SUMMARY

• Over 12+ Experienced Network Engineer having worked extensively with multiple Clients in Switching, Routing, Network Security (Firewalls and Proxies), Application Delivery Controllers, Authentication, Wireless environments. Experience in Campus and Data Center topologies in multi - vendor equipment.
• Very strong team member with good communication and Documentation skills. Innovative to new ideas to enhance the work flow in Network Engineering.
• Experience with legacy and high-end switching technologies in Campus and Data Center environments. Worked on Cisco, Juniper and Aruba/HP gear in campus environments. Worked on Cisco, Arista, Dell, Cumulus, Juniper gear in Data Center environment.
• Experience with Interior and Exterior routing protocols that includes RIP, OSPF, EIGRP, IS-IS and BGP. Worked on Cisco, Juniper and Arista routers.
• Experience in Network Security that includes perimeter security for Internet, Extranet, DMZ, Internal Server farms, Web-traffic security with Proxies, Web Application firewalls. Worked and migrated multi-vendor equipment and Next generation firewall technologies. Worked on ASA, Firepower, Checkpoint and Palo Alto firewalls. Experience on MWG, Bluecoat and Zscaler proxies.
• Working knowledge and demonstrated experience on the PAN-OS 6, 7.1, and 8.0 versions; PA 220, PA 820, PA-2K, PA-3K and PA-5K firewalls.
• Worked on the URL filtering and upgradation of Palo Alto firewall from PAN-OS 7.1 to PAN-OS 8.0.
• Worked on the migration from Cisco ASA to the Palo Alto firewall and the configuration of User-ID’s, App-ID’s, SSL Decryption, URL Filtering, Policies, Zone Protection, High Availability, Certification Management, Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.
• Experience working with Zscaler cloud proxies. Configuration of IPsec tunnels to Zscaler cloud PZens, PAC logic, Whitelists and blacklist policies on Zscaler.
• Experience working in complex environments which include VPC
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
• Exposure to Palo Alto Wildfire.
• Layer 2 Switching, L3 routing, Network security with perimeter and VPN Firewalls, Load balancing and Access policies management in F5 and Wireless LAN Controllers.
• Experience and high-level understanding in application delivery controllers, local and global load balancing techniques, redundancy solutions, high availability options for mission critical internal, vendor and public facing applications. Experience with F5 LTM, GTM, APM, NetScaler, Cisco ACE and A10.
• Worked on Campus Wireless environments with 1000+ access points, Wireless LAN controllers, Anchor Controllers, Authentication policies, BYOD policies, Integration with RADIUS. Experience with Aruba and Cisco WLAN.
• Experience with WAN Optimization devices Silver Peak, Cisco WAAS, Riverbed.
• Worked on Riverbed steelhead appliance to trouble shoot delay, jitter issues. Captured traffic and analyzed for root cause. Wrote policies and rules in steelhead.
• Experience on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Worked on enterprise Manager3.1 version to manage multiple F5 LTM devices from single-pane view.
• Experience in configuring and testing F5 iRules using browser (IE, HTTP watch. Knowledge in working with F5 load balancers and their implementation in various networks.
• Experience with TACACS/RADIUS severs, migration from ACS and Aruba ClearPass to ISE. Experience with windows and Infoblox DNS and DHCP servers, IPAM, internal and external grids.
• Experience with WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPSec tunnels, ISP circuits, Customer Edge configurations. Experience with SD-WAN solutions that include Viptella and Versa.
• Knowledge and operational experience with SDN, Cisco ACI, VXLAN, VTEPS, VNI, Bridge Domain, Arista Cloud Vision, EVPN, MP-BGP, Spine and Leaf Architecture.
• Firewall technologies including general configuration, risk analysis, security policy rules creation and modification of Check Point Generation Firewalls R70,R80 & GAIA.
• Experience in Smart Console Jumbo Hotfix for Check Point Firewalls..
• Configured and maintained Quality of Service (QoS) protocols (SIP,SRTP,SDP,IAX) ON VoIP along with PBX servers, VoIP servers and cloud based PBX servers, Active Directory Database.
• Experience with technical knowledge of the VoIP operating systems (Cisco and Avaya)
• Experience with setting up AWS direct connect to Amazon S3, Amazon EC2, Amazon VPC.
• Experience working with Security groups in AWS in VPC for traffic flowing between various nets for dev, prod and UAT instances.
• Worked on traffic flows from on-premises to AWS, AWS to internet via virtual palo alto firewalls from services that include PAAS and IAAS.
• Expertise in Cisco ACS Juniper Steel Belt, Radiator and Cisco ISE Authentication, Authorization and Accounting.
• Experience with virtualized ISE deployment across two network enclaves.
• Experience in Fortinet and FortiGate manager with configuration.
• Experience with Network Monitoring tools, SNMP, Log collectors, Splunk, ticketing tools and thorough understanding of work flows in corporate environments that include Financial, Healthcare, Retail clients.
• Experience with Jira, Heat ticketing system and Service Now tools.

TECHNICAL SKILLS

Router and VoIP Platforms: Cisco Routers series ASR9k, 7300, 4000, 3800, 2000, 1900; Juniper MX, Arista 7000 series.Routing Fundamentals and Protocols Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, Policy-Based Routing, Redistribution, Port forwarding.

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K,5K, 7K; Juniper EX, QFX, Aruba 2000, 3000 series.

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K) with panorama 8.0, WAF, Fortinet FortiGate NGFW(1K, 2K and 5K), Illumio,FireEye,SonicWall.

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, Security Device Manager (SDM), Cisco Works; TCP Dump and Sniffer. SolarWinds Net low Traffic Analyzer, Tufin, ExtraHop,NetScout, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SAM, IP Address Manager, Additional Polling Engine.

Load Balancers and Proxies: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, Citrix NetScaler, MWG, Zscaler Proxies, Bluecoat Proxies.

WAN and SD-WAN technologies: MPLS, ISP Leased Lines, SONET, Viptella, Versa.

Other Networking Protocols and Fundamentals: DHCP and DNS server, ActiveDirectory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACAS+, PBX servers, SDN, IPV4, IPv6

Operating Systems: Windows 10/7/XP, MAC OS, Linux, NX-OS, IOS XR, XE.

Wireless and Radius Technologies: Canopy Wireless Devices, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers, Prime Infrastructure, Ekahau, Air Magnet, AirWatch and WLC’s (8510, 5508, 5706), Cisco AironetAP’s (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE, Clear Pass 6.0,6.2,6.5, 802.11a,b,c,g,n,ac

Scripting: Python, Ansible and TCL (F5)

PROFESSIONAL EXPERIENCE

Confidential, TX

Senior Network Engineer

Responsibilities:

• Worked on on Deployment and operations team to support multiple migrations in switching, routing, firewalls, LB and Proxies.
• Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Successfully installed PA-5000 series firewalls in Data Center as perimeter Firewalls.
• Migration of ASA firewalls to PA next gen Firewalls using migration tool in PA. Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.
• Experience working on Cisco ASR 9K, Nexus 7k,9K,N9K-C937,N2K-C2248. Configured and designed OSPF, EIGRP and BGP at Distribution and Core layers. Configured OTV layer 2 connection between Data centers on Nexus.
• Worked on Juniper devices like M, MX, T routers on advanced technologies like MPLS VPNs, TE and other service provider technologies.
• Experience with configuring BGP, OSPF in Juniper M and MX series routers. Worked on several BGP attributes like MED, AS-PATH, Local Preference for route optimization. Worked on Route-Reflector, Route-Redistribution among routing protocols.
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240
• Managed AD Domain Controller, DNS and DHCP Servers and configurations.
• Worked on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.
• Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network (QIP) using Solarwinds IPAM and Infoblox DNS and DHCP servers. Experience with DHCP scopes, IP reservations, DNS host entries, pointers, delegations, Zones, DNSSec etc.
• Provides expert level security and networking knowledge in the planning, researching, designing, and testing of new networking technologies for perimeter firewall security, Intrusion Prevention/Protection System (IPS), DNS and DMZ security, and Internet Security in support of established Info Security program initiatives for the next 3 years.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2960, 3500, 7600, 3750, 3850 series, 6500 series) Cisco Routers (4800, ASR 9K, 800), Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Zscaler Proxy and Versa SD-WAN appliances.
• Conducted a POC on Versa and Viptella SD-WAN solution as a team and worked on evaluating the solutions.
• Migrated Nexus 7Ks & Nexus 5Ks to an ACI Fabric consisting of 9336PQ Spines & 9332PQLeafs in a brownfield Datacenter.
• Migration from Cisco ACE to F5. Worked on installation of F5 LTM and GTM in inside and DMZ with one arm and two arm architectures. Experience with complex iRule scripting, Persistence, profiles, SNAT and SSL, tcpdump, pools and monitors.
• Implemented F5 APM sessions and manipulating session using iRules and Layer7 configurations and also configuring Access Policy Actions and branch rules.
• Licensing and provisioning of F5 modules such as LTM,GTM,VCMP(Virtual Cluster Multi Processing).
• Implementing F5 LTM and GTM changes using CLI (TMSH and advance shell) configurations and Experienced in administration of F5 infrastructure.
• Troubleshooting tickets from the Service Manager queue which are related to the F5 LTM, GTM and APM.
• Worked on Bridge Domains, VXLANs, VTEPS, VNID. configuration of routing using BGP among multiple Leaf to spine switches. Thorough understanding of Application Profile, Tenants, End Point Group, Inter Subnet Tenant Routing, Routing within Tenants, Router Peering and Redistribution. Worked on Migration project from traditional Data Center Architecture to Spine Leaf.
• Worked on connections handoff using Bridged Interface to an External Route. L3- EPG configurations, AEP configurations. Expert in GUI of ACI.
• Cisco routing and switching networking process the capability to create Ansible for automating tasks related to networking configuration and management.
• Experience in implementation of network automation through Ansible scripting.
• Used Ansible and Ansible Tower as Configuration management tool, to automate repetitive tasks quicly deploys critical applications and proactively manages change.
• Worked on integrating existing Layer 2 and Layer-3 networks with ACI.
• Play a key role in the company’s direction towards Cloud Computing platforms by creating a strategy for transition plans. Azure AD and AWS, Office 365.
• Analyze and provide courses of action on current as well as emerging security threats like ransomware attacks by research and recommendation of other security solutions to help mitigate network security threats while preventing their outbreak across the network.
• Worked on network design improvements involving BGP, EIGRP, OSPF, IP metric tweaking and load balancing.
• Implemented Firewall rules and Nat rules by generating precise methods of procedure (MOPs). Responsible for packet capture analysis, syslog and firewall log analysis.
• Experience with F5 load balancers LTM and GTM and reverse proxy design and setup. Migration from ACE to F5.
• Experience in F5, Cisco ACE 4710 Load balancers. Migration Experience from ACE to F5 and NetScalers to F5. Worked on critical applications on Layer 4 and layer 7 load balancing. Experience with Virtual server, Pool, Node, Profiles - TCP, http, https, ftp, fastl4, Persistence - Source IP, SSL, Cookie, SNAT, iRules, iAPP, SSL offloading.
• Experience with F5 GTM and in-depth knowledge of DNS, Global level load balancing, Wide IP’s, Zones, Prober pools, Delegation from Windows DNS server to listener IP.
• Troubleshooting of Linux and Unix servers for application delivery servers. Install Dockers, Cisco and HP servers.
• High-level network troubleshooting and diagnostic experience using Packet capture tools like Wireshark.
• Configured network using routing protocols such as EIGRP, BGP and OSPF and troubleshooting L2/L3 issues.
• Worked on Azure AD SAML authentication for zscaler authentication and AD group based policies.
• Worked on SCIM provisioning for Azure AD to zscaler ZIA for users and group sync.
• Hands on experience on Azure cloud - migrated number of applications for NSX private cloud to Azure.
• Experience filtering network traffic with a network security group and route network traffic with a route table using the Azure portal.
• Assigned in migrating checkpoint 41k firewalls to PaloAlto 5250 and Installing PaloAlto firewalls in Azure cloud.
• Designing, configuring, and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border Controllers, Voice Gateways, Voice circuits IP /TDM, Cisco Telepresence Infrastructure, QoS, NAT, PAT, and multicast.
• Worked on Riverbed steelhead appliance to troubleshoot delay, jitter issues. Captured traffic and analyzed for root cause. Wrote policies and rules in steelhead.
• Secure and maintain network and datacenter infrastructure documentation as it relates to system configuration, mapping, processes and service records using Visio and SharePoint portal.
• Adding and modifying the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms
• Assist in creating network design standards for hardware and software. Developing and maintain Network Documentation (Visio diagrams, Excel spreadsheets, Word documents, etc.) Configure and troubleshoot network elements in a test/dev environment.
• Worked on Orion (Solar Winds) for mapping network diagrams, updated Orion with commissioned and decommissioned network devices.
• Experience with configuration of Cisco call manager, Installing and worked on ICM management.

Confidential, NJ

Network Datacenter Engineer

Responsibilities:

• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.). Design of DMZ in primary and redundant data centers with Next Gen Firewalls, IPS/IDS sensors, Switching and routing.
• Experience in deployment of Nexus 7010, 5548, 2148T, 2248 devices
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience configuring Virtual Device Context in Nexus 7010.
• Trouble shooting with FortiGate CPE 80 series and Fortinet manager along with forescout counteract.
• Also maintain the reports and relative dashboard implementations using FortiGate and the FortiGate manager.
• Experience with SME worked for different SDWAN product like Cisco Viptela, Juniper Contrail, VeloCloud, CloudGenix, Silver Peak.
• Experience with WAN connectivity, MPLS circuits, leased lines, Metro Ethernet, Site to Site IPsec tunnels, ISP circuits, customer edge configurations.
• Experience with SD-WAN solutions that include Viptella and Silver Peak.
• Implemented Ansible to manage all existing servers and automate the build/configuration of new servers.
• Enterprise and Public Safety wireless LAN/WAN (802.11, Mesh).
• Installation and maintenance of Cisco Layer 3 switches 3750, 4500X, 6500 in multi VLAN environment.
• Maintenance and configuration of Cisco ASR1000 series and 7200VXR routers at data center and deployment of 3900, 3800, 2951 and 2821 for branch connectivity.
• Installing and configuring F5 Load Balancers and firewalls with LAN/WAN configuration.
• Provide Tier II Level Load Balancer expertise on F5 BigIp Local Traffic Managers (LTM).
• Involved in migration from Site-to-sire GRE tunnels network to MPLS-based VPN for customer’s WAN infrastructure.
• Responsible for firewall migrations from ASA to checkpoint, ASA and Checkpoint to SonicWall DPI.
• Configured and performed software upgrades to Cisco wireless LAN Controllers 5508 for wireless network access control integration with Cisco ISE.
• Worked Extensively on access control policies consisting of VLAN switching through SNMP applying downloadable ACLs through Cisco ISE and configuring standard and external ACLs locally and on the upstream switch’s for Cisco NAC solution.
• Implementing security Solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520.
• Setting up and managing virtual machines on AWS cloud including working on EC2, Route53, RDS, Lambda.
• Hands on experience on Network automation utilizing CloudFormation. Large scale hybrid cloud environments.
• Deployed applications and host websites on AWS cloud involving blackboard.
• Migrated virtual machines and applications from on premises cloud to AWS.
• Hands on experience with Cisco ACI, Cisco Nexus switches including VDC and VPC.
• Check and troubleshoot VMware ESXi Host level connection issues with Cisco UCS fabric interconnects.
• Worked with VMware team to build Virtual machine templates of Windows server 2012 & RHEL OSto be available for ready-to-go deployments.
• Experience with deployment ISE 3315 and VM version 1.2 with VMware team to monitor enterprise distributed Cisco equipment using Cisco ISE web GUI.
• Migration experience from Cisco ASA 5500 to PA. Experience with migration tool in PA for Policies from ASA to PA. Experience with SSL forward proxy and URL filtering.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Experience with RIVERBED Steelhead appliance for WAN optimization.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall. Exposure to Palo Alto Wildfire.
• Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter VLAN routing, LAN security etc.
• Configured BGP, EIGRP and OSPF and Policy based Routing.
• Configuring OSPF and Static routing on Juniper M and MX series Routers
• Provide Tier II Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco ACE Load Balancers to the F5 BigIP Load Balancers.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Configured Cisco 7200 routers which were also connected to Cisco ASA 5508 security appliances providing perimeter-based firewall security.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Hands on experience on documentation of Network Topology diagrams by using Microsoft Visio tool to update in internal confluence portal.
• Designed Datacenter diagrams using Microsoft Visio tools according to the architecture.
• Configuring ASA 5510 Firewall and accept/reject rules for network traffic.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.

Confidential, NJ

ACI Consultant

Responsibilities:

• Responsible for improving KPIs like Accessibility, Mobility (RRC Setup success rate, ERAB Setup rate, IRAT Handover success rate, DL & UL Throughput measurement & Drop calls). % Time on LTE and voice fallback.
• Review and approve the RAN features and parameter trails to be presented and discussed with the consumer’s technical team for approval ( Ericsson L16A/L15B and Nokia ( RL70/FL16.FL16A)
• Configure the layer 2 and layer 3 on Cisco Nexus 7K, 5K, 6509, 9710, 5596 UP, 4500, 3850, 3950, ASR and 2960.
• Worked with Checkpoint, Cisco ASA, and Palo Alto Networks solutions.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Have sound knowledge of Firewall architecture, routing and VPN.
• Have experience working on HP Open view Network Node Manager.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Monitor traffic and access logs in order to troubleshoot network access issues.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Testing VPC, BGP, OSPF, EIGTP, RIP, SPAN, Sflow, VlanTrunking, SVI and power supplies on Nexus and ASR devices
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment.
• Involved in configuring IP Quality of service (QoS).
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in designing, installing & configuring of Cisco ASA& FWSM (Firewall service module). Worked on Checkpoint firewalls R70, R75, R77.20Gaia and Provider-1/MDM
• Evaluate, Analyze & Implement firewall policies to meet business requirements
• Experience in creating and maintaining Checkpoint and ASA firewall configurations, updating documentation and log analysis.
• Worked extensively in configuring, monitoring and troubleshooting Cisco's ASR 5500
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Experience working on ALU 5620SAM, 9400NEM for UMTS and LTE integration, site management, call tests, troubleshooting and post call KPI monitoring for site launch operations.

Confidential, CA

Network Consultant

Responsibilities:

• Designs, tests and deploys IT security systems, solutions and ecommerce environment.
• Working on Service Now ticket management tool by providing support service to client by implementing and working on change request, Incident request and troubleshooting.
• Configuration of checkpoint firewall mainly VSX according to client topology and checkpoints features such as Application & URL filtering, IPS, Identity Awareness, IPS, VPN.
• Configuration of Palo Alto Next-Generation Firewall mainly VSYS according to client topology and working on Content-ID, User-ID, App-IP.
• Experience in Qualys policy compliance in detecting internal and external threats and vulnerability.
• Perform troubleshooting by packet capture analysis using TCP Dump, Wireshark and analyzing the PCAP.
• Experience using Nessus & Qualys Tool for networking discovery and mapping, asset prioritization, vulnerability assessment and tracking.
• Bluecoat proxy server’s setup, configuration, upgrade and Troubleshooting with optimization of WAN Application, SSL traffic, Web traffic, URL filtering & Content filtering.
• Experience in working with designing, installing and troubleshooting of Palo Alto firewalls.
• Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN.
• Create policies, alerts and configure using SIEM tools (Splunk, Solar Winds, and LogRhythm).
• Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering). Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked on network packet analyzer tools such as, Wireshark, Microsoft Network Monitor, Snort, Tcpdump, SSL Dump etc.
• Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall.
• Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN.
• Firewall as well as virtualization of firewall, both VSX and VSYS.
• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.
• Represent the changes at the weekly change review and application migration meeting.

Confidential, MI

Network Engineer

Responsibilities:

• Installation and configuration of Cisco Routers 3600, 3900 and Switches3550, 3560, 3560E, 3750, 6500, 7200 routers for VLANs, Routing Protocols (OSPF, BGP), VPNs etc.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager (SDM) command line & GUI.
• ImplementedCiscoACSfor wired and wireless user authentication utilizing certificates and MAB for all known company assets.
• Installed WAN and LAN access for internet and intranet access.
• Configured Ether channels, Trunks, VLANs, HSRP in a LAN environment. Worked on Access, Core and Distribution layers.
• Implemented route redistribution between OSPF and EIGRP.
• Provided end-user technical support for LAN and remote users in a 24/7 environment.
• Assisting in deploying WAN projects. Connectivity and configuration of routers, switches, end to end monitoring in new campuses.
• Provided WAN/LAN Cisco router/switch configuration, implementation, and support to internal customer tickets involving BGP, OSPF, EIGRP.
• Configuration and Maintenance of ASA 5585 firewalls with firepower, 5540, 5525 Firewalls using Cisco SecurityManager (CSM).
• Troubleshoot and Worked with Security issues related to Cisco ASA/ PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls.
• Implement and modify DNS entries and managing IP Addresses using Windows DNS and DHCP.
• Experience configuring and troubleshooting on Citrix NetScalers Load Balancer.
• Performed Access Control Lists (ACLs) to setup usage for the intended users.
• Responsible for IOS installations and upgradations using TFTP Server.
• Troubleshooted Routing/Switching/Security Configuration problems/errors encountered to Clients in Head/Remote Campuses.
• Performed sub netting of the IP addresses. Configuration and allocating IP and network resources to Storage, Virtualization, Server and Application teams.
• Responsible for design/implementation/maintenance of Site to Site VPNs, and remote access VPN's using Cisco solutions (ASA 5520 and 5540), including head-end and remote client-side connections.
• Performed network monitoring using tools like Netcool. Log collectors using Splunk. SNMP V2C configurations.

Confidential, CA

Junior Network Engineer

Responsibilities:

• Monitored the performance of the network devices. Performed Troubleshooting and observed directing conventions such as OSPF, EIGRP & BGP.
• Installation and configuration of the Network of Cisco Router and Switches for EIGRP and VLANs etc.
• Worked on the Cisco switches 2950, 3560 and the Cisco routers 2500, 2600, 2800
• Initially involved in installations, technical support, troubleshooting and maintenance of network equipment.
• Good knowledge in Configuring Access Control List(ACL).
• Configured VLANS on different impetus switches performed investigating on TCP/IP system issues, Administered Frame-Relay and systems.
• Configured IPv4 VPNs using IPsec VPNs.
• Worked on WAN and LAN infrastructure. Worked on Cabling in IDF/MDF and in Data centers with Copper and Fiber.
• Managed system backup and restoration protocols.
• Escalating issue to higher network teams.