SUMMARY:

• Extensive experience in Switching, Routing, Network Security - Firewalls, Load balancers and Wireless Controllers. Experience working in enterprise and data center environments. High level network architecture view of Service Provider.
• Experience with Cisco, Juniper, F5, Arista, Dell, HP, Palo Alto, Checkpoint, Aruba hardware and software platforms. Experience in Design, troubleshoot and high level view of Access, Distribution and Core Model and Spine Leaf Model.
• Install network backbone, wireless controllers and wireless access points (Cisco, Aruba, Ruckus) Strong technical skills to perform installation and troubleshooting of Ericson, Ruckus and Cisco Access Points (AP's).
• Experience with Cisco 3750, 3850, 2960, 4500, 6500, Nexus 2k, 3k, 5k and 7k switching ware. Experience on Juniper EX and Arista 7000 series Switches in Data Center Environment.
• Experience with Level 1/2/3 troubleshooting in OSPF, BGP, ISIS, VPC, VDC, OTV, MPLS, and Port-Channel. Design and troubleshooting experience in VLAN, Trunking, VTP, STP, RSTP, PVST, 802.1X, LACP, PAGP, HSRP, GLBP, VRRP.
• Designed redundant ISP circuit using BGP, Internal routing with OSPF and Static routes.
• Experience working with Virtualization and Storage team in Network resource Provisioning. Experience configuring IPV4/IPV6 Multicast to support VMware hosts and Storage hosts. Stretching layer 2 VLAN’s on OTV across Data centers for VMotion.
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and valuable experience on IP services.
• Cisco ASA, PA and Checkpoint Firewall troubleshooting and policy change requests, ACL and NAT for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Cisco devices; VPN concentrators, Cisco PIX/ASA, switches (Layer 2 and 3), routers and routing protocols such as BGP and EIGRP for MPLS, Fast Ethernet and Gigabit Metro Circuits.
• Design wireless networks and provide documentation for deployment, 3GPP Perform wireless network implementations
• Extensive design, installation, provisioning, and implementation of DWDM, SONET

  and Ethernet networks utilizing Ciena Networks, Fujitsu Flashwave, Cisco 14545 and Alcatel-Lucent 1850 & 7750 equipment.

• Worked on Creating zones on PA firewalls, SRX firewalls and writing policies for URL filtering and SSL decryption.
• Expert in DWDM long haul and metro network networks in designing, optimizing and troubleshooting.
• Experience with access lists, IPsec tunnels, NAT, SSL headers, HTTP headers for layer 7 traffic filtering.
• Experience with migration tool in PA and migration experience from ASA to PA also from CISCO to JUNIPER.
• Worked on Wide IP’s, DMZ zones, F5 LTM and GTM in DMZ for external Applications. Multifactor Authentication for External applications in DMZ using F5-APM.
• Extensive Knowledge on the implementation of Cisco ASA checkpoint R75 and Juniper SRX firewalls.
• Comprehensive knowledge of wireless networking systems and protocols. 802.11 a, b, g, n in Cisco and Aruba environments. Experience with Local and Master WLC config with over 1000 Campus AP’s with various SSID’s and Authentication methods like Certificate, WPA-PSK etc.
• Experience in F5, Cisco ACE 4710 Load balancers. Migration Experience from ACE to F5 and NetScalers to F5. Worked on critical applications on Layer 4 and layer 7 load balancing. Experience with Virtual server, Pool, Node, Profiles - TCP, http, https, ftp, fastl4, Persistence - Source IP, SSL, Cookie, SNAT, iRules, iAPP, SSL offloading.
• Utilizing Cisco 5508.8500 series wireless controllers and 1131, 1142, 2602, 2702, 3602, 3702 LWAPP access points
• Basic experience with troubleshooting Riverbed, Steelhead WAN optimizer for slowness issues, writing policies and in path rules for traffic ingress and egress, deep packet inspection for delay sensitive traffic.
• Strong hands on experience in installing, troubleshooting, configuring of Cisco 7200, 3800, 3600, 3400, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM, DNS, DHCP and ARP, reverse & proxy ARP, Ping, Traceroute Concepts. Worked on windows DHCP, Infoblox and IPAM for IP reservations
• Responsible for network design, projects and support across the globally co-located data center networks. Well versed with maintenance windows, Cutovers in production environment, working with other teams on requirements, communicating with Management on required resources and Change controls.
• Facilitating the automated collection, Analyzing, alerting, auditing, reporting and secure storage processing of all the logs using RSA envision solution.
• Excellent qualities such as Teamwork, Negotiation, Analysis and Communication. Experience with Service Now, Smart IT and Zera.

TECHNICAL SKILLS:

Switching: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, STP, RSTP, PVST, LACPPAGP, HSRP, GLBP, VRRP.

Routing Protocols: OSPF, IGRP, EIGRP, RIP, IS-IS, BGP, EVPN (Spine Leaf Architecture), MPLS

Security Protocols: NAT, ACL, Security Policies VPN, IPsec and GRE tunnels, Firepower, Panorama, F5 ASM, MWG, Bluecoat Proxy.

Switches: Cisco 3750, 3850, 2960, 6500, 4500, Nexus 2K, 3K, 5K, 7K, Juniper EX and QFX Series, Arista 7500 and 7010 series.

Routers: CISCO 2600, 2800, 3600, 3800, 7200, ASR-1k, 9k Juniper M & T Series, Cisco CRS.

Firewalls: ASA 5500 series, RX series, PA 200 and 5000 Series, Panorama M100, Checkpoint 4400, Juniper: SRX and net screen.

Load Balancers: Big IP F5 LTM, GTM (versions11.4, 11.6, 12.1) and APM, ACE, NetScaler 7900.

Layer1: Vast knowledge on structured cabling, data & voice networks, Fiber (SM and MM)SFP.

Operating Systems: Windows 7, Vista, XP, 2000, CentOS LINUX, Puppet, Cisco IOS, Solaris, IOS XR, NXOS.

Network Monitoring: Cisco Works 2000, Wire Shark, Network sniffer & packet analyzer, HR Ping, SolarWindsNCM, NPM, IPAM.

Applications: Putty, GNS3, Windows CLI, Linux Ubuntu.

PROFESSIONAL EXPERIENCE:

Confidential, South Carolina

Network Support Engineer/ VPN implementation Engineer

Responsibilities:

• Worked on Juniper SRX- firewalls 5400, 5800 and Juniper M &T series of routers for the VPN and extranet Migration.
• Worked on juniper EX & QFX series switches & CISCO switches. SRX firewall environment, Worked in JUNOS 15.1x49.
• Support global wireless infrastructure AeroHive Networks
• Configure and administer Cisco ISE (Identity Services Engine) servers. Includes creation / troubleshooting of captive portal authentication / accounting for wireless deployments using both Cisco and Motorola wireless networks
• Work with Service Providers to provision new Metro Ethernet/Broadband circuits for EvPL/DMVPN connectivity.
• Installed and configured Aerohive Access Points as part of new site installations. Created network policies. Directed the launch of an enterprise-class office Wi-Fi solution resulting in increased staff mobility and flexibility.
• Wrote and planned DWDM and L3 troubleshooting/configuration exercises according to network requirements to increase department proficiency
• Working closely with onsite IT managers and remote engineers utilizing Ekahau Site Survey performed wireless validation surveys of Microsoft offices across the United States and Canada. Configured Aruba access points, troubleshoot connectivity issues with Aruba access points. Prepared wireless survey reports, reports documenting completed projects and AP placement maps
• Designing, configuring, implementing and documenting wireless networks for IBM customers worldwide.
• Performs/supervises wireless radio and satellite systems and equipment maintenance activities
• Configuration VPN (site-to-site) connectivity of Phase -1 and Phase-2 with the client requirements for the migration from CISCO router, Net screen firewall to the Next generation juniper SRX firewalls.
• Configuration of LAN and WANs, using Putty to remote logging in networks.
• Designed and Configured Cisco Identity Services Engine (ISE v1.2) to support corporate connectivity to a new wireless environment utilizing Active Directory Authentication and Authorization with EAP-TLS client certificates.
• Designed network technologies: Metro Ethernet, DMVPN, mGRE, NHRP.
• Extensive design, installation, provisioning, and implementation of DWDM, SONET

  and Ethernet networks utilizing Ciena Networks, Fujitsu Flashwave, Cisco 14545 and Alcatel-Lucent 1850 & 7750 equipment.

• Set up 10G point-to-point & DWDM WAN network using Cisco 4500x & Nexus N7K.
• Used putty to support network functions such as SSH, Telnet, remote login, remote shell access to a Linux system.
• Hands-on experience on the MPLS Extranet migration from CISCO router to Juniper SRX firewalls.
• Worked on troubleshooting VPN (site-to-site) and Extranet connectivity in juniper SRX firewalls.
• Worked on troubleshooting OSPF and routing issues internal network and BGP for external network.
• Worked on design and configuring juniper MX-480, T-400,1600 routers on the Next generation infrastructure.
• Experience working on EVPN using BGP for the Spine Leaf Architecture. Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210, 1400, 5400.
• Deployed and configured the External RADIUS server (Windows 2012 NPS server) for the Authentication, Authorization and Accounting the user to connect to the Aerohive WAP's.
• Worked on Extranet GRE migration from CISCO and Net screen to the Juniper SRX firewalls.
• Experience on implementing firewall rules in Juniper SRX and deployment the extranet migration from CISCO devices to Next generation Juniper SRX firewalls.
• Create Low Level and High -Level Designs for Enterprise Wireless Projects. Perform Wireless RF Site Surveys with Air Magnet and offline surveys.
• Expert level knowledge on configuring Aruba Mobility controller, Airwave, Aruba Clearpass, Cisco Prime Infrastructure, WCS/NCS, ISE & MSE. Worked extensively configuring Security over Wireless and Voice over Wireless.
• Proficient with Fortinet, Meraki, Ruckus, Aruba, Watchguard, HP, AeroHive, Datto, Autotask
• Implementing NAT rules for both VPN (site-to-site) and Extranet to allow traffic from one to another.
• Worked on Juniper Junos Pulse for remote SSL VPN.
• Configuration of Wireless Ad-Hoc network and routing protocols analysis using NS-2
• Installed CISCO Wireless Access Points and was responsible for conducting wireless local area network (WLAN) surveys and utilizing Air Magnet Site Survey software to obtain signals in real time.
• Creating and updating the support documentation of implementation plans, risks and mitigation.
• Experience on Creating, submitting and implementing changes relating to Extranet and VPN connections, including validation of functionality post migration.
• Configured and implemented Meraki network equipment for 30 locations for a customer with Meraki MX80 firewalls, Meraki MS port switches, Meraki MR34 wireless access points, and Meraki MR32 wireless access points.
• Troubleshooting for Layer 2 LAN technologies including but not limited to Ethernet (Switched, FastE, MOCN, GWCN and GigE), Spanning-Tree, VLANs, VTP, and Trunking (802.1q) and Aruba Wireless platform and Aerohive Wireless AP.
• Responsible for performing predictive wireless designs/site surveys with AirMagnet Planner (Cisco 3500/3600/3700/ Aruba 105 access points) and conducting physical wireless site surveys with AirMagnet Survey.
• Project responsibilities included the removal of Cisco wireless APs and the installation of Aruba wireless APs. Site survey, initial walkthrough, pre-configuration and installation of Aruba instant and campus APs, controllers, and documentation - Support of the T.I. wireless network via Airwave.
• Implementing location-based wireless services.
• Configured wireless Ad-Hoc network using NS-2. Analyzed network throughput for different number of nodes by varying MAC layer, RTS/CTS mechanism, node locations
• Setup wide area and local area networks (LAN/WAN) for clients utilizing Meraki Cisco routers, switches, firewalls Perform proactive 3GPP Packet Core NW interface specifications, wireless site surveys to ensure the environment has not changed and to ensure a steady and reliable wireless environment .
• Coordinated with external and internal parties to arrange approvals and maintenance windows including asset management tools, diagrams, implementation and operational processes.
• Expanded Wifi to entire campus coverage with Aerohive using Hive Manager.

Confidential, San Jose, California

Network Engineer

Responsibilities:

• Worked on upgrading the Nexus 7k Core, Distribution Switches in VDC. Documentation of upgrade Plan, All the IP ranges, Access switches, OSPF routing instances, VPC, VDC and OTV.
• Experience working with F5 LTM, GTM pair for internal and external applications load balancing. Worked on F5 APM for multifactor Authentication using Improvata and ADFS.
• Worked on windows DHCP, infoblox for IP address management and reservation. Worked on windows DNS to create Alias names and C names for the GTM WideIPs and Delegations.
• Worked on Layer 2 switching VLAN, Trunking, LACP, STP, and RSTP. Configured VPC for the access layer switches that connects to Distribution N7K’s in VPC.
• Experience working on perimeter firewalls. Worked on PA 200/5000 series of firewalls for both Internet and internal traffic filtering. Upgrading the code from PanOS 7.1.X to 8.0.X. Experience working on Panorama M100. Migration from Cisco ASA to PA firewalls.
• Configured WAP and wireless controller by using WEP, WPA, WPA2, TKIP, etc
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Troubleshoot and solve network systems issues involving Cisco switches, Aruba wireless intrusion detection systems, VSAT
• Wireless experience with Aruba, Aerohive and Cisco products
• Hand-on experience on Cisco firewalls (ASA 5500 series) and prior experience with firewall migrations.
• Experience with Access policies, NAT Policies, wild fire, threat prevention, anti-virus, anti-spyware profiles and apply them to policies and pushing to various firewalls through Panorama.
• Writing IPsec parameter to build IPsec tunnels in PA firewalls for connecting remote sites where we don’t have MPLS infrastructure. Experience Upgrading from PanOS 7.1.X to 8.0.X. Experience working extensively in 8.0.6
• Experience on adding device certificate for forward trust and forward un trust SSL decryption also SSL forward proxy and URL filtering in PA firewalls.
• Perform Troubleshooting at the Wireless Controllers for AP's associations and Wireless Client Association.
• Experience in providing Network Design, Installation, Analysis, Troubleshooting, and Support for LAN, WAN and WLAN services.
• Deployed Aruba Clearpass policy manger in wired and wireless(WI-FI) infrastructure in office and warehouse environment.
• Wireless rollout: responsible for deploying 1500 Aruba Wireless Access Points to different sites
• Pasadena Core Datacenter Network implementation involving Cisco 6513 Switches, Cisco 7204 Routers, Cisco 3750E switches, Nexus 5000, Cisco ASA and Checkpoint Firewalls, Cisco Wireless Controllers 5508 and 3200 Series Access points, Bradford NAC, ACS, Solarwinds monitoring, Cisco WAS.
• Troubleshoot wireless network issues at the Wireless Controller, using Debug commands and Wireshark.
• Installed PA 200, 500 and 3020 from scratch from console, MGMT config, licensing the required profiles, interface configuration, VLAN assignment, routing etc. Worked with PA log collector.
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices and configured Juniper EX-series switches in new data center.
• WLAN integration of all hotspot access points with wired central LAN infrastructure by using bridged backhaul point to point, point to multi-point and mesh type wireless network topology using 802.11a/b/g/n 5.8Ghz radios.
• Worked on Designing, Developing and Deploying Aruba Wireless (Wi-Fi) environment in large scale warehouses which span over 150,000 Sq ft to 500,000 Sq ft to multiple remote sites (10,000 to 20,000 Sqft).
• Built wireless network using Aruba redundant controllers and ClearPass radius server.
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines (site-t-site and remote) and making sure everything is in place for both Palo alto firewalls and Juniper SRX firewalls
• Involved in Data center migration from three layered network architectures to Spine Leaf Architecture on Arista Hardware. Introduced to EVPN. Configured VTEPS, MLAG, VXLAN, and BGP for routing in Spine Leaf Architecture.

Confidential

Network Operation Engineer /F5 Expert

Responsibilities:

• Worked in both Enterprise and Data Center Environments, worked on Cisco 3750, 3850 and 2960 in Access layer, 3750 Gig and 4500 in Distribution Layer.
• Worked on 6500 series in Core layer and ASR 9k as Edge routers. Worked on OSPF, EIGRP. Experience in troubleshooting and design in OSPF and EIGRP.
• Worked in Nexus 2k, 3k, 5k and 7k in Datacenter environment. Worked on VPC, VDC, FEX, port-channel, VLAN trunking.
• Worked on designing DMZ environment with F5 LTM and GTM for external application load balancing.
• Worked on providing network resources for ESXi hosts, storage hosts like ISILON, RP, VMAX, VNX etc.
• Designed a Two Arm Architecture for LTM pair in DMZ with a segregated server VLAN.
• Configured load balancing for Citrix ICA servers using NetScaler’s.
• Experience in using migration too also experience working on Palo Alto and checkpoint perimeter firewalls.
• Configured of routes and interfaces, DMZ inside and outside security levels etc. also experience in installation from scratch.
• Worked on a WIFI migration from Aerohive to Extreme for St. John's Hospital including provisioning and deploying over 100+ new Extreme APs. Basic setup and configuration of a virtual WIFI controller in VMware VSphere.
• Configured F5 LTM for applications like Exchange 2016, Skype for Business 2015, EPIC, Citrix, AirWatch, and MWG etc. Configured WCCP on Edge routers to route the Internet traffic through MWG.
• Experience setting up physical VE F5 BIGIP Versions. Upgrading Hotfix and IOS. Worked on LTM, GTM (Wide IP, Zones, Listener IP, Generic servers etc.), and APM (Basic) modules. Integrating APM with ADFS and Improved for 2 Factor Auth.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event of core router becoming unreachable.
• Designed, Configured and implemented VPN tunnel with IPsec and GRE and Cisco ASA based security infrastructure.
• Migrated from Cisco ACS to Aruba Clear pass. Configured 802.1X on all access layer switch ports for port security. Implemented MAC based, and Certificate based authentication to the end hosts.
• Worked on SolarWinds Monitoring tool with NCM, NPM and IPAM modules. Worked on service now ticketing tool for change controls and tickets for any issues.
• Troubleshooting issues related to Cisco Routers, Switches, and ASR, Nexus 5K, 2K, ASA5595, ACE 4710, MPLS and critical network links by coordinating with the vendor
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issue. Used the network analyzers like Wireshark, ethereal and sniffer for packet analysis.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.