Sr. Network Engineer Resume Profile
PA
Professional Summary
Hands-on Network Security Architect with up to 12 years of cross functional experience in Designing, Implementation and troubleshooting of LAN/WAN/Wireless Security infrastructure on all of Cisco, CheckPoint, Juniper, F5 vendor platforms which includes Routers, L2/L3 Switches, Firewalls, Load balancers Wireless Controllers.
Skills:
LAN Technologies | Ethernet, Fast Ethernet, Gigabit Ethernet, VLAN, VTP, STP, RSTP, PVSTP, Token Ring, FDDI, 802.1W. |
Security Technologies | ASA 5500 Checkpoint 4600 Firewalls, IP-Sec SSL VPN, Easy VPN DMVPN, FWSM,IOS Firewall, IDS IPS |
Network Hardware | Cisco Catalyst Switches 6500, 4500, 4000, 3550 series , Cisco Routers 12000, 7600, 7200, 3900,3800,2900 2800 series , Juniper Router J M series M10i, M320 , PIX Firewall 515/525, ASA Firewall 5500 series, CheckPoint R75 Firewalls, Load Balancers Cisco,F5 , Cisco Nexus 7000/5000/2000/1000v, Net Screen SSG firewalls |
Protocols | RIPv1 RIPv2, IGRP, OSPF, EIGRP, IS-IS, BGP, MPLS VPN, HSRP, VRRP, IPv4 IPv6. |
Infrastructure | DHCP, DNS, SMTP, POP3, FTP, TFTP, IIS. |
Network Management | SNMP, Cisco Works 2000, HP Open View, HP NNM, Cisco MARS, MRTG 2.13, PRTG, Wire Shark, Solar Winds, Nessus 2.5, Sniffer Pro 4.7 Microsoft Net Monitor. |
Authentication | TACACS , RADIUS, Cisco ACS 5.3, ISE, Dot1x, |
Documentation Tools | MS Visio, Lotus Notes, MS Office Suite, MS Project Server. |
Professional Experience
Confidential
Designation : Network Design Implementation
- Implementing Troubleshooting Cisco ASA 5500 security appliance FWSM Modules and Managing Security devices using Cisco Security Manager CSM .
- Implementing Troubleshooting CheckPoint SPLAT R75.40 Managing CheckPoint Firewalls using CheckPoint Management Server.
- Configuring CheckPoint Firewalls Management Servers in High Availability/Cluster
- Designing and Implementation experience in building DMZ, and integration of firewalls with Gateway Anti-Virus and web Filtering applications from TrendMicro and Websense.
- Configuration of Failover on firewalls and configuration of Cisco AAA ACS server for VPN user authentications.
- Configuring Administrating Cisco ACS5.3 for Dot1x RADIUS authentication for Wireless users and TACACS for Device Administration.
- Integrating ACS with external identity stores such as Windows AD RSA SecurID.
- Real-time monitoring and network management using Cisco Works.
- Hands-on experience deploying Nexus 7000/5000/3000 Data Center switches, designing 10G core infrastructure consolidating/migrating Catalyst 6500's to Nexus 7000 platforms.
- Configuring Cisco Catalyst Switches for Dot1x authentication.
- Implementing LAN Infrastructure using L2/L3 Switching, VLAN, VTP, Spanning tree and trunking technologies.
- Worked with Cisco advance services to implement data center Nexus environment and upgraded the NX-OS in nexus 7018,7010 and nexus 5548 and 5596.Consolidated multi-tiered environment into a pair of Nexus 7000 switches using VPC and VRF.
- Analyzing Firewall logs Events using Packet Captures TCP dumps
Designation : Sr. Network Engineer
Responsibilities:
- Deploying and configuring Cisco 7600, 3900, 2900 Routers Catalyst 6500 series switches for the core, distribution and access layer in an enterprise composite model network infrastructure.
- Designing and deploying EIGRP, OSPF, BGP, MPLS-VPN protocols and routing technologies for connecting data center to remote locations.
- Implementing Troubleshooting Cisco ASA 5500 security appliance FWSM Modules and Managing Security devices using Cisco Security Manager CSM .
- Designing and Implementation experience in building DMZ, and integration of firewalls with Gateway Anti-Virus and web Filtering applications from TrendMicro and Websense.
- Configuration of Failover on firewalls and configuration of Cisco AAA ACS server, RADIUS and TACACS for VPN users and implementation of secured VPN on Cisco routers, PIX and VPN concentrator appliances.
- Configuring Cisco WLC based Wireless solutions Managing Wireless network using Wireless Control System WCS .
- Configuring Managing Riverbed Cascade Profiler Sensors for analyzing NetFlow traffic for analyzing traffic utilization reports.
- Configuring Administrating Cisco ACS5.2 for Dot1x RADIUS authentication for Wireless users and TACACS for Device Administration.
- Managing Monitoring Cisco infrastructure using Cisco Works.
- Configuring various advanced features Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
- Designed and Developed Internet Security policy for the company in order to build a secure and robust network Infrastructure.
- Worked on IP Frame Relay FR and Gigabit Ethernet WAN Technologies..
- Installed, configured, maintained and troubleshoot JUNOS, Juniper M-Series T-Series routers, Foundry Network L2/L4 Switches.
- Worked with vendors Juniper, Cisco, etc when issues arise and see it through all the way until issue is resolved or a bug has been identified and turned over to development.
- Real-time network monitoring using HP Open View by implementing policies and creating custom events.
- Configuring Quality of Service QoS policies and rate limiting queuing parameters on Cisco and Juniper Platforms.
- Created documented writing and network diagram using MS- Visio.
Confidential
Designation : Sr. Network Engineer
Responsibilities:
- Deploying ISE in wired environment to perform Dot1x port based authentication configure the Posture polices perform Change Of Authorization CoA for users connecting to the corporate network
- Configuring Cisco Catalyst Switches for Dot1x support testing the IOS compatibility with ISE
- Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.
- Configuring various Wireless authentications like PEAP, EAP-FAST EAP-TLS
- Configuring Aruba Controllers integrating with Cisco ACS and RADIUS severs for Dot1x authentication.
- Integrating Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance perform CoA for remote VPN IPSec, SSL AnyConnect users.
- Configuring Cisco FWSM modules on Cisco Cat6K Switches
- Integrating Configuring RSA SecurID with ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.
- Integrating ISE with external identity stores such as Windows AD, Cisco ACS LDAP.
- Worked extensively on Cisco 7600, 6500, 7200VXR, 12416 and 12410,12816,12404,12406 series Router and Cisco 4500, 6509, 7613 series switch.
- Involved in the configuration troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
- Hands-on experience deploying Nexus 7000/5000 Data Center switches, designing 10G core infrastructure consolidating/migrating Catalyst 6500's to Nexus 7000 platforms.
Confidential
Area of Control: Network Infrastructure Security
Responsibilities:
- Manage and troubleshoot Checkpoint firewall, PIX firewall and VPN 3000 concentrators using ACL, NAT PAT. Configured IP routing changes in NAT router and L3 Switch on customer need basis.
- Designed Implemented LAN Infrastructure using L2/L3 Switching, VLAN, VTP, Spanning tree and trunking technologies. Created VLAN and Inter-VLAN routing with Multi Layer Switching.
- Installing Configuring Cisco and Brocade Switches
- Configuring MPLS-VPN, BGP, EIGRP and OSPF routing protocols for enterprise network.
- Configuring, Monitoring and Troubleshooting Cisco's PIX firewall, ASA 5500 security appliance, Cisco 4200 IPS appliance
- Responsible for implementing an IPSEC based VPN solution between branch sites and secured remote access using client to site VPN.
- Deployed IDS 4250 Sensor for firewall management. Implemented Tipping point 2400E/ Cisco IPS 4200 Series.
Confidential
Sr. Network Engineer supporting Post-Sales Deployment team focused on WAN, LAN and Security technologies.
Responsibilities:
- Maintained and troubleshoot the network equipment of 2600, 3600, 7200 routers with switches 2900, 3700, 4000 and 6500 in data center
- Implemented EIGRP for lab environment and OSPF for production sites. Maintained BGP routes for outside network connectivity. Implemented policy based routing using route map.
- Implemented Layer 2 security by enabling STP BPDU Root guard, locking down VLAN trunking. Configured PVLAN, VLAN for production network.
- Configured Cisco 6500 series switches, 7200 VXR series router to implement MPLS VPN, QOS and VLAN.
- Migration of Checkpoint Firewall-1/VPN-1 to ASA 5515 firewall for addressing enterprise needs of firewall, IPSEC VPN IPS. Applied ACL, NAT PAT, and firewall policies.
- Implemented NS-5GT NS500 for SSL VPN Connections.
- Implemented AAA on ASA 5515 firewall using TACACS /Radius Server.
- Deployed Juniper SSG 20 for secured remote site WAN connectivity.
- Helped Tvisha team Implement industry recognized best practices ITIL by developing the Help desk NOC services processes.
- Implemented NMS using SNMP, HP Node Network Manager. Security monitoring using Cisco MARS 6.0, RSA Envision.
Confidential
Responsibilities
- Maintain and troubleshoot point-to-point and point-to-multipoint WAN Connectivity Frame Relay between Central and Remote locations.
- Configured EIGRP OSPF as interior gateway protocol with route filtering and route redistribution. Implemented BGP as exterior gateway protocol.
- Real-time monitoring and network management using Cisco Works.
- Troubleshooting resolving T1/E1 WAN Connectivity issues and B/PRI Connectivity issues.
- Monitored WAN utilizing using network analyzer like Wireshark, MRTG.