SUMMARY

• CCNA, CCNP professional with 8 plus years of experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
• Extensive experience in configuring and troubleshooting of protocols v1/v2, EIGRP, OSPF, BGP and MPLS.
• Experience on dealing with Cisco Application Centric Infrastructure (ACI) by integration hardware and software products as per network layout
• Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, NAT, PAT, Inspections, VPN’s, DHCP, WireShark etc
• Installing & configuring firewalls like Checkpoint (Provider - 1, R65, R70, and R75), Secure Platform (SPLAT), Juniper SRX, Net screen firewall, Palo Alto, Fortinet and Cisco ASA (5510, 5520, and 5550).
• Strong knowledge on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Having experience in Migration from Cisco ASA's to Fortinet’ s Fortigate firewalls
• Experience of JUNOS platform and worked with JUNOS upgrade of Juniper devices
• Working Knowledge of Cisco IOS, Junos & basic Nexus (7K, 5K&2K).
• Switching tasks include VTP, ISL/ 802.1q, VLAN, Ether Channel, STP and RSTP.
• Experience in working on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
• Systems integration projects included Routers, Switches, Load balancers, DNS Servers, Firewalls, Virtualized servers, Multimedia, Remote Access, Wireless, Proxy servers, File Servers, multicast networks etc.
• Testing the wireless coverage, Throughput, data rates, interference using predictive surveys.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Designed, configured and implemented LAN/WAN/Wireless networks using Cisco WAN router, Aruba Mobility controller, and Palo Alto firewalls.
• Experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Experience in installing and configuring DNS, DHCP server
• Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (7200, 4800, 4300, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
• Expertise in installing, configuring and troubleshooting Juniper Routers (J, M and MX-series)
• Experienced in Implementing, Administrating and diagnostics of LAN, WAN and Guest WLAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.
• Deployed RAP controllers (Remote Access Points) in the DMZ to provide direct secure connection from remote locations to corporate LAN.
• Worked with team to implement NAC solution on Aruba wireless and LAN.
• Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
• Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• Experience working with ARISTA switches like 7100, 7500 for cloud computing, datacenter and low latency networks
• IOS/JUNOS upgrade for Cisco & Juniper routers cum switches.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional.
• Experience with Change management process and Project documentation tools like Excel and VISIO.

TECHNICAL SKILLS

Protocols & Standards: LAN, WAN, WLAN,VRF, VDC, TCP/IP, NAT, PAT, MPLS, GETVPN, GDOI, DMVPN, IPv4, IPv6, VPN,L2TP, IPSec / ISAKMP, IKE, VoIP, VSS, OSPF, OSPFv3, EIGRP, BGPv4, VLANs, ACLs, Layer 3, Switching, HSRP, GLBP, AWS, VRRP, QoS, TACACS+, RADIUS, 802.1X, PKI, LDAP, POE

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Huawei AR Series Routers

Juniper Platforms: M, J and MX Series Routers

Firewall: Cisco ASA/PIX/FWSM, Checkpoint (IP Series/NGX R65/IPSO), Checkpoint R65/R70/R75/R76/R77/R80, Palo Alto, Juniper NetScreen and Juniper SRX, Fortinet.

Load Balancers: F5 Networks (Big-IP/IQ)

Network Tools: IBM ITNM, Splunk, StealthWatch, Solarwinds, SNMP, CiscoWorks, Wireshark,BMC Remedy, Tufin Secureapp, Tufin Securetrack, Infoblox IPAM (IP Address Management Solutions), JIRA, ServiceNow,QRadar, NETDATA, KIWI, Infoblox NETMRI, SecureCRT, Putty, VMware NSX, VMware Onecloud, Citrix Netscaler

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Networking Protocols: OSPF, EIGRP, MULTICAST, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Security Protocols: IKE, IPSEC, SSL-VPN

Operating System: Windows 7/8/10, Windows Server 20012/2008, Linux, Unix

PROFESSIONAL EXPERIENCE

Confidential, Hartford, CT

Senior Network/Security Engineer

Responsibilities:

• Ensuring connectivity and communication among networks, servers and clients across different sites for different departments.
• Configure, Monitor and troubleshoot Alta Vista, Check Point, Cisco firewalls and IDS, and F5 Load Balancers.
• Upgraded the existing Panorama to V8.0.6. Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment.
• Creating Security policies and rules in Palo Alto firewalls in the enterprise network environment.
• Assisting with the day to day operations and management of other network devices such as Palo Alto firewalls and Panorama.
• Troubleshoot of LAN, WAN networking issues using Wireshark, Netflow and other advanced tools and methodologies.
• Troubleshooting of CISCO, Aruba routers like ping, trace route and basic issues.
• Managing Amazon Web Services (AWS) infrastructure with automation and configuration management tools such as Ansible, Puppet, or custom-built.

Environment: Cisco Routers, Cisco Switches, Aruba Switches, Nexus 7k/5k/2k Routing protocols, Palo Alto, Checkpoint, Aruba, F5, Load Balancer.

Confidential

Senior Network/Security Technical Specialist

Responsibilities:

• Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall.
• Troubleshoot of LAN, WAN networking issues using Wireshark, Netflow and other advanced tools and methodologies.
• Support Checkpoint firewall and Provider 1 versions of R55, R65, R70, SPLAT, and VSX.
• Day to day operations and management of network devices such as Cisco ISE, Infoblox, Palo Alto firewalls, Panorama, Alta Vista, Check Point, Cisco firewalls and IDS, Cisco ACI and F5 Load Balancers..
• Configured Enterprise level Cisco ISE 2.1 by installing certificates, building ISE nodes, and adding to clusters using VMWare. Using LogRhythm to troubleshoot ISE issues that rise on the network and to monitor the entire infrastructure. Being focused on security, reducing risks and containing threats
• Used configuration management tools Puppet and Ansible for automating router configuration
• Configuring all the devices per their type with AAA commands for the device authentication using AD, RSA and the ISE internal users depending on the user type.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE
• Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Upgraded the existing Panorama to V8.0.6. Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment.
• Experience in Fortinet 100D, Fortinet 60C, Fortinet 60E, Fortinet 60D, Fortinet 200E (HA), this
• Installation of new firewalls as well as perform in place upgrades. Hardening the Fortinet and Check Point firewalls before moving them to Production
• Created and wrote shell scripts (Bash), Ruby, Python and PowerShell for automating tasks.
• Cisco ACI fabric networks, including python automation. Worked on Great exposure to SDN
• Developed a python script, which will parse all trace files and calculate throughput, latency and drop rate.
• Creating Security policies and rules in Fortinet firewalls used as egress filtering firewall in the enterprise network environment
• Worked securing, maintaining, configuring Cisco Aironet & Meraki Access points, Sonicwall access points and Meraki Heatmap to pickup trends within the client traffic
• Pushing firmware upgraders to bulk Access points using Meraki WLC
• Migrated, configured & installed 100 Cisco Meraki MR42 in a corporate & warehouse environment.
• Creating nodes and monitor network using NNMi and Live Action
• Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud.
• Resolved downed backup VPN tunnels giving visibility to potential ISP out stages using NetflowAnalyzers.
• Junos OS upgrade on EX3200 & EX4200 devices.
• Hands on experience in building Cisco ACI fabric (policy groups, switch profiles, etc.), tenants - VRFs, Endpoint Groups, Contracts
• Used Cisco ACI (Application Centric Infrastructure) for fabric implementation, operations, and integration with external bridged networks and Cisco Unified Communication Systems.
• Provisioned ports in Cisco ACI to support SAN, VoIP, and hypervisors.
• Responsible for conducting physical wireless site surveys with Airmagnet Survey Pro and predictive site surveys with Cisco WCS and Airmagnet Planner.
• Site surveys with Cisco WCS and Airmagnet planner, system design, deployment,
• Installed controller and light weight access point coordination with JTAC.
• Maintenance and trouble-shooting of LAN, WAN, IP Routing, and Multi layers Switching.
• Implemented site to site VPN in Juniper SRX as per customer needs.
• Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
• Re-designed and implemented in-house network to support VoIP and multicast traffic.
• Designed and maintained the VLAN architecture, IP address scheme, security architecture, security policies, OS hardening, ADS architecture, and DNS Name Space across a globally dispersed infrastructure. Implemented various EX, SRX & J series Juniper devices.
• Configured and troubleshoot Autonomous and Cisco Meraki and Access Points
• Helped team to deploy 100 APs with 15 Switches, Cisco Nexus, Cisco Meraki and 2 Wireless controllers.

Environment: Cisco Routers, Cisco Switches, Juniper Routers, Juniper Switches, Nexus 7k/5k/2k Routing protocols, Palo Alto, Checkpoint, Aruba, F5, AWS, BlueCoat, HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, SIP, RTP, RADIUS, TACACS+, Juniper SRX, ASR 9000, Catalyst 6500, CRS, Cisco ASR Firewall.

Confidential, Phoenix, AZ

Senior Network Engineer

Responsibilities:

• Implemented VLAN, VTP domain, Trunking and Ether Channel on Cisco 5500 switches.
• Cisco/802.11/b/g/n/a wireless local area networks (WLAN).
• Configure Cisco 2800, 2900, 3800, 3900, 4300 and 7200 Series routers.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN.
• Managed and maintained Fortinet Firewalls through IPv4 policies, traffic shaping, IPS, web filtering, interfaces, and routing
• Extensive experience with Juniper portfolio including JUNOS, EX switching and SRX firewall and Palo Alto networks firewall.
• Unix/Linux Shell scripting, as well as Python automation, and analyzing logs using Perl.
• Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Perform analysis on cloud environment like Azure, build and implement pipes using Azure
• Site surveys with Cisco WCS and Airmagnet planner, system design, deployment,
• Upgraded with Nexus 9k, 7k and 5k switches to deal with the vulnerability issues.
• Manage firewall/security systems by establishing and enforcing policies.
• Work closely with colleagues to meet team goals and improve processes and practices.
• Performs network and security hardware and software maintenance.
• Create and maintain detailed network documentation and procedures.
• Performs maintenance and management of assigned security technologies and functions that include firewalls, authentication devices, encryption, event log monitoring, reporting, incident response, security analysis and/or
• Develops, documents and implements new processes and procedures which improve the department’s ability to provide World Standard client service
• Provide support for DMZ’s creating and developing DMZ designs IDS signatures to meet new and emerging technologies threats.
• Troubleshoot, diagnose and resolve complex security attacks.
• Maintaining and Monitoring using Tools like SolarWinds, KIWI monitoring tool to troubleshoot network issues.
• Performed DDOS mitigations and analysis.
• Perform research and provide direction on new and emerging security technologies.
• Help to develop response processes, rules and alert notifications.
• Provide communications to management on the threat/risk profile for various networks and data.
• Install, configure and maintain Network Security devices. This includes software installation, patches, and upgrades.
• Troubleshoot complex multi-vendor network issues in the LAN and WAN networks and working with multiple application and system teams to identify bottlenecks and other network configuration issues
• Staged, planned and deployed Palo Alto NGF 5250s, 3020s, 3060s within Data Centres. Worked with Palo Alto firewalls using Panorama performing changes to monitor/block/allow the traffic on the firewall
• Configure and deploy Cisco ASA Meraki MX84 firewalls with site-to-site IPsec VPN tunnels to connect smaller branch sites back to the data center
• Deployed SDN networks such as Cisco Meraki SDN solution using MX and MS routers and switches technologies
• Installed and configured Cisco Meraki (MR66, MR18) wireless Access points in the warehouses
• Monitoring and Troubleshooting the Meraki AP and Meraki Switches through Meraki Port al, Checking the configuration through Solar winds, checking device utilization through Vital suite, and updating the tickets on ticketing tool Remedy. Working with APs Meraki MR18, MR33, MR66, Motorola AP-6532
• In-depth knowledge in the area of deep packet troubleshooting with Wireshark and/or Riverbed ACE Analyst and tcp-dump.
• Creating network object groups and Access Control lists and Object group services on Cisco ASA 5500 as per client needs.
• Telnet into Cisco router to configure and update interface, and subnet TCP/IPv4.
• Used Visio diagram to support the verification of switches and servers in the DMZ.
• Responsible for converting existing rule base onto new platforms.
• Used QRadar to check logs for troubleshooting firewall as well as network issues.
• Migrated network from EIGRP to OSPF.
• IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Configuring IRules on F5 Load balancers.
• Researches, evaluates, designs and implements new/improved security software and/or devices that meet risk management objectives.
• Upgraded Panorama version 7.0 to 8.0 on Palo Alto Firewalls.

Confidential, Lincolnshire, IL

Sr. Network Engineer

Responsibilities:

• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Configure VRRP & GLBP and VLAN Trunking 802.1Q on Catalyst 6500 switches.
• Negotiate VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Security policies like IPS/IDS, Content/Web Filtering, Zone Based Firewalling and Security Rules on Fortinet and Palo Alto Firewalls.
• Designed, Installed and configured Aruba Wireless network in an HA environment using AGN 125 access points with 802.1X authentication.
• Responsible for distributed applications across hybrid AWS and physical data centers.
• Configured multicast groups and QoS.
• Creating and testing Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Responsible in Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router 7705 and 7750 service router.
• Networking includes rebuilding existing multicast network infrastructures. Technologies included Cisco Routers, Nexus switches, Juniper FWs, BGP, EIGRP, sparse mode multicasting, MSDP and IP PIM Anycast.
• Security policy review and configuration in Palo Alto and Juniper SRX Firewall in Datacenter.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Verify network status using basic utilities (including: ping, trace route, telnet, SSH, ARP, ipconfig)
• Worked with IPSEC VPN and B2B VPN design connection and protocols, IPSEC tunnel.
• Knowledge of JUNOS platform and worked with JUNOS upgrade of Juniper devices
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Supporting EIGRP and BGP network by resolving problems of internal teams & external customers of all locations.

Confidential, Rockville, MD

Network Engineer

Responsibilities:

• Troubleshoot firewall and network issues using CLI for all devices managed as well as using GUIs such as: Juniper NSM, Checkpoint Smartview Tracker, and Lucent Brick LSMS.
• Responsible for performing predictive wireless designs/site surveys with Airmagnet Planner (Cisco 3500/3600/3700/ ) and conducting physical wireless site surveys with Airmagnet Survey
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Configured PPP, HDLC, BGPv4, EIGRP, MPLS and OSPF routing.
• Implemented SNMP on Cisco routes to allow for network management. Completed the installation and Configuration of CSU/DSU, T1, T3 & OC3 circuits.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Datacenter upgraded from C6500s to Nexus 7k/5k/2k, double-VPC between distribution and access, single-VPC to servers
• Using PBR with Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing.
• Have created site to site IPSEC VPN tunnel with Juniper Netscreen firewalls and Cisco ASA firewalls.
• Monitored regular tasks like traffic, applications, routers, switches, firewall, attacks, protocols, QoS and other reports and activities on Netflow Analyzer.
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, from scratch to match design.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Implemented and used SDM to configure Cisco IOS security features and network connection.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Configured Object Grouping, Protocol Handling and Code up gradation on ASA Firewalls.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Created a L2L tunnel for the Billing Access between Cisco ASA's.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Working knowledge of the UNIX and CLI based command to implement the networking tools.
• Configured and monitored Firewall logging, DMZ’s and related security policies.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support of 24*7.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Implementing, configuring and troubleshooting routing protocols such as OSPF (v3, v2), RIPv2, BGPv4, EIGRP, HSRP, GLBP and MPLS.