PROFESSIONAL SUMMARY:

• 8 years of hands on experience in network engineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• Expert level knowledge on configuring Cisco Wireless Solutions, Prime Infrastructure, Aruba Mobility controller, and Airwave solutions.
• Expertise in Cisco ISE, ACS and Aruba Clearpass Radius and TACACS solutions.
• Expert Hands On Experience in 802.1x, AAA Wired and Wireless Configurations.
• Comprehensive understanding of teh technologies involved with network security firewall products Checkpoint, Palo Alto and Cisco ASA.
• Hands on Experience in setting up Checkpoint configuration for Firewall and Web filtering managed by Checkpoint smart dashboard in smart domain manager/Provider - 1 environment.
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN and IPSec functionality.
• Experience in layer 2 protocols configuration for Virtual Local Area Network (VLAN), VLAN Trunking Protocol (VTP), Spanning Tree Protocol (STP), and Rapid STP.
• Experience in Layer 3 Routing Protocol configurations: OSPF, EIGRP and BGP.
• Experience in HSRP and VRRP redundancy Protocols.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability.
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248).
• Familiarity with WAAS, VoIP, and next-gen datacenter networking (SDN, Cisco ACI).
• Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
• Network Monitoring using SNMP and other management tools such as SPLUNK, Wireshark, Tufin, Algosec, Solarwinds, Gigamon, Remedy, Service Now, HSPM, HP NAS and Cyber Ark.
• Experience in physical cabling, IP addressing and Subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.

TECHNICAL SKILLS:

Operating Systems: Windows (Server 2008/2012, Windows 7/10), Linux OS (CentOS, Fedora, RHEL 6/7)

Routers: Cisco 3800, 3600, 2800, 2600, 2500, 1800 series Routers

Switches: Cisco 6500, 4500, 3750, 3500, 2900, series switches

Routing: MPLS, OSPF, EIGRP, BGP, Route Maps and Filtering, Redistribution, Summarization and Static Routing

Switching: LAN, VTP, STP, PVST+, RPVST+, Ether channels

Network security : Cisco ASA 5505/5510, Palo Alto, Checkpoint Gaia R70, R71, R75, R77, VSX, ACL, IPSEC VPN, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS,ISE.

Load Balancer: F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Management: Gigamon, SNMP, Solar Winds Oraion, SPLUNK, HP NAS and Wireshark

Wireless Technologies: Prime Infrastructure, Ekahau, Air Magnet, Airwatch and WLC’s (8510, 5508, 5706), Cisco AironetAP’s (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE

Cisco ISE & Aruba Clear Pass: Cisco ISE 1.1,1.2, 2.0, ACS 5.x and Clear Pass 6.0,6.2,6.5

Wireless Security: WPA/WPA2, EAP - TLS, EAP-PEAP-MSCHAPv2, GTS, FAST

Nexus Platform: Nexus 7k,5K, 2K (7010, 5020, 2148, 2248)

PROFESSIONAL EXPERIENCE:

Confidential, Hopkinton, MA

Sr Network Engineer

Responsibilities:

• Deployment of Palo Alto firewall into teh network. Configured and wrote Access-list policies on protocol-based services.
• Providing support Palo Alto 3000/5000 and 7000 series Firewall through Panorama Management Console.
• Analyzed traffic pattern and implemented URL filtering using teh Palo Alto Firewall. Troubleshooting and configuring Palo Alto FW's 3060 & 5060.
• Working experience in Design Large scale enterprise Wireless networks with AirMagnet, ekahau, Wireless planning and Management Tools like Aruba Airwave and Cisco Prime Infrastructure.
• Expert level WLAN design work, being a subject matter expert with 802.11 concepts, and using AirMagnet for predictive design.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Configuration & Maintenance of Cisco ISE for Certificate based authentication for BYOD and Corporate Mobile Device Authentication using Xenmobile MDM.
• Working experience on upgrading Checkpoint old devices/Software to new platforms like R70 to R75.
• Troubleshooting application and network traffic on Checkpoint smart view tracker along with FW monitor and TCP dumps on CLI based.
• Managed teh F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Configured application load balancing using F5 LTM.
• Experience with configuring VIP, Pools on F5 LTM and working with irule management on LTM.
• Worked on Converting teh Partner IPSEC VPN from one Data Center to Another Data Center.
• Utilizes network tools like Gigamon and Wireshark for troubleshooting and monitoring.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Migrating Cisco ASA firewalls policy to new Checkpoint appliance with support of vendor specific tool.
• Managing URL Content Filtering on Websense Proxy.
• Adding exemption, editing policy groups on Websense Management Server.
• Adding/removing ARM bypass rules on Websense appliances.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Backup and restore of checkpoint Firewall policies.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problem.
• Convert Branch WAN links from TDM circuits to MPLS.
• Experience with Network Redesign of branch and Campus Networks. This includes changes to both teh voice and data environment.
• Assisted campus for VOIP network management and troubleshoot.
• Set up network connectivity for Cisco training. This involved connecting teh routers, switches and firewall physically and loading them with a base configuration. It also involved connecting teh PCs to teh network and providing Internet connectivity.
• Worked on Data, VoIP, security as well as wireless installations and technologies.
• Complete understanding of feature testing of switches (RFC 2889 and RFC 2554) using IXIA's IP testing system.
• Replace branch hardware with new 2851 routers and 2960 switches.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for teh Nexus 5000.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture.
• Implementing security controls (ISO/IEC 27000, NIST, CIS, etc.) to match regulatory compliance requirements (PCI, HIPAA, SOX, ITR, GDPR, etc.).
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Involved in designing and implementing QOS and policy map to 2800 series routers for all teh branches.
• Experience Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect teh circuits. Work with Carrier to test and turn-up circuits.
• Manage and provide guidance to junior members of teh team.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO.
• Developing and testing teh Customer Network Management System (CNMS) R6.0/7.0 as network performance FCAPS utility.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in configuring IP Quality of service (QoS).
• Involved in Datacenter build and support, Implementation, migrations network support, Interconnectivity between an old Datacenter and new Datacenter.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Installed new purchased Hardware to teh new DC, Migrate data over WAN connection, also greatly involved in virtualization of physical servers.

Environment: Router 2900, 3900; Cisco Catalyst Switch 3550, 2960. T1 Controllers, Juniper J series, Checkpoint R70 to R75.20, Cisco ASA, DS3 Lines (T3 Lines), Fiber and Ethernet cabling, Palo Alto 3000/5000 and 7000 series, Nexus 7010, 5020, 2148, 2248.

Confidential, Mariatta, GA

Sr Network Engineer

Responsibilities:

• Configured Avaya switches and provisioning Aruba Wireless Access Points.
• Implemented WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools Editing and Changing Palo Alto Polices and Monitoring threats on firewalls.
• Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, Applying downloadable ACLs through Cisco ISE, and Configuring Standard and Extended ACLs locally and on teh upstream switch’s for Cisco NAC Solution.
• Worked as ISE Network Engineer in planning and designing Cisco ISE 1.3 Deployment for Cisco Internal Wireless Connectivity (Blizzard & Hurricane).
• Managing URL Content Filtering on Websense Proxy.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Configuration and Maintenance of Splunk, Gigamon Network Visibility.
• Migrated to R75.xx in various Checkpoint 4k/11k/21k appliances from R65, R62, R60, etc., and building teh new Smart Center server.
• Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM, GTM, ASM, APM.
• Configuring VLAN trunking Protocol (VTP) on core switches.
• Configured HSRP and VLAN trunking 802.1Q, VLAN routing on catalyst 6500 switches.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Study single point failures & design WAN structure in such a way dat their are no failures in network in case of any device or link failure.
• Cisco IPT Migration Projects from legacy PBXs with Nortel.
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside teh core.
• Load Balancing using F5 Networks Big IP.
• Configured Routing Protocols such as OSPF and policy-based routing.
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Fine-tuned OSPF metrics to avoid routing loops and ensure redundancy in case of link failures.
• Redistribution of routing protocols and Frame-Relay configurations.
• Setup simplified and traditional VPN communities and CISCO Anyconnect.
• Implemented LAN/WAN utilizing CISCO 7200, 7204, 7206.
• Installed and configured Routers, Bridges, Terminal Servers and CSU/DSU’s to support WAN links
• Work with application developers and systems engineer to migrate applications and systems to a new Border Gateway network.
• Leveraged two Nexus 2232 Fabric Extenders and two 2248 Fabric Extenders, making them ‘dual-homed’ to both N5Ks and implementing Enhanced Virtual Port-Channel (EvPC).
• Involved smart view tracker to check teh firewall traffic.
• Documented all teh work done by using MOPS, Visio, Excel and MS word.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 12000/7200/3845/3600 routers, Cisco ASA5510, Checkpoint.

Confidential, Colorado Springs, CO

Sr Network Engineer

Responsibilities:

• Responsible for teh implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Has sound knowledge of Firewall architecture, routing and VPN.
• Has experience working on HP Open view Network Node Manager.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Monitor traffic and access logs in order to troubleshoot network access issues.
• Has experience with Cisco Works LAN Management Solution.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi layer stackable switch like 6500 series and 2800 series router.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for teh expansion of teh MPLS VPN networks.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data centre environment.
• Involved in configuring IP Quality of service (QoS).
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in designing, installing & configuring of Cisco PIX, ASA & FWSM (Firewall service module).
• Evaluate, Analyze & Implement firewall policies to meet business requirements
• Experience in creating and maintaining firewall configurations, updating documentation and log analysis.
• Applying crypto maps and security keys for teh branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in designing and applying QOS and policy map to 2800 series routers for all teh branches.
• Involved in designing GRE tunnels for encryption of data flow from source to destination.
• Implementing VoIP solutions using SIP & H.323, also has sound knowledge of Avaya VoIP products.
• Experience in configuring VLAN’s STP (Spanning tree Protocol) & RTSP (Rapid Spanning Tree Protocol).
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Netinfo, Infoman Virtual Change) and experience with developing network design documentation and presentations using VISIO.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.

Environment: Router 2800, 3800, 7200, 7600; Cisco Catalyst Switch 6500, 6509, 3550

Confidential

Network Engineer

Responsibilities:

• Maintaining teh Network Infrastructure, Installation, migration and configuration of routers and switches for clients.
• Provide alternative means from dial-up connection to bring down teh damage or loss dat occurs for teh client.
• Configured Routing protocols such as OSPF and policy based routing.
• Team member of Configuration ofCISCO7206 router and Configuration of Catalyst switches.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and testCisco router and switching operations using OSPF routing protocol.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of teh WANnetworkconsisting of CISCO 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configured IP access filter policies.
• Providing Technical Support and solutions forNetwork Problems.
• Implementing NAT solutions on Cisco IOS routers.
• Upgrading IOS, troubleshootingnetworkoutages.
• Worked on Cisco Routers, Active /Passive Hubs, Switches.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching teh cables in teh Patch Panel. Design and implemented network infrastructure and configured all teh network Infrastructure devices including Network Printers and Registers.

Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, Checkpoint.

Confidential

Network Engineer

Responsibilities:

• Worked as part of a team for Cisco Product Support. Troubleshooting by providing relevant knowledge base articles and other information.
• Network solutions for complex networks for VAR (Value added resellers) users of Cisco.
• Configured & maintained LAN, WAN, VPN, WLAN, and Firewalls on Cisco Routers for end users.
• Configuring MPLS, VPN (IPSEC, GRE) in VPN concentrators and QOS in integrated networks (Data, Voice, and Video).
• Installed and configured of Juniper J-Series (J2350) and M-Series (M10) routers.
• Installed and configured teh ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
• Configuring IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Networks.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Apache Web Server & MRTG, BIND DNS Server configuration and optimization over UNIX and Active directory implementation of Windows 2003 Server.
• Configured & Maintained Cisco 2600, 2800, 3200 series routers including IOS upgrades.
• Prompt technical support to customers on routers and switches.
• Remote management of large networks.

Environment: Cisco Routers - 1700, Cisco GSR 12416. Cisco Switches - 1900, 6509, and 6513

Confidential

Network Engineer

Responsibilities:

• Setting up Test environment for EDA1200 Broadband Access.
• Testing various Layer 2 protocols like DHCP, IGMP, L2CP, Multicast, VLAN, 802.1q/p, IPSEC, IPv4, PPP, LACP, LAG, STP, and RSTP.
• Has worked on various traffic analyzers from Spirent, Agilent and IXIA and has automated actions on teh same.
• Performance, Load testing, Scalability Test.
• Checking Robustness and Stability of teh Ericsson DSLAM - EDN 312/612/624/524, FIBER NODE- EFN324/432 SWITCHES - ESN 310,410,212,108.
• DELL - 2850, HP - ProLiant servers installation and configuration.
• Testing solutions already being used by Major customers of EDA-1200 like SWISSCOM, TELIA, ZEITUS etc.
• Operation and Maintenance of Sybase. (Backup and Restore) and Configuring Sybase 15.
• IPv6 feasibility study.
• Trouble Reporting, Manual Testing of teh System.

Environment: Cisco Routers - 1700, Cisco Switches - 1900