SUMMARY

• Network Engineer & Security Analyst with 4+ years of working experience in Network Infrastructure, Security which includes designing, deployment and providing network support, installation and analysis for a broad range of LAN/ WAN protocols, routing, switching, Firewalls, WLAN, Application Delivery controllers and VOIP.
• Highly dedicated and experienced Network Engineer worked with companies that have global presence and vast environments. Performed multiple roles from operations to Design from legacy to latest technologies. Expert in Routing, Switching, Firewalls, Load balancers, wireless and VOIP.
• Excellent hands on experience in configuring Cisco Nexus 2248T, 2224T, 5548P, 5596T, 7010, 7018, 7710 switches. Also, implemented VDC and VPC on the Nexus 5505, 7010, 7710 switches.
• Configured 7010's with multiple VDC's running EIGRP for route propagation between them. Installed dual router/dual MPLS. Migration experience from Cisco ACS to ISE for Wired and Wireless infrastructure. Expert in 802.1x.
• Hands - on experience in implementing and troubleshooting Switch technologies such as STP, VTP, VSS, MEC, LACP, EtherChannel, HSRP, VRRP, 802.1q, VLAN and MPLS and QOS.
• Experience in configuring, designing and troubleshooting routing protocols that includes OSPF, EIGRP, BGP and IS-IS, route redistribution, policy-based routing. Basic understanding of EVPN, VXLAN, VTEPS, MP-BGP and Spine Leaf Architecture.
• Experience in design, Deploying & Troubleshooting F5 Load Balancer Includes BIG-IP modules that includes LTM, GTM, APM and ASM. Expert in Virtual servers, Pools, iRules scripting in TCL, profiles, persistence, SNAT, monitors, wideIP’s, zones, listener IP, one arm and two arm architectures on F5.
• Virtualization Experience: VMware Workstation, vCenter server, NSX, VMotion, vSphere, ESXi hypervisor. Experiences in Deploying & Troubleshooting policy management on Web Proxies.
• Experiences dealing with OS upgrading/Patching for various vendors like F5 (TMOS), CISCO (IOS, NX-OS), PANOS, JUNOS, Web sense, Bluecoat and MWG.
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Proficient in implementing Security policies like NAT, PAT & Access lists.
• Hands-on experience in deploying Frame-relay, GRE tunnels, Remote Access VPN and Site-to-Site VPN. Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall. Exposure to wild fire feature of Palo Alto.
• Experience in migrating Cisco ASA Devices to Checkpoint and Palo Alto using migration tool for the existing security policies.
• Implementing security Solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20 Gaia and Provider-1/MDM.
• Worked on Cisco and Aruba WLAN. Configured AP groups, AP profiles, SSID’s, Authentication rules, RTLS, RF parameters etc.
• Extensively used the packet capture tools like TCP dump, Wireshark and snoop on the devices to identify the potential network issues.

TECHNICAL SKILLS

Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP.

Networking Hardware: Cisco Switches, Cisco Routers, F5, PA, Checkpoint, Juniper, Aruba.

Routing Protocols: OSPF, IGRP, EIGRP, MPLS, BGP.

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat.

Network Monitoring: Cisco Works 2000, Wireshark, Harping.

Operating Systems: Windows, LINUX.

Routers: CISCO 2600, 2800,3600,3800,7200, Juniper M & T Series, Cisco CRS-1, CRS -3, GSR.

Load Balancers: F5 Networks (BIG-IP), NetScaler, ACE.

Switches: CISCO 2960, 3750, 3850, 4500,5000,6500, Cat 9300, Nexus 9k,7k,5k,2k

Firewalls: Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway, Palo Alto firewalls.

AAA Architecture: TACACS+, RADIUS, Cisco ACS, ISE.

Features & Services: IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics.

PROFESSIONAL EXPERIENCE

Confidential, Naperville, IL

Network Engineer

Responsibilities:

• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance, troubleshooting etc.).
• Configured network using routing protocols such as BGP, EIGRP, OSPF and troubleshooting L2/ L3 issues . Configuring Switches with: VLANs, VTP, STP, PORT SECURITY using 802.1X for MAC based and Cert based Authentications for Wireless and Wired users.
• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols. OSPF, IGRP, EIGRP, Static and default route.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700, 3850 series, 6500 series) Cisco Routers (4300, 4400, 4500,4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), and Firewalls, Nexus 7k, 5k & 2k, f5 BIG IP, ASA, Palo Alto Firewalls.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls. Experience with F5 load balancers - LTM, series like 6400, 6800, 5000 and 2000.
• Monitoring Traffic and Connections in Palo Alto and ASA Firewall. Backup and restore of Palo Alto and Cisco ASA Firewall policies.
• Implemented zone-based firewalling and security rules on the Palo Alto Firewall. Experience with convert Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Palo Alto and Cisco ASA VPN experience.
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Implementation of advanced routing configuration using BGP, EIGRP, and OSPF protocols as well as static routing, policy-based routing, VRFs, access lists, prefix lists, route maps, redistribution, and quality of service.
• Designed, built, and deployed F5 Big IP load balancers (8900’s, Viprions, Blades), F5 Big IP LTM Local Traffic Manager, F5 DNS Domain Name Services and ASM. F5 Big-IP iRules programming and troubleshooting.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• Deploy, configure, and support Aruba wireless controller and AP devices globally, also a direct escalation path for all wireless issues.
• Enterprise and Public Safety Wireless LAN/WAN (802.11, Mesh).

Confidential, Charlotte, NC

Network Engineer

Responsibilities:

• Hands on experience with Catalyst L3 switches and Cisco Nexus switches: 2232, 2248, 5548, 6001 and 7018.
• Creating and managing domains, preparing disaster recovery strategies, offering technical support to users, upgrading software, and handling user accounts.
• Operated in Administration of L2 technologies like VLANs, VTP, Trunking, RPVST, Inter-VLAN routing, Ether channeling, and Switch port Security on Access Layer switches.
• WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP address.
• Configured and maintained OSPF, EIGRP, RIP and BGP on Cisco routers.
• Creating BGP multi-homed network using BGP attributes like AS-PATH, MED and local-preference as per the environment.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls. Worked on SSL forward Proxy and SSL decryption on PA.
• Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x.
• Configuring the 3700 Access point and 5508 Wireless LAN Controller and Monitoring them by adding to the Cisco Prime Infrastructure.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Configuring High Availability using Cluster XL in Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
• Possess experience as an architect in deploying and managing security solutions like Cisco ISE and ACS.
• Designed and deployed a Cisco Identity Services Engine (ISE) solution (wired, wireless, and VPN users) for a commercial client with converged access switches and ASA firewalls.
• Maintained TACACS+/RADIUS Servers for AAA authentication and User authentication.
• Provided VPN services to site-to-site and, Remote access VPNs using IPSec tunneling.
• Provided hands-on support for environment including on-call support for switches, routers and servers. Used SolarWinds, Infoblox, DHCP, DNS to troubleshoot issues.
• Implemented VPC (Virtual Port channel), VDC and Fabric path on Nexus 7K Switches.
• Configuring policies on ASM using manual policy enforcement and auto policy enforcement with F5 ASM, LTM, and APM.
• Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.
• Deployed, Managed, monitored and supported Bluecoat Proxy for content filtering, internet access between sites and VPN client users, forward proxy scenario and reverse proxy scenario for security and worked on adding URL’s in Bluecoat Proxy SG’s for URL filtering.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.

Confidential, Cliffwood, NJ

Network Operations Engineer

Responsibilities:

• Responsibilities included taking care of the IP Addressing in the organization which included designing new subnets based on the requirements.
• Involved in implementing & Designing the switched network. Configured STP, VTP and dot.1q in switching network.
• Created VLAN & Inter-VLAN Routing with Multilayer Switching.
• Configured and Maintained TACACS for AAA. LAN Cabling in compliance of CAT5 standards.
• Assisted in Troubleshooting LAN connectivity and hardware issues in the network of 100+ hosts.
• Maintained Redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Performed RIP, OSPF, EIGRP routing protocol administration.
• Learned and tested various BGP parameters like Local Preference, MED, Weight, and replicated customer issues in the Lab environment.
• Involved in monitoring the performance of the network, thereby identifying the bottlenecks in the network, troubleshooting the connectivity problems using Ping, Traceroute, and Telnet.
• Involved in troubleshooting IP addressing issues and Upgrading IOS images using TFTP.