PROFILE AND SUMMARY OF QUALIFICATIONS

My professionalism starts at being a reliable person, who is not only an observant and self-motivated high-end Network Administrator but who also has a proven track record in solution planning and software applications. My abilities as an innovative thinker and effective problem solver with excellent interpersonal, organizational and communication skills gives me the edge to grow and master new responsibilities.

PROFESSIONAL EXPERIENCE

Confidential

Currently working on project that involves:

• Wireless Network: Designed and Implemented Wireless network 8 Remote sites. The network includes: HA Cisco 5508 Controllers installed in Data Center, 110 WAPs Cisco 2600s, 1200s. Different Heat Map tools are used to analyze the area to gain optimize performance of WAPs placement. These are some of the cases:
• Remote site requires local address scheme, for this I used Cisco Flex technology to provide local addresses to Wireless Network Devices.
• Signaling issue by overlapping Channel: For this I used the Cisco Clean Air Technology to identify Signal strength, attenuation and noise reduction.
• For secure connection and authentication, I used AD authentication via Windows Server RADIUS services.
• SolarWinds is used to monitor WAPs and Clients in addition of Cisco Controller Monitoring tool.
• All the guest network traffic is flowing via DMZ to internet for the 8 remote sites.
• Checkpoint IPS is used to monitor all the wireless traffic for vulnerabilities and updates.
• Configure and setup Nessus Tenable Infrastructure Edition to scan for Malware and Vulnerabilities due to patches, plug-ins and updates.
• Setup and Design Citrix Netscaler load balance.
• Setup SolarWinds NPM 10.3.1 version for monitoring wired and wireless network
• Setup and configure and use Kiwi Syslog for alert from Network devices for any issues.
• Currently working on Bit9 Parity to implement in the company infrastructure to whitelist approved software and application. This is an added Security feature on inside users to fight against malware and virus.
• Carbon Black in connection with Bit9 to study the pattern of infected files and or Binaries.
• Responsible for network infrastructure which includes:
• Two Data Center
• Four Checkpoint 4800 firewall Gateway appliance
• Two Gateway 4600 appliance
• One Gateway 1180 managed Gateway appliance
• One Smart-I Management Appliance
• Recently upgraded from Secure Platform to Gaia 10.7R OS
• Eight Remote offices
• Redundant MPLS connection
• Checkpoint IPS module to monitor for known malicious signature malware botnet and virus.
• Checkpoint Web Content filter to filter banned websites and other categories.
• Internally using Cisco Nexus 5596 Core switches with 6 Cisco 2000 FEX.
• Internal network is configured for vPCs and non vPC trunks.

Confidential

Network Engineer

Responsibilites:

Support Mark Monitor Thomson Reuters Company Network Infrastructure which includes:

• Maintain company's network Infrastructure which includes: 5 Data Center in US and Europe 10 Remote office sites.
• Maintains WAN infrastructure: Gig E, MPLS, T1, T3, Multimode Single mode Fiber handover.
• Network Infrastructure includes: VPN route based and Policy Based, P2P WAN connection EIGRP as internal Routing Protocol Client Server VTP setup RSTP HRSP, SNMP v2,
• Infrastructure Hardware includes: Cisco Switches: C6500s with 720 Sup, Nexus 5596, C4948, C3560, R2811, R7200vxr, R3845, ASA5520, C6509-FWSM with Multiple Context Routed and Transparent Configuration, Cisco Load Balance CSM .
• Nexus OS, Nexus 5k and 2k, vPC, VDC, FEX, FCoE, 1000v integration with VMware
• Cisco ASA Modular Policy Framework MPF , ACL, IP-Sec and ISAKMP Configuration, Fail-over setup.
• Cisco ASA 5520: Site-to-Site VPN and VPN Remote-Access for users.
• Update Network Infrastructure using MS Visio Premium 2010.
• Monitoring Tool: Open NMS, CiscoWorks, WireShark Sniffer .

Confidential

Responsibilites:

Support International Trade Administration ITA Network Infrastructure which includes:

• Hundred and Eighty 180 remote site-to-site VPN using mix of SonicWall and Cisco ASA.
• Two Data Center: HQ at Washington DC and Census Data Center Bowie MD.
• About 3500 user's connection.
• Cisco and Juniper SSL Remote client VPN.
• Network Devices: Cisco 6509, ASA 5520, 5550, 3560Gs Dell PowerConnect 6248 Sonicwall Pro 306, NSA 240, 3000 HP ProCurve 2500 and 4000 Juniper ISGs Cisco ACS 3000
• Software and Protocols: Cisco IOS, ASDM 8.2, Solarwinds 10.x, OSPF, EIGRP, RIP ver 2, NAT, Static Routing, PVST, MST, Route Maps, ACL, VPN, VACL, IP Subnetting, VPN IKE, 3DES, AES, FIPS.
• Load Balancing: BigF5 LTM, Cisco CSM in Cisco 6509 which includes: ServerFarm, Probes, Vserver, and troubleshooting Load Balance. Redirect traffic with i-Rule.
• Cisco 6509 Modular FWSM which includes hardware configuration and Firewall Context and troubleshooting. Context in Routed and Transparent mode.

Confidential

Census Data Center:

• Designed and implemented MST Spanning Tree between Dell 6248 Power Connects switches to Cisco 6509 Core Switches.
• Hub and Spoke VPN connection between DC to 180 remotes sites Internationally and Domestically. Sonicwall Pro 3060 with Enhanced Firmware is used for the VPN connection. Trusted Internet Connection TIC is used to eliminate SPLIT DNS for security requirement.
• Cisco ASA 5520 with NAT and ACL defined to provide internet access.
• Cisco ASA 5520 is configured for Remote Client VPN access.
• Managing GigE 400 Megs Qwest provisioned line to connect Census DC to HQ DC Data Center.
• OSPF internal routing is configured to route VLAN subnets between the two Data Centers. OSPF traffic is controlled by Route Map and ACL rules.
• Redundancy is provided via: HSRP, MST Load Balancing, OSPF Load Balancing and VRRP on Dell Power Connects connecting Dell Blades and Servers.
• Source Fire sensors IPS are configured between Core, ASA and Intranet Router to capture Packets for Security Evaluation.

HQ Data Center:

• Core Cisco 6509 Switches with HP Pro Curve 2500 and 4000 Series switches. PVST Spanning tree is configured at HQ and is redesigned by me to move to MST Spanning tree for future.
• Manage Production, Users, Printers and Management VLANs.
• OSPF is configured at Core and Intranet Cisco 7304 Router to connect to Servers and Data Storages at Census Data Center.
• Daily Troubleshooting is performed Day-to-Day along with sending Weekly and Monthly Network reports to upper Management.
• Network Devices authentication are managed by Cisco ACS and TACACS and RADIUS are configured on all network devices.
• Monitoring Tools: The following Monitoring Tools are used:
• SolarWinds NPM, APM and NCM for alerts, Nodes and Application. NCM is used for backup network devices configuration and Real time Syslogs messages.
• Splunk is configured and used for bandwidth and real time Syslogs information.
• Riverbed Cascade Packet Capture packet Analyzer is used to capture packets for evaluation for latency and bandwidth utilization issues.

Confidential

NOC Engineer

Responsibilities:

• Troubleshoot network problems using Monitoring Tools: What's UP Gold WUG , HP Open View, Cisco Works 2000, Orion with Application and Network Module, and Control-M to monitor Application.
• Create Remedy Tickets for trouble. Design and Implement IP Subnetting. Manage and configure Super Stack II 3300 and 3900 3Com Switches.
• Manage and configure Juniper ISG 1000 with IDP module for intrusion detection.
• Manage VPN accounts, issue RSA Tokens. VPN devices: SONICWALL TZ250, SONICWALL NSA 240, 2400, SONICWALL TZ Wireless 210 N, Pix Firewall, Juniper ISG 1000.
• Manage and Configure Cisco 3700, 6509, 4500 Series Router and Switches.
• Control Traffic between ISPs using BGP and use EIGRP internally to connect NJ and NY sites.
• Monitor Remote site connection using T1 lines. Monitor and troubleshoot on daily basis: Cisco 4500 Series, 6509, 3750, 2811, 2600 series.
• Manage and configure VLANs, HSRP, STP, InterVLAN, Port management on Cisco 6513, 4506, and 3750.
• Implemented NAC and NAP using BradFord Director Manager and Symantec Enforcer.
• Configured and Implemented McAfee NAC for updates, Remediation, Scanning and Virus Definition update.
• VMWARE Virtual Center Client/Server and ESX Server 3.5 using Windows Server and Sun Solaris hosts. Manage Dell PowerEdge Servers, SAN and NAS.

Confidential

Network Engineer

Responsibilities:

• Design LAN and WAN and Wireless infrastructure using MS Visio 2000 2003, lead group of technical engineers to setup, roll-out, configure and implement network design. Troubleshoot existing projects.
• Projects, included and based on: Active Directory Design, PIX and ASA firewall setup, Layer 3 Switches configuration, VLAN setup, routing internet traffic through BGP routing protocol, OSPF routing protocol, Microsoft Visio to design network, usage of Ethereal and Sniffer to capture data for troubleshooting and network congestion or latency.
• Configured VMWARE to setup lab environment for organization.
• Setup VLAN site-to-site and remote server access through PIX 515E and ASA router. Configure VLAN clients to access VLAN server through secure connection by using PPTP, ISAKMP, CRYPTO IPSEC, and VPNGROUP POLICY. Provide authentication through AAA, and RADIUS, TACACS. .

Setup Wireless network using N-type Network with suppressed SSID and 128 bits Encryption. Monitoring Tools: HP Open View, Orion, Cisco Works 2000.

Confidential

Installed and configured ASA 5000 and 5500 series Security Router, Setup Layer 3 6513 Series Cisco Switch with two Power Supply Redundancy, PoE Modules, Sup720-3B/MSFC3, installed two compact disks Flash WS-CF-UPG, Giga Ethernet Modules, Single mode Fiber Optics module with GBic converter. Configured VLANs, STP, DHCP snooping, and OSPF as Interior Routing Protocol. Configured 10 Cat 3750 Cisco Switches. Setup GLC-SC-MM Optical Transceivers for Gigabits connection. Redirecting Routing Protocol. Multicast Configuration for Video Streaming using Dense Mode Sparse Mode with Multiple RPs . Spanning Tree Design and Configuration using PVST and Multiple STP modes. Spanning-Tree RSTP configuration. Setup a LAB using VMWARE ESX 3.0 with Windows 2003 Servers Enterprise Edition.

Confidential

Troubleshoot T1 connection for high latency, added new VLAN on a Cat 3750 and 2900 switch. Multicast Configuration with PIM Dense Mode for Video streaming. Worked with Subnetted IP address Scheme. PVST Spanning-Tree Configuration. Spanning-Tree convergence using PortFast and UplinkFast.

Confidential

Setup PIX Firewall using PIX 501E, Cisco Wireless AP and Adapters with SSID and WAP Encryption. Troubleshoot High Latency. Used SONICWALL NSA 2400 to setup SSL VPN, creating Security Rules for the company requirement and applied using the NSA 2400. Also, integrated Cisco PIX Firewall with SONICWALL VPN. Defined IP-Sec for Data Integrity and Encryption on SONICWALL.

Confidential

Design and implemented Active Directory Services and Forest Infrastructure using Windows 2003 Server with 10 Domain Controllers, 20 Additional servers, 40 Member servers for over 10,000 users in 35 Sites. Setup Lab for Roll-outs and Upgrade Patch testing.

Family Work Connection,

Restructured Network by introducing Single Domain Structure with one Domain Controller, one Additional Server and 4 Member servers. Configured user profiles and used Redirection Folder for fast Authentication. Implemented Backup support using Veritas Executive. Designed In-House Email, Calendaring and Scheduling using Windows 2003 Exchange server. Implemented security using IPSec rules using Windows 2003 Server on a dedicated server.

Confidential

Title: Network System Engineer

Responsibilities: Collect Technical information from Customer and Configure T1 circuit and router configuration. Router configuration includes: Routing protocol Static, BGP , Configured Community Policy for BGP, Access List, SNMP and Frame Relay configuration. Download router configuration to Provider's Cisco Access Router. Configure Cisco 3600, 3800 Series. MPLS Order and Configuration: VRF Configuration, RD. Static and MP-BGP configuration. VRRP and HSRP for Redundancy, Configure HSRP Policies, MLPPP Configuration. IP Addresses are assigned to WAN customer and provided Block of Subnetted IP addresses to WAN customers on demand. Standard IEEE801.2D Spanning Tree Configuration STP on a Cisco Switch 6509.

Confidential

Network Administrator

• Routing among different subnets within Intranet using 1600, 2500, 3200 Cisco Router.
• Wireless Networking which includes: SSID Configuration, WAP, EAP, TACACS, RADIUS and Encryption.
• Configured and implemented IPSec policies on Cisco Routers and PIX Firewall.
• Full T1 Management using PPP.
• Backup using Veritas Backup Exec 9.1, 10.0.551 for Windows Server.
• Anti-Spam, Anti-Virus Scan and Monitoring, Real Time Black holes Configuration, Bayesian Filter configuration.
• Microsoft Exchange 2003 Server Administration.
• Unix Sun Solaris 10.0. Apache Server, Solaris Mail Server 6.0.
• Active Directory Management, Monitoring and Integration with MS Exchange 2003 Server.
• Setup, Maintain and Monitor T1 connection. Setup Frame Relay network.
• Subnetted IP Scheme for Web and FTP sites..
• Setup and maintain SSL Web Access to OWA Exchange 2003 Server
• Responsible for maintaining Sun Solaris 9.0 version.
• Five Servers: Windows 2003