PROFESSIONAL SUMMARY:

• Over 7 years of experience in Cisco/Juniper Networking, Security which includes designing, Deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols.
• Hands On experience Cisco IOS/IOS - XR/NX-OS, Juniper JUNOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Responsible for Check Point (Secure Platform R70) and Cisco ASA firewall administration across global networks.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Worked on Juniper Net screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, and ISG 200.
• Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Worked on MPLS while ensuring secure networking, improving the network performance by prioritizing network traffic and allocating bandwidth according to usage and service requirements.
• Worked on Multicast to use the bandwidth more effectively while reducing the load on the sender.
• Have knowledge on various advanced technologies like VOIP, QOS, IPv4, Multicasting, and MPLS.
• Strong hands on experience in Troubleshooting for QOS, connectivity and hardware problems on Cisco Networks
• Good Knowledge with the technologies MPLS,VPN, WLAN, NAT, Multicast, Routing, Frame relay, SNMP
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN/ IWAN architecture and good experience on IP services.
• Knowledge of WAN Optimization Technology, Riverbed.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.
• Knowledge in preparing Technical Documentation and presentations using Microsoft VISIO/Office.
• Excellent communication skills, team player.

TECHNICAL SKILLS:

Routers: Cisco 17XX, 18XX, 26XX, 28XX, 37XX, 38XX, 39XX &72XX series & ASR1K &9Kseries

Switches: Cisco 3550, 3750, 45XX, 65XX series, Nexus 7K, 5K, 2K

Load Balancer: Cisco CSS, F5 Networks

WAN Optimization: Cisco WAAS, PPP Multilink

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing.

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Security / Firewalls: Cisco ASA Firewalls 55XX, IPSEC & SSL VPNs, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, ACL, IOS Firewall features, IOS Setup & Security Features

AAA Architecture: TACACS+, RADIUS, Cisco ACS

PROFESSIONAL EXPERIENCE:

Confidential, Jersey City, NJ

Sr. Network Engineer

Responsibilities:

• Responsible for implementing, supporting, and maintaining 24x7 network services.
• Coordinated efforts with Engineer’s to ensure all network devices conformed to defined network standards. Guided junior engineers throughout initiatives when required.
• Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS and Route Maps.
• Configured and maintaining Cisco 7200, 4400, 5000 and 6500 platforms.
• Troubleshoot connectivity issues involving VLAN’s, OSPF, QoS etc.
• Support, monitor and manage the IP network
• Security policy review and configuration in Palo Alto and Junipers Firewall in US offices and Datacenter
• Experience with configuring Nexus 5000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
• Performance monitoring of various applications and web servers to maintain quality of service and network stability.
• Implement a process to authorize system access based on need-to-know in PCI network.
• Implement strong user authentication and Physically secure systems and network devices in PCI.
• Maintained core switches, creating VLAN’s and configuring VTP.
• Designed IP Addressing schemes, VLAN tables and Switchport assignments, Trunking and Ether-channel implementation.
• Design solutions using Cisco DMVPN/IWAN features.
• Implemented WAN connectivity to test and turn-Up IWAN link.
• Strong experience in Network Security using ASA Firewall, Checkpoint, Palo Alto, Cisco IDS/IPS and IPSEC/SSL VPN, F5 BigIP Load Balancer
• Experience to configure DNS Change requests nd adminatration leased time.
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Provided service and 3rd level escalation support for DNS, Internet Email, global server load balancing (F5 3DNS and GTM), local network load balancing F5 LTM, web and ftp proxies, VPN, and other network related solutions.
• Experience with F5 load balancers andCiscoload balancers (CSM, ACE and GSS).
• Gained hands on experience with VLSM, STP, VTP, VLAN Trunking.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and PALO ALTO rules.
• Configuring rules and maintainingPALO ALTO Firewalls & Analysis of firewall logs using various tools.
• Installed and set up Cisco routers and switches according to deployment plans.
• Applied access lists and NAT configurations based on implementation guidelines.
• Managed and developed network projects designed to strengthen network continuity and deploy security elements in an attempt to meet and exceed contract requirements, including system analysis and troubleshooting.
• Change management, monitoring network performance with network tools.
• IP Distribution for existing devices and new devices as they were added.
• Preformed maintenance on equipment as necessary, performing device upgrades, modification of configurations, password changes and diagnostic testing.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in an event where a core router became unreachable.
• Responsible for maintenance of multiple CheckPoint-1 firewalls on NT environment
• Worked with vendors and Engineering team to test new hardware and procedures.
• Prepared and maintained documentation using MS Visio and MS Office (mainly Word, Excel).
• Basic and advanced F5 load balancer configurations, general troubleshooting of the F5 load balancers.
• Route configuration and point code checks for System Technician and Network Technician.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Worked with other team members in testing of the network architecture.
• Implemented, configured redundancy protocols HSRP, VRRP, GLBP for Default Gateway Redundancy.
• Upgrade multiple Checkpoint firewall and NG on distributed NT environment. And manage network security policies which include access control, NAT, content security and authentication.
• Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds.
• Monitored network for optimum traffic distribution and load balancing using Solar winds.
• Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Experience in migration of VLANS.
• Primary responsibility is to design and deploy various network security & High Availability products like Checkpoint, Cisco ASA other security products
• Estimated Project costs and created documentation for project funding approvals.

Confidential, Oshkosh, WI

Sr. Network Engineer

Responsibilities:

• Responsible for company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Building the VPN tunnel and VPN encryption.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN
• Creating and provisioning Juniper SRX firewall policies
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Implemented TCP/IP and related services like DHCP/DNS/WINS.
• Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Implemented VPC, VDC on Nexus Switches and also configured FEX.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Implement automated audit logs and protect log data and Monitor and test security controls in PCI Infrastructure.
• Maintain an information security policy and incident response plan in PCI.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco ASA 5500.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls, CISCO PIX 506, PIX515.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Involved in Switching Technology Administration including creation and management of VLANs, Port security, Trunking, STP, Inter-Vlan routing and LAN security.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.
• Worked on datacenter migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert datacenter PIX rules over to the Cisco ASA solution.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Updated documentation as necessary.
• Preformed IOS upgrades on Cisco routers and switches.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Server load-balancing utilizing F5 LTM-BigIP, including, AFM, APM and ASM modules.
• Maintaining and load balancing: web server traffic for customers using F5 load balancers.
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and RIVER BED and Wireshark.
• Worked as a team with other engineers to design, install, implement, and configure ASR 9K Network for interconnectivity, and egress redundancy.
• Troubleshoot basic BGP routing issues on Cisco 12xxx and Cisco CRS series.
• Propose network redesign based on client hardware guidelines, network policies and individual site’s unique characteristics.
• Implementing, troubleshooting and maintaining AP, WLC, WCS, NCS

Confidential, Union, NJ

Network Engineer

Responsibilities:

• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Installed Solar winds Network Performance Monitor with traffic analysis, application & virtualization management, configuration management and other modules additionally installed. Tuned modules, customized the specific platforms used and trained staff. Support other smaller customer sites on similar analyze-recommend-implement site-wide upgrades and troubleshoot issues.
• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
• Vulnerability Management using Security Information & Event Management
• Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
• Monitoring network platforms include IBM Tivoli Netcool management systems, Siebel CRM, WebTop, utilizing HP Service Manager 9 logging tools.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Network design and administration experience.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Documentation and Project Management along with drawing network diagrams using MSVISIO.

Confidential, Deerfield, IL

Network Engineer / Subject Matter Expert

Responsibilities:

• Working with Network Design and implementation teams on various projects across related to Branch, Campus and Data Center.
• Designing and deployment of Partner IPSEC VPN tunnels.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
• Experience with manipulating various BGP attributes such as Local P, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Configuration of Site-to-Site & Client to Site VPN’s on Cisco PIX/ASA Firewalls & IOS Routers.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures
• NAT and access rules on PIX/ASA Firewall
• Experience configuring Virtual Device Context in Nexus 7010
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Performed OSPF, BGP, DHCP Profile, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Configuring and Troubleshooting of Multicasting.
• Performing the ACL requests change for various clients by collecting source and destination information.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) & ASR 1K & 9K Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, BlueCoat Proxy and Riverbed Steelhead appliances
• Performed Break Fix support through driving to different buildings, identifying the root causes.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Experience working Juniper T-Series, M-Series, MX-Series, J-Series Routers.
• Configure Corporate, Wireless and Lab Devices which includes Bandwidth Upgrade, Adding New Devices, Decom the Devices, Testing( Pilot ).
• Configured routing protocols like MPLS, OSPF and troubleshooting layer3 issues.
• Worked on Aruba Wireless LAN Implementation for 11n Infrastructure Across the Corporate Network.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Familiar with various MSIT Tools to check Networking Connectivity, Testing, Configuration and Adding or Removal of IP address blocks, Decoming or Adding the Devices.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.

Confidential, San Diego, CA

Jr. Network Engineer

Responsibilities:

• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Worked with telecom vendors in regards to network fault isolation.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Configured CIDR IP RIP, PPP, BGP and OSPF routing.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, MPLS, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Management and Deployment on Checkpoint Firewall.
• Use Checkpoint to establish Point-to-Point tunnels.
• Ability to use NAT and Firewall security policies in Checkpoint.
• Experience In working on Configuring Multicast.
• Identify, design and implement flexible, responsive, and secure technology services
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Configured egress and ingress queues for ISP facing routers using CBWFQ.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Configuring Multi-Protocol Layer Switching (MPLS).
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation using VISIO.