SUMMARY

• CISCO Certified with 8.3 Years of experience in networking and security, hands on experience in Design, implementation, and support. Routing, switching, firewall technologies and troubleshooting of complex network systems.
• Designing, implementing and troubleshooting Cisco 3750, 3550, 3560, 2924, 6509 - V-E, 6513, 6504, 6503, 6506, 6500 series switches and ARISTA (7100,7500) Series switches.
• Designing, implementing and troubleshooting Cisco routers (800, 2800, 2600, 3800, 7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Cisco PIX & ASA devices.
• Experience in Cisco security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
• Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Experience in installing and configuring DNS, DHCP server.
• Troubleshooting & implementation of V lan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics,IEEE 802.11 a/b/g, RF spectrum characteristics.
• Working knowledge of frame relay, MPLS services, NATing, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
• Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system like Remedy Ticketing System.
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, VLSM, TCP/IP, NAT, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
• Well Experience in Web sense, DLP, Proof point and web content filtering.
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wire shark, Splunk, solar winds and Cisco Prime infrastructure to support Network Operation Center.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

TECHNICAL SKILLS

Routing Protocols: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, STP,RSTP,VLANs,VTP,PAGP,LACP,MPLS, HSRP,VRRP,GLBP,TACASS+,Radius,AAA

Antivirus & Endpoint protection: Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.

Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC, SSM, FWSM, FortiGate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, and Juniper Net screen

LAN Technology: Workgroup, Domain, RSTP, VLAN, STP, VTP, Ethernet, Fast Ethernet, Gigabit Ethernet&10 Gigabit Ethernet,802.1q

WAN Infrastructure: Leased Line, ISDN/Dial-Up, and Frame Relay circuits, Metro Ethernet.

WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPsec-VPN.

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Operating Systems & Tools: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server

Network Security: ACL, IPsec, VPN, Port-security, AAA, Zone-Based Firewalls, IOS based router security firewalls, IDS/IPS, Palo Alto firewalls.

PROFESSIONAL EXPERIENCE

Confidential, Secaucus, NJ

Sr. Network Engineer

Responsibilities:

• Maintained a network lab with more than 30 routers (3600 series), 50+ switches (2900 series), firewall and other network devices like DHCP, DNS servers and VPN concentrators.
• Experience working with ASR 9000 series switches with IOS-XR.
• Helped the network team to install new switches and routers and configure the IOS according to the requirement which included VLAN, OSPF, Sub netting, EIGRP, BGP, VTP, PaGP, spanning - tree, IP Subnetting, wireless access points, T1 circuits and PIM-SM using auto RP.
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Assisted in backing up, restoring and upgrading the Router and Switch IOS.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
• Experience with convert PIX rules over to the Cisco ASA solution.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Deployed F5 Enterprise manager of 4000 series for the all cluster devices over the network for easier management of configurations like SSL certificates, disable and enable of nodes states "
• In F5 Responsible for configuring Virtual servers, Nodes load balancing pools, load balancing algorithms and Session based persistence.
• Worked with configuring F5 LTM 8950, 6900, VIPRION 2400 models.
• Responsible for Cisco ASA firewall administration across our global networks.
• Worked with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP.
• Hands on experience designing, configuring and deploying Cisco Nexus 5k,7k,9k& Catalyst switches in a complex plant floor, office & warehouse environment
• Design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000.
• Worked with VPC, VDC and ISSU software upgrades and set up OTV between the data centers using Nexus 7K.
• Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
• Experience of VMware ESXi and VMware Infrastructure.
• Hands on experiences on McAfee EPO with deploying and removing agent on client’s machine, removing virus and manually updating DAT files.
• Experience with administering, troubleshooting, configuring and implementation of DNS and IPAM devices.
• Experience in Enterprise IP address and DNS management tools
• Perform administrative tasks to configure, deploy and sustain Symantec Anti-Virus clients installed and operational on all internet network servers & workstations.
• Extensive experience with setting up Web Security Gateway including configuration of exceptions, tunneling and SSL decrypt bypass. Data Security module for DLP including rules and policy setup and E-mail Security including configuration as an in-bound/out-bound external e-mail gateway with services such as proof point.
• Responsible for implementation design, configuration and deployment of Cisco ISE added new devices on network.
• Plan, deploy, and support the Cisco ISE ecosystem applications and components.
• Hands on experience of large scale (600+ Access Points) wireless deployments including device posturing and profiling with cisco ISE appliance.
• Hands on experience managing Cisco ISE appliance to support deployment of Network Access Control functionality on LAN switches in an enterprise environment.
• Implementing, configuring and troubleshooting routing protocols such as RIPv2 HSRP, GLBP
• Installation & configuration of Microsoft Proxy Server 2.0 & Blue Coat Proxy.
• Responsible to provide technical assistance in the CISCO Call Manager environment
• Responsible for voice technology operations based on Cisco VoIP solutions with specific expertise in several areas including Cisco Call Manager, Unity voicemail, Windows Servers, Linux servers and router/switching/gateway telephony technologies
• Provided front-end on-call network support 24x7x365 for all network infrastructures in the co-operation.

Confidential, Los Angeles, CA

Sr. Network Engineer

Responsibilities:

• Involved in the activity of DATA-Center migration of regular Cisco catalyst switches with the new Nexus 2148, 2224T, 5548, 6018, 7010 using F3/M3 line-cards with 10GE & 40GE interfaces and Supervisor 2E.
• Configuring Palo Alto policies and setting different device configurations.
• Configured Firewall logging, DMZs& related security policies & monitoring
• Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog. Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
• Involved in the troubleshooting aspects of complex network infrastructure using routing protocols like EIGRP, OSPF and BGP.Configuring Palo Alto policies and setting different device configurations.
• Worked with ASR1002, ASR 1004 with IOS-XR and also did deploy ASR routers in the WAN environment with OC3 and gigabit modules.
• Monitoring threats on firewall and changing policies to prevent attack.
• Responsibilities also included placing order for new SFP’s, implementing inline capabilities for home agents and running network cables from Palo Alto direct to required firewall.
• Configuring Palo Alto’s for inline use and Adding signature attacks on prevention lists.
• Created new policies for CDE and syncing the same policies in all the Data Centers.
• Auto Tuning Palo Alto Signatures and syncing between the data centers, working on PCI’s and managing it during peak if needed.
• Applied ACLs for Internet access to the servers using Cisco 5550 ASA firewall and performed NAT.
• Dealing with Cisco ASA 5550 providing advanced application-aware firewallserviceswith identity-basedaccess control, denial of service (DoS) attack protection all built upon market-proven Cisco PIX Security Appliance technology.
• Use Tools such as SKYBOX for Firewall Policy optimization and rule base Clean up.
• Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
• Configure and tweak the inspection policies on Firewall to allow legacy application traffic.
• Understand different types of NAT on Cisco ASA firewalls and apply them.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Experience working with remote teams. If it is P2 or P3 incident, we use to give handoff to remote team but if it is P1 then we need to be on call along with India team till resolution
• Created standard access lists to allow SNMP, NTP, FTP and logging servers.
• Configure and InstallF5New Virtual Servers, Profiles, I Rules, Pools, Nodes, Generate CSR Certificate, SSL Certificates Etc.,
• Managed the F5 Big IP GTM appliances to include writing I Rules, SSL offload and everyday task of creating WIP and VIPs.
• Provide consultancy services to customers on a variety of network security products including firewalls, VPNs, authentication, load-balancing F5, data loss prevention, security information and event management.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Configured HA (high availability) in F5 load balancers, IAPPS templates, IRULES, on F5 LTM 6900.Assigning LDAP servers, Microsoft Active Directory, to F5 load balancer for accessing user member groups
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Experience with Enterprise-level Cisco ISE configuration and troubleshooting.
• Performed Security operations in terms of pushing new policies and deploying new rules. Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
• Dealt with the service providers in the case of WAN outages.
• Experience with Symantec Endpoint Protection advanced configuration and management and Virus event detection, scanning, remediation, and mitigation.
• Responsible for simulating network operations with the usage of packet analyzer like Wire shark, Tcp dump and use to resolve tickets whenever there is an issue.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.

Confidential, Tempe, AZ

Network Engineer

Responsibilities:

• Configured Routing protocols such as RIP, OSPF, EIGRP, MPLS, static routing and policy based routing.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Upgraded Cisco ASA 5510 firewalls using 6500/7600 catalyst modules for enhanced performance, security and reliability.Security policy review and configuration in Palo Alto and Juniper SRX Firewall
• Configuring, testing, and troubleshooting multiple vendor device platforms like Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router: 7705 SAR 8 and 7750 service router.
• Experienced in working with BIG-IP Edge Portal and BIG-IP Edge Client.
• Configuring and implementing F5 Big-IP LTM,GTM load balancers to maintain global and local traffic
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs& trouble-shooting of routing protocols like static, dynamic
• Provided on-call support for installation and troubleshooting of the configuration issues.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for state ful replication of traffic between active and standby member.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Firewall policy provisioning on Fortinet Fort iGATE appliances using FortiManager.
• Regular upgrade and maintenance of Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances.
• Troubleshooting experience with Cisco WAAS technology, WAN Optimizer/Accelerators like Riverbed.
• Provide escalation support to L1/L2 members of network team.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• IOS upgrade 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series Cisco routers using TFTP.
• Involved in troubleshooting of DHCP and other IP conflict problems.
• Configured ACLs (Standard, Extended and Named) to allow users all over the company to access different applications and blocking others.

Confidential

Jr. Network Engineer

Responsibilities:

• Worked with Network Operations Center (NOC) by managing and monitoring LAN/WAN network services.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Responsible for Configuring SITE TO SITE VPN on Cisco Routers between Head Quarters and Branch locations
• Experience with Info lox technologies.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Created Virtual Machine templates for Windows server 2003/2008 using VMware vSphere and cloned them.
• Experience with Information Technology Infrastructure Library (ITIL) processes, especially change management and configuration management.
• Experience in using Putty, WinSCP, Active Directory, VoIP, WebSphere Application Server, Apache and Eclipse Databases (DB2, Oracle, and SQLServer).
• Performed switching related tasks such as implementing VLANS, VTP, RSTP and Port security.
• Implemented security measures using ACL and configured NAT according to the connectivity requirement.
• Provided 24/7 rotational on call supports for branch offices.
• Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy based routing, infrastructure and configured the entire network Infrastructure devices including network printers.
• Troubleshoot Frame Relay; T1, T3, IP and OSPF related router and circuit issues.

Confidential

Jr. Network Engineer

Responsibilities:

• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured and installed Cisco routers 2500, 2600, 3601 and 4000 series.
• Configured EIGRP for Lab Environment.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Network Requirements.
• Designing solutions for frozen requirements using Cisco Routers and Switches.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter-VLAN routing with Multilayer Switching.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall.
• Worked along with the team in ticketing issues.
• Performed administrative support for RIP, OSPF routing protocol.
• Monitoring network performance to improve the backup strategy using Net rep, Solar winds.