SUMMARY

• A Network Professional with extensive hands on experience on the implementation, administration, and troubleshooting of complex routing & switching technologies, Network Security - Next-Gen Firewalls, Load Balancers, Wireless, and Voice solutions.
• Seeking a challenging position as a seasoned network professional in a progressive organization where I can implement my technical skills and coursework while further expanding my 8 years of expertise and knowledge.
• Extensive experience in Networking and Security, including hands-on experience in providing network installation, network integration, network support, and analysis for a broad range of LAN/WAN/MAN communication systems.
• Detailed knowledge and hands on experience in configuring and troubleshooting Layer 3 Interior Gateway Routing protocols such as Link-State routing protocols (OSPF and IS-IS), Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP), and Exterior/Path-vector routing protocol (BGP).
• Hands-on experience on implementation and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, EtherChannel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Hands on Experience on Cisco 2960, 3650, 3750, 3850, Cat 4500X, Cat 6500, Cat 6880, Cat 9k series switches in Enterprise environment. Experience Installing, configuring and troubleshooting Nexus 2k, 3K, 5K, 7K, 9K in Datacenter. Thorough with VPC, VDC and FEX.
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Addressing and Subnetting, ARP, VLSM, TCP/IP, NAT, ACL, DHCP, DNS.
• Worked on Cisco IOS for configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, BGP v4,MPLS.
• Hands-on expertise with routers Cisco 2900, 3600, 3900, ISR 4K series (4221, 4321, 4351, 4451), ISR 1002-X, and Juniper ACX, E, M, MX960 series in Core, Distribution and Edge in Data centers.
• Hands on experience in configuring and supporting site-to-site and remote access Cisco IPSec, VPN solutions using ASA/PIX firewalls, Cisco AnyConnect and VPN client.
• Experience with Palo Alto 5K series firewalls. Worked on URL Filtering, SSL Forward Proxy, SSL Decryption, APP ID, Threat ID on Palo Alto Firewalls.
• Implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Working knowledge and demonstrated experience on the PAN-OS 6, 7.1, and 8.0 versions; PA 220, PA 820, PA-2K, PA-3K and PA-5K firewalls.
• Worked on Application load balancing with Cisco ACE, F5 LTM, GTM, APM, Citrix NetScaler’s and A10 . Worked on software and Hardware load balancers. Well versed with TCP, UDP, Http/Https, SSL, tcpdump, cur and TCL scripting for iRules.
• Hands-on experience on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. Experience on Virtual Servers, Pools, Persistence, iRules, Listener IP’s, WideIP’s, SSL, HTTP and TCP headers.
• Worked on Application traffic security with WAF, F5 ASM, F5 APM for Authentication , Citrix NetScaler’s for ICA proxy, Citrix VDI, Microsoft Office 365, Azure AD, AWS, Zscaler Cloud based proxies, Cisco IronPort and Blue Coat proxies.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks. Implemented DMVPN for remote site connectivity. Experience with mGRE tunnels, NHRP, IPSEC tunnels. Experience with Junos Pulse, Cisco AnyConnect SSL VPN Solutions.
• Experience in troubleshooting, Installation of Cisco and Aruba WLAN controllers. IAP setup, SSID’S, BYOD policies, Integration with cisco ISE and Aruba Clearpass . 802.1X Authentication, EAP/PEAP , Certificate based, and MAC based Authentication rules . AP groups, ARM profiles, Anchor controllers, AP provisioning, RF, 2.4 and 5 GHz, 802.11 a, b, g, n, ac Exposure to Cisco meraki cloud .
• Hands on experience and demonstrated knowledge on Software-Defined Networking (SDN), SD-WAN. Experience with Cisco ACI on Creating VXLAN’s, VTEPS, VNID’s, EVPN, Bridge Domains, Tenants, Application profiles, Contracts etc. on ACI. Thorough understanding of Spine-Leaf Architecture.
• Exposure to multiple ticketing tools , workflows, monitoring tools that include ServiceNow, Jira, Remedy, SolarWinds, Wireshark, NetCool, Whatsup Gold, SNMP v2c and V3.
• Worked on the implementation of Domain Name Service and BIND.
• Working knowledge on Python scripting.
• Working knowledge of testing practices and troubleshooting procedures associated with network support.
• Demonstrated ability to interpret and apply regulatory standards and technical specifications.
• Abstract knowledge on the Internet of Things (IoT) and the necessary elements such as cloud computing, virtualization, and sensors to create the IoT environment.
• Excellent organizational and time management skills with the ability to set own priorities to coordinate multiple assignments with fluctuating and time-sensitive deadlines.
• Demonstrated ability to work with technical and non-technical staff to identify user requirements and translate them into technology-based solutions.
• Worked on the configuration of Microsoft Office 365 for the implementation of Office applications (Office 2016) and various collaboration tools (Outlook, Skype for Business, OneDrive, SharePoint etc.,), and other services.
• Hands on experience on the documentation and updating client’s network documentation using MS Visio.

TECHNICAL SKILLS

Network Configuration: Advanced switch/router configuration Cisco IOS access list, Route redistribution/propagation, IPv4, IPv6.

Routing Protocols: RIP, IGRP, EIGRP, OSPFv2, OSPFv3, IS-IS, BGP v4, MP-BGP

WAN Protocols: HDLC, PPP, MPLS, DS1, DS3, OC3, T1 /T3 lines, SONET OC3-OC192, SDH, POS, PDH

Circuit switched WAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).

Security/Firewall Technologies: Cisco FWSM/PIX/ASDM, Palo Alto, Cisco ASA Fire Power, Checkpoint, IDS/IPS, Blue Coat proxy server, Standard/Extended ACLs, Port Security, DHCP Snooping, IP Source Guard (IPSG).

Cisco Routers: Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki vMX 100; Juniper T4000, MX10, MX40, ACX2200, ACX5000

Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, STP, Wireshark, SolarWinds, SNMP

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)

Layer 2 technology: VLAN, VXLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)

Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Switches: Cisco Catalyst 3650, 3850, 6500, 6880, 9k series; Nexus 2k, 3k, 5k, 7k, 9k; Juniper EX3300, EX4600, EX4300, EX3400

Load Balancers: F5 LTM, GTM, BIG-IP, iRules

Wireless: Cisco Meraki wireless Access points (MX-65, MX-64, MS-225-48PS, MS-220-48PS, MR-42), Aruba Access points 200, 207,300,320, Wireless controllers 7280, 7240, Cisco Wireless controller 5508 and Cisco Aironet 3700 series.

Network Management and Monitoring: Wireshark, Infoblox, Cisco Prime, Security Device Manager (SDM), CiscoWorks; TCP Dump and Sniffer; SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM).

Cloud Computing and Automation: AWS, Microsoft Azure, Cisco Meraki, C++, Python scripting, Ansible, Cloud Migration

Operating Systems: Cisco IOS, JunOS, Microsoft XP/Vista/7, Windows Servers 2003/2008, Windows MS-Office, Microsoft project server 2013, MacOS, Linux (Kali, RedHat, Ubuntu)

PROFESSIONAL EXPERIENCE

Confidential, Minneapolis, MN

Sr. Network Engineer

Responsibilities:

• Design, Deployment, Installation, Configuration, and Upgrading the Cisco ISR routers, Catalyst & Nexus switches.
• Responsible for the conversion of Atrium Health’s sites from MetroEthernet (MetroE) to MultiProtocol Label Switching (MPLS) technology.
• Implementation of the routing protocols BGP (EBGP, IBGP) and EIGRP to enable MPLS on the sites.
• Worked extensively on the Cisco2821, Cisco2921, Cisco3925, Cisco ISR 4K series routers.
• Worked extensively on the Cisco Catalyst 3560, Catalyst 3650, Catalyst 4500-X series, Catalyst 6500 series, Catalyst 9200, Catalyst 9300, and Catalyst 9500 series.
• Responsible for replacing the End-of-Life support switches such as Catalyst 3560, 3650, 3850 series with Cisco Catalyst 9300, 9500 series switches.
• Responsible for replacing the End-of-Life support routers such as Cisco2821, 2921, 3925 routers with the Cisco ISR 4K series routers, Cisco ASR routers.
• Performed testing on the Ciena & Cisco MPLS circuits through GNS3 to validate functioning before going-live with the MPLS conversion.
• Responsible for preparing the test scripts to evaluate the MPLS circuits on GNS3.
• Worked on the design of BGP features such as Route-filtering, AS-Path filtering to manipulate the traffic path in the MPLS-BGP. Migrated the sites from OSPF to MPLS-BGP.
• Worked on OSPF and implemented successful migration from OSPF to EIGRP for internal routing.
• Responsible for License upgrading on the devices and maintained network performance.
• Responsible for documentation of the MetroEthernet to MPLS conversion procedures.
• Implemented Quality of Service (QoS) Policy-maps, Class-maps to segregate and provide better data transmission within the enterprise network.
• Participated actively in proof of concept projects implementation which included storage and backup solutions from private cloud providers Amazon AWS & Microsoft Azure.
• Worked on Cisco Meraki switching and wireless LAN.
• Worked on the installation of Meraki MR42E and MR53 wireless access points for the cloud management.
• Experience in troubleshooting, Installation of Cisco and Aruba WLAN controllers.
• Worked along with wireless team on the integration of Cisco ISE with Wireless LAN controllers and Active Directory.
• Worked with the team on the creation of policies on Cisco ISE for Endpoint profiling.
• Procure network equipment for the devices that are at the End-of-Life support and planning the scheduled upgrades.
• Responsible for recommending Industry best practices for the network implementation and management.
• Coordinate and work with the Internet Service Providers (ISPs) for successful migration to the MPLS technology.
• Assisted Network team in the installation of Spine (Nexus 9500 series) switches and leaf (Nexus 9300 series) switches to create ACI environment.
• Creating the signatures and prevent the security attacks on Palo Alto, CISCO ASA and Fortinet devices.
• Experience converting Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
• Implemented Zone Based Firewalls and Security Rules on the Palo Alto Firewall. Exposure to wildfire feature of Palo Alto. Supported Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management and complex customer issues.
• Responsible for the creation of Tenant Networking and Tenant Policies as part of the ACI architecture.
• Performed network monitoring and analysis through the SolarWinds monitoring tool and WireShark.

Environment: Cisco ASR1002-HX, Cisco ISR 4451/4351/4321/4221 , MPLS-BGP, Nexus 9504/9508, Nexus 93600CD-GX, ACI, Ciena 3903/3930/6500 , Cisco ME-3600X, Cisco Catalyst 6500 series/9k switches, BGP, OSPF, EIGRP, GNS3, Microsoft Visio, MetroEthernet.

Confidential, Minneapolis, MN

Senior Network Engineer

Responsibilities:

• Working Knowledge and demonstrated experience on the Cisco, and Alcatel-lucent equipment in an enterprise environment.
• Worked on the configuration and installation of Cisco Nexus 3k, 5k, and 7k series switches.
• Worked on the configuration of vPC (Virtual Port Channel), VDC (Virtual Device Context), FCOE in Nexus 5k and 7k series switches.
• Experience with the configuration of Nexus 2000 Fabric Extender (FEX) for the Nexus 5k to connect servers and storage devices.
• Worked on the configuration of Cisco 6500 VSS in Distribution layer of the Data center network.
• Worked and responsible for managing VPN systems for site-to-site and remote access.
• Worked on the installation and configuration of Cisco ISR 800, 1000 series and ASR 1000 series routers.
• Working knowledge and demonstrated experience on the implementation of Quality of Service (QoS) through Shaping, Policing, Diffserv, Priority Queuing, QoS Tools, and QoS Algorithms.
• Worked on the automation framework using Python scripting.
• Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
• Worked on the URL filtering and upgradation of Palo Alto firewall from PAN-OS 7.1 to PAN-OS 8.0.
• Worked on the configuration of DMZ, PAT, SSL Encryption, App-IDs on the Palo Alto firewall.
• Worked on the migration from Cisco PIX and ASA to the Palo Alto firewall and the configuration of User-ID’s, App-ID’s, SSL Decryption, URL Filtering, Policies, Zone Protection, High Availability, and Certification Management.
• Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network.
• Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper MX-960 routers and cisco ASR routers.
• Worked on the Inflobox DNS Traffic control, DHCP, and IPAM for the Network control; Worked on the implementation of Domain Name Service.
• Worked on Infoblox to update the DNS host and A records to assist the part of the migration.
• Worked on upgrading Palo Alto Firewalls, Cisco Routers, Nexus Switches, and Bluecoat proxy devices.
• Security configuration on Wireless LAN using protocols PEAP, EAP-FAST.
• Assigning RADIUS and TACAS for new deployments in production environment. AAA for users to implement changes on production devices
• Play a key role in the company’s direction towards Cloud Computing platforms by creating a strategy for transition plans. Azure AD and AWS, Office 365.
• Assisted team in rolling-out Cisco Identity Services Engine (ISE) for network administration & admission control.
• Involved in configuring ISE endpoint profiling policies and enforcing them in the network.
• Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPSEC.
• Maintain, Upgrade, and Implement improvements to the VMware ESXi infrastructure.
• Great exposure to SDN and network virtualization technologies like Cisco ACI.
• Migrated VMs across hosts within a HA cluster to perform maintenance tasks on ESXi hosts.
• Deployed VMs from Templates and customized the necessary configurations.
• Created clones from existing VMs and worked on migration of VMs during the server upgrade.
• Experience in Cisco Unified Communication Manager (CUCM), Call Manager Express (CME), Cisco Unity Connection (CUC), Unified Contact Center Express (UCCX), Unified Contact Center Enterprise (UCCE), IM and Presence, SRST and Voice Gateways.
• Manage operational monitoring of equipment capacity/utilization and evaluate the need for upgrades; develop methods for gathering data needed to monitor hardware, software, and communications network performance.
• Worked towards the key areas of the project to meet SLA’s and to ensure business continuity. Involved in meetings with engineering teams to prepare the configurations according to the requirement.
• Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
• Creating change tickets according to the scheduled network changes and implementing the changes.

Environment: Cisco 2k, 3k, 5k, 7k series; Catalyst 2960, 3650, 3850 series switches; ISR 800/1000 series, ASR 1000 series, 3600/2800 routers, Alcatel-lucent, Red Hat Enterprise Linux, SDN, EIGRP, BGP, DMVPN, SSL VPN, Cisco Meraki, Cisco ACI, Cisco ISE, EtherChannel, VMware ESXi.

Confidential, Austin, TX

Senior Network Engineer

Responsibilities:

• Worked on 2900, 3900, 7613 Routers, implemented OSPF and BGP and performed route filtering and route manipulation by applying distribute-lists, route-maps & offset lists.
• Translating Cisco IOS Route maps to Cisco IOS XR Routing policies .
• Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.
• Upgrading the IOS on the ASA 5550, 5585 and have done IOS upgrades on Cisco routers and switches.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 3550, 3750, 5000, 6500 Series switches.
• Mutual redistribution of OSPF and BGP routes using route maps for WAN optimization.
• Configuring VLAN, STP, VSTP, SNMP on EX series switches.
• Working Knowledge and demonstrated experience with the Cisco Firepower Next Generation Firewall (NGFW).
• Worked on the configuration of VPN tunnels for the DMVPN and remote access on the Cisco ASA firewall.
• Worked on the configuration of QoS, URL filtering, and other features on the Cisco ASA firewalls.
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
• Experience working with migration from 4500 series devices to 6500 Series switches in Campus deployments at Core and Distribution Layers.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
• Provided tier 3 support for Check Point and Cisco ASA Firewalls to support customers, Backup and restore of checkpoint and Cisco ASA Firewall policies.
• Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
• Worked with team on the migration from Citrix NetScaler to F5 Load Balancer.
• Experience in the deployment & Troubleshooting F5 Load Balancer Includes BIGIP Series 5050V, 10000V, 8900, 6900, and 3900.
• Experience on F5 BIG-IP LTM 11.2, F5 BIG-IP GTM, F5 BIG-IP APM and F5 BIG-IP ASM and configuring virtual server and load balancing in F5 Networks BIG-IP LTM.
• Worked on F5 Load Balancer for managing F5 LTM Application Load Balancing.
• Worked on the implementation of Inflobox DNS, DHCP, and IPAM (DDI) for the network.
• Assisted Voice team in the configuration of Cisco Unified Communications Manager (CUCM).
• Hands on experience with the working of protocols such as SIP, RTP, RTSP, IGMP, and IP Multicast for supporting the Voice, Data, and Video networks.
• Assisted the networking team on the installation of 7800, 6900, and 3900 series IP phones.
• Moved Core switches and several non-Cisco devices under strict deadlines without com
• Worked with several network engineers for the understanding of Juniper SRX firewalls along with the changeover to Palo Alto. Palo Alto Firewall Management-Panorama. promising the existing parameters to maintain network functionality
• Upgrading system images on Nexus 5k and 7k multi-layer switches using kick start and FTP server.
• Worked on the configuration of BGP and advertisement of routes to the ISP network.

Environment: Cisco Router 7613, Cisco Switch 6500, Nexus 2K, 5K, 7K, RIP, OSPF, BGP, EIGRP, VLAN, MPLS, 802.1x, Cisco ASA 5550/5585, Cisco ASA FirePower, Inflobox, SDN, Blue Coat Proxy, PIX Firewall, F5 Load Balancer 6400/6800, F5 Load Balancer, BIG-IP, LTM, GTM.

Confidential, Englewood, CO

Network Engineer

Responsibilities:

• Responsible for entire LAN and WAN maintenance and troubleshooting of the company network. Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements.
• Worked on OSPF using features like TSA, SA, NSSA and route summarization. Configured EBGP/IBGP policies also tested BGP attributes such as Local preference, MED, AS-PATH, Community and Weight
• Configured Virtual-link between dis-contiguous backbone areas in the network.
• Configured and worked on VRFs on the CE to support MPLS L3 VPNs. The work also involved fixing MPLS based circuits to effectively resolve communication issues.
• Building configurations for Cisco 6500(sup 720), 4500(sup 6) & 3750 catalyst switches with features like port security, VLANS, VTP, PVST+.
• Creating ACL policies for Cisco 5540 ASA firewall with access control to NAT and object grouping functions.
• Worked on F5 BIG-IP LTM, configured profiles provided and ensured high availability.
• Designed WAN structure to prevent single point of failure in case of link failure.
• Worked with Nexus 6001T switch which is used for low- port-to-port latency in the data center using cut-through feature architecture. And configured VPC+ on these switches along with Nexus 2200 Fabric extenders.
• Worked on OTV to extend L2 VLANs between data centers over IP on Nexus 7018 switches.
• Experience working with network monitoring applications (SolarWinds).
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Handoffs.
• Worked on IPAM; IP allocation & Maintenance for users and end devices.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues.
• Assisted in the installation and configuration of firewalls.
• Working knowledge and demonstrated experience on the Check Point Firewall and its configuration.
• Assisted on maintaining and monitoring SAN and associated modules.
• Been part of level 2 LAN / Migration/Integration support.
• Worked on the iRules and F5 Application Security Manager implementation.
• Performed Cisco Switching (Layer 2 & 3), Configuration/IMAC Changes (Cisco 2960/3560/3750/3850/4500/6500/ Nexus 5K).
• Managed VMware, Windows Server 2008, Active Directory and Microsoft's SMS 2008.
• Familiar with Cisco Wireless (5508/2504 Controllers, 1200/2600 Access Points)
• Performed configuration of voice VLANs, Moves/Adds/Changes.
• Documentation of Network Topology Changes/Visio Drawings.
• Basic Cisco VoIP Support (Call Manager/Unity 8.6.2 etc.) Moves/Adds/Changes.

Environment: Cisco 6500/4500/3750/2960/6500 , Cisco wireless 5508/2504 controllers, Check Point Firewall, 1200/2600 Access Points

Confidential, San Francisco, CA

Network Engineer

Responsibilities:

• Experienced in working with ASR 9000 series switches with IOS-XR.
• Configuring various advanced features (Profiles, monitors, IRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Maintenance of existing Splunk infrastructure on Solaris platforms and setting up unique environment on Linux VM's in development and testing the existing apps after migrated from existing Splunk Infrastructure.
• Coordinating all application teams to migrate the Splunk Forwarders to new Splunk environment.
• Created and configured management reports and dashboards in Splunk for application log monitoring.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
• Performed working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher (RD), Route Target (RT), Label Distribution Protocol (LDP) and MP-BGP.
• Involved in working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
• Configured LAN protocols like VSS, STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts.
• Worked on Juniper MX 480, MX960. Implementation, configuration and support of Checkpoint and ASA firewalls for multiple clients.
• Played a vital role in migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version. Responsible for Cisco ASA firewall administration across our global networks.
• Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies.
• Expertise with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
• Rebuilding data centers and redundant sites for failover, F5 load balancers.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports.
• Acting as a tier 3 technical support engineer for all Juniper Screen OS and Jun OS-based SRX.
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480 and M Series, SRX210 and SRX240.
• Implement and configured VRRP/GLBP (on distro/core switching), HSRP on different location of office on the switched network and managing the entire multilayer switched network
• Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, Tuning (Configuration), make standardization for the topology Configured, installed, and managed DHCP, DNS, and WINS servers

Environment: Cisco 2960/3550/3750 switches and Cisco 1200/7200/3845/2800 routers, LAN, WAN, VPN