SUMMARY

• Cisco Certified Network Engineer with 12 plus years of experience in Networking and security including hands - on experience in providing network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4,
• Moderate knowledge in configuring and troubleshooting Cisco Wireless networks; LWAPP, WLC, WCS, stand-alone apps, roaming, wireless security basis, IEEE 802.11a/b/g, RF spectrum characteristics.
• Experience working on Cisco ASR 9001&ASR 1006.
• Experience in implementing and troubleshooting Switch technologies such as STP, VTP, 802.1q, VLAN and MPLS.
• Configuration & troubleshooting of routing protocols:BGP, OSPF, EIGRP and StaticonCisco (7200, 3800), Juniper (MX240, MX480) series routers.
• Having experience in Migration from Cisco ASA's toFortinet’ s Fortigate firewalls
• F5 BIG-IP application load balancing subject matter expert with particular concentration on layer 7 load balancing using I-Rule scripting in TCL.
• Hands on experience on windows server 2007, 2008, 2012.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Installation of IP Voice System PBX and Voice gateway Cisco SPA 8000
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Hands on experience on dealing with Microsoft Azure cloud computing including implementing access lists in the Network Security Group.
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus 7K, 5K, 2K series Cisco router
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 appliance,
• Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.
• Hands on expertise with Cisco Catalyst routers/switches, Cisco Nexus equipment, Infoblox appliances, Cisco wireless, Riverbed/Cascade monitoring, and Solar winds
• Experience in designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers& Cisco Firewalls.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Excellent in documentation and updating client’s network documentation using VISIO.
• Performed switching technology administration including Vlans, inter-Vlan routing, trucking, port aggregation and link negotiation.

TECHNICAL SKILLS

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).

Switches: Cisco Catalyst 6500, MSFC, MSFC2, 7600, 3700, 3500, Arista 7500,7050,7300series,Cisco 2948/3560/4500/3560/3750/3550/3500/2960

Cisco Switches: Nexus 7K, 5K, 2K & 1K, Cisco routers (7200, 3800, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900series)

Cisco Routers: Cisco GSR 12416, 12418, Cisco 7200vxr, Cisco 3640, Cisco 3600

Security Firewalls: ASA, FWSM, FTD, Checkpoint, Palo Alto, Fortinet.

Security Technologies: Cisco FWSM/PIX/ASDM, Juniper SRX, Palo Alto, Checkpoint, F5 Load Balancer, ASA firewall

Routing Protocols: IGRP, EIGRP, OSPF, BGPv4, MP-BGP, IS-IS, RIP

WAN Protocols: HDLC, PPP, MLPPP

Circuit switched LAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).

Packet Switched WAN: ATM, FRAME RELAY, MPLS VPNs

NetworkManagement/Monitoring: Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump. Cisco DCNM,Firemon, MS-VISIO

Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, Wireshark, Solarwinds, SNMP

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)

Layer 2 technology: VLAN, HSRP, VRRP,GLBP,STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)

Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Operating Systems: Microsoft XP/Vista/7, UNIX, Linux (Red hat, Opens use, Fedora), Windows Servers 2003/2008Windows MS-Office, VMware ESX 5.1, VMware VSphere client, Microsoft Azure, office 365, Python

PROFESSIONAL EXPERIENCE

Confidential, New Brunswick, NJ

F5 Load Balancer Engineer

Responsibilities:

• Worked on providing management connectivitys, HA configuration, setting up RSA for MFA, license and updates management, VSYS support, L3, aggregate Ethernet and sub interfaces configuration, configuration of ECMP- OSPF on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from Brocade core to Palo Alto.
• Additional tasks include assisting with the day to day operations and management of othernetworkdevices such as Cisco ISE, Infoblox, Palo Alto firewalls andPanorama.
• Experience in Designs and implements Cisco Firepower and Palo Alto firewalls
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Experience in Fortinet100D, Fortinet 60C,Fortinet60E,Fortinet60D, Fortinet 200E (HA), this includes the whole UTM (app control, Web Filter, IPS, DoS, DDoS, etc.
• Implement SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple gateway solutions including integration of PKI certificates.
• Integrate multiple vendor IPSEC site to site VPNs, including Palo Alto Networks, Cisco ASA, and Juniper SRX firewalls.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 7K VDCs and HA.
• Upgraded the existing Panorama to V8.0.6. Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment.
• Knowledgeable in routing/concepts and networking protocols, including BGP, CDP, CLNS, VRRP(-E), HSRP/VRRP, IGRP,EIGRP, IS-IS, MPLS, NAT, OSPF, QoS, RIP, DNS, VLAN/PVLAN, TCP/UDP, IP, OTV and others.
• Placed in charge of control and maintenance of theSD-WANlaboratory environments, performing version updating before user client official updating
• In depth knowledge and understanding of the Internet and its design (DNS, Security, IP Routing, HTTP/HTTPS, IPSEC, VPN, Email Routing, Virus Protection etc.
• Configured TCP/IP addressing scheme to assigned IP blocks and make changes to DNS, DHCP on Infoblox appliance.
• Knowledgeable in building a strong secure network with expertise in implementing the organizations IDS/IPS, ISE, VPN's, ACE and Firewall solutions. Including the auditing and event management
• Establishing a baseline ISE security rules/policy working with other service lane members
• Support network security infrastructure and controls, including, but not limited to Security Incident and Event Management (SIEM), firewalls, VPN, intrusion detection/prevention, Network Behavior Anomaly Detection, Network Level Advanced Malware Protection, TACACS, NetFlow based tools, URL filtering, NAC etc.
• Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
• Provide timely troubleshooting measures for all of our customers to ensure a satisfactory resolution is provided, including third parties. Configure, Support, update and install Checkpoint, Fortinet Firewalls,Firemon, and DLP systems. Provide monitoring of all Checkpoint firewalls and there logs / traffic.
• Experience with configuring Nexus 2000 Fabric Extender(FEX) which acts as a remote line card(module) forthe Nexus 5000.
• Deploying and decommissioning the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Assist with the maintenance of Firewalls, Routers, Switches, Virtual Switches, Call Manager, Unity, Voice Gateways, VPN configuration, Wireless Controllers, Servers, and Security appliances for access to vital business applications in our private cloud and hosted.
• Maintain a thorough understanding of the basics behind the Internet and its interworking's (DNS, Firewall zones, ACL's, IP Routing, SSL, VPN, Content Filtering, etc.)
• Experience configuring, installing, and troubleshooting centralized network infrastructure such as routers, switches, ASA Firewalls, Juniper NSG, Firepower(FMC-4000, FMC-2000) etc.
• Strong knowledge on migration of DDoS attack's, IPsec & SSL implementation on Cisco and Palo Alto firewalls.
• Configure, Support, update and install Checkpoint,Firemonsystems. Provide monitoring of all Checkpoint firewalls and their logs/traffic.
• Worked with Palo Alto firewalls PA3020, PA5020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Configuring rules and maintaining Palo Alto firewalls & analysis of firewall logs using various tools.
• Solid experience with designing and deploying security solutions for Network Access Control as well as experience with Firewalls, IDS/IPS, WAF, Proxies, DLP, DDoS, and Malware inspections solutions
• Hands-on experience with network Security Technologies Cisco ASA, Checkpoint R77.30, worked extensively on Checkpoint platforms (IPSO, SPLAT and GAIA), Cisco AnyConnect, IPSec VPN, Cisco CSM and ACS, BlueCoat proxies, director and Reporter, SSL/TLS, DNS, Tacacs/RADIUS, RSA, SecureID and SNMP monitoring and reporting.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Worked extensively on Cisco ASA 5500(5510/5540) Series, Nexus 7000 Series
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2Bnetwork connectivity
• Documenting all the projects in word documents and plotting network Design in the Visio.

Confidential, Atlanta, GA

Network Security Engineer

Responsibilities:

• Working with Network Design and implementation teams on various projects across North America and South America.
• Maintained Palo Alto firewalls Creating zones, adding rules and maintained the policies on PA 220 series,3020,5220
• Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Experience with design and implementation of Data center migration.
• Configuring BGP, MPLS in Cisco IOS XR.
• Installation and support of LINUX (RedHat, CentOS ), UNIX, NetFlow, Syslog Python, Infoblox DNS security and Wireshark.
• Involved in migration of network from cisco catalyst switches/ASA firewalls to Palo Alto.
• Install, upgrade and configure Next-Gen Palo Alto Firewall series PA-200,PA-500
• Migrated the policies from Cisco ASA to Palo Alto Firewalls.
• Managed checkpoint/ Enterprise-level CiscoFWSM/ASA firewall appliances
• Experience on dealing with Cisco Application Centric Infrastructure (ACI) by integration hardware and software products as per network layout
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Experience on dealing with office 365 including hosting Lync web Conferencing and assisting in installing office applications.
• Worked on Source Fire and Palo Alto IPS/IDS Systems
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS. Migrated existing on-premises applications to AWS
• Experience on coordinating and monitoring entire organizations Authentication, Authorization and Accounting (AAA) systems
• Installed Riverbed WAN optimizer software to run applications via WAN’s to multiple branches across east coast.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Implementation of Juniper Firewall, SSG Series, Net Screen Series ISG 1000, SRX Series.
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, and ISG 200.
• Experience on cisco wireless management systems which includes cisco 8540 Wireless controller, cisco 5520 Wireless LAN controller, and virtual wireless controllers.
• Hands on experience on Cisco ISE and various network security concepts like SSH, IPsec, firewall polices and 802.1x
• Worked on Network Automation using python scripting
• Work on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Configuring and Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers.
• Deploying and decommissioning Cisco switches, Cisco Meraki Products and their respective software upgrades.
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.

Confidential, Salem, OR

Palo Alto Firewalls Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• F5 Big-IP load balancer configuration, layer 7 load balancing using I-Rules (TCL)
• Performed installation and upgrades of office 365 Business as per the changes recommended by the network architect.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Performed Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Conducted F5 Big-IP load balancer configuration, layer 7 load balancing using I-Rules (TCL)
• Extensive experience with F5 load balancers- LTM, GTM series like 6400, 6800, 5000 and 2000 for the corporate applications and their availability
• Worked on Palo Alto firewall migration tool.
• Troubleshooting the Juniper SRX100 anda hundred and tenseries, Juniper NetScreen routers with Site-Site VPN, and firewalls for Supervalu Retail sites.
• Identify, design and implement flexible, responsive, and secure technology services
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Creating and provisioning Juniper SRX firewall policies.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Documented new VPN enrollments in a database and create standard procedures for further improvement.
• ConfigureVRRP & GLBP andVLANTrunking802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Co-ordinated with the Data Network and Security team and came up with possible solutions.
• Experience on dealing with Infoblox traffic control products to simplify DNS load balancing operations
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Monitoring and troubleshooting network issues between client site and 85 remote sites with legacy switches and routers.
• Performed and presented network analysis as a part of network migration. Involved in knowledge transfer to vendors and provided them network support as required
• Configuration and maintenance of EIGRP and BGP network on router 7200 and 6500 MLS.
• Configuration and maintenance of 3750 stack and 6500 VSS for improved efficiency of the data plane.
• Configuration and management of NEXUS network in the existing network infrastructure.
• Created LAB setup with 7k and 5K NEXUS switches and Arista 7K for application testing.

Confidential, Phoenix, AZ

Sr. Network Engineer

Responsibilities:

• Created Data-filtering profiles in Palo Alto devices which helps to prevent sensitive information.
• Firewall Policy provisioning on Palo Alto devices using Web UI as well as PANORAMA. Provided day-to-day operational support for all firewall and VPN platforms including Checkpoint and Palo Alto firewalls.
• Performed upgrades on Palo Alto OS devices in High Availability pair. Firewall OS upgrades and Maintenance of OS up maintaing dates as part of addressing Vulnerabilities on Firewalls.
• Configured rules and Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Configured and maintained the HP Switches with OS Upgrades and routing protocols (OSPF, BGP).
• Used Cisco Prime Infrastructure for troubleshooting and managing wireless networks.
• Provided network support for the core network including MPLS, DMVPN and Datacenters.
• Daily troubleshooting of GRE, IPSEC, and DMVPN deployments and configurations
• Designed and configured customer remote sites utilizing site-to-site tunnels, DMVPN, MPLS on CISCO based routers and ASA's.
• Splunk log monitoring & report monitoring for Data, Network, and Application device & user activities.
• Worked on Source Fire and Palo Alto IPS/IDS Systems, Splunk log monitoring tool, Qualys vulnerability assessment tool.
• Designed layer 3 security for the network interfaces converted all the layer to interfaces behind checkpoint firewall. Worked on checkpoint firewalls routing, managing VRF behind the checkpoint firewall.
• Designed network interfaces use L3 capabilities and configured anti-spoofing for the network interfaces on checkpoint firewall
• Provided assistance in network planning, engineering and architecture with technical solutions consistent to enterprise network strategy.
• Maintained and supported all Cisco Chassis and interfaces. Documenting the inventory of cisco switches/routers and other network related objects.
• Supporting with the Lease replacement of the Network switches Cisco Cat 4507, 3850, 3750 and all network hardware and repair.
• Worked on the Design and Implementation of the new firewalls for replacement of Current ASA Firewalls with Checkpoint Firewalls.
• Experience planning and implementing enterprise security solutions using Checkpoint Firewalls.
• Configured and supported our network Core Switches Cisco Cat 6509, 6807 and also supported with the core switches replacement from Cisco Catalyst Switches.
• Worked, supported and implemented on the OSPF and EIGRP Routing protocols with 6807 cat switches. Implemented the OSPF Instance with multiple OSPF areas connected to the firewalls and implemented the routing in between Checkpoint Firewalls and Cisco Catalyst 6807 Switches.

Confidential, Detroit, MI

Network Engineer (L2)

Responsibilities:

• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problem
• InstalledPaloAltoPA-3060 firewalls to protect Data Center
• Configuring rules and Maintaining Palo Alto& Analysis of firewalllogs using various tools.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues. My responsibility
• Worked as part of a team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Configuring and Upgrading Junos Space Virtual Appliance.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Experience with configuring FCOE using Cisco nexus 5548.
• Hands-on Experience with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs. Cisco CLI, Cisco works, Network Security, Network Analysis Tools.
• Experience in converting PIX rules over to the Cisco ASA solution.
• Administration of ASA firewalls in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Responsible for maintaining the entire Routing and switching domain across the campus / Branch to
• Head Office and also the Layer-2 campus network across the remote branches, which included configuring VLANs and Trunks, Spanning Tree protocol, Port-Security, VLAN-MAPs and DOT1X for switches and Wireless.

Confidential

Network Specialist

Responsibilities:

• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
• Involved in analysis of client requirements to provide solutions for network design, configuration, administration, and security.
• Basic and advanced F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
• Troubleshooting complex Checkpoint issues, Site-to-Site VPN related. Performed upgrades for all IP series firewalls from R75-R77
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.
• Created a backup and recovery policy for software application and verified peripherals are working properly.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP & OSPF routing protocol administration.
• Worked extensively on Checkpoint firewalls for analyzing firewall change requests and implementing changes into existing firewall policies, maintaining security standards
• Involved in interaction with support services to reduce the downtime on leased lines.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Managed the IP address space using subnets and variable length subnet masks (VLSM).
• LAN cabling in compliance with CAT5 standards.
• Worked along with the team in ticketing issues