SUMMARY

• CCNP certified with 7 years of professional experience in Network designing, Implementing, Configuring, Troubleshooting and Testing of networking and Security protocols.
• Willing to relocate.
• Strong hands on experience on PIX 525, ASA (5520/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Expert in configuring F5 Load Balancer /Big IP LTM which included, creating profiles, Traffic processing, Load balancing, SSL termination and configuring NATS and SNATS
• Expertise in network protocols, Firewalls and Communication Network design.
• Experience in QOS in providing better service to network traffic, including other technologies like Frame Relay, Asynchronous Transfer Mode (ATM), Ethernet and 802.1networks.
• Cisco’s Application Centric Infrastructure (ACI) implementation (Nexus 9K, APIC).
• Configuring Cisco switches including Nexus9K, Nexus7K, Nexus5K and Nexus2K (FEX), C6500,4900,3750,3560,3550,2960,2950 and C500 switches.
• Virtual Port Channel (VPC) and Virtual Device Context (VDC) configuration.
• In - depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP.
• Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Excellent working knowledge of TCP/IP protocol suite and OSI layers.
• Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments

TECHNICAL SKILLS

Cisco & other vendor equipment’s: Nexus 7K, 5K, 2K & 1K, Cisco routers (7200, 3800, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900 series). PIX Firewall (506/515/525/535 ), ASA Firewall (5505/5510), Cisco ACE F5 Load Balancers.

Routing Protocols: RIP, IGRP, EIGRP, OSPF, IS-IS, BGP, HSRP, VRRP & GLBP.

Infrastructure services: DHCP, DNS, SMTP, FTP, TFTP.

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, VLANS, VTP, STP, RSTP and 802.1Q.

Programming: Python, ICM, Java, Perl

Network Management: SNMP, Cisco Works, Kiwi-cat, What's-Up Gold, Ethereal, Wire shark.

Platforms: Cisco IOS (11.x, 12.x), PIX IOS (6.x, 7.x), CAT-OS UNIX, LINUX.

Documentation: MS Office, MS Visio.

Network Security: DS1, DS3, OC3, T1 /T3 & SONET, NAT/PAT, Ingress & Egress Firewall Design, VPN. Internet Content Filtering, Load Balancing, IDS/IPS and URL Filtering. Windows Server 2000, Active Directory and SQL Server, IKE, Static. Dynamic, Reflexive ACL, and authentication AAA(TACACS+ & RADIUS)

WAN technologies: Frame Relay, ISDN, CAPWAP, WLC, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, Flex Connect, T1 /T3 & SONET.

PROFESSIONAL EXPERIENCE

Confidential, Milwaukee, WI

Network Engineer

Responsibilities:

• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Implement new DMZ including checkpoint firewall, VRRP, IPSEC, SSL VPN, ACE, FWSM, Bluecoat, WLC, ASR routers, GLBP, HSRP, BGP, OSPF, PBR, dual ISP connection, Stack Switches and VSS
• Worked with the Juniper SRX devices to make various big firewalls with virtual routers, importing instances and setup VPN
• Experience with network backbone and aggregation routers such as Juniper M40e, T640, M160, M20, M10i, MX960, E320, 7500, GSR 12000, and GSR12410
• Installed enterprise-class Cisco, Juniper, and Palo Alto routers, switches, and firewalls
• Processed and created Juniper firewall rule changes as requested by developers or other divisions
• Worked on Palo Alto Networks platforms, including utilization of Border Gateway Protocol (BGP), Open Shortest Path First (OSPF).
• Migration of existing IPSEC VPN tunnels from one data center to another.
• Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, Tuning (Configuration), make standardization for the topology
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Modified BigIP F5 Load Balancer configuration for new servers, also configured firewall
• Experitise in Bluecoat proxy servers setup, configuration, upgrade and Troubleshooting
• Having experience in Cisco IOS Upgrade, Net screen firewalls and Bluecoat proxy servers firmware upgrade
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Substantial lab testing & validation prior to implementation of Nexus 7K, 5K & 2K connecting to blade servers
• Used Cisco Wireless Controller (WLC) software to characterize wireless network flows.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
• Experience with F5 LTM/GTM, Big-IP, load balancing, iRules, and WAN acceleration

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus(7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP,HSRP), Cisco PIX(525, 535), ASA(5505, 5510) firewall

Confidential, New York

Network Engineer

Responsibilities:

• Experience in migration of Frame-relay based branches to MPLS based technology using multilayer stackable switch like 6500 series and 2800 series router
• Responsibletoevaluate,test,configure, proposeand implementnetwork,firewalland security solution withappliancessuch as Sidewinder, CyberGuard,WebWasherand Palo Alto Networks application.
• Worked on ROUTE-IT to manage multiple contact centers, as well the changing business conditions to generate a steady stream of operational challenges. Installation, Configuration and Administration of ADS,DNS,DHCP and Web proxy(ISA)server
• Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
• Installed and configured four PIX 525 and two ASA 5505 in customer locations. In addition to that, two PIX firewall configured for the Guest access
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Implement and configured GLBP (on core switching and also for VPN redundancy), HSRP on different location of office on the switched network and managing the entire multilayer switched network
• Used Kiwi-Cat tools to manage configurations from desktop for network devices, including routers, switches and firewalls. Generate network device configuration reports, such as port, MAC, APR and version details
• Managing a TACACS server for VPN user authentication and network devices authentication
• VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and support
• Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800

Environment: Router series (2800, 3800, 7200) and switch series (3750, 3550, 4509E, 6509E), Cisco PIX: 525, 535, ASA: 5505 and 5510 firewall.Routing Protocols: EIGRP, OSPF, and BGP. Switching protocols: (VTP, STP), Site to Site VPN, Remote Access VPN, Cisco VPN 3000

Confidential, Golden, Colorado

Network Engineer

Responsibilities:

• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Experience with Synchronous Optical Networking (SONET) over optical fiber.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Responsible for the installation, configuration, maintenance and troubleshooting of the company network. Duties included monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of application and equipment
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Used cisco UCS to provide network connectivity for the chassis, blade servers and rack servers. Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Configured policy based routing for BGP for complex network systems.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s Site.

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers(7200,3800,2800), Cisco switches(4900,2900), Cisco ASA Firewall(5510), Routing Protocols(EIGRP, RIP, BGP), Switching protocols(VTP,STP,GLBP)

Confidential

Cisco Network Engineer

Responsibilities:

• Involved in troubleshooting of DNS, DHCP and other IP conflict problems
• Implemented the concept of Route Redistribution between different routing protocols
• Responsible for configuring GLBP between multilayered switch networks
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems. Implementation of name resolution using WINS & DNS in TCP/IP environment
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
• Configured Firewall logging, DMZs & related security policies & monitoring
• Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
• Hands on Experience working with security issue like applying ACL’s, configuring NAT and VPN
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
• Worked on Cisco routers 7200, 3800, 2800 and Cisco switches 4900, 2900

Confidential

Client network support technician

Responsibilities:

• Work closely with network engineers, field technicians, equipment vendors, and telecom carriers to troubleshoot and resolve various types of network issues and outages.
• Supported PC deployment and end user move/add/change (MAC) processes including new PC setups, workstation configurations, PC reimaging.
• Experience with network and systems operations.
• Good working knowledge in IP addressing, DNS and DHCP
• Collaborated with technical staff to monitor system implementation
• Responsible for monitoring and surveillance, incident management and resolution, technical support, scheduled maintenance, network configuration, and change request support of the entire Vanguard global I.T. network infrastructure.
• Provided technical support to field engineers and technicians in a 24x7 environment.
• Managed various broadband telecommunications services, including high-speed internet access, and digital cable television.
• Managed and resolved all service related issues for a large corporate client who was assigned directly to me.
• Isolated and troubleshot network problems, investigated outages, opened trouble tickets, and took necessary action to repair.
• Engineer-to-engineer collaboration between Confidential experts and customer for more complex issues.
• Installation and default configuration of Confidential factory-installed operating systems, application, software and drivers.