PROFESSIONAL EXPERIENCE:

Confidential - Minneapolis, MN

Senior Data Network Engineer/Consultant

Responsibilities:

• Designed and implemented solutions on the ASR 1002/1006 routers, Nexus 7010s, Juniper ISG 1000 firewalls, Nexus 5500 and 2000 series devices
• Upgraded legacy Catalyst 6500 core switches to Nexus 7000 core switches utilizing nexus 5000 and 2000 switches for server farms and migrating 2000+ servers in an EoR-ToR fashion
• Designed and implemented redundant Cisco 7507 s with CIP interfaces running TN3270 Server to interface with bus-and-tag and ESCON mainframe channels.
• Configured Spanning-Tree (STP), VTP Domains and VLANS on Cisco 6500 and 4500 Switches.
• Implemented Class Maps, Policy Maps, COS-DSCP Mutations, DSCP Trust and Policing as part of the enterprise QoS Strategy at branch locations
• Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment
• Conduct Audit Surveys of customer s legacy networks and provide complete overhaul solution to phase-out and replace their networks with no impact to their business.
• Designed and implemented AS5300 s and Shiva routers for ISDN and dial in connections.
• Mentoring IT associates by conducting, participating in area development meetings and -Leading efforts with teams in the resolution of complex technical issues
• Developed Network Infrastructure best practices based on existing and future business requirements.
• Implemented CBWFQ QoS standards across the enterprise on 2800/3800 and 2900/3900 series ISRs in support of IP Telephony requirements
• Aided in the development of new configurations for local and regional site for LAN Remediation devices.
• Designed configuration overhaul on WAN Edge and Core to edge Routing protocol redistribution along with prefix-list, and ACL Consolidation
• Deployed 7500 Flex Connect Centralized Controllers while utilizing Flex Connect groups
• Worked with Project Managers to identify or recommend technical solutions and identify technical constraints effecting timelines
• Implemented 3rd party vendor call center solutions via MPLS WAN and 3845 SBC Voice Gateways integrated via Gatekeeper
• Deployed the Cisco ASA in Transparent Mode to support DMZ environment segmentation of East/West traffic due to SOX/PCI compliance
• Migrated Checkpoint firewall deployment to Cisco ASA platform to ensure PCI compliance
• Configured policy based routing, IPS policies, NATs, security policies, routes, virtual routers, interfaces, zones on Palo Alto firewalls for both branch network, datacenter network, cloud services
• Installed global protect on remote users laptops for VPN connections throughPalo Alto 3020
• Implemented VRFs and Checkpoint Firewalls in DMZ environment to separate and monitor east to west traffic flows between application and presentation servers
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Proficient in the operation and administration of Juniper NetScreen/ISG/SSG-based firewalls, Juniper SRX-series services gateways, Juniper J/MX-series routers, Juniper SA-series SSL VPN appliances, F5 load-balancing products
• Experience with supporting and troubleshooting bluecoat proxies, Riverbed Steelhead and juniper SRX firewalls
• Designed and implemented VIP/Pool/Nodes on the F5 LTM for various web/app/DB server farm load-balancing roubleshot network problems in the bank with various pieces of equipment to include Cisco routers and switches, Cisco firewalls modules and standalone fireisawalls, Cisco load balancers, F5 load balancers, Netscalers and Cisco wireless access points.
• Configured a pair of Cisco ACE 4710 for locations across 4 contexts and a 4Gb port-channel 802.1q trunk to Cisco Catalyst 6513s.
• Implemented various configurations on the Cisco ACE including server pools, health monitors, SNAT, and SSL offload
• Performed numerous software upgrades on F5 BIG-IP LTMs going from 10.x to 11.x versions of code
• Migrated from ACE appliances to F5 VIPRION platform and coordinated application testing to validate connectivity
• Documented existing multicast environments in order to facilitate migration from ASM to SSM
• Decipher and logically resolve technical issues while tactfully managing customers in a fast-paced environment. Utilize judgment and decision making to analyze problems and develop logical solutions. ake initiative to learn/apply new software and hardware technology. Acknowledged for professionalism, enthusiasm, versatility and outstanding organizational and leadership skills. Excellent oral and written communication skills.
• Documented existing multicast environments in order to facilitate migration from ASM to SSM
• Decipher and logically resolve technical issues while tactfully managing customers in a fast-paced environment. Utilize judgment and decision making to analyze problems and develop logical solutions. ---Take initiative to learn/apply new software and hardware technology. Acknowledged for professionalism, enthusiasm, versatility and outstanding organizational and leadership skills. Excellent oral and written communication skills.
• Migrated Netapp NAS into EMC VNX to reduce overhead by managing both file-based and block-based storage on the same platform
• Created large number of VPCs to connect EMC VNX to production and DR site. Continue to support storage team with various needs.
• Worked with VRFs to connect multiple remote sites to the head-end data center while maintaining corporate IP addressing schema
• Created test plans for newly deployed network solutions to verify redundancy and validate network use readiness
• Migrated several offices from Autonomous 1100/1200 AP design to 5500 series WLC integrated with WCS deployment
• Configured High Availability on a pair of Cisco 5508 WLCs to support SSO on Cisco 3600 series APs
• Designed, configured and administered Aruba 200, 220 and 320 series APs along with 3400 and 3600 Mobility Controllers
• Conducted a bakeoff between Cisco s and Aruba s wireless solutions to determine the best, most scalable solution
• Implemented Microsoft Proxy Server and Blue Coat Proxy Servers including routing and policy control
• Updated existing Blue Coats proxy ( ) configuration to reflect new site install.
• Deployed WCCP and PAC files to redirect all internet traffic to the Cisco IronPort Proxy
• Deployed WCCP within the Extranet environment to redirect all internet traffic to the Cisco IronPort Proxy Servers
• Deployed and implemented Cisco WAVE 7541, 7341 and 694 at branch locations for WAN acceleration
• Deployment of Trustwave webDefend for web application firewall to protect against different form of attack.
• Design and implement environments utilizing Riverbed SteelHead CX5055 devices for WAN Optimization over MPLS for DR Replication
• Design standards for DR Data Center solution using OTV on ASR 1Ks, IP SLA, and Riverbed Steelheads for Optimization of Mimix Replication
• Performed site discovery and documentation on existing infrastructure across two data centers and 150+ remote sites
• Created configuration standards for 00 and ASR routers for MPLS connectivity and QoS support of DSCP based bandwidth assignments for voice and other mission critical traffic
• Configured one to one NAT (MIPs) and many to one source NAT (DIPs) on Juniper NS and SSG product lines
• Configured and deployed Juniper SSG and ISG firewalls utilizing NSM and CLI to deploy NAT/PAT and Firewall Policy.
• Implemented Qualysguard port vulnerability detection appliance on the United Airlines headquarters LAN environment.
• Utilized Ixia Chariot to verify Voice quality during times of possible network congestion. This process was also used to validate the QoS configurations on all devices
• Designed and implemented new, redundant Cisco campus network utilizing Cisco 4006-L3 and 3548 switches. Migrated from old Bay Networks infrastructure to new Cisco infrastructure. Implemented Cisco Works Campus Manager to manage all new switches.
• Designed and configured BGP regular expressions, Multihop, aggregate summarization and NLRI attribute manipulation for path control.
• Configured policy based routing, IPS policies, NATs, security policies, routes, virtual routers, interfaces, zones onPaloAltofirewalls for both branch network, datacenter network, cloud services
• Involved in the pre-sales and provide the solutions to the customers such as Network design, licensing, hardware requirements etc.
• Provided high-level support on MPLS-QoS and MPLS-VPN migration from Frame-Relay circuits
• Collaborated with the security team on various projects, including internal data center firewall segmentation, end point user security, IPS, VPN, and Web filtering.
• Documented existing environments in order to facilitate migration of 100 Live TV streams from Core CRS to Distribution ASR-9000
• Designed and implemented multi-tenant MPLS based routing architecture with CRS-1 for increased 10GB support tilized Cisco Works and home grown Perl Scripts on Unix for router and switch automation
• Hand Written Numerous Python Scripts to automate simple and fundamental tasks including things such as polling devices and retrieving and verifying versions of cisco software
• Architected and designed new standards to implement Cisco 6500 and 4500 series switches with Layer 3 functionality as campus core devices
• Collaborated with product and project managers as well as business to define product features, architectural deliverables and project estimates.
• Quickly learn and master new technology; equally successful in both team and self-directed settings; and proficient in a range of computer systems, languages, tools and testing methodologies.
• Developed standards and best practices for emerging business units and Merger and Acquisitions
• Created Linux platform on ESXi and utilized as centralized configuration builder for router and switch configs
• Build, configure, and deploy VMs and templates from VMware. Completed Physical-to-Virtual (P2V), and Virtual-to-Virtual (V2V) migrations of Windows and Linux systems.
• Configured and implemented 6500 and 4500 series switches as Core switches at remote sites
• As the Network Analyst for Alltel, I was dedicated to assuring the uptime and smooth operations of Alltel Data Center, which supported the Washington State Child Support Services program.
• Document existing Data Center infrastructure and produce LAN/WAN standards for -branch/campus/SOHO connectivity
• Implemented Websense, Scansafe and other Cloud Based Scanning solutions to prevent 0 Day Threats

Confidential - Minneapolis, MN

Data Network Consultant

Responsibilities:

• Implemented VRFs on Nexus 7000 and 6500 series switches to separate application and presentation layers within the data center
• Design/Configuration/Implementation/Migration core network infrastructure from legacy 6513s to Nexus 7010s Performed multiple customer facing presentations and knowledge transfer sessions for project based work and design review Implemented scalable multicast solution utilizing Anycast - RP and MSDP for geographical redundancy and fault tolerance Configuring devices to comply with network application requirements such as MTU size, minimum bandwidth needs, and network adjacency needs. Worked with general CLI configurations for issuing bigstart restart httpd process for non-responsive HTTPS services on LTM. Applied L2QOSon 6500 and 3550 switches to support VOIP. Applied L3QOSon Cisco routers for Frame-Relay connections Analyzed existing voice and data networks and recommend tailored converged network solutions for variety Data, Cisco IP Telephony and legacy PBX environment
• Designed WAN convergence between Ecolab and Nalco. This included redesign of IP address structure, and circuit scaling. Migrating them from Frame Relay to MPLS and replacing the existing 2900 and 3500 series switches with 3750 stacks and 2821 and 2921 routers. Performed tech refreshes of legacy 250, 2600, 3600 and 3700 series routers with new 2900 and 3900 series ISRs to support upcoming Unified Communications upgrades along with QoS Performed Pen Testing with Nesus and security audits to validate that sites were security compliant Performed network Pen Testing with Nessus/Cain and Abel/Metasploit as security audit to validate network security Designed and implement simple to complex TCP/IP based networks including Subnet, Private Addressing, NAT, VLSM and Route Aggregation. Implementation of based Dot1x on Cisco Wireless Controllers to migrate away from flat Pre-Shared Key SSID deployment Established and Validated a Per-Connection Bandwidth Requirement of Enterprise
• Wireless design Created BOM s, MOP s as well as test/implementation/backout plans for infrastructure upgrades in order to ensure proper procedures were followed with new equipment deployments. Lead a team of technicians responsible for the day-to-day administration and maintenance of ASA firewalls, F5 load-balancers, and Juniper SRX series firewalls Worked extensively with Firewall ACL validation and implementation including ASA 5525-x, ASA 5515-x, and WS-SVC-FWM-1 firewall module for ws-c6509-E Performed rule-set analysis and configuration migrations from Juniper ScreenOS to Cisco ASA 8.4 Migrated multiple HA pairs of the Cisco ASA 5500 from pre-8.4 configuration to version 8.4 Implemented firewall rule changes on Checkpoint R75/R76; Created multiple NAT policies and exemptions Configured Checkpoint Security Gateway with an object-based Security Policy (on R75 and R76)
• Juniper/Junos - E, MX, and J series routers, EX series and QFX (standalone) series switches, SRX firewalls, UAC solution, SSL VPN solution)
• Proficient in the operation and administration of Juniper NetScreen/ISG/SSG-based firewalls Created a phased migration plan of one VIP at a time that was migrated from Juniper DX, CSS and MS LB to Cisco ACE and F5 BigIP 8900 / LTM VIPRION 2400 with SNAT and SSL Offload Configured F5-LTMs with source NAT in effort to migrate from inline two-armed ACE load-balancing deployment Migrated 4 pairs of Ace 4710s to 2 pairs of BIG-IP LTM 7050s running in Active/Standby Managed/Supported Cisco ACE 20/30/4710 in both routed and one-armed (source-NAT) topologies Migrated and Consolidated 20 pairs of ACE 4710s to 8 pairs of F5 7050s running in active standby configuration Performed thorough comprehensive inventories on appliances, High availability Configurations and current active VIPs on 40+ pairs of ACE Appliances for regional and Global Migration to the F5 platform Decipher and logically resolve technical issues while tactfully managing customers in a fast-paced environment. Utilize judgment and decision making to analyze problems and develop logical solutions. ---Take initiative to learn/apply new software and hardware technology. Acknowledged for professionalism, enthusiasm, versatility and outstanding organizational and leadership skills. Excellent oral and written communication skills. Documented existing multicast environments in order to facilitate migration from ASM to SSM Decipher and logically resolve technical issues while tactfully managing customers in a fast-paced environment.
• Utilize judgment and decision making to analyze problems and develop logical solutions. ---Take initiative to learn/apply new software and hardware technology. Acknowledged for professionalism, enthusiasm, versatility and outstanding organizational and leadership skills. Excellent oral and written communication skills. Documented existing multicast environments in order to facilitate migration from ASM to SSM Migrated Netapp NAS into EMC VNX to reduce overhead by managing both file-based and block-based storage on the same platform Created large number of VPCs to connect EMC VNX to production and DR site.
• Continue to support storage team with various needs Maintaining a Syslog (Kiwi) server for all events on the enterprise network. Including analyzing logs periodically. Configured CBWFQ QoS with a 3-Tier design to support enterprise VoIP and Video initiatives Wireless - Flex Connect, Local Mode, Heat Maps, WLC 5508, AP 5500, 4400, 2000 series Implemented 2504 and 5508 WLCs for sites that required local node and HREAP for small sites Architected and deployed new wireless network including vendor selection (Aruba Networks), site survey, and deployment of back-end services for secure 802.1x authentication Configured and installed Aruba 3000/6000 wireless controller and Aruba 100/130 series Access Points. Updated existing Blue Coats proxy ( ) configuration to reflect new site install. Implemented Microsoft Proxy Server and Blue Coat Proxy Servers including routing and policy control Implemented Ironport WSA and Bluecoat for company proxy standards via Proxy PAC files Compared Cisco IronPort and Bluecoat proxies in POC to determine standard moving forward Implemented Cisco WAAS with selective traffic redirection using WCCP on the Cisco 6500 and 2800 series platformsDesigned and implemented WAN optimization strategies utilizing Cisco WAAS/WAVE and Riverbed Steel Head devices Built and implemented configuration of riverbed steelhead WAN optimization appliances, as well as configuration of Connection Forwarding in multiple appliance clusters, and pushed updated policies from the Central Management Console Installed dual DS-3 SAN replication WANwith Riverbed Interceptors and 6050 Steelhead appliances to optimize the traffic. Involved in day-to-day operational duties maintaining existing Cisco 4500/6500 switches Designed and implement simple to complex TCP/IP based networks including Subnet, Private Addressing, NAT, VLSM and Route Aggregation. Configured Juniper M-Series and J-Series routers for IP/MPLS connectivity. Configured Juniper ISG and SSG firewalls utilizing NSM and CLI to implement NAT/PAT and Firewall Policy.
• Redesigned the DMZ in the datacenter to in corporate OSPF into an EIGRP network to interoperate with Juniper and other non-Cisco brand hardware. Created and implemented network designs for multiple customers, serving as tier 3 support for escalated issues Lead redesign of customer s routing infrastructure and site IP address allocation, reducing the number of IPv4 prefixes and improving convergence through summarization across the WAN Configured and implemented Bidirectional Forwarding Detection (BFD) and Embedded Event Manager (EEM) into Cisco 3845/3945/4451 ISRs and ASR 1004s Configured and deployed Cisco 2600, 3700, 2800, 3800, 2900, 3900 and 7200 series routers with T1, MLPPP, IMA, DS3, Ethernet Handoff and OC3 interfaces Assessed existing site infrastructure at remote sites and made recommendations for new equipment standards Implemented OSPF as the internal protocol and BGP with route-maps as the external protocol with redistribution of BGP into OSPF Implemented B2B VPN circuits utilizing cisco 38xx series routers for remote site VPN connectivity for external vendors Administer the VPN. Enable and delete users account and provide users Lead efforts with in troubleshooting VPN installed in their workstation. Designed and configured Quality of service, MPLS Architected Core Routing solutions with CRS-1 and ASR 1000/9000 platforms for OC-12 and 10GB Ethernet functionality Troubleshooting of complex routing issues on CRS, XR, GSR, ASR9K, 10K, 7600, 6500 platforms
• Automated network changes on various routers and switches with Perl scripts on Unix/Linux platforms Utilized Cisco Works and home grown Perl Scripts on Unix for router and switch automation Architected multicast networks to protect the entire path, from source to every receiver to eliminate any single points of failure and prevent disruption of the multicast stream due to the loss of any single router Architected the consolidation of data centers involving large scale server moves and re-IPs Performed Firewall cleanup by consolidating and optimizing over 300,000+ ACLs, Objects, NATs, Policies, etc using Cisco CSM As the lead for various TDM to UC migrations, I created the circuit provisioning standards, voice gateway and switch BOM guidelines and process checklists Managed multiple active directory servers through VMware client configuring and maintaining records and documentation for all DNS and
• DHCP appliances Created Linux platform on ESXi and utilized as centralized configuration builder for router and switch configs Lead technology and hardware refresh project consisting of over 20 locations utilizing Cisco Catalyst 3750s, 4500s and 3900 series integrated services routers Configured site-to-site GRE Tunnels with 3DES IPsec encryption on 2651xm, 2691xm, 3662, and 3745 routers for remote sites on the Frame Relay network to meet security requirements. Ability to extrapolate and analyze customer needs, develop solutions based on customer s unique requirements synthesizing them functional into technical, and consistently implementing them on time and on budget. A quick study of new concepts, practices, products, and technologies. Performed firewall rule consolidation of over 10000 firewall rules spread across multiple clusters of firewalls located regionally

Confidential - Minneapolis, MN

Network Consultant

Responsibilities:

• Created and standardized network documentation using visio, on both high - level and low-level documents.
• Planned, designed, implemented and support of IP Telephony applications and network infrastructure for small, medium and large enterprise type of businesses located world-wide Configured route-maps and prefix-list to control prefix advertisement into the MPLS backbone Working knowledge of VLANS, Trunking, EtherChannels, Spanning Tree, MST, HSRP, VRRP, GLBP, Gigabit Ethernet, IP Multicast, AnyCast IP, Frame Relay, T1/T3, DS1/DS3 OC3 circuits. Met with customer change management and infrastructure teams for white-boarding, knowledge transfer, and advisory approvals
• Provisioning/Configuration of Cisco 2950s for server connectivity per network standards Worked on Packetshaper hardware to perform traffic shaping, bandwidth allocation on the WAN link thus ensuring Quality of Service (QoS) on different traffic classes (voice, citrix and Best-effort) Oversight of several hundred user applications load balancing status across four data centers Wrote IOS and CATOS upgrade procedures and Pre/Post checks for customer production upgrades for Hybrid to Native 6500 core upgrades on the Sup720 Installed, configured and managed multiple radio links interfaced to Cisco 2600 Router with ISDN DDR and Gandalf MUX respectively supporting different applications. Performed LAN hardware and technology refreshes for over 50+ customer locations, replacing EOL/EOS hardware and implementing new enhanced features Wrote several how to documents that helped establish procedures for day to day network operations Produce change, back out, and UAT plans for change orders to discuss on weekly CAB meetings Worked deeply with all application teams to understand and fix issues and maintain the network to a level of high efficiency Executed and Complete Merger and
• Acquisitions for vendors to provide them with proper branch office configurations Deployed and implemented Cisco W A VE 7541, 7341 and 694 at branch locations for W AN acceleration Team lead for security projects involving the design and implementation of industry leading platforms and migrations from legacy platforms. Plan and develop long term strategies with the security team to ensure current, as well as future network threat mitigation. Worked closely with vendors on several high dollar projects to ensure they were meeting their contractual obligations. Installed RSA soft/hard token licenses on the RSA 250 appliance enabling two-factor authentication for numerous users. Optimized routing convergence through core devices through the use of route maps and prefix summarization at major L3 distribution boundaries. Designed and documented operator instructions for NOC team on upgraded environments and new protocol rollouts Responsible for design & management of Juniper Netscreen Firewalls, Juniper Switches, Cisco Switches Proficient in the operation and administration of Juniper NetScreen/ISG/SSG-based firewalls, Juniper SRX-series services gateways, Juniper J/M/MX-series routers, Juniper SA-series SSL VPN appliances, F5 load-balancing products (LTM, GTM, FirePass), and various Cisco IOS-based platforms Supported over 100 in house developed applications traversing over 10 pairs of F5 LTM Load balancers. Worked extensively with application and server owners to change VIP keepalives, backside, frontside ports and modified ACE/CSS and F5 parameters to improve performance Configured Cisco ACE module from the scratch for load-balancing of different VIPs. Configured ACL, routing, NAT etc on the ACE. Configured various Virtual IP s (VIPs) for web applications utilizing Cisco CSS and ACE platforms SSL PKI refresh for over 1000+ expiring s and migration to F5 BigIP LTM for central point of management and application performance enhancements Configuration/Administration of SSL s/keys and SSL profiles on F5 LTM 3400s for SSL offload Designed and implemented VIP/Pool/Nodes for various web/app/DB server farm load-balancing. Configured routing on various Cisco routing platforms utilizing OSPF, IGRP, RIPv2, EIGRP, and static routes Created and standardized network documentation using visio, on both high-level and low-level documents. Configured and deployed Cisco 2600, 3700, 2800, 3800, 2900, 3900 and 7200 series routers with T1, MLPPP, IMA, DS3, Ethernet Handoff and OC3 interfaces Created B2B connections on 7204VXRG2 for remote vendors and sites being prepped for nationalization with Risk Management and site crawls for security risks Migrated from static routes to dual homed Internet access with full BGP routes to redundant carriers Developed detailed engineering packages, staging and installation procedures, and quality assurance plans for both wired and 802.11 wireless networks Worked with Gigamon devices, including management and setting up SPANs, and hardware installation
• Lead technology and hardware refresh project consisting of over 20 locations utilizing Cisco Catalyst 3750s, 4500s and 3800 series integrated services routers Stage ASRs in lab replica and validate functionality as Proof of Concept for CAB approval going forward Designed a redundant, multihomed BGP solution in the datacenter for load-balancing out through the WAN for increased throughput and resiliency. Extracting configuration variables from existing/old equipment to forward to pre-configuration center at WWT Updated existing Blue Coats proxy ( ) configuration to reflect new site install. Implemented Microsoft Proxy Server and Blue Coat Proxy Servers including routing and policy control Implemented Cisco WSA with IronPort and migrated proxy services from Microsoft Proxy Server Coordinated and collaborated with ScanSafe and Ironport (proxy) teams to provide high-availability models for end users Implemented OSPF as the internal protocol and BGP with route-maps as the external protocol with redistribution of BGP into OSPF Configured Spanning-Tree PVST, RST, MST, Backbonefast, Uplinkfast, Portfast and Private VLAN (PVLAN) Provided technical input in engineering meetings with Senior Executives to provide explanations and use cases of projects currently in progress Created Data and Voice CBWFQ QoS standards which were implemented throughout the enterprise Staging and validation of IOS to NX-OS/IOS-XE configurations for
• Data Center Core/Aggregation upgrades Configured Cisco 4500 and 6500 series Switch in VSS mode to create Loop Free 3-Tier Topologies Responsible for maintenance and implementation of Juniper Routers, Switches, and Firewalls Experienced in securing data, voice, video, Internet/Intranet, E-commerce and telecommunication network architectures (CiscoAvaya, Microsoft, Juniper, IPC Turret). Configured Cisco switches 6500, 4500, 3750 to support voice and data parameters to improve performance Configured OSPF STUB, Totally Stubby and Not So Stubby areas to decrease routing table size in areas of the network where legacy hardware was still utilized as well as work around vendor ASBR s on the network Design and implementation of new QoS standard utilizing CBWFQ with focus on future video traffic scaling Designed and implemented an Overlay Network to manage all our production devices with Syslog, Cisco Secure ACS, TACACS+ and Solarwinds NPM Worked as the only Priority Support engineer on third shift, being the only highest level of support for clients around the globe Stage ASRs in lab replica and validate functionality as Proof of Concept for CAB approval going forward Rolled out a multi-tiered DMVPN infrastructure comprising primarily of GRE-Multipoint tunneling Researched, designed, and implemented pilot SSL VPN solution to complement existing IPSEC VPN in to meet goals from executive leadership. Migrated existing Sonicwall firewall configs and converted and optimized into multiple Cisco ASA s with HA failover. Displayed excellent ability to work under pressure, fixing network issues during International trading hours to minimize bank losses Utilized Cisco Works and home grown Perl Scripts on Unix for router and switch automation Automated network changes on various routers and switches with Perl scripts on Unix/Linux platforms Perform analysis and design of network solutions within the architectural framework, utilizing documented standards to meet project needs.
• As part of the architecture team, re-designed all Datacenters in North America to be part of a self-healing MAN with Metro Office Ethernet Responsible for configuring eight core 6509 with Flex-Wan DS3 modules to support 2300 branch encrypted IPSEC BGP GRE tunnels Lead implementation effort in standardization of code across all IOS devices within the enterprise Configured and installed Cisco 3845 router for frame-relay routing with two PVC sub-interfaces for redundancy Fast, secure roaming offered by both Cisco Centralized Key Management (CCKM) and Proactive Key Caching (PKC) will help reduce this brief disruption Designed and configured BGP regular expressions, Multihop, aggregate summarization and NLRI attribute manipulation for path control. Designed and implemented new, redundant Cisco campus network utilizing Cisco 4506e-L3 and 3750 switches. Migrated from old Bay Networks infrastructure to new Cisco infrastructure. Implemented -Cisco Works Campus Manager to manage all new switches. Designed and implemented tech refresh strategies by replacing older Access and Core switches Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.

Confidential - Minneapolis, MN

Network Engineer/Consultant

Responsibilities:

• Configured Cisco 3900, ASR 1K routers and 2960, 3750, 6500 switches as part of the day to day activities.
• Developed a roadmap for the next 4 years for the network strategy to ensure capacity needs are met as well as a cost - benefit analysis of proposed services and hardware Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers. Avoid Cisco AP Load Every AP measures the percentage of total time occupied by transmitting or receiving IEEE 802.11 frames. Implemented Qualysguard port vulnerability detection appliance on the United Airlines headquarters LAN environment. Utilized Visio to provide detailed cable maps as well as Excel connection charts to lead efforts with hardware deployment from vendors. Participated in cross-functional weekly meetings and conference calls with Verizon Business and DoI Management.
• Designed and Implemented multiple routing protocols including EIGRP, OSPF and BGP in a dual provider environments Creation of a companywide QoS standard with the creation of classes based on DSCP values, network protocols, and access lists Utilized GRE Tunnels to route 3rd party traffic in situations where that traffic could not be natively routed. Removed static routes and implemented EIGRP throughoutthe network to create a dynamic environment throughout Gathered requirements, analyzed cost effectiveness, and supported various 3rd party managed hosting and security solutions Created VRF aware L2 MPLS backbone for hosted network solution in order to support various customer networks with duplicate addressing Designed and implemented Cisco 6500 with MSFC, 5500 with RSM, 4000, and 3500 switches in redundant configurations. Wrote core and remote router configurations and implementation scripts. Instructed and mentored staff on conversion activities Designed and implemented Cisco 6500 with MSFC/Sup720, 5500 with RSM, 4000, and 3500 switches in redundant configurations. Design and execute strategy for migration from EIGRP to OSPF as inter-site IGP for support with various third party vendors
• Defined QoS policies on WAN core routers to effect traffic prioritization and congestion control Lead all M&A activity to integrate newly purchased Business into the existing network infrastructure Configuring HSRP between the 3845 router pairs of gateway redundancy for the client desktops. Leveraged ScanSafe Application Visibility and Control (AVC) to define granular policy controls and manage/filter HTTP and SSL web traffic Primary test lead of IPv6 platform in research and planning for future implementation Configured traffic filters on Cisco ASR platforms utilizing standard and extended ACLs Evaluated and assessed Existing capabilities of DMZ Edge Environments in order to lead efforts to expand and increase average level of operating capacity Performed multiple router Technology hardware refreshes at remote office facilities, migrating from legacy G1 ISRs to G2 ISRs and ASR 1000s Completed rollout/tech refresh for remote sites by replacing Cisco 3500 series stacks with 3750 stacks Design and implementation of multiple Cisco 5500 series pairs running in Multi Context Active/Active deployment as DMZ Edge Firewalls for public facing server farms. Configured and deployed Cisco 2600, 3700, 2800, 3800, 2900, 3900 and 7200 series routers with T1, MLPPP, IMA, DS3, Ethernet Handoff and OC3 interfaces Provided Level 3 support for Day 1 and Day 2 support in addition to handling escalated issues as the Lead for various projectsCollaborated with various vendors and end clients to discuss bug scrubs, code upgrades, and future expansion and deployment options
• Responsible for determining NOC/SOC hardware compliance prior to datacenter transfer to include essential IOS and hardware (i.e. servers, routers, switches, firewall) upgrades.
• Upgraded existing MPLS circuits to DS3 and OC3 circuits to provide better throughput, reliability and redundancy.
• Worked with VTP to ensure L2 network across the enterprise as well as implemented VLAN pruning and BPDU Guard to ensure integrity of the network
• Experience working in Datacenter environment, configuration changes as per the needs of company.
• Configured multi-homed eBGP at campus edge locations, using BGP attribute manipulation to control -inbound/outbound traffic flows (LocalPref, AS-Path, Communities)
• Configured OSPF as the internal protocol and BGP for MPLS route advertisements for the enterprise.
• Employed Hierarchical OSPF designs to accommodate Projected Growth in numbers of business locations.
• Evaluate and analyze the network operations center to ensure successful operation of the network.
• Developed standards and best practices for emerging business units and Merger and Acquisitions
• Designed and implementedCisco IOS XRv 9000 Virtual Routers in support of multi-tenant designs
• Designed and implemented 6509s as Core and Distribution layer and 4500 Access layer for all locations and 3750 Stacks for small locations
• Implemented Cisco VG248 s, 6608 PRI Cards, High density FXSFXO and ATA186 s for analog connectivity to the PSTN
• Implemented 3rd party vendor call center solutions via MPLS WAN and 3845 SBC Voice Gateways integrated via Gatekeeper
• Maintain WAN/LAN connectivity leveraging extensive knowledge of BGP, OSPF, EIGRP, and MPLS.
• Collaborated with various vendors and end clients to discuss bug scrubs, code upgrades, and future expansion and deployment options
• Led deployment of infrastructure IP multicast utilizing Cisco Auto-RP in support of emerging collaboration applications
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• Proposed and implemented multiple high-availability features on the ASR 1000-X device including SSO/NSF and BFD handled lead role in mass remote site tech refresh in order to support IP telephony projects
• Developed QoS policies to support new 10gigabit infrastructure as well as add new class for video and -update the QoS policies for preexisting classes
• Configured and implemented 6500 s with SUP720 s, MSFC, Fabric Cards and 4500 series switches as Core switches at remote sites
• Performed numerous code upgrades on IOS and IOS-XE to address PSIRT vulnerabilities related to OpenSSL
• Communicated with and drove efforts of counterparts in the UK to complete migration tasks
• Implemented with Cisco Layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the use of -inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Staging and validation of IOS to NX-OS/IOS-XE configurations for Data Center Core/Aggregation upgrades.
• Created policy based routing policies throughout the core network via BGP route-maps.
• Implemented Cisco Network Access Control (Cisco NAC) on the Enterprise Network for posture validations on end-users systems
• Migrated from a Frame Relay and Dedicated Circuit WAN to a end-to-end MPLS network with Dual -Carriers for redundancy
• Configured MPLS on current routers configuration and inserted new routing configuration for implementation into the MPLS cloud routing scheme.
• Configured eBGP at all 3rd Party Sites to advertise prefixes within the Vendor-Only MPLS network
• Designed and implemented a dual core MPLS architecture for all locations with route summarization
• Migrated of departmental Cisco VoIP system, configured FXO and FXS ports, provisioned 7960 phones connected to Cisco PoE-enabled access switches
• Migrated 400+ servers and 140 access-layer switches onto new infrastructure across multiple data centers
• Deployed Dual NHRP topologies to supply corporate remote working solutions with redundancy and high availability
• Participated in a rotating on-call schedule including overnight and weekend support on escalated Tier 3 network and application issues
• Performed validation testing and handled lead role in back out procedures when necessary
• Configured Netflow, Flex Netflow, NetQoS and Ixia Chariot for reporting and traffic management
• Employed Hierarchical OSPF designs to accommodate Projected Growth in numbers of business locations.
• Planned, designed and built configurations for 4 locations migrating to a 40Gb, 52 mile dark fiber ring topology