SUMMARY:

IT professional with over 15 years of proven experience in design, engineering, implementation, troubleshooting, network monitoring and management, project/change management, analysis, 2nd/3rd tier escalation support for various network technologies in large enterprise and service provider environments, which includes proficiency in routing/switching protocols and technologies, security (firewalls, IPS/IDS, VPN), voice (VoIP), wireless, cloud, multicast, messaging and enterprise applications.

TECHNICAL SKILLS DETAIL:

Routing/Switching Products: Cisco Routers (7600/4000/3900/2900/2800/1900/800 ISR, ASR 1k & 9k Series, CRS - 1/CRS-3, GSR), Cisco Catalyst Switch (6880, 6500, 4500, 3850, 3750, 3650, 2960), Cisco Nexus 1kv, 2k, 3k, 5k, 7k & 9k Series, Juniper Routers & Switches, HP Routers & Switches, Alcatel/Lucent Routers & Switches (OA 5800/5700 ESR, 7750/7705/7450 SR, OS10k/9000 Series/6900/6860/e).

Routing/Switching Protocols & Standards - LAN Technologies: IPv4/v6, Spanning Tree, CDP, Access/Prefix/Distribution/Offset lists, NAT/PAT, Route-maps, RIPv1/v2/ng, OSPFv2/v3, MOSPF, EIGRP/v6, BGP/MBGP, IS-IS, MPLS, ARP, NHRP, Static/Stub Routing, VLAN/VTP, MVRP, PIM-SM/DM, MSDP, FHRPs (HSRP/VRRP/GLBP), CEF, VSS

WAN Technologies: Frame Relay, PPP, Satellite links, T1, T3, E1, E3, OC-3, OC-12, OC-48, OC-192, DS3.

Security/Firewall Technologies: Cisco Security Manager Suite, Cisco ASA 5500 series, Cisco FWSM, Cisco IPS/IDS, Cisco ACS, Fortinet, Checkpoint, Advanced Firewall Manager (AFM), BlueCoat /policy, Sonic Wall Router/Firewall combos, Cisco ASA 1000v, Cisco PIX firewall, Palo Alto, cloud firewall, Juniper vSRX/SRX/NetScreen series

Protocols & Standards: IEEE 802.1x, AAA, TACACS+, RADIUS, SSH, SSL/IPsec L2/L3 VPNs, DMVPN, FlexVPN, PseudoWire, VPLS, Data Loss Prevention, Data Management Zone, Pretty Good Protection (PGP), Public Key Infrastructure (PKI), Internet Key Exchange Policy, Port Security, MAC Address Filtering.

Data Center Technologies: VMware vSphere, vCenter Server, VMware ESXi Hypervisor, VMware NSX, F5 BIG-IP/Cisco ACE Load Balancers, Cisco AnyConnect VPN management, Riverbed WAN Optimization, Meraki cloud based, FCoE/FC, SAN, LACP/PAgP, PortChannels/EtherChannels, ECMP, Cisco OTV/VXLAN, vPC, Routing and Service Profiles, VDC, Cisco Prime, Cisco UCS, NAS/iSCSI, Fabric Interconnect, UDLD, DWDM, Sire Recovery Manager (SRM), Radware ADC-VX, NetApp FlexCache, OpenStack, Ansible.

Voice/Wireless Technologies - Products: Cisco WLC, Aironet & Meraki APs, FlexConnect, Unity/Connection/Express, GroupWise 4.1/5.5, Microsoft Exchange, IP-to-IP Gateway, Avaya AURA Communication Manager, Cisco Voice Gateways/Gatekeepers

Protocols: SIP, MGCP, RTP, SCCP, H.323, SRTP, QoS, SRST, PoE, IEEE 802.11, EAP, WAP, SSID, LWAPP/CAPWAP, CSMA/CA, MMDS, DSSS.

Monitoring/Troubleshooting: Zenoss, Finisar, Wireshark, PRTG Network Monitor, Cacti, Nagios, SolarWinds, Remedy, OpNet, Cisco Works, LogicMonitor Sniffer, Ethereal, SNMPv1/v2c/v3, RMON, Syslog, tcpdump, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, SFTP, sFlow, Spirent, NetFlow, EOAM, NetBrain, MRTG, ZABBIX.

Network Apps/Languages: ArcServe, Veritas, NT Backup, Altris, Ghost, MS Visio Pro, Edraw Max, Netformx, Visual C++, Visual Basic, Java, Python, Clipper, dBASE, SAS, Epi Info, SPSS, Novell NetWare 4.11/5.0, Windows NT/ 2000/2003/ 2008/2012 , OS2, SR-OS, Macintosh, CatOS/IOS/IOS-XE/IOS-XR/NX-OS, JunOS, ScreenOS, Cisco ASA, FortiOS, PAN-OS.

PROFESSIONAL EXPERIENCE DETAIL:

Confidential

Lead Network Engineer

Responsibilities:

• Member of Wipro team ( a world leader in providing information technology products & services) responsible for Confidential ’s global IT infrastructure with responsibilities that include but not limited to infrastructure review, implementation, network monitoring and troubleshooting, documentation, testing and validation along with tier 3/4 escalation support on major issues.
• Key technologies regularly handled include static and EIGRP routing, VSS, Stack-switching, PVST/VTP, HSRP/VRRP, QoS, VoIP, Cisco ACS (TACACS/RADIUS), IPv4/v6, AnyConnect, DMVPN, Wireless, VMware vSphere, Easy VPN, FlexConnect, IOS upgrades, Cisco Prime (Rel. 3.4), Unity Connection (8.5), SolarWinds, MRTG, Zabbix.
• Specific technologies include Cisco (891/2, 3900, and 4321/4451 ISR) routers, Catalyst (2960/3560/3850/4507/6880 ) & Nexus 3172/6001/7009/9396 switches, Cisco ASA 5515/5525, Aironet 3502i/3602i/3702i & Meraki MR42/52 APs, Cisco 4402/5508/5520 WLCs, F5 BIG-IP 4000, Riverbed (CX3070M/CX5070H) to name a few.

Confidential

Network Engineer

Responsibilities:

• Member of an enterprise team responsible for end-to-end management of sprint’s backbone ISP/Telecom infrastructure with responsibilities that include but not limited to design review, high level network monitoring and analysis, technical documentation, implementation, testing/validation along with tier 3 escalation support on major issues.
• Key technologies regularly handled include static, OSPF, IS-IS, BGP and MPLS routing, PVST+/MST/VTP, multicast, QoS, security and routing policies, NAT, IPv4/v6, VPNs, IDS, AAA, wireless, voice, SolarWinds, Spirent, NetBrain.
• Specific technologies include Cisco (12416 GSR, 7604/7613 and ASR 9010) routers, Juniper MX960/240/80 routers, Catalyst (4503, 4912, 6509, 6513) and Nexus 7010 switches, Juniper (SRX 5800/3600 and NetScreen 5400) firewalls, Nexus 2232/2248 FEXs, Access/Terminal servers, F5 BIG-IP 2000/3900 series, Palo Alto 5060/7080 to name a few.

Confidential

Network Consultant

Responsibilities:

• Technical responsibilities included, but are not limited to the configuration, installation, design, analysis, testing and troubleshooting for large scale LAN /WAN network infrastructures, including infrastructure review/validation/edits, site assessments/analysis, new technologies review, business and technical needs analysis and recommendations.
• Key technologies regularly handled include RIPv2, EIGRP, OSPF, MPLS and BGP routing, VLAN/VTP/RSTP switching technologies, IPv4/v6, NAT, multicast. VMware vSphere/VXLAN/OTV, AAA, Cisco Prime, 802.1x, VPN, IPS, wireless, voice/QoS, SPAN along with Wireshark, Cacti, and sFlow/NetFlow along with PRTG Network Monitor.
• Specific technologies included Cisco (7602/7606/2811/2801 ), Juniper 2320 and Alcatel (7750/7705/6860/ e) routers, Catalyst (6509/4503/3750 ) and Nexus (1000v/ 5020/9508/9300 ) switches, Cisco ASA (5505/5510/5585 ) and Juniper SRX 210 firewalls, Nexus 2148 FEXs, 1131 APs/2106 WLCs, F5 BIG-IP Virtual Edition, Palo Alto 2020 to name a few.

Confidential

Network Systems Manager

Responsibilities:

• Responsible for senior administration, software updates/development, hardware implementation/upgrades, documentation/change management and troubleshooting for various networking technologies.
• Technologies handled include routers, switches, WAN infrastructure, and various network based applications.

Confidential

Network Support Analyst

Responsibilities:

• Member to a team responsible for 1st- and 2nd-tier network support and management, design, configuration and installation, troubleshooting, documentation, providing strategies, testing and implementation for various LAN/WAN network infrastructures which include, but not limited to Cisco routers, Cisco switches, and PIX firewalls.
• Additional technologies handled include, but not limited to servers, network enterprise applications and routing protocols - IS-IS, MPLS and BGP.

Confidential

IT Manager (Networks)

Responsibilities:

• Managed and supervised a team of professionals responsible for the day-to-day support, workarounds, maintaining IT security, and installed, upgraded, merged, and handled troubleshooting activities for various LAN/WAN infrastructures.
• Technologies handled by the team include but not limited to onsite IT infrastructure network operations and system integrity, disaster/data recovery, server racks, firewalls, VPN link, wireless carrier segment to the internet, point-to-point satellite links, voice and central power supply systems.
• Configured trunk and access ports, and implemented granular control of VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets that can extend further across the network infrastructure than with previous generation of switches.
• Integrated a virtual version of Nexus: Nexus1000v virtual supervisor module (VSM) into the VMware vSphere 5.5 platform to extend Nexus features directly adjacent to virtual machines (VMs) so that they benefit from Cisco switching capabilities and network topology consistency ensuring VMs maintain their subnet/VLAN relationships during failover.
• Configured port-profiles as part of the NX-OS command structure that were dynamically made available to the virtual ethernet modules (VEMs) controlled by the VSM and applied to multiple virtual and physical interfaces via a single command that reduces administrative error and allows for better configuration readability.
• Configured secure privileged administrative access to the Cisco IOS system. Enabled the encryption of system passwords to prevent unauthorized users access to passwords in the system configuration.
• Configured secure access to the console and vty ports, and set the interval that the EXEC command interpreter waits until user input is detected on the Console and vty ports. Also, configured the console and vty ports log messaging to not interfere with active device configuration.
• Configured and administered VLAN Trucking Protocol (VTP) to reduce administrative overhead. Enabled secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused ports on the switches following Layer 2 security best practices.
• Administered Local VLANs based on department function, and configured ports with static VLAN assignment, static 802.1Q trunks, and dynamic ISL trucking using Pap for layer 2 forwarding. Utilized VLAN Spanning-Tree in conjunction with PVST+ for compatibility between Cisco and Juniper switches. Configured edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays. Modified spanning-tree parameters for manual root bridge assignment. Implemented ether-channels between each switch using Pap for negotiation. Modified ether-channel load balancing method.
• Integrated WAN links between sites using frame-relay point-to-point and multipoint connections to establish connectivity between each of the four sites as required. Established two frame-relay point-to-point connections between a central site and two remote sites. Configured multipoint connections between three of the sites forming a full-mesh.
• Configured EIGRP MD5 Message Authentication between sites to prevent unauthorized insertion of routes into the domain. Integrated manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain the routing table.
• Configured and administered OSPF routing with multiple areas for networks between sites. Implemented OSPF MD5 Authentication between each OSPF enabled subnet to prevent unauthorized insertion of routes into the domain.
• Configured and administered MPLS VPN for a tier II service provider core/backbone to connect customer sites. Configured routers in the provider core to authenticate via LDP MD5 and provide protection against spoofed TCP segments that could be introduced into the connection streams for LDP sessions.
• Integrated static NAT/PAT to provide access to services located on a server in the private network to the public network. Implemented standard and extended access-lists to filter network traffic.
• Configured backup and recovery of Cisco IOS Images. Performed password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-config file for disaster recovery.
• Designed and implemented hierarchical NTP in a symmetric active mode with authoritative time sources and servers, time zones, and prevented accidental or malicious setting of incorrect time using both the encrypted authentication mechanism and a time-based access restriction scheme.
• Configured HSRP and GLBP and load-shared traffic on the 3640 routers in the core. Implemented the more secure MD5 authentication to prevent unexpected devices from spoofing or participating in the FHRP groups. Configured interface tracking along with preemption to monitor and respectively alter the priority of the routers.
• Configured a Cisco 2500 series router with async ports as an access server, set up a management network utilizing a computer, access server and switch, which in turn was used to configure IP addressing, VLANs, access ports, trunk ports, STP, dynamic and default routing in a multi-vendor environment consisting of Juniper, Cisco and HP devices.
• Performed code upgrade on Nexus (3172/6001/7010 ) switches, and Catalyst ( 2960/3560/3650 ) stack switches.
• Analysed and deployed a Hub-Spoke DMVPN over mGRE tunnels using Phase 3 NHRP, along with IPsec encrypted tunnels utilising IKEv1. Evaluated and implemented FlexVPN using the required IPsec and IKEv2, including migration from the previous Phase 3 DMVPN deployment.
• Determined requirements, configured and deployed an HA pair of F5 BIG-IP devices using LTM to provide a virtual web server utilizing round-robin selection for balancing and controlling traffic on several web servers, and secured the F5 BIG-IP functionality through an HA pair of ASA 5525 firewalls utilizing proper (threat detection / IPS traffic) filtering and failover.
• Implemented and tuned management capabilities and basic security features related to PA-2020 security appliance using PAN-OS 6 including SSH and WebGUI access, custom rules, virtual-wire and routed interfaces, trust/untrust and DMZ zones along with logging and auditing.
• Recommended and deployed, on many network devices, SNMPv3/Syslog/NetFlow to track status, usage, changes and traffic patterns for better analysis and decision making.
• Deployed AAA solutions using RADIUS for centralized authentication and authorization. TACACS+ was also deployed when preferred by the client. 802.1 x port-based authentications were typically utilized to restrict VLAN access when AAA was implemented.
• Configured primary and backup site-to-site IPSec VPNs between the branch and regional office, with Cisco ASA 5585 and Juniper SRX 3600 on the private and public links, respectively, at the regional office, terminating on Cisco 2801 ISR routers at the branch offices, along with setting up dynamic NAT, chassis clustering, IDS screens, OSPF/default routing and allowing services through the zone-based firewall.
• Performed password recovery on Cisco ASA 5505, and then restored it to the factory default setting.
• Performed password recovery, cleared the configuration and set up base configurations on the Juniper SRX210 firewalls.
• Provisioned Easy VPNs between Cisco X/ C891FW SOHO routers and a Cisco ASA 5525 firewall, via the Internet, in order to extend company wired and wireless VLANs to remote branch and home office(s) so as to provide the same corporate working environment.
• Provisioned Layer 2 bridging and Layer 3 routing on the same router interface using the IRB (integrated routing and bridging) feature in order to provide internal users access to the outside world.
• Provisioned dynamic (lock and key) access control lists to limit remote access to the business internetwork beyond the Cisco IOS firewall whilst handling authentication via TACACS+/RADIUS servers, and tunneling using GRE over IPSec.
• Provided an extra layer of network security by using PAT along with DNAT, and also helped conserve the IPv4 address space.
• Created virtual domains (VDOMs) to reduce hardware requirements by splitting up the FortiGate 6.0 into multiple virtual firewalls, configured inter-VDOM links, link monitoring, IP routing, policy routing, balanced outbound traffic across multiple paths (using both SD-WAN and ECMP), set up appropriate administrative accounts and firewall policies to allow traffic as needed.
• Implemented redundant site-to-site route-based VPN tunnels (secured with IPSec) across FortiGate firewall devices connected to different ISPs, and simulated failover between the tunnels. Configured policy-based routing to redirect http/https and SMB traffic through particular links. Performed diagnosis and fixed prevailing routing issues.
• Deployed the Fortinet Single Sign-On (FSSO) feature in polling mode to enable FortiGate identify (through Windows AD and Novell eDirectory services) and allow end users access to multiple network resources without having to re-authenticate, regardless of platform, technology, and domain. Also, configured FortiGate as an explicit web proxy to authenticate and authorize Internet access for specific users.
• Configured Cisco 2811 ISR (VoIP) with a Cisco Unity Express Network Module (NM-CUE) installed, Cisco Communications Manager Express, a standard Cisco 3550 Switch, and a Cisco 3550 switch with Power-over-Ethernet. Created and managed Data and Voice VLANs, and configured ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding. Configured edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays.
• Configured Fast Ethernet main and sub-interface assignments as required for inter-vlan routing. Implemented static routes for local connectivity. Configured NTP server, DHCP server, and TFTP server for support of the VoIP network. Modification of system level parameters including max phones, max directory numbers, display format for date and time, and setting the Time-Zone.
• Integrated Unity Voicemail on the Cisco Unity Express Network Module. Configured a dial-peer on the Cisco 2811 ISR to define the attributes of the packet voice network connection to the Cisco Unity Express Network Module. Enabled call forwarding on busy or no answer. Implemented Message Waiting Indicators and Voicemail access via SMTP. Daisy-chain PCs to VoIP phones to reduce network cabling costs. Utilized PoE ports for VoIP phones to reduce power infrastructure costs.
• Administered a wireless network infrastructure providing access to wired LANs to increase mobility and productivity utilizing the following network elements: Cisco Wireless LAN Controller (WLC) 2106, a Cisco 3550 switch, a Cisco 1130AG and 1120G series Access Points. Created wireless LANs and configured interface association, security parameters, and radios used. Utilized the Wireless LAN Controllers web GUI to configure and manage the wireless network. Configured internal DHCP scopes for WLANs.
• Prepared configuration for AP registration on the same subnet as management VLAN and for AP registration on different subnet. Implemented DHCP option 43 as a discovery method for the WLC IP address. Configured AAA AP policies to allow Self Signed s for APs shipped without a Manufacturer Installed . Implemented AP Grouping to ensure WLAN SSIDs are only broadcast by the APs desired.
• Deployed active/hot standby Cisco 5520 WLC clusters in the same mobility group for high availability in order to support stateful switchover (SSO) of Access Points (APs) and clients.
• Installed and configured Cisco Aironet 3602i, 3702e/i APs in Flex Connect mode to the WLCs using the CAPWAP protocol, and Meraki MR42/MR52 APs.
• Upgraded the Cisco 5520 WLC cluster from IOS vers 8.2.110.0 to the 8.2.161.0 code in order to resolve known performance bugs, and pre-downloaded the image to 02i/3702i) APs.
• Performed IOS upgrade on the 5520 cluster from code 8.2.161.0 to 8.2.166.0 as a fix for the krack vulnerability (i.e., the attack on the WPA/WPA2 protocols, which could compromise data privacy and integrity when transmitted over a wireless connection).
• Migrated 02i/3602i/3802i APs from the standalone 5508 WLC to the 5520 active/standby WLC cluster.
• Enabled the band steering feature on the WLANs to encourage client radios that are capable of dual-band (2.4- and 5-GHz) operation to move to a less congested 5-GHz band.
• LAG enabled the 5520 WLC cluster to dynamically manage port redundancy and load balance access points transparently to the user.
• Upgraded the ASR 9912 and 9006 aggregation service routers from IOS-XR release 4.2.3 to 4.3.0, and used the cluster in network virtualization (nV) as the edge/aggregation node with the ASR 903 as the pre-agg router and the ASR 901 as the cell site router, supporting both Ethernet and E1/T1 ports. The labour saving features include: single virtual entity management; one-click software upgrades; integrated analytics offering traffic generation and reporting capabilities to reduce network care work without using an external platform.
• Segmented virtual machine (VM) networks spanning multiple virtual Ethernet modules (VEMs) and maintained connectivity between them using the following configurations: Enabled the VXLAN feature on the Cisco Nexus 1000v virtual supervisor machine (VSM), configured a port-profile for the VXLAN tunnel endpoints (VTEPs), created a VTEP VMkernel virtual interface on the VMware ESXi hosts to implement the encapsulation from the VTEP port-profile, configured the VXLANs, configured port-profiles for the VXLANs, changed the network connections for the VMs to use the correct VXLANs, and inspected the configurations on the Nexus 1000v VSM.
• Successfully recovered the Cisco Nexus 5020 switches from a forgotten password and cleared the startup configurations, implemented VSS on the Cisco 6509 switches to provide high availability and Multichassis EtherChannel (MEC) connectivity, setup a port-channel to the Nexus 2148 Fabric Extenders (FEX) to allow zero-touch provisioning and automatic configuration, and configured a virtual PortChannel (vPC) on the Cisco Nexus 5020 switches for Layer 2 and Layer 3 connectivity.
• Solution engineered two Cisco Nexus C9508 spines, two Cisco Nexus 9396PX leaves, two VMware ESXi 5.1.0 servers, a standalone bare metal server, and a Cisco ASA 5510 into the existing infrastructure using the following configurations: Setup the DMZ, vMotion, Internal and External VLANs, trunking and IP addressing on the leaf switches; Enabled PIM-SM in the transport network and EIGRP in the control plane for optimal routing of traffic and equal-cost multipathing (ECMP) in the fabric between the leaf and spine switches; Setup a vPC for server NIC teaming between the leaves; Enabled VXLAN overlays on the leaf switches to provide Layer 2 reachability over the underlying Layer 3 infrastructure; Setup secured subinterfaces on the Cisco ASA firewall appliance as default gateways for the DMZ, Internal and External VLAN web servers; Installed the Cisco Prime Data Center Network Manager (DCNM) tool to allow centralized management of all Cisco Nexus 9k switches and Cisco UCS C-Series servers.
• Integrated two data centers using the Cisco overlay transport virtualization (OTV) feature that included the following configurations: Two Cisco Nexus 7706 switches and two ASR 1013 routers as the aggregation devices in the respective data centers; Two Cisco Nexus 7009 switches and two ASR 1006 routers as the OTV devices in the respective data centers; Configured Internal Interfaces using F2e line cards to learn MAC address of the site and forward Layer 2 traffic across the sites for the VLANs that needed to be extended to remote data center locations; Configured Join Interfaces using M2 modules, as a PortChannel, to provide redundancy, source OTV encapsulated traffic and perform IP-based virtualization to send and receive overlay traffic between the sites and also advertise the reachability of MAC addresses present in the site; Configured OSPF as the control protocol to provide Layer 3 connectivity and fast convergence both within and between the two data centers; Enabled a vPC between the OTV VDCs and the aggregation VDCs in a dual-homed scenario to provide an extra layer of resiliency and bidirectional connectivity; Created site VLANs to allow OTV edge devices within each site talk to each other and determine the authoritative edge device (AED); Enabled site identifiers to harden multihoming of OTV edge devices within each site; Configured and associated the Overlay Interface on the OTV edge device with the Join Interface to provide connectivity to the physical transport network to send and receive Layer 2 frames encapsulated in IP packets; Extended the data VLANs and the OTV site VLANs; Filtered FHRP messages across the overlay to allow the extended VLANs to use their local HSRP gateway so as to optimize and localize the routing of outbound traffic flows.
• Configured routing policies and service profiles for separate levels in an organizational hierarchy using a Cisco Prime Network Services Controller version 3.2 (2a) virtual machine. These policies and profiles were applied to Cisco Cloud Service Router 1000v (CSR 1000v) version 15.4 (1)S virtual routers.
• Configured a CSR 1000v router using the Cisco IOS-XE version 03.11.00.S CLI.
• Deployed Nexus 3172PQ as distribution switches between the core VSS layer (of C6880-X-LE) and access layer (of 2960/3560/3650 ) catalyst switches.
• Set up and configured the VMware vSphere 5.5 environment comprising a management, storage, vMotion, and virtual machine (VM) data network with VMs for vCenter Server, production services (DC, DNS, AD, iSCSI, NFS, NTP), and applications. The VMs were provisioned on ESXi hypervisors running Windows Server 2012R.
• Built and deployed an IaaS cloud environment using OpenStack, and the tasks included setting up: Infrastructure services (RabbitMQ, MariaDB, Memcached); OpenStack key components (Keystone; Glance; Nova; Neutron and Horizon); Docker to create containers that host and manage all services implemented in OpenStack.
• Provisioned a Cisco Unified Computing System (UCS 5108) comprising blade servers, IO modules (Cisco UCS 2208XP, Firmware 3.1), fan units, power supply units, fabric interconnects (UCS FI 6248UP), and then used UCS Manager Ver. 2.2(5a) to build a complete service profile on the Cisco UCS Chassis that involved configuring the follwing: resource pools; service policies; isolation policies; service templates and; service profiles
• Used Ansible to deploy OpenStack compute nodes, and then installed and configured nova and neutron services on the compute nodes using the playbooks, thereafter.
• Deployed Palo Alto Networks VM-Series firewalls to provide protection, control, and visibility to applications built on the Google Cloud Platform. This entailed creating VPC networks, creating firewall rules to allow inbound access to VM instance interfaces, deploying VM-Series firewalls, and an IPSec VPN tunnel.
• Reduced cost by creating an IaaS environment using open-source OpenStack software, and increased reliability by running the service in a highly available environment using clustered databases and the HA Proxy for load balancing.
• Designed and deployed a reliable, scalable, and cost effective enterprise network infrastructure, spanning three continents, primarily based on a unified wireless communication system.
• Used the Cisco Configuration Professional (CCP) GUI to configure interfaces, passwords, hostnames, DHCP, EIGRP, and SNMP on a Cisco router, and the CCP monitoring tool to monitor traffic from that router.
• Configured the Nagios XI monitoring tool to monitor routers and switches and customized its dashboard.
• Configured SolarWinds Orion NPM and used it to monitor traffic on a network.
• Configured the Cacti tool to graph traffic from a router and to generate alerts based on a threshold traffic level.
• Used the Wireshark tool to study HTTP, telnet, and SSL traffic.
• Used PRTG Network Monitor to support SNMP, sFlow/NetFlow and Syslog protocols in collecting various statistics from machines, software and devices, and plan for network expansion.
• Used NetBrain to automate the drawing of network diagrams.
• Used Zabbix (an enterprise open source monitoring software) to monitor and track the status of various network services, servers, and other network hardware.
• Used MRTG Multi Router Traffic Grapher to monitor and measure the traffic load on network links.