SUMMARY:

• Strong knowledge on HSRP, VRRP Redundancy Protocols.
• Experience in using NX - OS with Nexus 7K and 5K series switches.
• Expertise in configuring OSPF, EIGRP, IGRP, RIP, BGP, and ISIS over ipv6, STATIC Routing, Dynamic Routing, Policy Based Routing, Frame Relay, ISDN, E1/E3, T1/T3, QOS, IPSec VPN and ATM.
• Excellent interpersonal, communication and organizational skills with the ability to interact effectively with employees at all levels within the organization.
• Working knowledge of DNS, DNSSEC, BIND and Load balancer concepts.
• Highly valuable Project Management and Operations Planning skills.
• Experienced with multisite configuration setup with VOIP routers and ASA5510 and SA520 firewalls.
• Hands-on experience on working with Layer 3 protocols like Static Routing, RIP, OSPF, EIGRP, BGP and MPLS.
• Experience in working with ARISTA switches like 7100, 7500 for cloud computing, datacenter and low latency networks.
• Implemented MPLS/VPN services for various customers.
• Network Security-Firewall (Next Generation)- Palo Alto Support
• Hand-on experience with the following technologies: Cisco Nexus - Switches - F5, Netscaler - Load Balancers.
• Experienced configuring Virtual Local Area Network (VLAN), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Spanning Tree Protocol (STP), RSTP, MST, VRRP for Default Gateway Redundancy and Per VLAN Spanning Tree (PVST).
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP,NAT, DHCP, DNS, Firewalls.
• Possesses hands-on experience with Cisco based routers and switches.
• Experience working with MPLS Layer 3 VPN on ASR 1006 with IOS-XR.
• Technically sophisticated with 7 years hands-on professional networking experience in configuring, monitoring and administrating Cisco and complex TCP/IP based networks with all kinds of addressing and protocol stacks in LAN/WAN environment.
• Center networks consisting of Cisco routers, switches and desktop/server environment.
• Provides BlueCoat Proxy support services to Confidential networks worldwide.
• Voice over IP experience and development.
• Good knowledge of IPv4/IPv6.
• Hands on Experience with Fortigate 1000C, 3600C, 1000D, 3800D Firewalls and Fortimanager4000 E, Fortimanager 3900E, Fortimanager 3000C & Fortimanager 1000D
• Extensive Packet level debugging and troubleshooting on Palo Alto Firewalls to resolve numerous network issues.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Use HTTP forward Proxy in Blue coat Proxy server.
• Experience in configuring RIP v1&2, OSPF, EIGRP, BGP, MPLS, Frame Relay and PBR.

TECHNICAL SKILLS:

Networking Concepts: OSI Model, TCP/IP, UDP, IPV4, IPv6, Subnetting, Hubs, Bridges, VLSM

Routing Protocols: EIGRP, OSPF, MPLS, RIP, RIPV2, BGP

WAN Protocols: HDLC, PPPPacket Switched WANMPLS, VPN, IPSec-VPN, PPP

Security Technologies: Cisco ASA 5500,Site-to-Site VPN, SSL VPN

Cisco Router: Cisco Wireless controller 2500,5500,5700Cisco unified call manager, Cisco sip phones 7940, 7960ISR G1 s & G2 s, Nexus 3ks, 6500 SUP720 & SUP 2T.Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 26002500, 2000,1800 series) & Cisco Catalyst switches(6500, 4900, 3750, 3500, 4500, 2900 series), ASR (9K, 901, 903), GRS 12k

Physical interfaces: Fast Ethernet, Gigabit Ethernet, SerialLayer 2 technologyVLAN, VTP, ISL, dot1q, Spanning-tree, PVST

Layer 3 Switching: CEF, MLS, Ether Channel

SwitchesFirewall: Cisco Catalyst 3560, 3750, 4500, 4900, 6500 and Nexus 2000, 5000, 7000Juniper netscreen(500/5200), Juniper SRX (650/3600), Pix(525/535), ASA (5520/5550/5580 ), Checkpoint Firewalls, Fortigate Firewalls.

PROFESSIONAL EXPERIENCE:

Confidential, Fort Worth, TX

Firewall Engineer

Responsibilities:

• Develop / Deliver Professional Proposals / Design Documentation
• Designed and configured Splunk search head pooling feature using VMware, NetScalar Load Balancer and NAS storage.
• Implementing and maintaining cisco 2600,2800,2900,3600 Series Routers and 2900,3650,3750 Series Switches and Cisco 1252 and 1262 Access Points for various sites
• Single arm /double arm Netscalar setup with double hop configuration.
• Managing Large Palo Alto Firewall network including 50 remote offices, and three Data Centers using 5000, 500 and 200 series firewalls, Palo Alto Management software Panorama. SD-WAN, MPLS experience.Cisco Meraki switches and Access Points.
• Implementing and troubleshooting firewall rules in Cisco ASA 5525, 5580, Checkpoint R77.20 Gaia and VSX as per the business requirements.
• Support for Bluecoat proxy appliances.
• System administration of Netscalar Load Balancer for Splunk server farm
• Implemented TCP/IP and related services DHCP/DNS/WINS.
• Configured VLAN trunking with Palo Alto interface .
• Configured routes on Palo alto firewalls 3060, 5060
• Responsible for providing escalation assistance to Infoblox support engineers, customers, partners and field operations.
• Lead engineer for the CBS enterprise DHCP migration to the Infoblox solution. Working closely with CBS engineers to ensure a transparent migration from CBS’s existing DHCP design into the Infoblox solution.
• Reviewing the CBS Infoblox design for vulnerabilities and improvements. Ensuring CBS adheres to the Infoblox recommendations and guidelines.
• Presenting solutions to CBS managements for DHCP, DNS and IPAM within the Infoblox Grid.
• Reviewing the CBS DNS migration plan into Infoblox. Working with CBS and Infoblox design engineers to deliver a streamline and coherent migration solution.
• Support and troubleshoot Cisco and Bluecoat proxy environments
• Creating of CWNCM/HP NA policy rules for security enforcement of over 5500+ Cisco, Juniper, Riverbed, F5 and Bluecoat network devices.
• Configuration Firewall & IPS FortiGate 100D as an edge firewall
• Configured & Maintained FortiGate 300D's High Availability and Clustered firewall environments in Alpharetta, Ga. Providing ongoing support.
• Creating of CWNCM/HP NA policy rules for security enforcement of over 5500+ Cisco, Juniper, Riverbed, F5 and Bluecoat network devices.
• Hands-on experience on Fortigate 800D, 3000D firewall.
• Schedule, monitor, and troubleshoot vulnerability scanning for internal customers
• Provide support and resolution for scanning and vulnerability remediation reporting issues
• Provide technical support for vulnerability management projects
• Generate reports and present on security vulnerabilities to various stake holders.
• Involved in Patching and bug fixes for more than 5000+ servers of Linux Kernel version 5 and 6.
• Administered Puppet, build and deploy manifests for website deployment on CentOS Linux. Managed Mac workstations with Puppet.
• Linux Administration, MS Office, Win XP/7, Windows Server 2003/2008, Active Directory, DNS, DHCP, GPO, Networking, TCP/IP, VLAN, Subnetting
• Manages BlueCoat Proxy / Anti-Virus / Director appliances for the CJO-A
• Working with CTI to determine if IPS/IDS devices are protected network against newer CVE’s.
• Cisco SourceFire IPS/IDS and Palo Alto IPS/IDS, Using FMC device and Managing overall effectiveness of IPS/IDS.
• Hands on experience on configuring routers in different environments like Cisco CRS/ASR900x/GSR, Juniper MX/M/T series
• Security policy review and configuration in Palo Alto and Juniper SRX Firewall in US offices and Datacenter.
• Configured and maintained Palo Alto Network firewalls.
• Worked on projects which involved SolarWinds Orion in configuring the device for Ping, SNMP, ICMP, SYSLOG etc.
• Exposed to Bluecoat Proxy devices located in various locations companywide, with problem tickets, requests and projects requesting proxy application troubleshooting with customers
• Configured the enterprise LAN, WAN, DMZ and STZ network devices routers, switches, firewalls and Windows servers in SolarWinds Orion for monitoring and alerting.
• Learned functionality of core features such as AppID, ContentID, and UserID in PAN firewalls.
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Enable Palo Alto vulnerability and threat profiles to detect security threats
• SME with Cisco Switches. Debug firewall process activity in a shell command format.
• Power shell automation for creation of virtual servers to vhosts.
• Leveraged skills in scripting (PowerShell), systems automation (GPO), and configuration management. (SCCM) to increase systems management and software deployment capabilities and efficiency.
• Troubleshooting server side user issues by knowing PowerShell and the Command Line
• Monitored, troubleshot, configured, and secured Core Cisco 6500 catalysts, router/switches, Cisco ASA 5500 firewalls. Completed monthly IOS configuration backup on all network devices.
• Configuration and Maintenance of ASA, ASA 5525, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
• Configure and maintain Windows NT/2000 environment services, including Active Directory, DFS, WINS, DNS, DHCP, file replications and logon scripts.
• Manages BlueCoat Proxy appliance configuration and is NPC's proxy appliance administrator. He is responsible for analyzing data dealing with traffic composition, usage and throughput as well as blocking customer specified URL content.
• Responsible for Check Point, Cisco ASA and Palo-Alto firewalls configuration and administration across global networks
• Worked on different models of F5 (LTM & GTM) Loadbalancers including BIG-IP 3600 and BIG-IP 3900.
• Good understanding of load balancing methods on F5 loadbalancers (LTM & GTM).
• Knowledge on creating pools and port-based services for different virtual IPs on F5 Loadbalancers.
• Worked on different network devices including Cisco Routers & Switches, Juniper Firewalls, and F5 loadbalancers (LTM & GTM).
• Support Bluecoat proxy migration to new platform for all Business and Datacenters in environment
• Installed and renewed SSL Certificates on F5 loadbalancers to secure the data traffic.
• Monitored the UBS Infrastructure that includes Routers, Switches, Firewalls, Loadbalancers (F5 LTM & GTM), and Optical Devices.
• Hands-on experience on configuring/troubleshooting and managing Nexus 2K 5K,7K,9K switches
• Configuring Vlan’s, VTP’s, enabling trunks between switches.
• Expertise in VPN configuration, routing, NAT, access-list, Security contexts, and failover in ASA firewalls.
• Troubleshooting firewall rules in Cisco ASA 5525, 5580, Checkpoint R77.20 Gaia and VSX as per the business requirements.
• In-depth knowledge of troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IRouting Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP,DOT1x, HSRP & GLBP.
• Palo Alto installation, configuration, administration, monitoring and implementing the policies, Palo Alto, 3060,5060, and 7050
• Support and troubleshoot Cisco and Bluecoat proxy environments
• Completed WLAN hardware installation/configuration, to include replacing Cisco WAS with Aruba equipment and core Cisco switches with Juniper 8216; transformed 1000+ ports.
• Implemented WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Worked on Aruba Wireless LAN Implementation for 11n Infrastructure Across the Corporate Network
• Troubleshooting F5 Load balancers, Cisco Nexus switches, Riverbed WAN Optimizers, Cisco ASR1000 series
• In-depth knowledge of deploying LAN, WAN, Frame-Relay, Ether-channel, IRouting Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP,DOT1x, HSRP & GLBP
• Established IPSEC-VPN tunnels with ASA 5500 series Firewall between some branch offices & headquarters.
• Document Findings / Record Locations and Log Signal Reading / Data Rates
• Cisco Identity Services Engine (ISE) project.
• Provide support for 2Tier and 3Tier firewall architecture, which includes various Checkpoint, Cisco ASA firewalls and Palo-Alto firewalls.
• Developed solid understanding of layer 3 LAN and WAN networking, including QOS for VoIP
• Expertise knowledge on PALO ALTO Firewalls

Palo Alto Engineer

Responsibilities:

• Issue and co-ordinate design documentation and evaluation of project proposals.
• Working on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
• Provider-1Checkpoint, Juniper Firewall and Bluecoat proxy technical level-3 support 24x7 on rotating schedule.
• Designed and implemented an IP addressing scheme with subnets for different departments.
• Setup simplified and traditional VPN communities, and Cisco Any connect
• Design and implement vulnerability management program
• Strong hands on experience on Checkpoint Firewalls, ASA (5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Security Device - Palo Alto/ASA Firewalls, Source fire IPS/IDS, NIPS, VPN.
• Generate reports and present on security vulnerabilities to various stake holders.
• Worked on Aruba Wireless LAN Implementation for 11n Infrastructure Across the Corporate Network
• Migrated IP's from Ip control and Solarwinds to Infoblox, as a part of IP migration to single tool
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
• Manages BlueCoat Proxy appliance configuration and is NPC's proxy appliance administrator. He is responsible for analyzing data dealing with traffic composition, usage and throughput as well as blocking customer specified URL content.
• Responsible for creating network configurations for Cisco ASR9k, CRS, Nexus 7000, 7609, 7613, 6509,
• Implemented various EX, SRX & J series Juniper devices
• Deploys on-site to assist with design and installation of client purchased BlueCoat solutions.
• Experienced with Juniper: EX 2200, EX 4200, EX 4500, MX-480 and M Series, SRX210 and SRX240.
• Configured policies on Juniper SRX, Net screen and Cisco ASA firewalls.
• Installed Fortigate 800 D, 3000 D firewalls and configured its Management IP, consoled it to CMS server, clustered those firewalls for ISE lab remediation.
• Worked with Global information systems for ISE Remediation project, to place the Labs behind the Fortigate Firewalls
• Configured and installed Bluecoat Proxy SGs to a newly designed network scheme, from an inline perspective to a WCCP load balanced network layout.
• Configured Forti-manager, Forti-analyzer in Fortigate firewalls
• Strong working knowledge of wired and wireless in LAN, MAN, and WAN environments.
• Configuring user's roles and policies for authentication using Cisco NAC and monitoring the status of logged users in network using Cisco ISE.
• Experienced in Windows Management Instrumentation architecture, WinRM, Server performance troubleshooting, Server Architecture and Power Shell.
• Administer Failover cluster with Failover Cluster Manager or by Power Shell cmdlets
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Familiar with security products such as Cisco ISE
• Provide hands-on knowledge for a wide range of security technologies with an ideal focus on Bluecoat Web Content Filter Proxies, Bluecoat Reporter, and Active Directory (and related authentication / authorization controls).
• Migration of the firewall rules from Cisco ASA, Checkpoint to Palo Alto firewalls using migrationtool from PAN.
• Responsible for firewall rule set migration from Cisco ASA, Checkpoint to newly implemented Palo Alto.
• Palo Alto App ID migration from the legacy based port rules for PA 5060, 7050.
• Effectively update the Visual Policy manager (VPM) as per required access by the client. Periodically upgrade the bluecoat devices to desired feature set OS level as required.
• The implementation included dual Cisco routers (3945, 3845, 3745 and 3640), dual cisco 2924 switches, multiple NICs for Linux servers, IP address planning with VLSM, multiple VLANs with Etherchannel, Dot1Q trunking, HSRP, NAT, NTP, SNMP, Async terminal server, redundant routing with carrier data networks and redundant inter-site connectivity using EIGRP over T1/T3 links.
• Configured VLAN trunking with Palo Alto interface.
• Configuring, Administering, and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA firewall.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Installing the F5 TMOS upgrades, Hot-fix installations depending on Business need.
• TMOS Upgrades via GUI and TMSH
• TMOS scripts: WIP creation, Pool and member creation, VLAN, Self IP
• Designed, built, and deployed F5 Big IP load balancers (8900's, Virions, Blades), F5 Big IP TCL, F5Big IP TMOS, F5 Big IP LTM Local Traffic Manager, F5 DNS Domain Name Services
• Upgrades/Downgrades of F5 TMOS, Hot-fix installations depending on need
• Worked on F5and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance and F5 TMOS architecture.
• Configured IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP.
• Configuration and troubleshooting of Cisco catalyst 6509,7613 with supervisor cards
• Experience in configuration of Cisco routers CRS, 7500, 7600, 7200, 3700, 3800, 3600, 2900, 2800, 2600, 1900 series, ASR9k, GSR12k.
• Responsible for installation, troubleshooting of firewall (Cisco firewall, palo alto, Checkpoint firewall) and related software, and LAN/WAN protocols
• Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering).
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently
• Fabricate wire bundles, marking wires, termination into connectors
• Troubleshoot all Infoblox DHCP and IPAM issues that may occur. Working with other CBS engineers, as well as Infoblox Sales Engineers and TAC.
• Maintaining a professional working relationship with Infoblox Sales Representative and Sales Engineer.
• Created ISE documentation consisting of Standard Operating procedures for wired and wireless systems and
• Provisioning Cisco controllers, routers and switches for VLANs, QoS, firewall services, and 802.1x to support multiple SSIDs in an integrated wired and wireless environment.
• Maintain a high level of functionality and availability of all VPN links, routers, Gateways, switches, firewalls, load balancers, and WAN links (Cisco, Cisco Call manager, (UCM), UCCX, Check point and Foundry hardware).
• Provided pre, post engineering consulting to CUCM and UCCE upgrades, which involved developing procedural documentation, software bug scrub analysis, and validation in testing environment.

Network Engineer

Responsibilities:

• Designed Configured, Installed, and Maintained and provided T-Shoot the network infrastructure for Cisco platform for more than 300 devices i.e. 2800, 3600 series Routers and switches for office and for various Customers.
• Migration of RIPv2 to OSPF, BGP routing protocols.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Troubleshoot problems on a day to day basis and providing solutions that would fix the problems within their network.
• Configured EIGRP for Lab Environment.
• Configured RSTP, LACP and VTP on Cisco devises.
• Created VLAN and Inter-VLAN routing with Multilayer Switching.
• Palo Alto IPS change control mgmt.
• Designing Solutions for frozen requirements using Cisco Routers and Switches.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with client team to find out requirements for their network.
• Fourth tier troubleshooting, support and implementation for DNS/DHCP.

Network Engineer

Responsibilities:

• Designed application mapping and application delivery using F5 BIG IP LTM.
• Design complete end to end indoor and outdoor wireless solutions including autonomous, lightweight, mesh, security (802.11i, FIPS), management, AAA.
• Implement security policies using ACL, IPSEC, SSL, VPN on ASA … AAA, ACS ISE/Dot1x
• Configure all aspects of UCSM such as pool configuration, creation of service profiles and templates
• Configuration and Administration of Cisco and Juniper Routers and Switches
• Configured Virtual Switching System, HSRP and VRF-lite remotely to devices for verifying the connectivity in the network lab
• Configured ACL & NAT through CLI.
• Configuration and testing of Multicast for both IPv4 and IPv6 routing in Data Center Environment.
• Configure and deploy L2 / L3 protocols STP, VTP, PVST, Ether channels, VLAN, PVLAN, ISL trunk, OSPF, EIGRP, Static, BGP and MPLS, Redundancy protocols HSRP, VRRP and GLBP
• Configured Virtual IPs and servers on F5 and associated pool and pool members to it.
• Experience in Technical support & configuration for Juniper Networks routers, JUNOS, policy, VPN's, MPLS, ScreenOS, SSL IDP & Firewalls.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Involved in writing troubleshooting guidelines for MPLS VPN.
• Performed Troubleshooting and monitored routing protocols such OSPF, EIGRP & BGP.
• Involved in customer escalations and troubleshooting issues related to connectivity, STP, VLAN, Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network.

Jr. Network Engineer

Responsibilities:

• Set up Internet, implementing Networking products like servers, proxy servers, switches, Firewalls, Routers.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Performed tons of V2V Migration using VM converter and Platespin
• Configured Vmware HA, VMwareDRS in acquiring higher efficiency for VMware Infrastructure.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration
• Install and configure various VoIP systems at customer sites to include Cisco CallManager, Unity, Unity Connections and voice gateways.
• Performed troubleshooting and monitored routing protocols such as OSPF, EIGRP & BGP.
• Working and troubleshooting in inter-vendor Palo Alto environments
• Managed IP address DNS and DHCP for the network using InfoBlox
• Developed SDN solutions for networks
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 and Radware for the corporate applications and their availability
• Isolated network traffic via F5 load balancers for GTMs and LTMs
• Support the global network which includes 85 sites across 43 countries connected via AT&T MPLS, PCCW MPLS, and site-to-site VPN
• Engaged in security compliance effort to upgrade access switches to Cisco ISE platform
• Performed Celerra administration NTP, SNMP, SMIP and TELNET.