SUMMARY

• 7 years of experience in routing, switching, firewall technologies, systems design, administration and troubleshooting.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting
• Experience with routing protocols like EIGRP, OSPF, RIP, BGP and IP addressing,
• Experience in Troubleshooting connectivity and hardware issues on Cisco Networks.
• Experience in L2/L3 protocols like VLAN, STP, ISL, MPLS and Trunking protocols.
• Proficiency in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR - 1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco CRS 4/8 CRSx, Cisco Nexus 2k/5k/7k/9k. Series and Juniper: M320, MX80, MX480, MX960 and EX4200, EX8200 switches, F5 Networks. Palo alto Networks- Palo Alto NGFW, PA 5000 series, PA-7050, PA- 3000 series.
• Experience with Palo Alto Panorama- Traffic monitoring, Configuration migration.
• Experience in set up, configuration and management of Palo Alto Firewall in various domain such as Internet, DMZ, Business-Partner, Remote-Access VPN etc.
• Experience in creating DAP Policies on Cisco ASA for Remote-access users and Creating IPSEC tunnel on ASA with Business Partner Firewall.
• QoS: Policing, Shaping, H-QoS, LLQ, SRR, WRR, CBWFQ
• MTA Security Fundamentals, MTA Server Fundamentals, MTA Operating System Fundamentals, MTA Networking Fundamentals.
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM,GTM
• Have Experience in Global ITIL Network Support.
• Good knowledge in F5 and Cisco ACE load Balancing.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Experience in Layer 3 Routing protocol configurations: RIP, EIGRP, OSPF, BGP, & MPLS.
• Experience in Layer 2 Routing protocol configurations: ATM/FRAME RELAY,IP services such as QoS and VPN technologies: IPSec & SSL.
• Hands on experience in Network Security tools like Qualys, Nexpose, Tenable, Blackstratus, Nesssus.
• Implemented MPLS/VPN services for various customers
• Experience in configuring and troubleshooting vPC on Cisco Nexus-5k for downstream FEX and Servers.
• Experience in configuring VLANs, STP, VTP, PVST and 802.x authentication in access layer switches.
• Strong knowledge of HSRP, VRRP Redundancy Protocols in high availability environment.
• Experience with different Network Management Tools and Sniffers like SNMP, HP-Open view, and Cisco works to support 24 x 7 Network Operation Center.
• Worked extensively in Designing, Implementing & Managing LAN, WLAN & WAN solutions for different client setups. In-depth knowledge and experience in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM & Frame Relay.
• Experience in Physical cabling, IP addressing & subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Access Control Server configuration for RADIUS & TACACS+.
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Staging, Lab & Production Environments.
• Strong Experience in using various tools for management, analyzing, troubleshooting, monitoring & process automation in Lab & Production environment.
• Good knowledge in WAN Technologies, ACL, NAT/ PAT, Ether Channel, IPSec and VPNs.
• Enhanced level of knowledge in PPP, ATM, T1 /T3 Frame-Relay.
• Expertise in implementation and troubleshooting of protocols such HSRP, VRRP, GLBP, ACL.
• Extensive knowledge in different networking protocols DHCP, DNS, FTP, VOIP (SIP, H.323, MGCP),
• Knowledge of Terminal Server, Firewalls, Standard/ Extended ACL, Distribute-Lists.
• Implementing security policies using Palo Alto Firewall,IPS/IDS, AAA Security (TACACS+, RADIUS) on different series of routers
• Extensive experience with Cisco IOS, NX-OS, IOS-XR, JunOS, Windows client/server operating systems, Linux, Networking technologies, Firewalls.
• Hands-on experience in developing scripts using Perl scripting language.
• Good knowledge in configuring wireless Controllers Cisco 4400, 5500 and access points Cisco 1242, 2400 & 3500.
• Good knowledge about SDN( Software Defined Networks)- Openday light.
• Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
• In-depth knowledge of network communication technologies and techniques.
• Configuration Juniper router and F5 Load balancer- BIG IP
• Finely tuned analytical/critical thinking and debugging skills with excellent verbal and written communication skills.
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills

TECHNICAL SKILLS

LAN Technologies: VLAN, VTP, Inter-Vlan routing, STP, RSTP, PVST, 802.1x

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines

Network Securities: NAT/PAT, VPN, L2/L3VPN, Filtering, IDS/IPS, IPSec, ACL, Nessus, NexposeCisco NAC / CANAC, Tenable, Blackstratus, Qualys.

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP, IPv6

Virtual Software: VMware (Workstation, vSphere, vCenter, vMotion, SRM, ESXi), Geni, Miniedit

Routed Protocols: TCP/IP, IPX/SPX

Infrastructure Service: DHCP, DNS, SMTP, POP3, FTP, TFTP

Network Management: SNMP, SSH, Telnet, ICMP, SSL, Cisco LAN and Wireless Prime

Firewalls: ASA, PIX, Juniper Netscreen SSG550,SRX, Palo Alto, Fortinet, Checkpoint

IP Telephony: VOIP, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager Express, Cisco IGX

Operating Systems: Windows Vista/XP/NT/2003, MS DOS, UNIX, Linux

Comm. Protocols: ARP, Wi-Fi, WiMax, 3G

Packages: Visual Studio 2008, OPNET, MATLAB, CAD, Flash, Dream weaver.

Tools: SYSLOG, CSM, HPSM, WhatsUp Gold, Riverbed,Cisco works, IXIA, Spirent, NetflowCA Spectrum, HPSM, Infoblox, Solarwinds (IPAM), Gigamon, Wieshark, Nagios

Sourcefire: Tripwire, Openview HPNA.

PROFESSIONAL EXPERIENCE

Confidential, Dallas, TX

Network Operations - Security

Responsibilities:

• Installation, configuration and maintenance of Palo Alto Firewalls, Cisco ASA firewalls.
• Configured various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/GTM/APM, DDOS attack detection and mitigation.
• ConfiguredJuniperMX480s, EX8200s, EX4500s, EX4200s, from scratch to match design and installed new f5- Viprion 4800, 2400 controllers.
• Deployed and managed Varonis specifically Data Governance, Data Advantage and Data Alert modules in complex environments.
• Demonstrate the features and benefits of Varonis software to the staff and documented the operations.
• Used Varonis Data advantage and Data Alert to monitor and analyze and alert file system activities on NAS.
• Design and implement security solutions to our customers using the BlackStratus suite of products
• Customize BlackStratus software products to customer’s policy and environment.
• Worked with the Trouble Tickets on F5 Load balancers on LTM module
• Switch experience includes Cisco Catalyst switches: CISCO 3750, 4500, 6500 series switches and Cisco Nexus switches 7000 and 7700 series.
• Configuration and maintenance of OSPF protocol which was the enterprise IGP. Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Creating Stub Areas & configuring Summarization for effective Routing.
• Using PBR with Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
• Implemented and used SDM to configure Cisco IOS security features and network connection.
• Network Segmentation-application migrations for enterprise Private Data Firewall and data behind Palo Alto- 5000 series
• Operate and analyze results from enterprise detection systems such as Sourcefire, Tripwire, and Blackstratus and others.
• Monitored threats and traffic on Palo Alto NGFW.
• Configured Object Grouping, Protocol Handling and Code up gradation on Palo Alto Firewalls.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall- Hands on Nessus, Qualys.
• Conductedvulnerability assessments and generic security scans of both systems andnetworks to identify and mitigate security vulnerabilities using Nessus Vulnerability Scanner.
• Design, implement and provide second level support for hostload-balancingsolutions at SWA.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc
• Perform PCI-DSS and PA security assessments with a diverse client base in accordance with the PCI security standard and local laws.
• Worked with different vendors and implement Site-to-Site VPNs over the Internet.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Working knowledge of the UNIX and CLI based command to implement the networking tools.
• Configured and monitored Firewall logging, DMZ’s and related security policies.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in
• LAN and DMZ and also for special user requests as authorized by management.

Confidential, Chicago, IL

Responsibilities:

• Responsible for Installation, configuration and maintenance of Cisco 7200, 3900, 2800, 2600, 2500 and 1800 series Router / Cisco Catalyst Cisco 6500 (sup 720), 4500 (SUP 6), 3750, 2950 series Switches.
• Designed and implemented Cisco Nexus data center platform and worked closely with Cisco advance services and built Communication access zone for contact center services, management access zone for network management and monitoring tools, private wan access zone for remote site and elastic computing access zone.
• Handling Confidential Global Network including Cisco High end Routers, Switches, ASA’s, FSWM and Cisco ACE Load balancers
• Configuration of New & Existing Network devices, includes Cisco Routers, Switches, ASA and ACE’s
• Exposure to Nexus, Hardware Architecture of the Sups, chassis, I/O Modules, Fabrics, Licensing, VDC, VPC, ISSU, Using NXOS CLI
• Created VDC's and vPC's and ensure that those vPC's are formed between VDC's.
• Created vPC's between downstream devices between core and Aggregation Switches and between Aggregation and Fabric Interconnect.
• Worked with Cisco advance services to implement data center Nexus environment for new Upgraded the NX-OS in nexus 7018,7010 and nexus 5548 and 5596.Consolidated multi-tiered environment into a pair of Nexus 7000 switches using VPC and VRF
• Maintained good understanding of the basics behind the Internet and its workings (DNS, Security, IP Routing, HTTP, VPN, Email Routing, SPAM, etc.)
• Configuration included VLANs & VTP, STP port features, Gateway redundancy using HSRP, enterprise security using Cisco Port Security and Dot1X framework.
• Configuration and maintenance of OSPF protocol which was the enterprise IGP. Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Creating Stub Areas & configuring Summarization for effective Routing.
• Worked on BGP configuration for providing redundant internet connectivity using BGP attributes, Route maps, prefix-lists etc.
• Configured and Maintained BGP features such as load balancing, Route Reflectors, BGP metrics such as maintaining the Enterprise IP Addressing scheme with allocation of new IP Pools for user subnets, and updating the port on the switches MED, AS Path, Local Preference, Communities.
• Responsible for Configuring and managing Blue Coat Proxy Servers, configuring and managing Palo Alto firewalls and VPN-1 for Security purpose.
• Performed administration on Palo Alto NGFW, creating policies, rules, users, VPN connections etc.
• Managed VPN migration from Nortel i100 to Palo Alto NGFW VPN devices.
• Traffic monitoring and managing using Palo Alto Panorama.
• Updated Palo Alto NGFW PAN-OS, Threat databases, AV databases and filters as required.
• Experience working with Palo Alto panorama-Imported existing device configurations into Panorama, Static rules, Application Command center.

Confidential, Chicago, IL

Network Engineer

Responsibilities:

• Configured Routing protocols such as OSPF, BGP, static routing and policy based routing.
• Team member of Configuration ofCisco router with VPN and Configuration of Catalyst switches.
• Create and testCisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Configuration and troubleshooting link state protocols like OSPF in single area and multiple areas.
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WANnetworkconsisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Providing Technical Support and solutions forNetwork Problems.
• Planned, tested and evaluated various equipment, systems, IOSs and procedures for use within the Network/ security infrastructure.
• Managed the testing, deployment and configuration of WLC, WCS and WiSM systems. Worked on Cisco 1242, 2400 & 3500.
• Hand-on experience in developing scripts using Perl scripting language.
• Experience in designing, managing, and implementing complex IPCC and Cisco ICM/UC systems.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Juniper SRX firewall, VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.

Confidential, Murrysville, PA

Network Consultant

Responsibilities:

• Configuration and implementation of CISCO 3750, 4500, 6500 series switches and HP 2920, 3500, A5000 Series.
• Configuring and implementing EIGRP, OSPF and BGP.
• Core network support - Cisco 3900 series routers running multi area OSPF
• Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution.
• Responsible for service request tickets generated by the helpdesk such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Supporting EIGRP and BGP for problems of L2/L3 in internal teams & external customers.
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.
• Implemented SNMP for the network utilizing Cisco Works.
• Designed and implemented Cisco Wireless infrastructure solutions. Cisco WLC 44xx, Aironet LWAPs. WLC 802.1x integration.
• Troubleshooting of Cisco R&S and UCM issues.
• Designed and implemented aVoIP toll-bypasscall routing over a point to point International Private Leased Circuit (IPLC).
• Configured VLANs with 802.1q tagging, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture
• Upgrading Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Configured and installed multi-protocol (IP, IPX) multi-interface Cisco routers.
• Design, WAN link using PPP Multilink and by implementing Cisco WAAS.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices.

Confidential

IP Technical Support

Responsibilities:

• Perform responsibilities of supporting the daily operations of the network, telecom and troubleshooting network issues.
• Responsible for updating the IOS and configuring the new Router and Catalyst Switches.
• Designed and installed small Windows XP based LANs for business clients.
• Troubleshot and resolved many user issues Performed network testing (LAN, WAN, OLAN) and base lining.
• Responsible for configuring and monitoring the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH.
• Resposible for configuring VPN tunnelling using IPses encryption. Worked with different vendors and implement Site-to-Site VPNs over the Internet.
• Worked on IDS/IPS signatures in Firewall for Fine-tuning of TCP and UDP.
• Research on different IDS/IPS systems and analyzed the results in defferent scenarios.
• Worked n VOIP (SIP, H.323, MGCP),Installed and configured all aspects of Cisco Unified Communications Management (CUCM).
• Configured Cisco ASA firewalls.
• Research on different Network monitoring tools. Used different Network management tools for performance tuning from the results.
• Implementation and troubleshooting of the Network Managed Services (NMS)
• Risk analysis like DDOS attacks. Detected and analyzed DDOS attacks and designed mitigation techniques to mitigate the attacks.
• Analyzed new security technologies and documented the statistical performances of different products.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Provided testing for network connectivity before and after install/upgrade
• Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external.
• Responsible for creating and maintaining diagrams and documentation of network systems