SUMMARY

• 8 years of IT experience in design, development, implementation, troubleshooting and maintenance of complex Network & Security devices, Network Security, Linux Kernel Programming.
• Expertise in network protocols, Firewalls and Communication Network design.
• Experience with Troubleshooting tools for example protocol analyzers, load generators & network traces
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, sub - netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Corporate trainer for certification like CCNA, CCNP, Hardware & Networking.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Knowledge and experience with F5 ADC, Palo Alto, Dell Force10, Brocade, Meru/Aruba WLAN, Splunk, TACACS.
• Experience with design and implementation of Virtual Switching System (VSS).
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• In-depth knowledge of Linux Kernel Programming (Module Programming).
• Good domain knowledge in Linux source code 2.6x & Shell scripting.
• Network security including NAT/PAT, ACL, VPN Concentrator.
• Hands-on experience with TCP/IP, LANs, WANs, and WLANs (WiFi)
• Cisco VPN Concentrators, F5 Fire pass SSL VPN, 6509 Core Datacenter designs.
• Strong knowledge of Cisco and Juniper software (IOS/XR and JunOS) and hardware.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• In-depth Cisco technology experience/knowledge in design, implementation, administration and support.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Exhibit superior talents in supervising wireless migration of more than 40 sites with multiple WLAN controllers and APs
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience
• Designing, Implementing and Troubleshooting Cisco Routers (2800,2900,3900,3800,7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Checkpoint, Cisco PIX & ASA devices
• Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
• Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
• Strong Hands on experience in installing, configuring and troubleshooting of Cisco 12404,12406,7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Network Security - Anomaly Detection in Attack Prevention System, Network and Host IPS/IDS, Cisco PIX firewall, Vulnerability scanning, Penetration testing, Buffer Overflows, Cross Site Scripting,
• Experience in implementing Cisco VoIP using CUCM

TECHNICAL SKILLS

Routers: Cisco 17XX, 18XX, 26XX, 28XX, 37XX, 38XX, 39XX &72XX series.

Switches: Cisco 3550, 3750, 45XX, 65XX series, Nexus 7K, 5K, 2K

Load Balancer: Cisco CSS, F5 Networks

WAN Optimization: Cisco WAAS, PPP Multilink

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &MultiLayer Switching, Multicast

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing.

Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNSTFTP and FTP Management.

IP Telephony: IP Telephony utilizing Cisco routers, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager (publisher & subscriber).

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Security / Firewalls: Cisco ASA Firewalls 55XX, IPSEC & SSL VPNs, IPS/IDS, DMZ Setup,CBAC, Cisco NAC, ACLIOS Firewall features, IOS Setup & Security Features

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

PROFESSIONAL EXPERIENCE

Confidential, NYC, NY

Sr. Network Engineer

Responsibilities:

• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Perform root cause analysis on the problems coming across Project execution
• Maintained a BGP/MPLS infrastructure
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• FABRIC PATH in nexus...
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive,peer link.
• Experience in working and designing configurations for vPC, vPC domian, vpc peer-gateway, vPCpeer-switch, auto-discovery, and vPC singlesided, vPC double sided, NX-OS, VFR, Otv, fabric path.
• Configuration of Voice FX0 ports on the routers for SRST (Survivable Remote Site Telephony) and SRST testing after carrier numbers are ported over.
• Cisco VOIP, Implementation (Call manager CUCM V8.6)
• Experience with Cisco Call manager.
• Implemented and troubleshot Cisco Call Manager.
• Debugged, Configured, and Tested Routers at Access Points and WLAN Stations
• Cisco CUCM Management and Support.
• Configured and Managed one Wireless VoIP Test environment using Cisco Call Manager, Cisco 7920 Wireless Phones and VoIP software for Laptop.
• Design to implement IP based Video Surveillance in the 1100+ CBNA branches and HVAC controls. Add VoIP subnet to Branch Devices
• Design and implementation of GET VPN architecture used for multicast and unicast communication on an existing IP VPN.
• Decommission serial T3 circuits and replace with MPLS circuits. MPLS clouds were provided by carriers ATT, Verizon or Level 3.
• WAN Pilot project to convert branch from dual T1 circuits to iWAN only broadband circuit. To Enable Internet WAN connectivity for the Lab in Hauppauge. Test and turn-up IWAN link and disable the 2 existing T1 circuits, running branch on IWAN only. After testing was completed site will be placed back on either dual TDM circuits or TDM with IWAN backup circuit.
• Experience Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Work with Carrier to test and turn-up circuits.
• Experience in design and implementation of new branch/New Campus test and turn up.
• Implementing & Troubleshooting of T1, MUXES and CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Involved in configuring IP Quality of service (QoS)
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
• Experience with deploying the Layer 3 MPLS VPN in all the Branches and Campus locations.
• Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
• IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Provided redundancy in a multi-homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Implemented LAN, WLAN environments, including configuration development based on router designs
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX
• Security appliance, Failover, DMZ zoning, &Configuring VLANs/routing/NATing with the firewalls as per the design.
• Network security involves web filtering on internet sites (User's restriction) using Palo Alto and checkpoint Firewalls.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Implementing VoIP solutions using SIP & H.323 for Cisco routers 2851, also have sound knowledge of Avaya VoIP products
• Manage and provide guidance to junior members of the team.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Replace branch hardware with new 2851 routers and 2960 switches.
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO.

Confidential, ROCKVILLE, MD

Network/Firewall Administrator

Responsibilities:

• Responsible for installation, troubleshooting of firewalls (Cisco firewalls, Imperva Web app Firewalls, Checkpoint firewalls and Juniper firewalls,) and related software, and LAN/WAN protocols
• Administering multiple Firewall of Juniper/NetScreen, in a managed distributed environment. Fulfilling routine change requests of Net Screen OS Firewall and resolving trouble tickets, maintain and monitoring firewalls using scanning software Nesses
• Knowledge of Juniper environment including SRX/Junos Space
• Hands on experience on all software blades of checkpoint firewall
• Configuring VPN, clustering and ISP redundancy in Checkpoint firewall
• Configuring, maintaining and troubleshooting IPS and IPS-1 in Checkpoint
• Configured redundant interfaces, DHCP server, DHCP relay, ntp settings, and sub interfaces on firewalls
• Built and support VRRP / Cluster based HA of Checkpoint firewalls
• Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client networks
• Perform QA Checks on block point builds of SPLAT and GAiA Checkpoint Firewalls running on HP Proliant Servers
• K2Responsible for installation, troubleshooting of firewalls (Imperva Web app Firewalls, Checkpoint firewalls) and related software, and LAN/WAN protocols.
• Responsible for the implementation, documentation, and day-to-day support of the Imperva Database Firewall
• Perform advanced troubleshooting using Packet tracer and tcpdump on firewalls
• Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
• Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineers instructions and troubleshooting any related issues
• Installed and monitored performance of wired and wireless networks to maximize operations.
• Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures
• Automation of security operations and optimizing the usage of infrastructure
• Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment
• Configuration of SSL VPN through access blade and up-gradation of Firewall
• Participated in Pfizer Legacy Data Center Network Infrastructure Transition and Disaster Recovery Center transition for various locations
• Works closely with Customers in determining the business needs for a Project and build Detail design which includes Data Flow diagram, Logical and Physical Diagram
• Planning, designing and implementing a secure ODC Network setup for upcoming projects

Confidential, Raleigh, North Carolina

Network Engineer

Responsibilities:

• Involved in configuring IP Quality of service (QoS)
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1)
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches
• Involved in designing GRE tunnels for encryption of data flow from source to destination
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP product
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Hands-on experience on Checkpoint Firewall R77, Palo Alto and Cisco ASA 5520 firewalls.
• Experience on Check Point Firewalls NG, NGX R65, R70, R75, R77, NSX (VMware Network).
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Net info, Info man Virtual Change) and experience with developing network design documentation and presentations using VISIO.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES and CSU/DSU and data circuits.
• Have experience with Cisco Works LAN Management Solution.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.

Confidential, Irvine, CA

Senior Technical Network Engineer

Responsibilities:

• Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications.
• Supporting Development team for the access to corporate network and outside world. Providing access to specific IP, Port filter and port access.
• Configured the Cisco router as IP Firewall and for NATting.Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Installing new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations.
• Installing and maintaining local as well as network printers.
• Validating existing infrastructure and suggesting new network designs.
• Working on creating new load balancing policies by employing BGP attributes including Local Preference, AS-Path, and Community, MED.
• Providing technical support to LAN & WAN systems.
• Configuring all the required devices and equipment for remote vendors at various sites and plants
• Installation and maintenance of new network connections for the customers.
• Installing and maintaining Windows NT Workstations and Windows NT Server.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Real time monitoring and network management using Cisco Works LMS.
• Monitoring Memory/CPU on various low end routers in a network.
• Configuring routers and send it to Technical Consultants for new site activations and gives online support at the time of activation.
• Provided technical support on hardware and software related issues to remote production sites.
• Performed administrative support for RIP, OSPF routing protocol.
• Maintained redundancy on Cisco 2600, 2800 and 3600 router with HSRP.