PROFESSIONAL SUMMARY:

• Network Engineer with 8+ Years of Professional Experience with demonstrated success in Network Administration, Data Communication, Design, Wireless Network Maintaining and Troubleshooting Cisco, Juniper, Huawei, HP Routers and Switches, Cisco ASA Firewalls, Palo Alto Firewalls, Load Balancers, Troubleshooting & fine - tuning of Firewalls, VPN Configuration.
• Experience with Nexus 9K, 7K, 5K, 2Kseries, Nexus 1000v, operate in Cisco NX-OS Software and (ACI)
• Cisco router 800 Series ISR, NCS 5000, ASR 9000 Series, IOS XRv 9000, Series, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series.
• Cisco catalyst 6800, 4000E, 3560- CX, 3850, 2960 X/XR, Meraki MS (MR30H, MR33, MR42, MR52, MS225-24, MS225-48, MS250-24) series switches.
• Experience with Networking Software Systems IOS, IOS XR, IOS XE, NX-OS and core technologies Cisco ACI, VxLAN, FcoE, LISP, Ciso ONE.
• Deployed Cisco Wireless Controller 8540, 5520 3504, cisco Aironet 1570 Series.
• Juniper Experience Devices with SDN-ready MX2010, MX2008Edge Router, PTX5000, PTX3000, EX 9200, EX4300, EX4600, SRX 5400, SRX 3000 series, MX routers.
• Aruba 802.11ac wireless access points deliver superb Wi-Fi performance, Aruba 330 series, 501 wireless client bridge, 7220, 7010 MOBILITY CONTROLLER.
• Worked on Arista 7300 Data Center Switch Series, Arista 7010T Gigabit, HPE FlexNetwork 5820 Series, HPE FlexNetwork 5510 HI Series.
• Deploy and manage with advanced security and network management tools like Aruba ClearPass Policy Manager, Aruba AirWave and cloud-based Aruba Central.
• Implementation, configuration & troubleshooting the issues related to Virtual Servers, pools, nodes
• Experience with F5 load balancers to provide Land Balancing towards Access layer from core layer and configuring F5 LTM both by GUI and TMSH/CLI and Cisco load balancers (CSM, ACE and GSS).
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for Corporate Applications and make sure their Availability to End Customers.
• Firewall experience with ASA 5500-X with FirePOWER Services, ASA 4100 Series, ASA 5585-X with FirePOWER SSP-20.
• Palo Alto next-generation firewalls provide complete visibility into all network traffic based on applications, users, content and devices.( PA-5200, PA-3000, PA-800)
• Deployed Check Point Next- Generation Firewall for enterprise network security high-performance, multi-core capabilities (1400, 3000, 23000).
• Deep knowledge of Significant experience with, and deep expertise in many of the following: Ethernet, 802.2/3, 802.1d, IP, TCP,VLAN, VTP, STP, BGP, OSPF, HSRP/VRRP/GLBP, PIM, IGMP, MSDP, MPLS, LDP, DNS, HTTP, SSL, netflow, 10G, 40/100G Futures, Linux/Unix.
• Understanding of TCP/IP networking, IP routing, Server Load Balancing, and Network Security architecture and core technologies, Server Load Balancers, Firewalls, ACLs, DNS, DHCP, IPAM, LDAP, NFS, etc,
• Implementing AAA using ACS Servers using TACACS+ and RADIUS
• Have Worked on Validating 802.11 a/b/g/n/ac WMM, UAPSD Products
• Working knowledge of Windows layered products including MS Exchange, DNS and Active Directory.
• Proficient with MS Office Suite: Excel, PowerPoint, Word, Outlook and Visio.
• Complete understanding of IEEE 802.11a, 802.11b, 802.11g and 802.11n wireless standards, 802.1X and EAP authentication, WPA and WPA2 security, RF conditions and performance, capacity planning, QoS, policy enforcement, and network management, DNS, DHCP, proxy functions (forward and reverse), security protocols (IPSec, TLS/SSL, etc.), time protocols (e.g. NTP), tag and label switching, real-time protocols for voice (SIP, H.323, RTP), and IPv4 and IPv6.
• Knowledge of UNIX/LINUX administration.

TECHNICAL SKILLS:

Switches: - Cisco IOS and CatOS platforms; Cisco 2950, 2960, 3500, 3700, 4500, 6500. Cisco Data Center platforms; Nexus 1000, 5000, 7000, UCS 6000. Cisco SDN platforms; Nexus 1000v, ASA 1000v, CSR 1000v

Routers: - Cisco IOS and IOS XE platforms; Cisco 2500, 2600, 2800, 3600, 3800, 5300, 7200, ASR

Firewalls: - Cisco ASA 7.x, 8.x, 9.x. Cisco PIX, FWSM, ASAM.

Load Balancers: - Cisco ACE, CSS, F5 LTM, F5 GSM

WAN Optimization: - Riverbed Steelhead, Cisco WAAS

WAN: MPLS, MPLS Layer 2/3 VPN s, Frame-Relay, GRE/IPSEC VPN, VPN, SIP/PSTN services

Layer 2 networking: - 802.1(D,W,S), Ethernet, PPoE, Ether-Channel

Layer 3 networking: - IPv4, IPv6, OSPF, EIGRP, RIP (v2), BGP, MP-BGP, PFR, OSPFv3, EIGRPv6, RIPng, Advanced Redistribution, VRF-lite

Multicast Networking: - Multicast (Sparse + Dense), MSDP, Anycast, Auto-RP, BSR, PIM, SSM

Security: - CBAC, Zone-Based firewall, Reflex ACL, NAT, IP Source Guard, uRPF, Cisco IPS/IPS, RSA Envision

QOS: - Congestion avoidance and congestion management. MQC, CBWFQ, LLQ, NBAR, WRED, Auto-QOS

VOIP: - Cisco voice gateway functionality, SRST

Unified Computing/Virtualization: Design, support, configure, upgrade Cisco UCS systems

Data Center: - FabricPath, FEX, vPC, UCS, FCoE

Wireless: - Wireless LAN controllers, all LWAP and autonomous AP models, NCS, Skills (must have): - ClearPass, Aruba wireless AOS, Airwave, networking, 802.1x - ClearPass Deployment & Integration Experience - ClearPass TACACS, Onboard, and OnGuard policy features.

VPN: - SSL VPN, IPSec VPN, and DMVPN (phase 1 and 2), EZVPN, Anyconnect

Operating System/utilities: - Windows 7, Windows 2003 Server, Windows XP Professional, Red Hat Linux, Solaris, DNS, DHCP, Netflow, WireShark

Professional skills: - Network drawing tools including MS Visio, presentation skills and experience including MPowerPoint.

PROFESSIONAL EXPERIENCE:

Confidential, Charlotte, NC

Senior Network Engineer

Responsibilities:

• Design WAN / LAN / WLAN network architecture and Configure and troubleshooting Layer 2 / Layer 3.
• Configured Nexus Basic Interface Parameters, Layer 2 Interfaces, Layer 3 Interface, Bidirectional Forwarding Detection, Port Channels, vPCs, IP Tunnels, Q-in-Q VLAN Tunnels
• Configured Nexus Smart-Channel, Static and Dynamic NAT Translation, Layer 2 Data Center Interconnect, IETF RFCs supported by Cisco NX-OS Interfaces, Configured Limits for Cisco NX-OS Interfaces
• Configured Cisco ASR 9000 Series Link Bundles, Point to Point Layer 2 Services, Multipoint Layer 2 Services, IEEE 802.1ah Provider Backbone Bridge, Multiple Spanning Tree Protocol, Layer 2 Access Lists, VXLAN.
• Configured Cisco, Catalyst 3850 Series IOS XE 3.6E, Using the Command-Line Interface and Web Graphical User Interface, CleanAir, Interface and Hardware Component, IPv6, Layer 2/3, Lightweight Access Point, Mobility, Network Management, QoS, Radio Resource Management, Routing, Security Stack Manager and High Availability, System Management, VideoStream, VLAN, WLAN
• Configured for Wi-Fi Standard QoS, Command Line Interface (CLI), Web interface (WebUI), Logical and Physical Interfaces, Creating Firewall Roles and Policies,
• Deployed Aruba and Cisco Wireless controllers, Loading an SSL Certificate (GUI), SSL Certificate (CLI), Configuring 802.11 Bands, 802.11n Parameters, DHCP Proxy, SNMP, Aggressive Load Balancing, Fast SSID Changing, 802.3 Bridging, Enabling Mulitcast mode, IP- MAc Address Binding,
• Troubleshooter and Configured F5 Load Balance, Virtual Server, Nodes, Load Balancing Pools, Profile configuration, Managing Application-Layer Traffic, Enabling Session Persistence, Managing Protocol Profiles, Local Traffic, SSL Traffic, Application Traffic, NATs, SNATs, IRules,
• Deployed Cisco ASA Basic Cisco Remote Access IPsec VPN Solutions, Advanced Cisco AnyConnect Full-Tunnel SSL VPN Solution, Cisco ASA Basic Site-to-Site IPsec VPNs, Advanced Site-to-Site IPsec VPNs
• Cisco ASA Configured Site-to-Site VPN Architectures and Technologies, GRE over IPsec VPNs, VTI-Based Site-to-Site IPsec VPNs, Site-to-Site IPsec VPNs, DMVPNs, Cisco ASA Configured Remote Access VPN Architectures and Technologies, Remote Access Solutions Using SSL VPN, Remote Access Solutions Using Cisco Easy VPN
• Palo Alto Networks firewall PAN-DB Categorization, Enable a URL Filtering Vendor, Determine URL Filtering Policy Requirements, Palo AltoUse an External Dynamic List in a URL Filtering Profile, Monitor Web Activity, Configure URL Filtering
• Palo Alto Networks firewall connect securely over a public network, configured Site-to-Site VPN, Interfaces and Zones for the LSVPN, Enable SSL between GlobalProtect LSVPN Components, GlobalProtect Gateways for LSVPN.
• Working understanding of code and shell script (Bash, Powershell, PHP, Python, Perl and/or Ruby).
• Implement and troubleshoot layer 2 protocols CDP, LLDP, VLAN access ports, VLAN database, normal, extended VLAN, voice VLAN, VTP, spanning-tree, PVST+/RPVST+/MST,STP.
• Configured device security using Cisco IOS AAA with TACACS+ and RADIUS, AAA with TACACS+ and RADIUS, Local privilege authorization fallback.
• Design, Implement and Troubleshoot Highly Available and redundant topologies vPC, fabricpath, STP, VXLAN, OTV, EVPN, PTP, NTP, DNS, DHCP, MACsec, ACL, private vlans-
• Configure, verify, and troubleshoot single area and multi-area OSPF, EIGRP, RIP for IPv4, IPv6
• Implement and troubleshoot peer relationships, IBGP and EBGP, BGP, IPv4, IPv6, VPN address-family
• Configured and troubleshoot MPLS operations, MPLS L3VPN, encapsulation GRE, Dynamic GRE
• Experienced with DMVPN single hub, NHRP, DMVPN with IPsec using preshared key, QoS profile, IOS AAA using local database
• Implement and troubleshoot first-hop redundancy protocols HSRP, GLBP, VRRP, Redundancy, DHCP, network time protocol NTP master.
• IPv4 network address translation Static NAT, dynamic NAT, policy-based NAT, PAT, NAT ALG, IP SLA ICMP, UDP, jitter, VoIP.

Wireless Engineer

Responsibilities:

• Design and implementation of network security solutions within enterprise network
• Deployed next-generation firewall solutions, configuration of security policies in a complex multi-vendor environment, and working with business units inside and outside of the environment to develop best-practice security solutions.
• Monitors and manages the Remedy Firewall Operations Trouble Ticket queue. Assigns and resolves Remedy incidents and service requests.
• Expertise in communication protocols, network operating systems, servers, firewall implementation, IPS/IDS systems, and advanced malware detection systems
• Implemented, and support WLANs by performing and documenting 802.11 wireless surveys.
• Support new Cisco 8500(s) high capacity WLAN controllers and over thousands of AP over multiple (local) locations.
• Used Air Magnet Survey and Spectrum Analyzer, analyzing collected RF data to determine cell boundaries, AP power settings, and noise and interference sources is preferred, but not required. Will determine AP placements and deploy APs, and perform post-implementation surveys in order to optimize WLAN performance.
• Diagnose difficult network performance problems and interact with application support teams to diagnose network or application performance issues. Trouble-shoot network issues related to asymmetry.
• Used CleanAir to troubleshoot interoperability with non- 802.11RF devices
• Trouble-shoot and validate specialized with Wi-Fi client devices such as Cisco IP phones, Samsung and Apple tablets, WYSE terminals and biomedical equipment.
• Experience as a Cisco Wireless LAN Specialist with hands-on 802.11 implementation and support experience.
• Experience with Real Time Location Systems (RTLS) tracking
• Experience with 802.11a/g/n/ac Cisco WLC, CAPWAP, LWAPP, be able to use tools such as Cisco Prime Infrastructure, AirMagnet suite to design and support WLANS.
• Experience with L2/L3 and wireless security features including Access-lists, WPA/WPA2, CCKM, AES-CCMP, CCKM, 802.1X/EAP, PEAP, RADIUS and TACACS.
• Hands-on experience and well versed in utilizing networking tools and applications, such as Cisco Works, Solarwinds.

Network engineer.

Responsibilities:

• Design and architecture complex network, routing, switching and forwarding issues across multiple routing and switching platforms.
• Investigating Network/ suspected network incidents and working towards mitigation, resolution of the issue.
• Hands on experience with Cisco Data Center Switches Nexus 5K, 7K and 9k.
• Hands on experience with Cisco ASR, 7600/6500 routers.
• Configured VLAN Trucking 802.1Q, STP and Port Security on Catalyst 6500 switches.
• Hands on experience in Cisco Catalyst 2900, 2960, 3560, 3750, 4500, 4900, 6500 series configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
• Design and create dedicated VLANs for voice and data with for prioritizing VOICE over data on catalyst switches and basic VOIP configuration.
• Worked on Nexus platform 7010, 5010 and deployed VPC, VDC and OTV, Fabric Path and successfully implemented VSS on the Cisco catalyst switches.
• Use Layer 2 Switching in Cisco's Catalyst Switches C4000, C3000, C2900 Series, and other Layer 2 devices to work with customers and Business Units.
• Working Knowledge of Cisco IOS, Cisco IOS-XR, Cisco Cat OS, Cisco NX-OS, JUNOS
• Assisting and troubleshooting on Cisco Meraki solutions remotely including 802.11 a/b/g/ac Wireless networks.
• Performing JUNOS/IOS upgrade for installed routers/Switches/Firewalls (Juniper/Cisco) within the network as per the recommended process provided by the vendor
• Assisted in the transition from the all Juniper Legacy Network to an all Cisco network which included installing, testing and maintenance of the Cisco equipment.
• Juniper QF5200 Series, EX2200 Switch Q Series JPOD Cisco Cat6500, 2500, 2900 series SSG5 Branch Firewalls.
• Responsible for performing predictive wireless designs/site surveys with AirMagnet Planner (Cisco 3500/3600/3700/ Aruba 105 access points) and conducting physical wireless site surveys with AirMagnet Survey.
• Perform Wireless RF Site Surveys with Air Magnet and offline surveys.
• Working on global 802.11ac WLAN upgrade project.
• Performed network devices (Cisco, Arista) EOL replacement and new installed large scale data centers. Reviewed designs as SME.
• Hands on experience with BIG-IP environment utilizing two or more of the following: GTM, LTM, APM or ASM.
• Worked on upgrading F5 device from 11.4 to 11.5.3 to remediate HTTP classes and profiles and Upgrading and relicensed F5 LTM.
• Configuration, migrations, upgrades of F5 Big IP LTM 3400, 6400, 8900 running v4.x to 10.2.x, Active/Standby.
• Experience with convert Checkpoint VPN rules over to the prime Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
• Configuring, Administering and troubleshooting Checkpoint, Solaris and ASA firewall
• Configured Palo Alto firewall models (PA-2K, PA-3K and PA-5K) as well as centralized management system(Panorama) to manage large scale firewall deployments
• Upgrade of Checkpoint management servers from Gaia R77.20 to R77.30 GA using CPUSE via HOTFIX.
• Did a complete rebuild of Checkpoint firewall from Gaia R77.20 to Gaia R77.30 GA version.
• Perform Checkpoint and PIX firewall/IDS design, integration & implementation for Cyber Trap client networks
• Integrated Panaroma with Palo Alto firewalls, for managing multiple Palo Alto firewalls with single tool.
• Configured SNMP on Palo Alto firewalls 3060, 5060, 7050 for receiving incident alerts and notification and wrote SSL decryption policies for decryption of traffic to provide Anti-virus, Malware protection.
• Experience working with and designing network architectures with IP Routing protocols such as BGP, OSPF, EIGRP, DMVPN, and iWAN. Layer-2 switching technologies and related WAN technologies like MPLS, DWDM, T1, T3 OC3 and other WAN Technologies
• Actively involved in Switching Technology Administration, including creating and managing VLANS, Port security- 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst 4507R+E, 3570, 6500, 6800, and Nexus 2232, 5596, 7009 switches.
• Experience in working with Nexus 9K, 7K, 5K, 2K devices.
• Created dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA.
• Experience with VoIP phone systems, including SIP, codecs, QoS, fax, and unified messaging.
• Troubleshoot LAN/ WAN related network issues using Cisco works and Solar Winds and participate in 24x7 on-call.
• Worked with MPLS to improve quality of service QoS by defining LSPs that can meet specific service level agreements (SLAs) on traffic latency, jitter, packet loss and downtime.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event of core router becoming unreachable.
• Experience in implementing site-to-site and remote access VPN Technologies using GRE, IPSEC & MPLS.
• Experience with Network Monitoring Solutions (Nagios, Solar Winds, etc.).

Network Engineer

Responsibilities:

• Provided deployment guidelines for inserting new IP technology and upgrades into MPLS on backbone network.
• Worked with vendors Cisco, Huawei in validating hardware and software features.
• Troubleshooting the latency issues in the WAN network.
• Experience in configuring Site-to-site and remote access VPN solutions.
• Ensure all Network elements are deployed as per deployment template and standard configuration template.
• Providing 24x7 technical supports to complete team. Management of Netops server for providing uninterrupted services to customers.
• Ensure network is migrated to MPLS architecture up to Core switch level.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Configuring ACL to allow only authorized users to access the servers.
• Participated in on call support in troubleshooting the configuration and installation issues.
• Developed route redistribution mechanism between BGP and OSPF for large scale networks.
• Ensure all elements with 100 % uptime, Ensure redundancy for all Critical network elements in LACP mode.
• Configuring IP sec VPNs as per customer requirements with standard encryption and encapsulation.
• Documentation of Network details, reporting the Network health status to respective teams for action.
• Configured SNMP on all the network devices and added them to Solarwinds for monitoring.
• Configured Routing protocols such as OSPF, BGP static routing and policy based routing.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP and RSTP, MSTP, LACP.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Switching related tasks included implementing VLANS, VTP, RSTP and Port security.
• Dealt with the configuration of Standard and Extended ACLs for Security.
• Continually monitor, assess and improve network security test with the help of Solarwinds.
• Worked along with the team in resolving client raised incident tickets.
• Monitoring the WAN links using Solarwinds and what’s up gold.
• Monitoring & Troubleshooting Cisco core Routers (7200, 3600, 1700 and 1600) and Switches (Cisco 2900, 6500, 3500, 3700 and 3Com Switches).
• Worked with routing protocols of RIP,EIGRP,OSPF,MPLS
• To ensure high availability of system resources to the end users and to maximize the uptime of doing the necessary work to diagnose, detect and rectify the faults in time.
• Coordinating the technical activities with their vendors & Telco to keep the systems and network uptime to 98% and submission of monthly reports on the project.

Confidential

Network Support Engineer

Responsibilities:

• Installation and configuration of various Routers like 800, 1600, 2500, 2600 and configuration of various Cisco switches like 2960, 3560.
• Local computer and LAN support for 2000 employees
• Implementation of various routing protocol like, EIGRP, OSPF on routers
• Configure and Troubleshoot Spanning Tree protocol in the Switching Network.
• Implement the technical solution sold to clients.
• Test and pre-configure equipment to be sent to site.
• Reporting network operational status by gathering, prioritizing information.
• Provide assistance to field engineers during installations
• Resolve any technical issues that arise during the project implementation.
• Open TAC cases with network vendors to solve issues.
• Assist in troubleshooting National Internet virus attacks and prevention of virus infiltration
• Assisting in Network Security issues relating to Internet or network hacking &misuse
• Troubleshoot and repair of local area network outages using Fluke Optiview, Telnet, Sniffer, Ping, Trace Route and Internet Technologies
• Provide project status reports to upper management