SUMMARY

• CCNP and CCNA certified with 7 years of professional experience in Network Planning, Implementing, Configuring, Troubleshooting and Testing of networking system
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA(TACACS+ & RADIUS)
• Strong hands on experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches
• Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system remedy
• Expertise in network protocols, Firewalls and Communication Network design.
• In-depth Cisco technology experience/knowledge in design, implementation, administration and support
• In-depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP
• Efficient at use of Confidential VISIO/Office as technical documentation and presentation tools
• Dealt with monitoring tools like (Solar Winds, Cisco Works tool), network packet capture tools like Wire-shark
• Provided 24x7x365 availability and on-call support as required
• Excellent working knowledge of TCP/IP protocol suite and OSI layers
• Perform root cause analysis on the problems coming across Project execution
• Implement changes through change management process ITIL Process
• Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments
• Effective inter-personal skills, adaptive to any environment, keep abreast with the latest technologies and delivering solutions as an individual and as part of a team

TECHNICAL SKILLS

Cisco & other vendor equipment’s: Nexus 7K, 5K, 2K & 1K, Cisco routers (7200, 3800, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900series). PIX Firewall (506/515/525/535 ), ASA Firewall (5505/5510), Cisco ACE Load Balancers

Routing Protocols: RIP, IGRP, EIGRP, OSPF, IS-IS, BGP,HSRP, VRRP & GLBP

Infrastructure services: DHCP, DNS, SMTP, FTP, TFTP

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- Channel, VLANS, VTP, STP, RSTP, 802.1Q

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

Network Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, Load Balancing, IDS/IPS, URL Filtering -Web-sense, Kiwi Syslog Server Logging, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ &RADIUS)

Network Management: SNMP, Cisco Works, Kiwi-cat, What's-Up Gold, Ethereal

Platforms: Cisco IOS(11.x, 12.x), PIX IOS(6.x, 7.x), CAT-OS UNIX, LINUX, Windows XP, NT, 2000, 2003

Programming: C, C++, HTML

Documentation: MS Office, MS Visio

PROFESSIONAL EXPERIENCE

Sr. Network Engineer

Confidential, Whippany NJ

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3900, 2900) and Cisco switches (6500, 3700, 3500),Nexus(7K, 5K & 2K), Routing Protocols(EIGRP, OSPF, BGP),Switching protocols(VTP,STP,GLBP,HSRP), Cisco PIX(525, 535), ASA(5505, 5510) firewall

Responsibilities:

• Experience with setting up MPLS Layer 3 VPN cloud and also working with BGP WAN towards customer
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
• Network security including NAT/PAT, ACL, and ASA/PIX Firewalls.
• Good knowledge with the technologies VPN, WLAN and Multicast.
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Experience in installing and configuring DNS, DHCP servers.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Worked on ACE load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Involved in iRule management like loading rules, writing iRule syntax using TCL language.
• Involved in design and deploying various network security & High availability products like Cisco ASA and other security products.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
• Secured network access with Cisco Secure (RADIUS/ TACACS+)
• Experience with MP-BGP and MPLS LDP protocols
• Configured network access servers for AAA Security
• Enabled continuous Layer 2 monitoring with Solar Winds, so that each site can run independently until connectivity is restored
• Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, Tuning (Configuration), make standardization for the topology
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling
• Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment
• Replace branch hardware with new 3900 routers and 2960 switches.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Implement and configured GLBP (on core switching and also for VPN redundancy), HSRP on different location of office on the switched network and managing the entire multilayer switched network
• Used Kiwi-Cat tools to manage configurations from desktop for network devices, including routers, switches and firewalls. Generate network device configuration reports, such as port, MAC, APR and version details
• Responsible for the Global engineering and support of existing network technologies / services and the integration of new network technologies / services
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Substantial lab testing & validation prior to implementation of Nexus 7K, 5K & 2K connecting to blade servers
• Installation & configuration of Confidential Proxy Server 2.0
• Configured, installed, & managed DHCP, DNS, & WINS servers
• Carried out performance monitoring & documentation of relevant network segments to ensure data integrity & environmental safety
• Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation

Network Engineer

Confidential, Seattle, WA

Environment: In Corporate office architecture with highly reliable & secured network including Cisco Routers series (2800, 3800, 7200) and switch series (2800, 3750, 3550, 4509E, 6509E), Cisco PIX(525, 535), ASA(5520) firewall, Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP), Site to Site VPN, Remote Access VPN, Cisco VPN 3000 Concentrator, Cisco ACS 4.x

Responsibilities:

• Installation and Configuration of Cisco Catalyst switches 6500, 4500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design
• Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration
• Installation, Configuration and Administration of ADS,DNS,DHCP and Web proxy(ISA)server
• Router/ Confidential VPN Server in order to access certain limited network resources from customer locations
• Installed and configured four PIX 525 and two ASA 5520 in customer locations. In addition to that, two PIX firewall configured for the Guest access
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router
• Created engineering configuration, Security Standards, documenting processes and Network documentation using Confidential Visio
• Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations
• Configuring RIP, OSPF and Static routing on JuniperM and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Design, Implement & troubleshooting of Juniper switches, routers and Firewalls
• Experience working with Network management software NSM
• Configuration and extension of VLAN from one network segment to other network segment between different vendor switches (Cisco, Juniper)
• Taking Regular backups & testing the backups by restoring in test lab frequently
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS
• Installation, Configuration and troubleshooting Cisco switches and Firewall on multi mode context based environments
• Managing a TACACS server for VPN user authentication and network devices authentication
• Handled Corporate and Review Audits from the perspective of IT Security for Network Devices and Servers under our control
• This includes Artifacts for regular Health Checks, IP and System Integrity, Change management, Problem management, Logical Access Controls, Network Connectivity, Service Registration and Performance Management
• Installed and configured the Cisco routers 2800 in two different customer locations. It includes coordinating with Verizon and AT&T in order to bring the serial interface up for T3 link. Also, configuration includes frame relay, BGP and VPN tunnel on GRE
• VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and support
• Configured IPSec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800

Network Engineer

Confidential, New Jersey

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers(7200,3800,2800), Cisco switches(4900,2900),Cisco ASA Firewall(5510), Routing Protocols(EIGRP, RIP, BGP), Switching protocols(VTP,STP,GLBP)

Responsibilities:

• Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
• Performed and technically documented various test results on the lab tests conducted.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
• Responsible for Configuring SITE TO SITE VPN on Cisco ASA 5500 series firewall between Head office and Branch office
• Installation & configuration of Cisco VPN concentrator 3060for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Configured Firewall logging, DMZs & related security policies & monitoring
• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
• Worked onCiscoLayer 2 switches (spanning tree, VLAN).
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Support various Routers like 2600/3600/7200 series routers.
• Tested authentication in OSPF and BGP.
• Configured and troubleshoot OSPF and EIGRP.
• Hands on Experience working with security issue like applying ACL’s, configuring NAT and VPN
• Documenting and Log analyzing the Cisco ASA 5500 series firewall
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Troubleshooting IOS related bugs based on past history and appropriate release notes.
• Work on different connection medium like Fiber and Copper Connectivity.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Planning and configuring the entire IP addressing plan for the clients'network.
• Assist the certification team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.

Cisco Network Engineer

Confidential

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200,3800,2800), Cisco switches(4900,2900), Routing Protocols(EIGRP, RIP, BGP), Switching protocols(VTP,STP,GLBP)

Responsibilities:

• Responsible for the installation, configuration, maintenance and troubleshooting of the company network. Duties included monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of application and equipment
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Configured FTP server for inside/outside users & vendors
• Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
• Managed network connectivity and network security, between Head offices and Branch office
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Used various scanning and sniffing tools like Wire-shark
• Enabled STP Enhancements to speed up the network convergence that include Port-fast, Uplink-fast and Backbone-fast
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Other responsibilities included documentation and change control
• Worked on Cisco routers 7200, 3800, 2800 and Cisco switches 4900, 2900
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include
• Routing protocols OSPF, RIP & BGP
• Configured BGP for CE to PE route advertisement inside the lab environment
• Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues
• Implemented the concept of Route Redistribution between different routing protocols
• Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet
• Channel between switches
• Responsible for configuring GLBP between multilayered switch networks
• Configured AAA with TACACS+ server
• Configured Remote Access Servers with Frame Relay, Leased Line circuits
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems. Implementation of name resolution using WINS & DNS in TCP/IP environment
• Administration of Cisco 11.x and 12.1 versions and higher
• Monitored all Cisco equipments using Cisco Works
• Involved in SNMP Network management. Worked on various scanning and Sniffing tools like Ethereal
• Upgrades and backups of Cisco router configuration files to a TFTP server
• Implementing and maintaining backup schedules as per the company policy