SUMMARY:

• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509 - V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Experience with design and implementation of Virtual Switching System (VSS).
• In-depth knowledge of Linux Kernel Programming (Module Programming).
• Network security including NAT/PAT, ACL, VPN Concentrator.
• Experience in configuring, implementing and troubleshooting F5 load balancer in the enterprise network.
• Involved in Data center migration including subnet migration, VPNs migration, network and security device configurations Experience with Bluecoat Proxy and VPN Technologies including B2B and Remote.
• Configuring and managing Blue Coat Proxy Servers.
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Experience with handling DNS and DHCP servers.
• Experience in configuring protocols like TCP/IP, Routing Protocols (RIP, OSPF, BGP, IGRP and EIGRP), PPP, PPTP and L2TP.
• In depth knowledge of IPv4 & IPv6 addressing and Subnetting.
• Extensive experience in layer-3 Routing and layer-2 Switching.
• Deal with Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series, Cisco catalyst 6500, 4500, 3750, 3500 and 2900 series switches.
• Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 10/5540/5560 ) Series.
• Hands on experience working with Cisco Nexus 7K, 5K & 2K Switches.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and Troubleshooting on LTMs and GTMs.
• Implementing F5 load balancer using Cisco UCS director.
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Managed inventory of all network hardware, management and monitoring by use of SSH, Syslog, SNMP, NTP.
• Working with Riverbed for WAN optimization.
• Experienced with Windows 2008/2012 active directory design installation and migration.
• Having 8 years of experience in Network Security, Firewalls and Communication Network design.
• Extensive experience in Networking and Security, widely in Network Security Products and Firewalls. Security system technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point/Nokia Firewall VPN-1FW-1 NGX R65, R70&R75 Provider-1/SiteManager-1 R65, R70.30 & R75.40 Smart Domain Manager command line & GUI. Advanced knowledge, design, installation, configuration, maintenance and administration Checkpoint Firewall R55 up to R77 version.
• Implemented and Configured Confidential Networks Firewall models and centralized management system Panorama to manage large scale firewall deployments. Implemented Zone Based Firewall and Security Rules on the Confidential Firewall.
• Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
• Experiencein working with load balancer for converting CSS to F5.
• Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5548UP,7009 switches.Implementing,configuring and troubleshooting various routing protocols like EIGRP, OSPF, and BGP.
• Professional experience with documentation, Visio diagrams, word, excel and power point.

SKILL:

• Controllers
• Windows, Linux Servers
• LAN and Administration
• TCP/IP
• Active Directory
• Designing and debugging
• MS-Outlook, Outlook Express
• Proxy
• Routing
• RIP, OSPF, DNS, DHCP, VoIP, IDS, IDP
• BGP, EIGRP
• Simulation, SNMP, SSL
• Troubleshooting, Upgrading
• FTP, HDLC, IVR, ISDN, FDDI
• Load Balancer
• WAN Optimization
• Routing Protocols
• Juniper EX Switches
• LAN
• WAN
• Simulation Tools
• Security/ Firewalls
• AAA Architecture
• Features & Services
• Ticketing Tool
• Migration, Managing
• Frame Relay
• Traffic Inspection

SKILL:

• Cisco CSS, F5 Networks, Cisco WAAS, PPP Multilink, IGRP, EIGRP, OSPF, BGPv4, MP-BGP, WAN Protocols K, 5K, 2K, EX8200, EX4500, EX4200, EX3200, EX2500, EX2200 Series
• (E, J, M and T- Series) Routers, Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation, Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing, Qualnet Developer, OPNET IT GURU, OPNET Modeler, Cadence
• Cisco ASA, Confidential, Checkpoint, ACL, IOS Firewall Features Firewalls 55XX, IPSEC & SSL VPNs, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, IOS Setup & Security Features, TACACS+, RADIUS, Cisco ACS, IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, NetFlow, Open Stack, IVR's, HLD and LLD documents, BMC Remedy, Microsoft ticketing, Service Desk, ServiceNow

WORK HISTORY:

Sr. Firewall Engineer

Confidential, DETROIT, MI

Responsibilities:

• Strong hands on and exposure to PaloAltoon a regular basis.
• Successfully installed PaloAlto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured and maintained IPSEC and SSL VPN's on PaloAltoFirewalls.
• Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.
• Created virtual systems (firewalls) in the PaloAlto Environment.
• Created security system rules and opened ports as per the user request.
• Has experience working on the migration from Juniper Net screen (SSG 140) to PaloAlto 3020 Upgraded the RSA Authentication Manager, helped colleague on upgrading the SEPM client servers from SEPM 12.1.2 MP5 to SEPM 12.1.6 MP5.
• Created external and internal DNS records as per the user request for a domain.
• Whitelisted IP's as per the user request on bluecoat proxy servers.
• Created firewall policies and NAT rules to provide access for websites internal and externally on PaloAlto and Juniper firewalls.
• Configured VPN tunnels on Juniper security system clusters and tested tunnel negotiations.
• Creating design and configurations for needed network SDWAN solutions; Design and architect of Implementation steps and procedures for the Hub/Spoke deployments using a v1000 appliance structure.
• Involved in the discovery, design, and implementation of the client’s network in relation to SDWAN.
• Performed nightly and day-to-day operations checks, configurations, and maintenance services on the Versa SDWAN system, and networking components that made up the SDWAN infrastructure.
• Experience working with Network security manager (NSM) to access the Juniper firewalls.
• Worked on Juniper Net screen firewalls such as SSG5, ISG1000.
• Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation PaloAlto appliances serving as firewalls and URL and Application inspection.
• Configuration, deployment and Administration of Checkpoint, PaloAlto Firewalls to manage large scale firewall deployments.
• Configuring rules and Maintaining Checkpoint, PaloAlto& Analysis of firewall logs using various tools.
• Migration from Cisco firewalls to PaloAlto firewalls platforms PA 4000and PA 500 and PA- 200 firewalls.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Maintained and Configured Check Point VSX with firewall virtualization.
• Configured and maintained IPSEC and SSL VPN's on PaloAlto Firewalls.
• Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.
• In depth knowledge of multi-vender platforms such as Cisco, Checkpoint, Fortinet, F5, Blue Coat (web/socks proxy), MacAfee web gateway.
• Conducted SD-WAN Proof of concept for future adoption.
• Provided a SSL VPN solution to replace PPTP VPN.
• Design solutions and proof of concepts (POC) and troubleshooting Support for Fortinet UTM/Firewalls.
• Maintained and Configured Check Point VSX with firewall virtualization.
• Converted Checkpoint VPN rules over to the Cisco ASA solution and worked on RSA secure IDs to providing VPN Token to Company USERS, Migration with Cisco ASA VPN experience.
• Configured Client VPN and RSA Token ID technologies including Cisco's VPN client via IPSEC.
• Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA Secure ID, Proxy Radius Services to Cisco ACS.
• Configured the F5 LTM to operate correctly with Cisco ISE PSN nodes.
• Installed ESXi 6.5 on Cisco UCS-C220-M4S server and following Vms:Cisco ISE 2.4 and windows server.
• Deploy Cisco ISE on Nexus 5000/7000 routers, Cisco Switches, and Cisco ASA firewalls.
• Complete Cisco ACS to Cisco ISE 2.2 migrations automated and manual processes for an international port.
• Implementing F5 load balancer using Cisco UCS director.
• Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual server.
• Implementation of OSPF with BGP during migrations and new connectivity.
• CSU/DSU loop testing in examining WAN link issues by implementing hardware and software loops.
• Extensive Packet level debugging and troubleshooting on PaloAlto Firewalls to resolve numerous network issues.
• Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the PaloAlto Firewalls placed in the Data Center with MS Visio.
• Configure and maintain security policies on Fortinet firewall and managing Fortinet Analyzer.
• Hands-on experience in configuration of firewalls - PaloAlto, Cisco, Fortinet, and Firefly.
• Expertise in configuring and troubleshooting of PaloAlto, Fortinet, Juniper Net screen & SRX Firewalls and their implementation.
• Configure and maintain security policies on Fortinet firewall and manage Forti Manager/ Forti-Analyzer.
• Provisioned various Cisco Meraki & Fortinet firewalls.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Offered authentication accounting authorization to all network devices using Cisco Secure Access Control Server (ACS).
• Design, Configuring and troubleshoot F5 LTM load balancing.
• In depth understanding of implementing and configuring F5 Big-IP LTM, GTM (11.x, 10.x).
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
• Knowledge on configuration of iApps (BIG-IP) application service in implementing F5 load balancer.
• Using F5 load balancer for traffic filtering and network optimization.
• Documenting F5 logs and sending to weekly report to management.
• Linux Kernel configuration changes (Device Tree, make file, Brocade platform specific changes) for the platform.

Firewall Engineer

Confidential, FREEPORT, ME

Responsibilities:

• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration.
• Adding and removing Checkpoint firewall policies based on the requirements of various project requirements.
• Administer Checkpoint firewalls with cluster gateways including pushing policies and processing user requests to allow access through the firewall using Smart Dashboard and identify unused rules and schedule change to mark it for permanent deletion at later point of time.
• Checkpoint Firewall Log review and analysis and troubleshoot connectivity issues.
• Configuring HA on Checkpoint security gateways using cluster XL and VRRP.
• Upgrading Checkpoint security gateways in cluster with minimal downtime.
• Perform SSL Offloading on LTMs and web accelerators with 2048-bits VeriSign s.
• Also, renewing s to ensure the security of websites.
• Assist customers with troubleshooting network attached storages, softwareRAID, configuring SMB shares, joining to Active Directory, configuring iSCSI, as well as basic network troubleshooting.
• Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point VPN1 NGX R55/R65/R70.Performed upgradation from old platforms to new platforms R65 to R75.45 Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.
• Setup Cisco ACI Fabric (Spine/Leaf/APIC) Configure ACI APIC controller.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Checkpoint firewalls.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP IPv4/IPv6 and configured IP access filter policies.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Worked with PaloAlto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Migration from Cisco firewalls to PaloAlto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls.
• Configured IPSec tunnels with PaloAlto to enable secure transport and cloud based/site-site VPN to both Azure and AWS.
• Configured High availability, User ID on PaloAlto firewall.
• Configured, Deployed & performed Maintaining PaloAlto Firewalls & Analysis of firewall logs using various tools.
• Editing and Changing PaloAlto Polices and Monitoring threats on firewalls.
• Analyzed traffic pattern and implemented URL filtering, using the PaloAlto Firewall.
• Troubleshooting and configuring PaloAlto FW's 3060 & 5060.
• Designed security policies on PaloAlto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
• Configured and maintained IPSEC and SSL VPN's on PaloAlto Firewalls.
• Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall.
• Troubleshoot on security related issues on Cisco ASA/PIX, Checkpoint and IDS/IPS.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer's stage.
• Worked and performed troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, and BGP ability to interpret and resolve complex route table problems.
• Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.
• Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP Worked with ITIL (Information and technology information library) for managing our services.
• Working with ITS networking teams to install an Avaya VoIP phone system and test phone system connectivity and functionality.
• Knowledge of with API's for troubleshooting Network issues using Wireshark and NTOP.
• Configured static NAT, dynamic NAT, dynamic NAT overloading.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
• Configured and perform trouble shooting on Dell Power Connect Switch 5548 used to connect VM Servers and Flex Systems.

Network Engineer

Confidential, CALIFORNIA

Responsibilities:

• Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Ensure connectivity and communication among networks, servers and clients inside and outside department.
• IOS upgrade for Cisco routers & switches.
• Created and maintained topological changes for Test Labs, Data Center and Switch port assignment in Visio.
• Backup, restoring and upgrading the Router and switch IOS.
• Document all changes, upgrades, maintenance, procedures.
• Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc Worked with F5, CISCO ACE 4710 Load balancers, GSS and Wireless networks.
• Deployed Cisco Catalyst 6500, 4500, 4000, 3750, 3850, 3560 switches Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls Worked with Juno OS and Juniper M&T series switches.
• Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Experience working with Nexus 7010, 5020, 2148, 2248 switches.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers Created virtual systems (firewalls) in the PaloAlto Environment.
• Experienced in facing the Bluecoat and PaloAlto product lines, up to pre-sales type of function.
• Demonstrated experience with Check Point, Cisco, and PaloAlto Networks Solutions Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
• Migration with Cisco ASA VPN experience Load balancing using F5 products.
• Checkpoint Firewall Log review and analysis and troubleshoot connectivity issues.
• Configuring HA on Checkpoint security gateways using cluster XL and VRRP.
• Experience in different VPN platforms, IPSec, SSL & Web VPN.
• Mobile VPNs solutions from Cisco and Checkpoint.
• Converted Checkpoint VPN rules over to the Cisco ASA solution.
• Migration with both Checkpoint and Cisco ASA VPN experience.
• Configured ASA 5510 appliance and VPN.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.

Network Admin

Confidential

Responsibilities:

• Planning and Designing of Network infrastructure, Servers, Link, and bandwidth monitoring (Network tool), analyze incidents and troubleshooting of network related issue.
• Configuration and Troubleshooting on site-to-site VPN and Remote VPN on CiscoASA 5540 security system.
• Work on CiscoACS (TACACS+) Server for Providing Access on Network and Security Device's.
• Troubleshooting various LAN and WAN issues related to STP, VLAN, VTP, HSRP, VRRP, GLBP, ACL and routing protocols Installation, configuration & troubleshooting of CISCO Routers (1751, 2600, 3600).
• Configuration and Testing of Cisco switches (2950,1900 series).
• Managing WAN&LAN and Administration of TCP/IP based network.
• Negotiate VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.
• Regular basis Implementing Network Changes on Schedule time within Window.
• Participation in various conference call, meeting related to Project work, interaction with clients for resolving issues or for their old or new concerns.
• Schedule changes and work through maintenance requests over weekends.
• Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
• Responsible for evaluating impact and performance on the network server Managing Layer 2 switches of Cisco, VLan configuration and assigning ports to specific VLan as per requirement.
• Involved in designing GRE tunnels for encryption of data flow from source to destination.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience with Cisco ACS 4.x servers.
• Monitor and tune network to ensure acceptable levels of performance.
• Evaluate applications connectivity requirements Configuring various clients like Outlook Express, MS-Outlook 2003 & 2007 Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured policy-based routing for BGP for complex network systems.
• Negotiate VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.