SUMMARY

• 9 years of professional experience in Planning, Implementing, Configuring, Troubleshooting of networking system on both Cisco and Juniper Networks.
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing systems like remedy and Magic.
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500 Switches
• Worked on MX - 80, MX-480, SRX-100, SRX-110, SRX-550 and EX-4200 Juniper devices
• Strong knowledge of VMware vSphere administration within Cisco Unified Computing System environment VMware administration experience with vcloud and Hyper-V
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration
• Helped design and build out a very large 100G Layer3 Leaf & Spine architecture (eBGP) using Arista switches to support the network consolidation in the new data center.
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks
• Worked on escalations and activates new turn up for new clients and advance troubleshooting for the sdwan deployment in both ISP and network infrastructure on both versa and cisco viptela SDWAN Solution
• Experience with designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP.
• Worked with Server load-balancing utilizing F5 LTM-Big IP, including APM, ASM and viprion device modules.
• Good understanding of SNMP, IP SLA and Network Monitoring with experience in tools like SolarWinds, Infoblox, WhatsupGold, Cisco Prime.
• Installed and implemented & troubleshoot the Network Virtualization through VM Ware and NSX .
• Configure, Manage, Analyze, and Optimize Network Performance, Traffic, SDWAN, VPNs, Security, Firewalls, & Policies.
• Build out, configure and install access layer switches and distribution layer switches and routers. Examples of the equipment configured and maintained are Cisco, Nexus, Extreme, Juniper, ASR and Arista . These upgrades or new build outs would include both layer 2 and layer 3 switches and routers.
• Understanding of SDN/ NFV ecosystem SDN controller, ONF, ETSI NFV, Open daylight, Open stack .
• Hands-on experience in using network stimulator tools like OPNET, Solarwinds Orion
• Experience deploying BIG-IP F5 LTM, GTM Load Balancers for load balancing and traffic management of application
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts
• Experience in Network Management Tools and sniffers like SNMP, Wireshark and Cisco works to support 24 x 7 Network Operation Center
• Experience working with network Automation using Python
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS,VOIP-Cisco Call Manager installing and configuring proxies
• Access control server configuration for RADIUS & TACACS+
• Hands-on experience using Cisco Virtual Switching System (VSS)
• Knowledge of advanced technologies like Multicasting, MPLS and MPLS-VPN
• Good knowledge on Riverbed Virtual Services Platform (VSP ) and Big-IP F5 Load balancers
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Configuration automation of the network stack from system to access to core services and Test validate existing network state using Ansible
• Strong knowledge of API design such as Netconf, RESTful API as well as configuration management tools such as CHEF, Ansible
• Hands-on Experience with CISCO Nexus 9000,7000, Nexus 5000, and Nexus 2000 platforms
• Knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques
• Good knowledge on) VLAN Trunk Protocol (VTP)
• Design, configure, and implement LAN/WAN networking solutions for mid-sized to enterprise-level client
• Conduct Wireless RF Surveys and document results
• Develop comprehensive project-based System Designs, Network Diagrams, Migration Plans, and Test plan
• Hands on experience with integrating these security tools with the monitoring tools Good
• Hands on experience on Illumio VEN, PCE, Architecture Illumio Administration, Configuration, Rule set creations, policy fine tuning, in-line mode implementations and reporting of Endpoin Security
• Effectively communicate with internal Account Executives and potential clients to assess and make solution
• Develop Bills of Materials (BOMs) and technical Statements of Work (SOWs)
• Great team player and able to work under pressure
• Worked on Cisco catalyst switches (9410, 9300) series, Nexus (2k, 5k, 7k& 9K) series, FortiSwitch (1048D/ 3032D) and Juniper (EX2300/ EX3400).
• Worked in the area of Virtualization with VMware VSphere 5.1 and 5.5, 6.0, ESXi 6.0, 5.5, 5.1, vCenter server 6.0, 5.5 and 5.2.
• Worked on Cisco Nexus 9K family of switches whose hardware is based on Cisco ACI.
• Hands on Experience with Cisco Wireless Controllers 5500's and 2500's and coming to access points, worked on 3700's, 3500's and 1142 access points.
• Designed, configured, implemented site-site VPN on Cisco ASA 5500 firewall.
• Very good understanding with experience on Network Security technology (Firewalls Checkpoint & Juniper, VPN) and Network Security monitoring tool (Nagios, Cacti),Log analyzer and Splunk .
• Experience with Cisco Wireless technologies including Wireless Control Systems (WCS), Wireless LAN Controllers (WLC),Primes Infrastructure, Meraki Cloud 802.11AC System and Aerohives system.

TECHNICAL SKILLS

Routing Protocols: RIPv1, RIPv2, BGP, OSPF, IS-IS, IGRP, EIGRP

Security: Cisco ASA, Check point, Juniper SRX, Palo Alto, Cisco ACISwitches: Cisco Catalyst 2960, 3500, 3750, 3850, 4500, 4900, 6500, Nexus 9K, 7K, 5K and 2K series, ASA 5506-K9 with Firepower

Routers: Cisco 2800, 2900, 3800, 3900, 7200 and 7600 series routers, Juniper M & T Series

L2 Switching: VLAN, VTP, STP, Dot1Q, RSTP, DTP, PVST and MST

L3 Switching: Ether channels, HSRP, GLBP

Communication Protocols: TCP/IP, UDP, DHCP, DNP, ICMP, OSPF, DNS, MPLS,VPN/VRF, SNMP, ARP, RARP, PPP

WAN: Frame Relay, ATM, T1, T3, OC3, OCX, OC48, MPLS VPN

Physical: Ethernet, Fast Ethernet, Gigabit Ethernet, Serial

Network Management Tools: MRTG, HP Open view, Cisco WAN manager and Cisco works

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Tools: Wireshark, VMware, tcpdump, Splunk

Operating System: DOS, Windows XP, Vista/7/8/10, Cisco IOS, Linux, Mac OS

PROFESSIONAL EXPERIENCE

Confidential, Lancaster, PA

Sr.Network Engineer

Responsibilities:

• Installed and configured Juniper SRX-550 series firewall and configured remote access IPSEC VPN on these devices.
• Experienced in implementing and managing F5 BIG-IP load balancing, including APM, ASM, and custom iRule development.
• Deploying and managing SD-WAN solutions(Viptela, Citrix) for large-scale enterprises
• Experience with configuring FCOE using Cisco nexus 5548 Part of the New Product development team and responsible for User Acceptance Testing (UAT), SDWAN, Viptela, Versa, Meraki.
• Used packet analysis tools such as Wireshark and Tcpdump in order to troubleshoot and solve network connectivity issues
• Design and configuring of OSPF, BGP on Juniper Routers (MX960) and SRX Firewalls (SRX240)
• Convert campus WAN links from point to point to MPLS and to convert encryption from IP Sec /GRE to Get VPN
• Providing technical support and solutions for the wireless products of Cisco. Experienced to Implementation of Cisco ISE and the Migration from old ACS to Cisco ISE Environment.
• Exposure to native cloud security solutions such Zscaler cloud FW, Illumio ASP, AVI Networks
• Deployed Arista network equipment's like 7508, 7304,spine switches 7280, VXLAN, LANZ
• Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Installation of new firewalls as well as perform in place upgrades. Hardening the Fortinet and Check Point firewalls before moving them to Production
• Implement and maintain ITIL standards including Change Management, CMDB, Service Catalog, Problem Management, and Incident Management.
• Experience with Cisco ISE, ACS, NAC, Radius, Tacacs for AAA, Network Access-control, Profiling, Posturing
• Deploying and troubleshooting internetworking such as eBGP/iBGP, OSPF, EIGRP, VPC, OTV, Cisco Fabric Extender (FEX), STP, VLAN, MPLS - VPN, DMVPN.
• Resolved networking trouble tickets using various monitoring tools, Wireshark and TCPdump.
• Integrating Symantec DCS with NSX, providing server hardening.
• Experience working on Cloud Computing Virtualization using VMware Six 4.0 and Windows Hyper-V.
• Configured, installed, & managed DHCP,IP Subnetting, DNS, & WINS servers
• Used Network monitoring tool Solarwinds to detect and block security threats, manage device configurations and track changes, automate software updates to server and workstations and perform endpoint device tracking and switch port usage.
• Provide ISE deployment services for migration of users from Cisco NAC to Cisco ISE platform for the following locations.
• Implementing, and support the F5 BIG-IP infrastructure included LTM, GTM, APM, ASM
• Implemented l4/l7 services and network Micro segmentation using ASA, Palo alto virtual firewalls and integration with ACI fabric and Arista VXLAN fabric.
• Collected requirements from the client and selecting appropriate AWS service with required capacity and to design and deploy applications based on given requirements
• Provide NSX Micro-Segmentation Security for ASW Data Center.
• Addressed technical issues and questions regarding Cisco ISE including troubleshooting and feature changes and modifications.
• Migrating 755+ devices to cisco ISE Including cisco ASA, cisco router 2900, nexus, Meraki MX00 wireless controllers 5500 2500 series.
• Experience with Deployment and administration of Cisco ISE for NAC, AAA. This involves setup of Policy Elements, AV definitions, Profiling of Endpoints. End point compliance-posturing.
• Perform technical problem resolution including analysis, trouble isolation, and repair on SDWAN devices.
• Deploying and troubleshooting internetworking such as eBGP/iBGP, OSPF, EIGRP, VPC, OTV, Cisco Fabric Extender (FEX), STP, VLAN, MPLS - VPN, DMVPN.
• Worked with VM segmentation ( VMware NSX, Illumio, vArmour, GuardiCore), Firewall management and auditing (FireMon, Tufin, AlgoSec, RedSeal, Skybox, etc.) Sandboxing and Analytics (FireEye, Damballa, Check Point, Fortinet, Palo Alto) Network packet brokers (Gigamon, IXIA, NetScout)
• Deployed leaf and spine network on CISCO and Arista Switches.
• Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
• Worked on assessment and the finalization of the detailed designs and provided a design document for the Implementation of Cisco ISE and the Migration of Wireless and TACACs to ISE.
• IDS, IPS Foundry / F5 Load Balancers, and Blue Coat Packet Shaper systems. Deployed CISCO ACI Greenfield and Migrated from Legacy network.
• Maintained BIG IP F5 configuration for modules LTM, ASM, APM and future GTM.
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Used security groups, network ACL’s, internet gateways and route tables to ensure a secure zone for organization in AWS public cloud.
• Provide VoIP platform wide support ranging from End User issues, interbank connectivity issues to PSTN connectivity issues.
• Created different application policies in the ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Subjects, and Filters & Labels.
• Helping the cloud architecture with next steps on proof of concept with AWS, Open stack, MS Azure, CISCO ACI, Juniper Contrail SDN/ NFV. Selecting the appropriate AWS stack
• Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools
• Activates and Deploy SDWAN appliances for customers on MPLS circuit and DIA circuit and able to get it running on MPLS VR, INTERNET VR and LAN VR of various customers in accordance to their network design with BGP, OSPF, RTP, SIP, and other protocols
• Involved in the Migration of policy from Cisco ASA firewall into Juniper SRX’s
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to headquarters, remote site offices and VPN client users
• Worked on site to site VPNs Implementations, providing support for Checkpoint R77.40 with Gaia. Worked with the Info security team to closely monitor threats, incident handling, working with the network administration team to provide them with the remediation steps.
• Experience with SDN/NFV technologies including Open Stack Neutron, VM ware NSX, Open flow, Open daylight, Open v Switch, Open Contrail, or Cisco ACI.
• Worked with VMware and Flex team for Configuring and installing Dell Power Connect switch 5548 and increasing their Bandwidth Usage.
• Provided remote technical support to global customers for Application Delivery Controllers, including both Brocade's ServerIron hardware and virtual server load balancers, also including the Virtual Traffic Manager (formerly Riverbed vTM, now Pulse Secure vTM).
• Provided engineering support and technical assistance by ensuring the Cisco ISE server is correctly installed and licenses are applied.
• Responsible Implementing NAT solution's on WAN applications with Cisco ASA based solution.
• Installed in Few Types of firewalls Checkpoint (Standalone & Distributed), Cisco ASA with Firepower, Sophos XG, Cyberoam. Incorporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-protocol Label Switching (MPLS)
• Update customer networks by configuring routers, switches, and incorporate the SDWAN into the network design.
• Implemented antivirus and web filtering on Juniper SRX 550 at the web server.
• Worked extensively in Configuring, Monitoring and Troubleshooting Juniper and Palo alto Security appliances
• Supporting and managing two internet Gigaman, five points to point Gigaman, nine endpoint Opti-Man, 13 AVPN point and 1000+ MPLS cloud services.
• Deploy, maintain and troubleshoot VDI using VMware Horizon 6 and 7
• Designing and implementing services using Cisco, Arista, Dell and Fortigate equipment (HA, VPN, firewalls, EVPN etc.)
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Worked on wild fire advanced malware detection using IPS feature of Palo Alto Firewalls.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution. Implementation and Configuration ( Profiles, I Rules) of F5 Viprion 4450 and 4480 load balancers

Confidential, Chicago, IL

SR Network Engineer

Responsibilities :

• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• Firewall Policy Provisioning and troubleshooting firewall connectivity related issues using Fortinet Manager.
• Responsible for operating and maintaining Illumio endpoint security solutions
• Develop/capture/document architectural best practices for building systems on AWS.
• Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Troubleshooting path control by checking ACLs, Prefix-List, Vlan-access-list, Distribute-list, Route-Map and analyzing the traffic flow by using packet capture feature ( Wireshark)
• Provided full visibility and notification of authorized and unauthorized network access with integration of CISCO ASA/FWSM and NAC solution.
• CS 5.6 migration into Cisco ISE 2.1 due to the functional gap
• Migrating 4000+ UDN (Utility device Network ) to cisco ISE in the first phase of the project. Second phase is to migrate 6000+ ODN (Operation device Network) to ISE
• Working as a Network SME for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus. Working with Cisco Account team onsite for creating and testing the POC
• Participated in the installation, configuration, and post-installation daily operational tasks and configuration of the deployment of Cisco Nexus equipment
• Designed 10/40-gigabit networks using Cisco Nexus 9000 series switches, and Cisco 3800 series routers.
• Experience in developing cloud strategies, roadmaps, architecting (hands-on) new cloud solutions end to end or enterprise level AWS/Azure migrations
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Problem management and change control for DNS, DHCP, IP Subnetting and IPAM
• Worked on devices Cisco IOS switches, Nexus(5K), Palo alto firewall (500,3020), Juniper SRX, MX,EX and Netscreen firewalls, ASA firewall, check point firewall,SSL VPN Pulse secure, F5 load balancer and Net Screen.
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and SDWAN by Riverbed steelhead, L3VPN over network, multi-tenant segment routing, Cisco ASA firewall 9.x, OSPFv3, EIGRP classic and name-mode (wide metrics), VxLan, SDWAN, VRF and VRF-lite, VMWare NSXVDC.
• Troubleshooting complex Checkpoint issues, Site-to-Site VPN related. Performed upgrades for all IP series firewalls from R75-R77.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN.
• Support third party technologies within the ACI ecosystem such as VMware ESX, OpenStack.
• Supported the Data center network infrastructure consisted of multiple Nexus 9Ks, 7Ks, 5Ks, 2Ks, FWs,Security systems, F5, and VMware environment by maintaining and deploying new technologies.
• Excellent knowledge and experience on multi-vendor platforms like Cisco, Juniper, Checkpoint, F5 Big-ip LTM load balancers, Bluecoat, Riverbed, Citrix, and VMware.
• Ability to work with end users to troubleshoot and solve their Pulse Secure VPN problems.
• Configuring and managing F5 ASM (Application security manager). Developed security policies.
• Created documents for various platforms including Nexus 9K, 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
• Provided design and Contrail SDN/ NFV networking support using Cisco ACI, Cisco wireless controllers, Open- Stack, Juniper Contrail and Big Switch Networks
• Configuration automation of the network stack from system to access to core services and Test validate existing network state using ansible.
• Design, deploy, test, and implement in support of Cloud platform solutions of Open Stack and VMware infrastructure.
• Involved in deployment of Meraki SDWAN solution across the Corporate offices.
• Provide support and services to resolve network issues for all wholesalers and network users which includes Voice Over Internet Protocol ( VoIP), (devices; MGCP/SIP), DSL Internet, Cable internet and intranet websites.
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE
• Responsible for the conversion of the existing environment from an EIGRP to OSPF setup to facilitate the migration of Core from Cisco to Juniper.
• Implemented MX-960 router and configured virtual chassis in the core to enable inter chassis redundancy.
• Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding
• Cloudgenix SDWAN refresh project. Design. deploy, and test Cloudgenix SDWAN router upgrade across Cardinalhealths domestic and international locations.
• Experience in configuring Juniper Switches such as Ex-4200, EX-8200 in virtual-chassis mode.
• Responsible for Juniper SRX firewall management and operations across our corporate networks.
• Monitored network traffic and developed capacity planning initiatives, making necessary recommendations
• Designed NSX Micro-segmentation solutions for DTE's highly secured energy grid
• Worked along with a team on the network automation through Ansible.
• Experience in working with Network automation tools and testing for network change and Configuration management.
• Upgrading 3x data centers' network and fiber optic infrastructures with an Arista spine-leaf.
• Created different application policies in the ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Filters & Labels.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local preference
• Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
• Responsible to add new BGP peers for remote branch offices and business partners.
• Worked on network automation using python
• Involved in Firewall Policies implementation to meet access requirements of various teams.
• Worked on Cisco ASA/Juniper SRX Firewalls primarily with tasks involving policy changes, policy management as per vendor/client requirements add/design policies.
• Adding security rules and pushing the security policy on Checkpoint Using Smart Update, User Management and Authentication in Checkpoint Firewall.
• Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls.
• Creating templates in panorama to manage the individual devices from it
• Responsible for Configuration of Palo Alto 5050 devices with layer 7 filtering of traffic traversing the internet.
• Implemented Cisco ISE (Standalone, Distributed Setups) for delivering consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections.
• Upgraded Cisco ISE 2.0 version with ISE 2.2 code.
• Integrated Cisco ISE with LDAP sever and configured different features such as wireless onboarding (BYOD), posture assessment settings, wired/wireless NAC etc.
• Configured profiling, probing and MAB (MAC Address Bypassing) for different category of devices using Cisco ISE .
• Configured VPN tunnels to multiple vendors with end devices terminating at vendor end being a Cisco/Juniper firewall.
• Perform Configuration changes on BIG IP (F5) Load balancers and also monitored the Packet Flow in the load balancers.
• Provided Tier 2 level of escalation for Tier 1 VoIP Team by supporting Business and Residential Customers.
• Worked with Nations for monitoring of network services ( SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH ).
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of a network.
• Provided full visibility and notification of authorized and unauthorized network access with the integration of Cisco ASA/FWSM and NAC solution
• Installed, configured and set security policies on Cisco ASA
• Analyzed and tested network protocols (Ethernet, TCP/IP) using Wireshark tool.
• Subsequent projects included VMware infrastructure virtualization and consolidation of this environment and desktop virtualization projects.
• Manage Cisco wireless controllers and Cisco network company wide.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN. Technology support for: Cisco ACI, NSX, Open Source solutions, AWS/Azure VPC, ATT Netbond, Arista VTEP &VxLAN, Hitachi UCP, and many more.

Confidential, Herndon, VA

Network Engineer

Responsibilities :

• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Experience in Designs and implements Cisco Firepower and Palo Alto firewalls
• Worked on Cisco Nexus 9K family of switches whose hardware is based on Cisco ACI
• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 9K,7K VDCs and HA.
• Worked with SolarWinds monitoring tools and Service Now Ticketing system
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Install, Configure and Upgrade Checkpoint, Cisco, Palo Alto appliances in the network and build high availability using ClusterXL on checkpoint, Active/Standby on Cisco
• Manage and implement Cisco ISE security and NAC security products, configure NAC appliance and NACprofiler to restrict endpoints based on identity or security postures, enforce policies on BYOD (mobile) devices.
• Configuring user's roles and policies for authentication using Cisco NAC and monitoring the status of logged users in network using Cisco ISE.
• Experience in proactively monitoring network health for customers and corp. Network via SIEM ( Security Information and event management) tools such as Solarwinds, Infoblox, Netflow, Thousand Eyes, Wireshark .
• Working on Cisco NAC & Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Configure, Manage, Analyze, and Optimize Network Performance, Traffic, SDWAN, VPNs, Security, Firewalls, & Policies.
• Performed redistribution with OSPF and EIGRP to enable communication with backbone.
• Configure Silver Peak SDWAN Routers for all internal routing tunnels from remote sites back to corporate hub.
• Planning, designing and configuration of various Cisco ISE NAC deployment strategies (Standalone, Distributed Setups) and rollout to production environment
• Assisted in the migration from DMVPN to Cisco Viptela SDWAN, consisting of V-SMART controllers, V-BOND edge routers.
• Installed Palo Alto PA-3060 firewalls to protect Data Center
• Worked on a project to help clean up legacy FW policies and create migration path from current ASA to Palo Alto firewall (5250S) and Cisco next gen ASA with firepower module.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF)
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Configuring rules and Maintaining Palo Alto & Analysis of firewall logs using various tools.
• Actively involved in Switching technology Administration including creating and managing VLANS, Port security- 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009 and 9000.
• Worked on setup and installation of Cisco ASAs with Firepower and configured it for URL filtering.
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Building site-site VPN connections for third party connectivity using ASA Firewalls
• Responsible for Checkpoint firewall management and operations across our global networks.
• Experience in network monitoring tools like Net flow, RSA envision and Cisco IPS event viewer.
• Configured Wireless Access Points in order to control them with RADIUS server
• Provided design and Contrail SDN/NFV networking support using Cisco ACI, Cisco wireless controllers, Open-Stack, Juniper Contrail and Big Switch Networks LABs using Apple Configurator.
• Built site-to-site IPsec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures
• Involved in the team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements
• Worked with the data center planning groups, assisting with network capacity and high availability requirements.
• Configured VLAN's on Switches for Wireless Access Points
• Configured Access control list and also configured Cisco ACS for AAA services using Tacacs and Tacacs+.
• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Deploys and maintains Cisco Firepower Sensor and Firesight Management center (FMC).
• Designed and installed new Enterasys wireless controllers and access points for all Simmons locations.
• Implementation of Dynamic VPN via SRX Firewalls and Pulse Secure Clients.

Confidential

Network Engineer

Responsibilities :

• Support Network Technicians as they require training & support for problem resolution including performing diagnostics, & configuring network devices.
• Maintained Palo Alto firewalls Creating zones, adding rules and maintained the policies on PA 220 series,3020,522
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
• Experience installing & configuring of Cisco PIX, ASA & FWSM (Firewall service module).
• Experience with convert PIX rules over to the Cisco ASA solution
• Worked on F5 Load Balancers, Cisco ASA 5540 Firewalls
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Involved in the configuration & troubleshooting of routing protocols: BGP, OSPF, EIGRP and RIP.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Experiences in creating vision, defining technology strategy, and creating innovative products and solutions for SDN, NFV, cloud, and virtualization for enterprises and service providers.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Experience in WAN connectivity using Cisco routers by using T1, T3 and frame relay connections and its troubleshooting issues.
• Implemented VPN solutions for site-to-site connectivity using Juniper SRX services gateway and remote access VPN solutions using Juniper Pulse secure access.
• Design and implementation of the LAN IP infrastructure using Layer 2 / Layer 3 switching, STP, Gigabit Ethernet and Trunking / channeling technologies.
• Responsible for maintenance and utilization of VLANs, Spanning-tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches.
• Build site to Site / B2B and remote access IPSEC VPN tunnels using communities on Checkpoint and troubleshoot ISAKMP and IPSEC configurations.
• Experience working on Cloud Computing Virtualization using VMware NSX and Windows Hyper-V.
• Integration of VMware NSX with VMware's suite of products (i.e. vRealize Automation, vRealize Operations) .
• Involved in managing and implementing new Cisco Firepower 4k and 9k series.