SUMMARY

• 8+ years of experience in Networking, including hands - on experience in providing network support, installation and analysis for broad range of LAN/WAN/MAN communication systems.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Expert in using Cisco Clean Access Manager (CAM) and NAC Profiler.
• Experience with various Packet Sniffer / Protocol Analyzer tools such as NetScout, Wireshark and TCP Dump.
• Excellent knowledge in creating ISE Profiling Policies.
• Experience in using various Networking Monitoring Tools such as IDA Diagnosis Tool, ISEEAT, IPAM, Statseeker, Cisco Prime (Wired & Wireless) and Confidential Asset Data.
• Excellent knowledge in using Wireless LAN Controller (WLC) Graphical User Interface.
• Efficient in changing hostnames and troubleshooting Wireless Access Points
• Good knowledge in using PAN-OS, NX-OS, JUNOS and IOS.
• Experience in using Wireless LAN Controller and deploying Cisco Wireless Access Points.
• Hands on experience on Palo Alto Network Firewalls.
• Experience in using Panorama Management Console.
• Good knowledge in creating Shared Rules on Palo Alto Network Firewalls.
• Efficient in assigning IP addresses Infoblox IP Address Management (IPAM) tool.
• Expert in using Infoblox IPAM tool to investigate endpoint DHCP and DNS settings.
• Expert level knowledge on OSI model and TCP/IP protocol suite.
• Hands-on experience in configuring and maintaining Cisco and Juniper Routers and Switches.
• Excellent knowledge in assigning IP addresses based on Subnet and Super-net concepts.
• Experience in working with various Service Providers such as Century Link, Verizon, AT&T, Vyve Broadband, Sudden Link, CableOne and XO communications.
• Experience in installing Permanent License to Cisco Routers and Switches.
• Expert in upgrading IOS code for Cisco ASR Routers and Switches.
• Excellent knowledge in IP addressing Such as IPv6 and IPv4.
• Knowledge in pushing 802.1 x and MAB authentications on global and port configurations into switches using Cisco Prime
• Expert in configuring AAA commands (Authorization, Authentication & Accounting) for Radius and Tacacs+ servers
• Responsible for assigning permissions to get Network Access for new equipment and Vendor / Personal devices (BYOD).
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, MPLS and BGP v4.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Experience in installing and configuring DNS, DHCP server.
• Experience in layer-3 Routing and layer-2 Switching.
• Experience with Secure CRT, MTPutty, Hyper Terminal, GNS 3, Cisco Packet Tracer.

TECHNICAL SKILLS

Networking: L2, L3 protocols, Networking concepts with reference of OSI layers

Protocols: RIPv2, OSPF (v2, v3), BGPv4, IGRP, EIGRP, IS-IS, HSRP, GLBP

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTP

Network Managements: SNMP, SSH, Telnet, ICMP, Radius, Tacacs+

Encapsulation: HDLC, PPP

Circuit switched WAN: T1, DSL, ADSL circuits

Packet Switched WAN: MPLS, VPNs, ATM, Frame Relay

Cisco Routers: Cisco 1921, Cisco 1841, Cisco 1811, Cisco 7200vxr, Cisco 3600 series.

Cisco Supervisory Switches: Cisco 4510, Cisco 4507 R+E (Sup 8), Cisco 4507 R-E (Sup 4/6)

Cisco Switches: 6509, 6500, 3850, 3650, 3750, 3560, 2960 and 6500 series, Dell 3524, Dell 755.

Security (Firewalls): Palo Alto Network Firewalls PA-3060, PA-3020, PA-220, PA-200, Cisco ASA 5540, 5520, 5510, 5505, Juniper SRX 650, 240, 210.

Management Console: Panorama Management Console - M 100

Juniper Routers: Juniper MX 240, MX 480, MX 960 series

Juniper Switches: Juniper EX 4400, EX 4200, EX 2200 series

Physical interfaces: Serial Interfaces, Gigabit Ethernet, Fast Ethernet, Tunnels (Tu1, Tu2)

Network Monitoring Tools: Netscout, Wireshark®, Cisco Packet Tracer, Network Simulator-2, SolarWinds, NetBrain.

Network Tools: Infoblox IPAM, Statseeker, Asset Data, ISE-IDA, ISE-EAT, Cisco Prime, LanCope.

SSH Clients: MT Putty, Putty, mobaXterm, Hyper Terminal, Secure CRT, GNS 3.

Servers Used: FTP, TFTP.

Operating Systems: Cisco IOS, JUNOS, NX-OS, PAN-OS, Windows (10/8/7), Ubuntu, Linux, UNIX, Solaris, Red Hat, Mac OS X 10.6, 10.9 (Mavericks).

AAA Architecture: Tacacs+, RADIUS, Cisco ACS.

Authentication Protocols: dot1x (802.1x), MAB (MAC Authentication Bypass)

PROFESSIONAL EXPERIENCE

Confidential, Rochester, MN

Network Specialist

Responsibilities:

• Conducted physical remediation and remote analysis for approximately 125,000 devices connected to 5,000 Access Layer Switches throughout the Mayo enterprise (Arizona, Florida, Rochester and all Confidential Health System 328 sites).
• Conducted all preparation work for Pre-Change Windows, including setting up ISE via adding network devices and evaluating risk of enabling authentication on a switch status of ports/CPU/Memory etc.)
• Deployed Cisco Identity Services Engine (ISE) configurations for all the network devices in a monitor mode status in preparation for low impact (Enforcement mode) for all access layer switches.
• Conducted analysis/investigation of endpoints that fail authentication in NAC Monitor mode
• Pushed 802.1 x and MAB authentications on global and port configurations into switches using Cisco Prime
• Successfully ran and reviewed Authentication Logs and Validation reports following each configuration push
• Expert in configuring AAA commands (Authorization, Authentication & Accounting) for Radius and Tacacs+ servers
• Maintained Radius and Tacacs+ servers for AAA authentication and User authentication
• Identified endpoints that failed authentication, researched and investigated the reason for failure using various tools: IPAM, Statseeker, ISE, Cisco Prime and Asset Data
• Proficient in using Infoblox IP Address Management (IPAM) tool to investigate endpoint DHCP and DNS settings
• Used IPAM to update hostnames for static devices in order to match Confidential ’s Network Access Control (NAC) naming standards
• Created ISE Profiling Policies using hostnames and Organizational Unique Identifier (OUI) information.
• Setup and troubleshoot ISE Profiling Probes (SNMP Query, DHCP)
• Verified correct NAC configurations on Access Layer switch (L2) and Distribution Layer switches (L3)
• Deploying all the Layer 3 and Layer 2 devices by configuring Cisco TrustSec (CTS) commands throughout the Mayo Enterprise.
• Implemented Network Segmentation framework (Tracks such asAL-DLin Track I,DL-COREin Track II andWAN - Routerin Track III) and testing them in Mayo Lab as well in Cisco ISE
• Responsible for testing all the devices in Mayo Lab before going to the Production
• Engaging with NOC (Network Operations) team to get the ‘All Clear Status’ and handling ‘Open and Close Email’ during the change window.
• Configure and apply security group tags to the identified segments.
• Upgrade IOS code for Cisco 4510, 4507, 3850, 3650 switches.
• Used the Confidential Asset Database to investigate unknown endpoint types (i.e., Medical Devices, Research Devices, etc.)
• Used ISE Deployment Assistant (IDA) tool to validate and document endpoint authentication status during monitor mode deployments
• Performed analysis using IDA Diagnosis Tool to get the endpoint information (i.e. Switch Name, Connected Interface, MAC Address, ISE Endpoint Information) to estimate the failure and risks before scheduled change windows
• Used ISE Endpoint Analysis Tool (ISEEAT) to analyze data and review ISE profiling policies
• Used NetBrain tool to create Layer 3 Diagrams and Layer 2 Mapping diagrams
• Generate Asset Inventory reports which gives the list of all devices connected in the Mayo Environment using NetBrain tool
• Proposed new names to all Access Points and updated to follow the Confidential ’s NAC naming standard in Wireless LAN Controller (WLC) using Cisco Prime (Wireless).
• Used Statseeker to validate status and performance of switches (switch port status, CPU, Memory utilization etc.) before and after change windows
• Assigned Static IP address to the endpoints (Servers/Printers) by checking the availability using Infoblox IP Address Management (IPAM)
• Resolved hardware and software issues related to LAN/WAN
• Used Subnet and Supernet concepts to identify endpoints and assign IP address where necessary
• Heavily engaged with Stakeholders to identify any configuration changes needed to properly identify endpoint types.
• Mentored and trained all new NAC team members regarding the Monitor Mode and Enforcement Mode processes
• Worked consistently with NAC Project Manager to update metrics provided to leadership.

Confidential, Houston, TX

Network Engineer

Responsibilities:

• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.
• Hands on Experience with Cisco 3850, 3650, 3750, 4507 R-E and 4507 R+E Switches.
• Involved in 24/7 on call support for every 3 months in a year.
• Installing, Upgrading, Configuring, Maintaining and Troubleshooting Cisco Routers and Switches.
• Refreshing Cisco 3750 Switches to Cisco 3850 and Cisco 4507 R+E (Supervisory) Switches.
• Refreshing Cisco 4507 R-E (Supervisory 4/6) Switches and Cisco 4507 R+E (Supervisory 8) Switches.
• Hands on experience on Palo Alto Network Firewalls and ASA Firewalls.
• Experience in configuring Palo Alto Network Firewalls and Panorama Management Console.
• Experience in configuring, troubleshooting and installing Palo Alto Networks (PA-3060, PA-3020, and PA-220).
• Good knowledge in using ‘fw monitor’.
• Configuring initial setup and establishing site-to-site vpn configuration on Palo Alto Network Firewalls.
• Good knowledge in configuring URL Filtering on Palo Alto Network Firewalls.
• Troubleshooting by looking into logs and using command line utilities on firewalls.
• Follows Cable Management when installing the Servers, Routers and Switches in the rack.
• Responsible for installing Permanent License on Cisco Routers.
• Good knowledge in usingCisco Clean Access Manager (CAM) and NAC Profiler to change VLAN and NAC Controlling options.
• Handling Service Now Service Automation System on a daily basis which is a ticketing system used to work on the assigned incidents / tickets raised by clients.
• Handling various types of tickets such as Task, Change Task, Incidents, Problems and Change Requests in Service Now Portal.
• Creating Change Request plans such as implementation, verification and backup plans in Service Now Portal to refresh the real Cisco Routers and Switches.
• Working with Service Providers such as AT&T, Vyve Broadband, Sudden Link, Cable One, and Century Link on a regular basis to solve Internet related issues.
• Maintaining good communication with Service Providers to work on Modem related issues.
• Managing Alerts by applying maintenance in Enterprise Services Portal.
• Monitoring and capturing the real environment using Packet Sniffer Tools/ Protocol Analyzers such as Netscout and Wireshark.
• Creating SPAN interfaces for source and destination ports and capturing packets in Wireshark.
• Excellent Knowledge in using SSH Clients such as Secure CRT, Putty, MT Putty (Multi-Tabbing Putty), GNS3 and Hyper Terminal.
• Strong knowledge in troubleshooting Cisco NAC Agent.
• Good knowledge in using Cisco NAC Agent and ISE appliances for connecting Internet.
• Good knowledge in connecting fiber optics to SFPs for switches to establish uplink connections.
• Creating trunking and assigning priorities to Active and Redundancy Switch using HSRP.
• Uses Dialup Modem, WebEx invitation or Team Viewer to get the access to the laptop remotely, which is consoled to the equipment on a regular basis.

Confidential, Pataskala, OH

Network Engineer

Responsibilities:

• Hands on experience with Cisco 1921, 1841 and 1811 Routers and Cisco 2960 Switches.
• Troubleshooting the T1 WIC Card (Carrier Detector, Alarm and Loopback Signals).
• Migrating and troubleshooting Cisco 1811 and Cisco 1841 routers with DSL, ADSL circuits to Cisco 1921 routers with T1 Circuits.
• Migrating and troubleshooting the Dell 3524 switches to Cisco 2960 switches.
• Troubleshooting Smart Jack, Biscuit Jack and Demarcation Point.
• Configured various routing protocols such as OSPF (v2, v3), EIGRP, RIPv2 and BGPv4.
• Good communication with Service Providers such as Century Link and XO communications.
• Responsible for day-to-day management of Cisco Devices, Traffic management and monitoring.
• Troubleshooting the Cradle Point along with the tunnel interfaces to generate the 4G signals.
• Hands on experience on Palo Alto Network Firewalls (PA-3020, PA-220, and PA-200).
• Experience in using Palo Alto Network Firewalls and Panorama Management Console GUIs.
• Experience in creating Shared Rules on Palo Alto Network Firewalls.
• Good knowledge in blocking gaming sites or untrusted sites using Palo Alto Network Firewalls.
• Implementing routing protocols such as BGPv4 and EIGRP.
• Implementing EIGRP and OSPF on IPv6.
• Excellent knowledge in IP addressing Such as IPv6 and IPv4.
• Efficient in using Extended User Interface-64 (EUI-64), which is used in IPv6 Addressing.
• Expert Level knowledge on Subnet and Super-netting concepts.
• Working on physical interfaces such as Gigabit, Fast Ethernet and Serial interfaces.
• Experience in troubleshooting Traffic Counters, Registers and NOMI Sensors, ISPs (A&B).
• Creating and implementing IOS configuration for the Cisco 1921 routers and Cisco 2960 switches and importing them into the Solar winds.
• Creating, assigning and allocating IP addresses based on Subnet and Super-net concepts.
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.
• Handling Ping failure issues on real Cisco Routers and Switches.
• Excellent knowledge in using FTP and TFTP servers especially in copying files for upgrading the switches.
• Using Security devices such as ASA 5520, 5510, 5505 and ADSM.
• Establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
• Experience in installing and configuring DNS, DHCP server.
• Implementing HSRP, VRRP for Default Gateway Redundancy.
• Adding and removing checkpoint firewall policies based on the requirements of various projects.
• Configuring, Installing and troubleshooting on Check Point Devices and Access-lists.

Confidential, Baton Rouge, LA

Network Engineer

Responsibilities:

• Working with Network Design and implementation team on various projects Across North America and South America.
• Configure Corporate, Wireless and Lab Devices, which includes Bandwidth Upgrade, Adding New Devices, Decom the Devices, Testing (Pilot).
• Configured CIDR, IP, RIP, PPP, BGP, MPLS and OSPF routing.
• Designing and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring RIP, OSPF and Static routing on JuniperM and MX series Routers.
• Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
• Configured IP access filter policies.
• Experience working JuniperT-Series, M-Series, MX-Series, J-Series Routers.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Deploying and decommissioning the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Experience in creating MOPS (Method of procedures) and get approved from peers for performing configuration changes.
• Deploying and decommissioning the TOR switches and their respective software upgrades.
• Performing troubleshooting on slow network connectivity issues, routing issues involves OSPF, BGP and identifying the root cause of the issues.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the ip addresses from Subnet.
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Switches replace branch hardware with new 2851 routers and 2960 switches.
• Implemented WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Experience in working with cisco Nexus 5000 series switches for data center.
• Conversions to BGP WAN routing, which converts WAN routing from OSPF to BGP (OSPF is used for local routing only) that involves new wan links.
• Handled Load Balancing using F5 Networks - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Actively participated in upgrading fast Ethernet, Layer 3-switched/Routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches.
• Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.
• Configuring VLAN’s, VTP’s, enabling trunks between switches.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured various Router interfaces like ATM interface, T3 & Channelized T1 interfaces.
• Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards
• Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Experience with design and implementation of Data center migration at NBC Universal
• Data center migration was involved in Access, Distribution and Core layers.
• Excellent Troubleshooting Skills and Customer Centric approach.

Confidential

Network Technician

Responsibilities:

• Responsibilities included assisting in connecting different Lab setups using Routers, Switches, Firewalls and Gateways.
• Gained in-depth knowledge of dynamic routing protocols and Layer3 protocols (IPv4 and IPv6).
• Configured Routers and Switches using Secure CRT, Hyper Terminal and Putty.
• Worked on various networking concepts and routing protocols such as BGP (v4), EIGRP, OSPF (v2, v3), RIP (v2, v1) and other LAN /WAN technologies.
• The routing tables are preparing using OSPF routing technique using Cisco Packet Tracer.
• Designed and implemented OSPF on IPv6 in Cisco Packet Tracer.
• Gained an in-depth knowledge of Application Layer Protocols such as Telnet, FTP, SMTP, POP3, HTTP/HTTPS, SSH, SSL and DNS.
• Gained an in-depth understanding of cryptography algorithm standards and authentication protocols.
• Captured the traffic of TCP based protocols using Wireshark, which results in hacking.
• Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the ip addresses from Subnet.
• Used Wireshark and its filters to capture the traffic of all TCP based protocols.
• Experience in using various Routing Protocols such as BGP, OSPF and EIGRP.
• Well experienced in configuring HSRP, GLBP, IGMP, ICMP, PPP, SNMP, VLSM, ARP and authentication Protocols (PAP and CHAP).
• Designed and Configured Layer 2 / 3 networking features such as VLAN, ISL, STP, VTP, 802.1X, Port Security, and SPAN (Switched Port Analyzer).
• Experience in network cabling, dressing, labeling and troubleshooting various network drops onsite.
• Maintaining user account details and granting permissions to users based on their role.
• Repair and recover from hardware/software failures.
• Create, change, and delete user accounts per request.
• Identifying,troubleshootingandsolvinghardware, software & networkrelatedissues on systems of end users.

Confidential

Jr Network Engineer

Responsibilities:

• Responsible for day-to-day management of Cisco Devices, Traffic management and monitoring.
• Expert knowledge of cable connectors and replacement as RJ-11, RJ-45, V.35, RS-449.
• Hands on experience with real Cisco Routers and Switches.
• Worked on Unix, Linux, Windows Platforms and also involved in capacity planning of Network maintenance.
• Expert Level knowledge on Subnet and Super-netting concepts.
• Providing possible solutions to protect from hacking are by using Secure Shell (SSH) and generating SSL key.
• Another solution is using TOR browser that makes it as an anonymity web browser for both secured and unsecured sites.
• Text based browser such as ‘w3m’ is also suggested.
• Good knowledge in Layer 2 Switching and Layer 3 Routing.
• Working on physical interfaces such as Gigabit, Fast Ethernet and Serial interfaces.
• Worked on various networking concepts and routing protocols like BGP, EIGRP, OSPF and other LAN/WAN technologies.
• Experience in working with application layer protocols such as Telnet, FTP, SMTP, POP3, HTTP/HTTPS, SSH, SSL and DNS.
• Used Wireshark and its filters to capture the traffic of TCP based protocols such as SMTP, POP3, IMAP, FTP, HTTP/HTTPS and DNS protocols.
• Gained good knowledge about using Cookies and Sessions.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Hands on experience with real servers.
• Handled issues and updates related to hardware setup.
• Handled manual, automatic and cloud server backups on a regular basis.
• Configureand install various Operating Systems such as Windows, Mac and Linux.