SUMMARY

• 8 years of extensive experience in network design, implementation, troubleshooting, engineering, managing & migration of large - scale enterprise Campus networks and Data Center networks.
• Excellent knowledge and experience on different platforms like Cisco, Juniper, Checkpoint, ASA, Palo Alto, F5 Big-IP LTM load balancers.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Configuring and implementing routing protocols including RIP, TCP/IP, and RIP v1/v2, OSPF, EIGRP and BGP.
• Strong Knowledge in WAN technologies including E3, E1, T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay and PPP.
• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series
• Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series and Cisco catalyst 6500, 4500, 3750, 3500 and 2900 series switches.
• Configuring VDC & VPC in Nexus 9k, 7k, 5k and 2k.
• Experience in working with IPSEC Site to Site, Remote VPN using different encryption methods.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Juniper MX series.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Collaborated with third party vendor in cabling, configuring, and introducing new pair of F5 load balancer in the datacenter.
• Experience in installing and configuring DNS, DHCP server.
• Experience in installing and troubleshooting of WAN technologies like T1/T3, DS3, STM1, OC3, SONET, Gigabit and STM4 circuit types
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Developed and presented LAN/WAN/WLAN network engineering design packages.
• Experience in Network Protocol Testing and analyzing the Signaling of VoIP Protocols H323 and SIP as per standard RFCs.
• Participated in a 24/7 working environment to resolve urgent trouble tickets filed by customer security admins.

TECHNICAL SKILLS

Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008/2012 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.

Equipment’s (Switches & Routers): Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series, ASR 1K, 9K) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX480, 240, 80 series, EX Series Routers and Switches.

Routing: OSPF, EIGRP, BGP (EBGP/IBGP), RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, IPV4, IPV6.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Firewalls: ASA 5500 series, checkpoint, Juniper Netscreen Firewall ISG100, 2000, SSG, SRX, Palo Alto.

Load Balancer: ACE Module, GSS & F5 LTM

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.

Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

PROFESSIONAL EXPERIENCE

Confidential, Nashville, TN

Sr. Network Engineer

Responsibilities:

• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Successfully implemented the datacenter segmentation project with 7K, 5K and 2K Cisco Nexus architecture, ISR and ASR 1001, 1004, 1006 series routers
• F5 BIGIP 4000s and 7200v load balancers and Palo Alto Pa-5000/3000 series firewalls.
• Supporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configured Nexus 7000, 5000, 2000, ASR 9k, Cisco 6500, 3560/3750s series multilayer switches.
• Handling Complaints for Intranet and Extranet over MPLS backbone. Checking the connectivity between different locations.
• Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• Perform ISSU upgrade on Nexus 7010 devices by operating the supervisors in active/standby mode on the devices by determining ISSU compatibility.
• Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
• Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM.
• Designed application mapping and application delivery using F5 BIG IP LTM.
• Provided design, engineering, and implementation of new F5 deployment and transition from Cisco ACE and CSS environment. Implement F5 APM for new SSL VPN access with F5 GTM.
• Licensing and provisioning of F5 modules such as LTM, GTM, VCMP (Virtual Cluster Multi Processing.
• Configured different load balancing methods on F5 LTM & GTM and worked on one-connect profiles and HTTP compression and several persistence profiles.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Successfully configured and maintained Site to Site IPSEC and SSL VPN's on Palo Alto firewalls.
• Configuring rules and Maintaining Palo Alto & Analysis of firewall logs using various tools.
• Exposure to wild fire advance malware detection using IPS feature of Palo Alto.
• Responsible for Cisco ASA firewall administration across the Network. Installing & rebuilding IP appliances, checkpoint appliances. Configuring & troubleshooting Checkpoint ClusterXL& VRRP.
• Involved in configuration of Access lists (ACL) on ASA firewall for the proper network routing for B2B network connectivity.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Provided proactive threat defense with Cisco ASA that stops attacks before they spread through the network.
• Responsible for Cisco ASA firewall administration across the Network. Installing & rebuilding IP appliances, checkpoint appliances. Configuring & troubleshooting Checkpoint ClusterXL& VRRP.
• Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Provide second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer.
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
• Implementing IPsec and GRE tunnels in VPN technology. Designed, configured, implemented site-site VPN on Cisco ASA 5500 firewall.
• Integrating Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance perform CoA for remote VPN IPsec, SSL AnyConnect users.
• Monitored and analyzed Intrusion Detection Systems (IDS) & Intrusion Prevention System (IPS) to identify security issues for remediation.
• Implemented Juniper SRX FW Interface, MIP and VLAN using NSM.
• Configuration of new Juniper SRX firewalls for remote site implementation.
• Configuring DNS and DHCP scoops using Infoblox.
• Integrating Configuring RSA SecurID with ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.

Confidential, Seattle, WA

Sr. Network Engineer/ Systems Design and Strategy

Responsibilities:

• Redesigns and upgrades corporate/datacenter backbone to 10G DWDM on Cisco ONS and Nexus class infrastructure.
• Implements and monitors MPLS (MPLS-VPN), QoS (Layer 2 and Layer 3) and BGP technology.
• Designs 10 gigabit networks using Cisco Nexus 7000 series switches and Cisco 3800 series routers.
• Analyzes and tests network protocols (Ethernet, TCP/IP) using WireShark tool.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811
• ISR routers and switches at access level to 2950, 3550. This project also involved in configuring and testing EIGRP and BGP protocols.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Nexus 9k, 7k, 6k, 5k switches and Catalyst 4500 switches.
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems).
• VLAN's design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Design and integration of Juniper SSG series firewalls, SA VPN Appliances, J series Routers and EX-series switches.
• Managed Plan of Record with PLMs/SE/Sales/Marketing and followed up and monitor product lines of Juniper routing/switching/security portfolio (MX, PTX, EX, SRX).
• Configuring RIP, OSPF and Static routing on Juniper M and MX Series Routers.
• Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Developed and implemented core network consolidation plan. Included redundant configuration of Juniper EX8200.
• To support 64-bit machines Cisco SSL VPN ASA5500 is migrated to Juniper SSL VPN 6500.
• Configuring Routing protocols like BGP, OSPF, MPLS, multicast and L2 protocols in Cisco ASA to check it is passing through via ASA in customer deployments.
• Converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Creating a rule on the checkpoint firewall for a NAT (used ACLs to block unauthorized users) to the VLAN IP and allowing the IPsec traffic.
• Migrated from Checkpoint to Cisco ASA firewall. Implemented Bluecoat Proxy 810 security devices. Third Party security appliances to Cisco technologies.
• Configuring Site-Site VPN on Checkpoint Firewall with R77 GAIA.
• Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers.
• Provided tier 3 support for CheckPoint Firewall-1 software to support customers.
• Implemented Checkpoint FW Interface, NAT and VLAN using R77 GAIA Smart Dashboard.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Worked on the migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Implemented F5 hardware refresh of older 3600 hardware to Viprion.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Building the VPN tunnel and VPN encryption.
• Experience CSM, F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic.
• Configuration and installation for F5 reverse proxy load-balancers.
• Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.
• Contributed in implementation and configuration of F5 BIG-IP LTM-6400 load balancers, redistribution into OSPF on the core ASA firewall, working with Checkpoint Support for resolving escalated issues.
• Plan, design and test the application migration from F5 load balancer to new A10 load balancers.
• Creating App by APP configuration conversions from F5 to A10 load balancers and test it in Lab.
• Created WIDE-IPs, WIDE-IP Pools and corresponding members in GTM’s.
• Worked with Juniper SRX550 and Palo-alto Next-Gen PA-5000 Firewalls implementing and managing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies.
• Contributed in implementation and configuration of F5 BIG-IP LTM-6400 load balancers, redistribution into OSPF on the core ASA firewall.

Confidential

Network Engineer L2

Responsibilities:

• Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
• Troubleshoot MPLS issues with in the core and edge.
• Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP.
• Maintaining & Troubleshooting L2 LAN switches.
• Analyze Level 1 issues based on TCP/IP model of Communication.
• Monitor/support the WAN, MAN, LAN, VPN, switches, routers.
• Working on DNS, DHCP Request.
• Performed migration of legacy Bigip and 3-DNS devices to newer version of LTM 8900 boxer.
• Worked on Checkpoint Firewalls Clusters of both High-Availability and Load-Sharing. Implemented firewall policy change on the Checkpoint clusters.
• Worked on projects of Migrating CMA R65 to R77 through Provider-1, MDS Environment.
• Providing requested permissions by adding/modifying the Checkpoint Firewall Policies and rules.
• Implementing and Managing VPN Networks of the Customer through Checkpoint firewalls.
• Created VSYS Builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone.
• Configured Checkpoint Firewall's Web Defense to mitigate malicious traffic.
• Palo Alto App ID migration from the legacy-based port rules for PA 5060, 7050.
• Integrating Palo alto firewall with Active directory for user-identification.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Installation of Palo alto user-id agent on Active directory, Migrating URL filtering policies from Bluecoat to Palo alto.
• Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.

Confidential

Network Engineer

Responsibilities:

• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team.
• The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Created OSPF multi area summarization plan. Created stub, totally stub areas.
• Tested routers and Line Cards using SmartBits and done Performance Analysis of both LAN/WAN infrastructures.
• Upgraded distribution switches from .
• Involved in managing the Routing Protocols OSPF and BGP on 7200 and 7600 and on ASR
• Interacted with business users from a service delivery and service support perspective.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Configured Routing protocols such as VLANs, VTP, STP, MSTP, VRRP and HSRP
• Configured STP for switching loop prevention, and VLANs for data and voice along with configuring port security for users connecting to the switches.
• Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site to site VPN and remote VPN
• Configured NATs, ACL and routing on Cisco routers, firewalls, and layer 2 & layer 3 switches.
• Configured policy-based routing for specific traffic, route filtering with route maps and route redistribution.
• Implemented Network monitoring tools Wireshark and Manage Engine IT360.
• Implemented IP Telephony and Cisco VoIP 7960 phone systems in the company.
• Worked in Multi-vendor environment containing Juniper, Cisco and Nortel routers.
• Worked as a member of NOC and involved in troubleshooting LAN/WAN issues.