Appliance via Meraki MX400 Cloud.
• Installed and configured Cisco Meraki (MR66,MR18) wireless Access points in the warehouses.
• Migration of existing IPSEC VPN tunnels and Firewall rules from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies.
• Implemented VOIP solutions using SIP & H.323, also have sound knowledge of Avaya VOIP products.
• Installed, provisioned VOIP for service with hosted SIP servers and also advanced H.323.
• Analysis of network for preparation of VOIP implementation and provide SIP VOIP solutions on MPLS and Internet based connectivity.
• Great exposure to SDN and Network Function Virtualization (NFV) technologies like Cisco ACI.
• Responsible for designing and engineering of a virtual network infrastructure which included Cisco ACI support technologies.
• Designed analysis tool for E1 to support maintenance and protocol verification of T1-CAS, E1-CAS, ISDN, SS7 and Q.931. With Harris radio.
• Developed and deployed customized Diameter testing tool that has been extensively used ever since in IMS load testing, trouble shooting, and feature/fix validations.
• Defined configuration requirements and provided validation and integration guidance for all IMS related features, design changes, and patches/fixes.
• Designed and Deployed IMS platform virtualization based on UCS and VMware (Vsphere and VCD) products
• Troubleshooting Cisco routers, APs, Switches and Meraki appliances.
• Responsible for Updating Access-list, prefix-list to 2500 Retail Routers across the country. Experience with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP .
• Experience with Network Redesign for Company Campus Locations and Moving from 6500 based Data Center to Nexus based Data Center.
• Experience with design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Responsible for cabling the switches, assigning IPs, port turn up and also troubleshooting the connection.
• Worked on migration from F5 LTM to A10 LTM
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Installed and configured F5 Viprion 4480 Chasis to simplify the network.
• Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP
• Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPsec, VPN etc.
• Worked with Infoblox for securing and managing DNS, DHCP and IPAM
• Management of Infoblox Grid Manager to manage DNS Forward and Revers Lookup Zones
• Experience working with Active Directory (as a centralized system) to automate network security management and user data.
• Worked with Cisco ACE GSS 4400 Series global site selector Appliances
• Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S
• Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation

Environment: Nexus 2k/5k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Checkpoint, Cisco ASA, McAfee EPO, EOP, Trend Micro, Kemp, OTV, VPC, VDC, FCOE, Active Directory, Windows Server 2003/2008, VoIP.

Confidential, Boston,MA

Sr. Network Engineer

• Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers with Site-Site VPN, and firewalls for Confidential Retail sites.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Installing and configuring new cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company.
• Experienced in working with Session Initiation Protocol(SIP) trunking for voice over IP(VoIP) to facilitate the connection of a private bank exchange(PBX) to the internet.
• Troubleshooting voice network systems, through the range of desktop phones on up to the backend Call Manager.
• Participated in project based implementation of required voice network infrastructure devices upto and including Cisco Call Manager.
• Provided daily administration for all voice network infrastructure, including requests for new phones, headsets, voice mail, as well as anything upgrades to the system.
• Scheduled and implement OS and other system upgrades per established process inclusive of coordination with application development, platform engineering and quality assurance teams.
• Completed physical planning, scheduling and installation of new voice network devices as determined by Engineering.
• Good Knowledge/experience in configuration of Voice over IP (VoIP) like Cisco FWSM, Panorama
• Worked on Infoblox DNS IPAM for Microsoft DNS/DHCP setup and management.
• Created a Neutron router interface, modify the default Neutron security group to allow ICMP and SSH.
• Configured Open Stack Neutron from GRE and VXLAN.
• Provided APIs and implementations to support Service Function Chaining in Neutron
• Configuring Palo Alto’s for inline use and Adding signature attacks on prevention lists.
• Responsibilities also included placing order for new SFP’s, implementing inline capabilities for home agents and running network cables from Palo Alto direct to required firewall.
• Web/application developer and coding with analytical programming using Python/Perl
• Working closely with Data center management to analyze the data center sites for cabling requirements of various network equipment.
• Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Migrated, created, and managed pools and clusters in F5 Big-IP GTM 3DNS load balancers across multiple Datacenters
• Configuring ACL on ISE for making policies.
• Conducted process audits and furnished ITIL process owner support.
• Collaborated with MSC staff members in ITIL framework implementation
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Plan for migrations off Cisco CSS and Cisco ACE/GSS onto F5 LTM active/passive pair and deploy F5 GTM for site redundancy across two data centers connected via two diverse service providers.
• Developed new and updated existing CDN operator, content, and service provider administration and management documentation for this multi-tenant CDN environment.
• Contributed to documentation migration initiatives related to Akamai's acquisition of Verivue. This included improving the structural use of shared topics within the context of OASIS DITA, and re-branding.
• Created new CDN API reference and SNMP and Syslog monitoring guide.
• Updated GUI-based server and service administration guides addressing transparent caching, request routing, and hypercache concepts, configuration, and management
• Help with Migrating enterprise websites to the Akamai CDN structure and manage the Akamai control panel along with the websites hosted at Akamai and also managing the Akamai Site accelerator to optimize the delivery of the website to the end customer.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel.
• Hands-on experience in the network management of circuits using TDM and Frame Relay Managing and providing support to various project teams with regards to the addition of new equipment such as routers switches and firewalls to the DMZs.
• Build Logical design and Implementation of Wireless Solution
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path
• Handling enterprise outages effectively and driving towards the resolution. Coordination of fault escalations in conjunction with the 1st high-level technical management of high priority or technically complex calls.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Working with Capacity management on network bandwidth utilization reporting of the sites WAN link and vendor co-ordination for new site turnovers / WAN links.
• Preparing Metrics report detailing on SLA performance of tickets and process quality report to analyze team performance & discussion on the improvement areas (By monthly).
• Providing training to new comers and effectively working towards a process quality improvement in the Team.
• Configure legacy route map configurations using the new Cisco IOS XR Routing Protocol Language (RPL).
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Successfully implemented Wireless Access Points(WAP)
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches.
• Hands-on experience with Ether Channel, Spanning Tree, Trucking, ACLs, Syslog. Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
• Work assigned tickets to determine the point of failure and resolve problems remotely utilizing available tools and other Operation Center resources.
• Analyzed and tested network protocols (Ethernet, TCP/IP) using Wireshark tool.
• Used IPS and IDS with the fire wall to detect and to filter threats
• Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
• Worked with different ISP globally for any WAN circuit and BGP routing issues. Opening up cases for CE routers, Riverbed optimizer issues.
• Work & escalate problems effectively in order to meet customer SLA's (service level agreements).
• Perform problem management and root cause analysis for customers as required.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, Akamai CDN, Juniper SRX100, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Checkpoint, Cisco ASA, VoIP

Confidential,Secaucus,NJ

Network Engineer

• Managing and supporting large scale MPLS & Frame relay on Cisco & Juniper environment for more than 5000 Retail sites, 100 Distribution centers, 100 offices and 3 datacenters.
• Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
• Managing and upgrading IOS image files and taking configuration back-up.
• Configuring Static, EIGRP, RIP and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Used IPSec VPN tunneling to provide access to user machines and partners in other network. Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Configured VLAN Trunking 802.1Q, STP (802.1d), Port Security on Catalyst 6500 switches
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Worked extensively in Configuring, Monitoring and Troubleshooting Check point security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Planned and implemented network designs, including WAN, LAN, MPLS.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation
• Configured and managed VLANs, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for Layer-2 and Layer-3 switching domains as per the organization's requirement plan. IP Allocation for all applications and servers with high availability throughout the company.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long term planning, implementation, project management and operations support as required.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network
• Hands-on experience in the network management of circuits using TDM and Frame Relay network, performing configuration and provisioning management, fault management and performance monitoring
• Expertise in developing Complex Automated Script Framework, utility functions manually for HTTP(S) Protocol.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
• Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port based authentication.
• Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
• Performing network monitoring, providing analysis using various tools like Wireshark, Solarwinds etc.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers
• Deployments for use cases such as SaaS, IaaS , and data center migration.

Confidential

Network Engineer

• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Worked on HSRP for hop redundancy and load balancing.
• Configured the Cisco router as IP Firewall and for NATing Configured RSTP , MST and used VTP with 802.1q trunk encapsulation.
• Provided port binding, port security and router redundancy through HSRP.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Provided testing for network connectivity before and after install/upgrade
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Routing protocols OSPF, RIP & BGP
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Configured FTP server for inside/outside users & vendors.

Environment: Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP, Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN’s, SSL

Confidential

System/Network Engineer

• Worked on Cisco routers 7200, 3800, 2800 and Cisco switches 4900, 2900
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include
• Configured Firewall logging, DMZs & related security policies & monitoring
• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
• Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco PIX Firewall
• Enabled STP Enhancements to speed up the network convergence that include Port-fast, Uplink-fast and Backbone-fast
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Other responsibilities included documentation and change control
• Responsible for Configuring SITE TO SITE VPN on Cisco Routers between Head Quarters and Branch locations
• Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems
• Used various scanning and sniffing tools like Wire-shark
• Hands on Experience working with security issue like applying ACL’s , configuring NAT and VPN
• Documenting and Log analysing the Cisco ASA 5500 series firewall
• Configured BGP for CE to PE route advertisement inside the lab environment
• Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues.

Environment: Netrep, Solar winds, Windows server NT /2000 Windows XP.