SUMMARY

• Network Engineer with 8+ years of experience in assisting multiple clients with Switching, Routing, Network Security (Firewalls and Proxies), Application Delivery Controllers, Authentication and Wireless environments. Experienced with Campus and Data Center topologies in multi - vendor equipment. An affable team player with good communication and collaborative abilities. Motivated to innovate and introduce new ideas to enhance the network architecture of an organization.
• Hands-on experience in racking, stacking, installing, configuring, and troubleshooting complex network systems on Confidential, Ruckus, Extreme, Brocade, Aruba, Meraki, and Juniper SRX.
• Experience in Confidential Routing and Switching with strong Confidential hardware/software experiences with Confidential Routers such as 1800, 1900, 2900, 3900, Confidential ASR-1k/9k, Confidential Multilayer Switches Confidential Catalyst 4500, 6500, Confidential Nexus 2k/3k/5k/7k/9k.
• Experience in Juniper: M320, MX80, MX480, MX960, and EX4200, EX8200 switches.
• Configured and Troubleshoot Brocade MLX (NetIron: MLXe-4, MLXe-8, MLXe-16), FCX (FastIron fcx648s and fcx624s)and ICX (6610, 6430 and 6650) series, Ruckus ICX (7450) and Extreme Network MLX.
• Experience in Confidential Meraki switch series MS LP,MS LP,MS FP & Meraki AP MR52,MR66,MR74,MR53E
• Extensive knowledge of VLAN Trunking 802.1Q, STP, Port Security, HSRP, VRRP,and GLBP
• Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols (RIP, EIGRP, OSPF, BGP)
• Experience in configuring VLANs, STP, VTP, PVST, and 802.x authentication
• Experience in Physical cabling, IP addressing & subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies
• SNMP, Ether Channels, Virtual Port Channel (VPC), HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, BGP, NAT, PAT, Inspections, VPN’s, DHCP, Wireshark.
• Experience in setting up, configuration, and management of Confidential ASA Firewall on 5505, 5510, 5512-X, 5515-X, 5520, 5525-X, 5540, 5545-X, 5550, 5555-X & 5585 on the various domain such as the Internet, DMZ, Business-Partner and Remote-Access, VPN, etc.
• Knowledge and expert in OSI Model of Signaling Protocols: SS7 (MTP;ISUP;TCAP;INAP/MAP)
• Knowledge and expert in GSM/UMTS (ISUP, MAP,RANAP, RNSAP); SIGTRAN (SS7 over IP)
• Knowledge in Expert in protocols SIP, H.323, MGCP, ISUP, SCCP, TCAP, SIGTRAN, etc
• Familiar with implementing, deploying, and monitoring Confidential ASA and Palo Alto firewalls.
• Proficiency in network administration in large datacenter environment - DNS/DHCP, Load Balancing (F5 Networks, AWS ELB), Firewalls ( Confidential Systems, Juniper Networks), IDS/IPS, IPSec VPN, Data moving services like AWS, Snowball
• Adding, removing, and updating DNS record, DHCP scopes, reservation, and managing (static/dynamic) IP Address management (IPAM) in Infoblox, BlueCoat, Proteus
• Knowledge of SDN and network virtualization technologies like Confidential ACI
• Knowledge of ACI migration and L2/L3 transitions. Map traffic flows for EPGs and BDs. Handle drivers for ML2 and GBP OpenStack integrations.
• Knowledge of SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN
• Confidential ISE installation/configuration, integration of WLAN controllers with Confidential ISE.Configure the Networking devices such Confidential Catalyst Switches, Confidential ASA, Palo Alto, Confidential Access points, Aruba Access Points for the Confidential ISE authentication.
• Understanding of telephone switchboard and PBX equipment and systems
• Experience with F5 Load Balancing. (LTM, GTM, and Vipron)
• Creating Virtual Servers, Nodes, Pools, and iRules on BIG-IP F5 in LTM, GTM, and Viprion.
• Used Confidential ISE to grant authenticated users with access to specific segments of the network, or specific applications and services, or both, based on authentication results.
• Use and maintain routing protocols EIGRP, OSPF, and BGP on the ISR Router models like 2951, 3845, 3945,7206 in the network & also worked on BGP Route Reflectors, Confederations
• Established VPN tunnels between Confidential routers and Confidential Firewalls and Palo Alto Firewalls
• Knowledge of JUNOS platform and worked with JUNOS upgrade of Juniper devices. Working Experience on Juniper Routers (J, M, and MX-series)
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, Firewalls
• Efficient at the use of Microsoft VISIO/Office as technical documentation and presentation tools
• Experience with Interior and Exterior routing protocols that includes RIP, OSPF, EIGRP, IS-IS and BGP. Worked on Confidential, Juniper and Arista routers.
• Experience in Network Security that includes perimeter security for Internet, Extranet, DMZ, Internal Server farms, Web-traffic security with Proxies, Web Application firewalls. Migrated multi-vendor equipment and next generation firewall technologies. Worked on ASA, Firepower, Checkpoint and Palo Alto firewalls. Experience on MWG, Bluecoat and Zscaler proxies.
• Experience and high-level understanding in application delivery controllers, local and global load balancing techniques, redundancy solutions, high availability options for mission critical internal, vendor and public facing applications. Experience with F5 LTM, GTM, APM, NetScaler, Confidential ACE and A10.

TECHNICAL SKILLS

Routers and VoIP Platforms: Confidential Routers series ASR9k, 7300, 4000, 3800, 2000, 1900;Juniper MX, Arista 7000 series.Routing Fundamentals and Protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, Policy-Based Routing, Redistribution, Port forwarding.

Switch Platforms: Confidential Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000;Nexus series 2K, 5K, 7K;Juniper EX, QFX, Aruba 2000, 3000 series.

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, Ether Channel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Checkpoint (NGX R65, 3100, 5100, 5900), Juniper SRX, Confidential Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K) with Panorama 8.0, WAF

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Confidential Prime, Splunk, Security Device Manager (SDM), Confidential Works, TCP Dump and Sniffer;SolarWinds Net Flow Traffic Analyzer, NetScout, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SAM, IP Address Manager, Additional Polling Engine.

Load Balancers and Proxies: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, Citrix NetScaler, MWG, Zscaler Proxies, Bluecoat Proxie

WAN and SDWAN technologies: MPLS, ISP Leased Lines, SONET, Viptella, Versa

Other Networking Protocols and Fundamentals: DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACAS+, PBX servers, SDN, IPV4, IPv6Wireless and Radius Technologies Canopy Wireless Devices, Confidential 1200 series APs, Aruba wireless and APs, Confidential Meraki, Linksys Wireless/Wi-Fi Routers, Prime Infrastructure, Ekahau, Air Magnet, AirWatch and WLC s (8510, 5508, 5706), Confidential Aironet APs (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE, Clear Pass 6.0,6.2,6.5, 802.11a,b,c,g,n,ac

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

Sr Network Engineer

Responsibilities:

• Responsible for day to day management of Confidential Devices, Traffic management and monitoring.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Maintained multi-vendor devices ( Confidential, Juniper, Checkpoint, Arista etc) of the AWS
• Experience with converting 6500 to Confidential Nexus in the data Center environment.
• Resolved escalated hardware and software issues related to LAN/WAN.
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 12.0 LTM.
• Configured NAT and SNAT in F5 12.0 LTM.
• Performed Migration from Confidential ACE Load Balancers to F5 LTM.
• Configuring RIP, OSPF and Static routing on JuniperM and MX series Routers.
• Experience configuring Virtual Device Context in Nexus 7010.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server.
• Experience working with Confidential IOS-XR on the ASR 9000 devices for MPLS deployments.
• Experience with design and configuring Overlay Transport Virtualization (OTV) on Confidential NX-OS devices like Nexus
• Experience with using F5 Load balancer in providing worldwide data and file sharing, continuous internet connectivity, optimized web performance.
• Planned, designed, scale, deployed, operate and maintained multi-vendor devices ( Confidential, Juniper, Checkpoint, Arista etc) of the AWS core MPLS cloud engineering backbone.
• Installed, configured and troubleshot Confidential wireless network, Wireless LAN controllers.
• Configured Confidential QOS features like Classification, Congestion Management, Policing and Shaping.
• Analyzed and tested network protocols (Ethernet, TCP/IP) using Wireshark tool.
• Used multiple network monitoring tools like Solar Winds,CiscoPrimefor supporting the existing core network environment and Network edge devices.
• Installed, configured and set security policies on Confidential ASA and Checkpoint firewalls.
• Supported customer with the configuration and maintenance ASA 5550 firewall systems. Configured object groups on ASA 5550 firewalls.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9k, 7K, 5K and its downstream devices.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Confidential ASA 5500 series firewalls.
• Designed 10 gigabit networks using Confidential Nexus 7000 series switches, Checkpoint R77.10 firewall and Confidential 3800 series routers.
• Successfully installedPaloAltoNext-Generation PA-500, PA-3060, and PA-5060firewallsto protect Data Center with the use of IPS feature.
• Envision and drove Confidential 's SD-WAN (IWAN) and VPN for Enterprise and MSP networks
• Configured and maintained IPSEC and SSL VPN's onPaloAltoFirewalls.
• Implemented Zone Based Firewalling and Security Rules on thePaloAltoFirewall.

Environment: Confidential 2948/3560/4500/3560/3750/3550/3500/2960/6500 SwitchesandCisco 3640/1200/7200/3845/3600/2800 routers, SD-WAN, Confidential 1200 Aironet Access Points, Confidential Nexus 7K/5K/2K, Confidential ASA 500, Checkpoint, Juniper SRX, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP, Arista, AWS

Confidential, San Jose, CA

Sr. Network Engineer

Responsibilities:

• Supported operational business systems by providing 1st and 2nd line IT support, utilizing a high standard of technical and customer service skills, knowledge and ability
• Installed, configured, tested, maintained and troubleshooting of a wide range of Confidential products; Firewall, various switch and router product lines
• Installed, configured and troubleshooting of Confidential Routers (3945, 3800, 2800, and 3600) and Switches (6509E, 4507, 4500-X, 4900M, 3850, 3650, 2960) to perform functions at the Access, Distribution, and Core layer.
• Worked on routing protocols like EIGRP, OSPF, RIP, BGP also static route, MPLS, VPN, IPSEC
• Complex routing, multicast routing, QoS, Internet breakout at the hub and spoke sites, and interoperability betweenIWANsites and legacy non-IWANsites during migration toIWAN.
• Configuring and implementing VLAN, VTP, LAN switching, STP and 802.x authentication in access layer switches.
• OSPF configures at firewall level Policy's, static routing, IPSEC, SSL, Proxy and SSO Configures and edit ACL's in routers and Zone Base firewalls.
• Established AWS, Azure technical credibility with customers and external parties
• Worked in FortinetFirewall(model 100 D and 60 C) IOS Upgrade (version 4.0 and 5.0).Fortinet firewallpatching.
• Fortinet firewall IPSEC and SSL VPN Configuration.
• Scripted in multiple languages on UNIX, LINUX and Windows - Batch, Shell, Perl script etc and developed applications in python for multiple platforms
• Worked on Solar wind to log and even the suspicious activity and security threats, conducting an investigation and respond to mitigate issues in real-time, which include blocking IP addresses, disable accounts, changing privileges and permissions and killing applications.
• Network Consultant for Nexus Next-Generation project. Built out several MPLS/BGP VRF for multiple clients. Included implementation of 9K, 7K, 5K, 3Kand 2K configuration for integration witch UCS and legacy systems. Developed process for Network Engineering Peer review for all network related systems.
• Configured high availability protocols like HSRP, VRRP, GLBP
• Worked in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay
• Routed, multicast routing, QoS, Internet breakout at the hub and spoke sites, and interoperability betweenIWANsites and legacy non-IWANsites during migration toIWAN.
• Maintained DNS, BGP, OSPF, LACP, 802.1q, 802.1x, MPLS, TCP/IP, IPv4, IPv6, Ethernet, WAN Technologies, VPN tunneling
• Implemented and managed traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Experience in cloud networking (Azure Express Route and AWS connections)
• Worked in Check Point and Confidential ASA firewall administration across global networks.
• Experience in managing Active Directory Domain Controllers, DNS and DHCP Servers
• Migrated Users, Groups, Workstations and Application windows servers from source domain to Target domain using QMM and AD Domain
• Created AD Group policies to Enforce Domain and OU Level Security of Users and Computer objects
• Expertise in Migrating Group and Exception Policies from one domain to another domain in AD forest
• Experience in installing, maintaining and managing various rack mounted and Blade servers from Confidential UCS, Dell, HP, and IBM
• Established development lab for testing of network equipment. Models included EX4200, EX3200, J2350, J6350, Confidential 6500, and Confidential 3560.
• Planned and performed quarterly microcode, firmware and driver updates on all SAN switches, arrays and hosts
• Implemented security Solutions using Palo Alto (PA-5020/PA-3020), Confidential 5580/5540.

Environment: Confidential Routers (3945, 3800, 2800, and 3600) and Switches (6509E, 4507, 4500-X, 4900M, 3850, 3650, 2960) Confidential ASA Firewalls, Check point, AWS, Azure, Catalyst, Trunks, OSPF, VPLS, EVPL, RSVP. UNIX, LINUX Confidential Identity Services Engine (ISE), Palo Alto firewall, Juniper EX4200 & EX4550, Checkpoint Firewall (R75, R76, R77, Nexus 9k, 7K, 5K

Confidential, Boston, MA

Network Engineer

Responsibilities:

• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
• Implemented with Confidential Layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Ether Channel implementation onASR9Kredundant pair.
• Successfully Installed, configured Confidential Catalyst switches 9300,6500, 3750 & 3550 series, Access control lists, ISDN, ATM, load balancing switches and configured IPX/SPX, HDLC, BGP, EIGRP, OSPF and VRRP on various sites.
• Worked on stacking of the devices based on the network requirement with Confidential Catalyst 9300 series depending on the requirement with a stack count of 8, 6, 2, 3.
• Designed, implanted and installation on AWS cloud engineering for AWS internal business units.
• Architecture of Dev, QC, and Prod internal Corp and customer facing Ecommerce VPCs for AWS cloud environment
• Maintained Juniper EX series switches and Juniper MX routers and troubleshooted them.
• Configured HSRP & VLANs, Configuring Ether-Channels and Port Channel on Confidential 9300 catalyst switches
• Worked with Confidential ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater visibility and scalability in a data center environment.
• Worked with Confidential Channel partners to build practices around Confidential ACI, worked on configuring tenant policies, VLAN, VTEPS, VNI, Bridge Doamins.
• Deployed Viptela SD-WAN, worked with the team in implementing and designing of SD-WAN infrastructure and providing WAN connectivity across the enterprise.
• Worked on Confidential ISE deployment which was a replacement for the ACS and provided new long term and short-term guest wireless services for the Port Authority.
• Configured rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls..
• Configured systems log on the Palo Alto firewall and moved the logs toSplunk.
• Worked with Palo Alto firewalls PA5050 usingPanoramaservers, performing changes to monitor/block/allow the traffic on the firewall.
• Responsible for Palo Alto and Confidential ASA firewall administration across our global networks Maintenance and configuration of Confidential ASR1000 series
• Installed and configured new Confidential equipment including Confidential catalyst switches 9300, Nexus 7010, Nexus 5548 and Nexus 9k as per the requirement of the Organization.
• Worked with F5 load balancers andCiscoload balancers (CSM, ACE, and GSS).
• Configured and managed F5 ASM (Application security manager). Developed security policies.
• Worked with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
• Worked in F5concepts which include Virtual servers, Pools, Health monitors, SSL Profiles, Persistence profiles, Load balancing methods, HA pair, irules.
• Worked with F5 load balancers to provide Land Balancing towards Access layer from core layer and configuring F5 LTM both by GUI and TMSH/CLI and Confidential load balancers (CSM, ACE and GSS).
• Implemented and Configured (Profiles, irules) of F5 Big-IP LTM-6400 load balancers
• Worked in SD-WAN technology. Part of a migrating team from MPLS to SD-WAN.

Environment: LAN, WAN, VLAN,AWS, HSRP, ISL TRUNK, Juniper, OSPF, BGP, DHCP, IPV6, ISDN, ATM, IPX/SPLX, HDLC, EIGRP, VRRP, Confidential ACI, VXLAN, MPLS, PALO ALTO Firewalls, Checkpoint, Confidential ASR1000, Confidential ASA, DMZ, VMware, SD-WAN.

Confidential, Boston, MA

Network Engineer

Responsibilities:

• Installation and configuration of Confidential Routers 3600, 3900 and Switches3550, 3560, 3560E, 3750, 6500, 7200 for VLANs, Routing Protocols (OSPF, BGP), VPNs etc.
• Worked extensively on Confidential Firewalls, Confidential PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Confidential ASA solution.
• Configured RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configured VLAN, Spanning tree, VSTP, SNMP on EX series switches and Help'd with time-to-time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HRSRP, EIGRP in unequal cost load balancing to build resilient network.
• Designed and implemented Catalyst/ASA Firewall Service Module for various LAN’s.
• Key contribution includes troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, & BGP.
• Configured Client VPN technologies including Confidential ’s VPN client via IPSEC.
• Configuring ACL to allow only authorized users to access the servers.
• Installed WAN and LAN access for internet and intranet access.
• Configured Ether channels, Trunks, VLANs, in LAN environment. Worked on Access, Core and Distribution layers.
• Implemented route redistribution between OSPF and EIGRP.
• Provided end-user technical support for LAN and remote users in a 24/7 environment.
• Assisted in deploying WAN projects. Connectivity and configuration of routers, switches, end to end monitoring in new campuses.
• Provided WAN/LAN Confidential router/switch configuration, implementation, and support to internal customer tickets involving BGP, OSPF and EIGRP.
• Configuration and Maintenance of ASA 5585 firewalls with firepower, 5540, 5525 Firewalls using Confidential SecurityManager (CSM).
• Troubleshooted and worked with security issues related to Confidential ASA/ PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Implement and modify DNS entries and managing IP Addresses using Windows DNS and DHCP.
• Experience configuring and troubleshooting on Citrix NetScaler Load Balancer.
• Performed Access Control Lists (ACLs) to setup usage for the intended users.
• Responsible for IOS installations and upgradations using TFTP Server.
• Troubleshooted Routing/Switching/Security Configuration problems/errors encountered to Clients in Head/Remote Campuses.
• Performed subnetting of the IP addresses. Configuration and allocating IP and network resources to Storage, Virtualization, Server and Application teams.
• Responsible for design/implementation/maintenance of Site to Site

Environment: Routing, Switching, VPN, Data Center, IOS upgrade, LAN Security, VLAN Configuration, Cloud. Citrix NetScaler Load Balancer, WAN/LAN Confidential router