PROFESSIONAL SUMMARY

• 7 years of experience as a Network/Systems Administrator specializing in Cisco devices, Network security, Firewalls and VPNs, Cisco Routers, LAN/WAN connectivity, TCP/IP Windows XP, Windows Vista, NT/2000 /2003 System administration, communications.
• Implemented firewalls using Cisco ASA, Cisco PIX, CheckPoint Provider-1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
• Migration of all the PIX firewalls to ASA firewalls for DOT-NC
• Migration of Checkpoint R54 to SPLAT
• Proficient in setting up IT infrastructure including wide area networks WAN / local area networks LAN , security management systems networking devices administration.
• Extensive experience in Layer 3 routing and Layer 2 switching and dealt with router configurations like 7200, 3800, 2800 and switches 6500, 4500, 3700, 3750, 3900, 2900, 2960 and 3500XL, 3950 switch series.
• Proficient with Cisco routing and switching products, UNIX, Linux, shell scripting and routing protocols. Experience in tools like SNMP, AAA, RADIUS and designed VPN with IPSEC security layer.
• Understanding of IPSEC GRE tunnels in VPN technology implementation using Cisco IOS and have checkpoint firewall /VPN.
• Experience with Watchguard firewalls, Sidewinder firewalls, Stonegate firewalls and Opensource Linux/BSD based firewalls such as iptables, ipchains and pf.
• Hands on experience with the usage of diagnosis tools like Qkview, TCPDUMP for analyzing the real time statistics during the packet flow.
• Experience testing Cisco routers and switches in laboratory scenarios and deploy on site for production.
• Proficient in configuration of routing protocols like RIP, IGRP, EIGRP, OSPF multiple areas and BGP.
• Worked on MPLS-VPN designs and MPLS-QoS for the migration of Frame relay to MPLS system.
• Involved in designing L2VPN services and encryption system and other VPN with IPSEC based services.
• Expertise in IP subnetting and worked on various designing and allocation various classes of IP address to the domain.
• Involved in troubleshooting of IP conflict problems and worked on Gigabit Ethernet and Fast Ethernet connection
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX SSL Security appliance, Failover DMZ zoning configuring VLANs/routing/NAT with the firewalls as per the design.
• Worked extensively on Cisco Firewalls, Cisco PIX 506E/515E/525/ ASA 5500 5510/5540 Series
• Knowledgein preparing Technical Documentation and presentations using Microsoft VISIO/Office.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzes results and implement and delivering solutions as an individual and as part of a team.
• Hands on Experience testing iRules using Browser IE , HTTP watch

TECHNICAL SKILLS

Protocols: OSI,TCP/IP,DHCP, UDP, RIP v1, RIP v2, IGRP, EIGRP, TACACS , RADIUS, OSPF, BGP, SSH, TFTP, FTP, SMTP, NTP, LDAP, Active Directory, Kerberos, L2F, L2TP, PPP, Frame Relay, ATM, Sonet, Fast/Gig Ethernet, HSRP, Token Ring, ISDN, AAA, DES, 3DES, AES, and MD5, VPN IPsec and SSL ,VRRP, HSRP, DNS BIND, DJBDNS, Infoblox , CARP, SNMP.

Operating Systems: Windows NT/200/2003, UNIX, SPLAT Secure Platform , Linux, Red Hat, Debian,Cisco IOS.

Firewalls: Checkpoint NGX R65-R75 , Cisco PIX 515E,Cisco PIX 535 Firewall, Cisco ASA 5510,

Cisco ASA 5520,Cisco ASA 5540,Cisco ASA 5550, Cisco ASA 5580-20,

Cisco FWSM, Check Point NGX R52, R54, R61, R62, R65, R 75,Nokia IP690, Nokia IP530, Checkpoint provider 1, Checkpoint Firewall 1, SPLAT.

IDS: Cisco IDS 4250

SSL VPN:F5Firepass 4300

Routers: Cisco 2811, Cisco 6509-E Multi-layer Switch , Cisco7200, Cisco3800, Cisco 3640, and Cisco 3745.

Switches: Cisco Multi-layer Switch 6500, Catalyst 4500, Catalyst3750, Catalyst2900 and Catalyst 3500XL.

VOIP:SIP H.323, MGCP, TDM, SS7, Avaya Voice gateways.

Network Monitoring tools: HP openview, Cisco Works, Netscout, Ethereal, tcpdump, netcat, Sniffer,

Snort snortsnarf, MRTG.

Hardware Platform: Cisco Routers, Ethernet Switches, F5 LTM, GTM

LAN/WAN technologies: T1, DS3, OC3, SONNET, MPLS, DSU/CSU

Knowledge of various Information security standards such as ISO 17799/BS 7799, ISO 27001, DICAP, NIST 800-53, FIPS 199, FIPS 200 and OMB security standards

NetworkEquipment: CISCO 2950,3500,4500,6500 series Switches, CISCO 800, 1600, 2500, 2600,3700,3800,7200 series Routers, Cisco wireless access points.

PROFESSIONAL EXPERIENCE

Confidential

Network security Engineer

Responsibilities

• Working with Network Design and implementation teams on various projects across related to Branch, Campus and Data Center.
• Fine tuning of Firewall policies based on Information security policy.
• Configuration and Maintenance of CheckPoint R65, R75.40 Gaia Firewalls.
• Migration of Checkpoint R54 to SPLAT
• Designing and deployment of Partner IPSEC VPN tunnels.
• Involved in the configuration troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Building, configuring, maintaining, troubleshooting the firewalls. Develop and implement the company's security policies, and rules implementation. Coordinated lab testing of new software to ensure stable implementation.
• Deploying and decommissioning Cisco switches and their respective software upgrades.
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
• Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Experience configuring Virtual Device Context in Nexus 7010.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Performing the ACL requests change for various clients by collecting source and destination information from them.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Configure Corporate , Wireless and Lab Devices which includes Bandwidth Upgrade, Adding New Devices, Decom the Devices, Testing Pilot .
• Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the IP addresses from Subnet.
• Worked on ArubaWireless LAN Implementation for 11n Infrastructure Across the Corporate Network.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.

Confidential

Network security Engineer

Responsibilities

• Working with Network Design and implementation teams on various projects across related to Brach, Campus and Data Center.
• Designing and deployment of Partner IPSEC VPN tunnels.
• Create and test router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Configuration and maintenance of Checkpoint NGX R61.
• Configuration and maintenance of Juniper Net Screen SSG -550.
• Implementing and Troubleshooting of VLAN.
• Implementing Administration of Zoning Architecture project Imp of various zone like Server, Intra Internet Zone .
• Network security monitoring: analysis and identification of incident activities and system log files.
• Review Firewall release for any possible non-compliance or vulnerability.
• Assist with development of security policies, standards and procedures.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX SSL Security appliance, Failover DMZ zoning configuring VLANs/routing/NATing with the firewalls as per the design.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Generating RCA Root Cause Analysis for critical issues of layer1/layer2/layer3 problems.

Confidential

Network security Engineer

Responsibilities

• Experience in working with Nexus 5000 series switches for data center.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP OSPF is used for local routing only which involves new wan links.
• Convert Branch WAN links from point to point circuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.
• Plan Design and assist in deploying enterprise wide Network SSL Security and High Availability Solutions for ASA.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX SSL Security appliance, Failover DMZ zoning configuring VLANs/routing/NATing with the firewalls as per the design.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4.
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Experience working Juniper T-Series, M-Series, MX-Series, J-Series Routers.
• Implemented WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort 11n Infrastructure and its legacy technologies.
• Worked on Extensively on Firewalls, PIX 506E/515E/525/ ASA 5500 5510/5540 Series.
• Worked On UNIX, Linux, and Windows Platforms and also involved in capacity planning of Network Maintenance.
• Experience with design and implementation of Data center migration at NBC Universal
• Data center migration was involved in Access, Distribution and Core layers.

Confidential

Network Engineer

Responsibilities

• Dynamic routing protocol configuration RIP, RIP V2 .
• Troubleshooting network problems.
• Managed network connectivity and network SSL Security, between Head offices and Branch office
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking devices Cisco Router, switches co-coordinating with the system/Network administrator during any major changes and implementation
• Installation configuration of Cisco VPN concentrator 3060for VPN tunnel with Cisco VPN hardware software client and PIX firewall
• Configured BGPfor CE to PE route advertisement inside the lab environment
• Spearheaded meetings discussions with team members regarding network optimization and
• regarding BGP issues
• Implemented the concept of Route Redistribution between different routing protocols
• Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet
• Channel between switches
• Administration of Cisco 11.x and 12.1 versions and higher
• Implementing and maintaining backup schedules as per the company policy

Confidential

Network engineer

Responsibilities:

• Implement VPN connections
• Perform Troubleshooting end-to-end between the two sites
• Responsible for designing and implementation of customers network infrastructure
• Help negotiate hardware, software, and circuit contracts for customers
• Redesign customers office copper and fiber cable plant for scalability
• Configure and implement Remote Access Solution: VPN, ISDN dial up, Fractional T1
• Implement Cisco IOS Firewall IDS using 2600 series router
• Network Assessment and Documentation including technical, operational, and economic assessment
• Configure Cisco VPN 3000 Concentrator to allow VPN clients
• Implement Cisco Secure Access Control Server ACS 3.0 for Tacacs / Radius
• Upgrade Cisco Routers, Switches and Firewall PIX IOS using TFTP
• Design and implement security policies using ACL, PIX firewall 515, 520 and
• Provide intranet VPN solution using Cisco 2621 and IPSec Tunneling
• Firewall administration and LAN intrusion detection for over 80 corporate firewalls and LAN's.
• Responsible for firewall/LAN integration and compatibility, ongoing administration, and system backups
• Remotely managed DSMC customer corporate firewalls through VPN encrypted tunnels
• Configure Pix to Pix, and Router to Router VPN
• Redistribution of routing protocols and Frame-Relay configuration
• Network Migration from RIP to OSPF
• Build and maintain Visio documentations for Clients
• Troubleshoot Windows 2000 Servers and streamlining the user policy.
• Managing User accounts using Active Directory
• Implementation of TCP/IP related Services-DHCP/DNS/WINS