SUMMARY

• CCNP and CCNA certified professional with over 7+ years of experience in network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
• Hands on experience on Cisco 7206, ASR 9K, 2811, 2911, 3800, 3700, 3600, 2900 series routers, Juniper M & MX Series, Alcatel 7750, IOS, IOX XE, IOS XR.
• Conversions to BGPWANrouting. Which will be to convertWANrouting from OSPF to BGP (OSPF is used for local routing only) which involves newwanlinks.
• Experience in troubleshooting NAT configurations, Access - Lists (ACL), and DNS/DHCP related issues within the LAN network.
• Experience in installing and configuring DNS, DHCP server.
• Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Experience working on Cloud Computing Virtualization using VM ware ESXi 4.0 and Windows Hyper-V.
• Installed and implemented & troubleshoot the Network Virtualization through UCS and NSX.
• Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
• Provided the technical integration of public and private Cloud services, includingAWS, Microsoft Azure, Office 365, Rackspace & VoIP/SIP providers to increase infrastructure agility due to business demands.
• Working Experience on web content filter and gateways like Blue Coat, Websense.
• Extensive working experience in AAA protocols such as RADIUS, TACACS+ andCiscoACS.
• Experience on Monitoring and Management tools such as HP Open view, Splunk, TCP dump, Solar Winds and Wireshark/Ethereal,CiscoPrime, Net Flow, Net scot, Sniffer, Riverbed.
• Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
• Working experience performing Incident, change management using ticketing tools such as ServiceNow, Remedy.
• Design, implement and manage security tools and systems such as IDS, IPS, VPN, WAF, DLP, AV,CiscoAMP, SEIM, Vulnerability.
• Installed and configuredCiscoUnified Communications Manager (UC).
• Responsible for Configuration and administration of firewalls, which includes Palo Alto, Juniper, andCiscoASAfirewalls.
• Experience in risk analysis, security policy, rules creation and modification ofCiscoASAnetworks.
• Replaced aging Cisco ASA firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Designed security policies on Palo Alto network firewall for controlling what traffic needs to be allowed or blocked based on customer requirements.
• Configure and implementing Fortinet Security systems Firewall. Assisted in managing global Fortinet FortiGate firewall infrastructure.
• Experience in configuration of Juniper security appliances SRX 220, SRX 240, SRX 550, NS 50, SSG 550M, SSG 520M.
• Established VPN tunnels betweenCiscorouters andCiscoFirewalls and Palo Alto Firewalls.
• Performed IOS Software upgrades on switchesCisco6509, 4510, 3750 andCiscoASR for compatibility withCiscoISE.
• ImplementedCiscoApplication Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture
• UsedCiscoACI Fabric which is based onCiscoNexus 9000 series switches andCiscoApplication Virtual Switch (AVS).
• Good knowledge in SD-WAN technology in involving discovery design and implementation of client's network.
• Assisting with the design and deployment of aCiscoFirepower cluster in the core.
• Knowledge of JUNOS platform and worked with JUNOS upgrade of Juniper devices.
• Experience in A10 and F5 Load balancers such a BIG-IP LTM and GTM modules.
• Infoblox to provide DNS, DHCP, IPAM, administration services.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Provide hands on management of Data Center services, including rack and cable management.
• CiscoSecurity: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS,Cisco(ASA, PIX) 5510, Cryptography, VPN, IPSec.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies
• Reliable and collaborative team leader, member, or independent contributor, with proven ability at managing multiple priorities / projects in fast-paced environments.

TECHNICAL SKILLS

Cisco & other Equipment: Nexus 9k, 7K, 5K, 2K & 1K, Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800, 2900, 4300 series) & Cisco Catalyst switches (6500, 4500, 4900, 3750, 3500, 4500, 2900, 9200, 9300, 9500 series). Aruba, Cisco ACE Load Balancers and Checkpoint (IP Series/NGX R65/IPSO)

Routing Protocols: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing, IS-IS, ICMP, FTP, SMTP, HTTP/HTTPS

Cloud Networking: AWS, Azure.

Scripting Languages: C, C++, Java, Python, BashSwitches Nexus 2K/5K/7K, Cisco Catalyst 6500, 4500, 3850,3560, 3750, 2960; UCS-C, UCS-D, UCS-M, CUCM

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Etherchannels, Transparent Bridging.

Network Security: Cisco ASA 5540, ACL, IPSEC, F5 Load Balancer, Checkpoint, Blue Coat, SCADA, Process Control Domain (PCD),, NGFW Palo Alto,, FirePower, CiscoISE, Juniper on JUNOS, F5's BIG-IP, Fortinet,, Juniper

Juniper Platforms: SRX, MX, EX Series Routers and Switches, VXLAN

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400, Citrix Netscaler, GTM, Cisco CSM, APM

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN & SDWAN: PPP, HDLC, Channelized links (T1/T3), Meraki MX, Meraki vMX, Fiber Optic Circuits, Frame Relay, MPLS, ISP Leased Lines, SilverPeak, SONET, Viptella, Versa.

WLAN: Autonomous AP s, Lightweight AP s, WLC, Channels- 802.11b/g; Air Magnet, Ekahau, Map Info

Comm. Protocols: ARP, Wi-Fi, WiMax, CDMA, 3G

Gateway Redundancy: HSRP and GLBP

DHCP and DNS: Infoblox, QIP

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP.

Network Management: Wireshark, SNMP, Solar winds, HP Open View,, Cisco Prime, Infoblox, HP OpenView, Cisco Prime, Splunk, Riverbed, Security Device Manager (SDM), Cisco, SolarWinds Net Flow Traffic Analyzer,, Forcepoint, NetScout, Network Performance Monitor (NPM), XDR, Network Configuration Manager (NCM), SAM, IP Address Manager, Additional Polling Engine.

PROFESSIONAL EXPERIENCE

Confidential, Edison, NJ

Sr Network Engineer

Responsibilities:

• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
• Hands on Experience configuring and testing F5 I Rules using Browser(IE), HTTP watch.
• Worked on F5 LTM series like 1600, 6400 and Viprions for the corporate applications and their availability.
• Installing and configuring F5 Load balancers and firewalls with LAN/WANconfiguration.
• Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Working with the Trouble Tickets on A10 & F5 Load balancer.
• Worked with Blue coat and handled the Trouble Tickets on F5 Load Balancers.
• Migration fromCiscofirewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls network technologies including Optical VoIP VPN SAN switching and routing.
• Installing, Configuring and troubleshootingCiscoRouters (ASR1002X, 3945, 3845, 2800, 3600) and Switches to perform functions at the Access, Distribution, and Core layers.
• Expert in design, configuration and deployment of F5 Solutions with extensive experience working with APM and ASM technologies.
• Creation of ASM policies (Application security) on F5 Virtual servers.
• Configured one-time password for BIG-IP APM to add more security at the time of initialization of the application
• Experience with Using GTM, APM & LTM F5 component to provide 24"7 access to applications.
• Responsible for configuration of A10 load balancer.
• Creating, configuring and Troubleshooting VIP's for (EBL & EFL Extranet networks) on F5/A10networks.
• Experience with SDN/NFV technologies including Open Stack Neutron, VM ware, NSX, Open flow, Open daylight, Open v Switch, Open Contrail, orCiscoACI.
• Configured and Created wireless sites using theCiscoMeraki System dashboard.
• Implemented site to site VPN onCiscoMeraki MX64, MX65, MC84, and MX400.
• ImplementingCiscoMeraki Wireless network.
• Experience with configuring DMVPN tunnels for the MPLS and ISP clouds, which are responsible for Transport Independent Design of IWAN.
• Supported various LAN environments consisting of Cisco 6500 switches with Sup-720.
• Designed and implemented Cisco 7500, 7200, 6500, 3600, 2600 Series routers in lab environment to reproduce various issues and test fixes for them.
• Troubleshooting complex LAN /WAN infrastructure that include routing protocols EIGRP, OSPF.
• Configured Access-lists, Distribution-lists, Offset-lists and Route Redistribution.
• Involved in configuration of OSPF Summarization (Summarizing internal and external routes).
• Scalability of OSPF by Filtering of Intra, Inter and External OSPF routes
• Used various BGP Attributes and various Route-filters such as named Access-lists, Prefix lists, Route-maps to permit or deny routes and to change various attribute
• Experienced in implementation and troubleshooting knowledge of protocols and technologies, especially in the following: BGP4, OSPF, IPv4, and Ethernet.
• Configured Ether channels, Trunks, Vlans, HSRP in a LAN environment.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Responsible for performing administration on BGP, OSPF routing protocols.
• Experience with LAN protocols like VSS, STP, RSTP, MST, VTP, VLAN.
• Administrated LAN andWANwith of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• ConfiguredCiscoISE for Domain Integration and Active Directory Integration.
• ConfiguredCiscoISE for Wireless and Wired 802.1x Authentication onCiscoWireless LAN Controllers, Catalyst Switches, andCiscoASAFirewalls.
• Installing and configuring newCiscoequipment includingCiscocatalyst switches 3850, 3750, Nexus 5548 and Nexus 2k as per the requirement of the Organization.
• Configure and installationCiscoprime infrastructure to deploy IWAN.
• Implementations of Network and Devices for Network SD-WAN environment.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel onCISCOCatalyst Switches 3500, 3650, 7600.
• Configuring, Monitoring and TroubleshootingCisco'sASA5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design.
• Established IPSEC VPN tunnels withASA5500 series Firewall between some branch offices & headquarters.
• Successfully Design and installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.
• Worked withCiscoASA5500-X with Firepower services.
• Responsible in troubleshooting onCiscoISE added new devices on network based on policies on ISE.
• Performed site refreshes onCiscoswitching and Aruba wireless infrastructure.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies usingCiscoASA5500 series firewalls.
• Optimized IPS signatures on theCiscoFire Power management center to reduce false positives by disabling unnecessary rules and using the threshold, suppression, and pass rules features.
• Configured Easy VPN server and SSL VPN to facilitate various employees' access internal servers and resources with access restrictions
• Coordinating with Vendors for creating and modifying firewall and NAT rules and Maintaining Site to Site and SSL VPN.
• ConfiguredCiscoAMP (Advanced Malware Protection) for endpoint security systems.
• Working and Deployment experience withCiscoAMP to clean up the viruses and custom detection to control malware outbreaks.
• Configured EBGP load balancing and Ensured stability of BGP peering interfaces
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Implemented site to site VPN in Juniper SRX as per customer.
• Maintain and configure L2 and L3 services in MPLS.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.

Environment: Cisco 6500/4510/4500 X/4948/3560X switches, Nexus 9000, 5000,3000, 9504, 9300, 3200, 2308,CiscoASR 1k/7200/3925E/2951E GSR 7000/12000 Routers,CiscoISE, Aruba 7200/3600 wireless controller, Nexus 2k/5k/9k,CiscoNexus 7000,ASA 5500/5510/5540 fire walls, Windows 2000/2003/2008/ R2/2012, Juniper SRX firewall, MX routers, Palo Alto firewalls, SSLVPN, F5 load balancer LTM >M, Citrix Net scalar, BGP, EGBP, VPC, VDC, OSPF

Confidential, West Loop, IL

Network Security Engineer

Responsibilities:

• Installing, Maintaining and Troubleshooting ofCiscoASR 1K, 7200, 3925E and 2951E Routers andCisco6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production.
• Responsibilities include software upgrade, license activation, configuring/installing new GSR router 7000,12000, Nexus switch 9000, 5000,3000, 9504, 9300, 3200, 2308, F5-5050 and maintaining network documentation.
• Experience working with High performance data center switch like nexus 9000, 7000 series.
• Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k.
• Hands-on Experience withCISCONexus 7000, Nexus 5000, and Nexus 2000 platforms.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Worked on F5 BIG IP LTM 3600 load balancers to configure Nodes, Pools and VIP's on a need basis.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Configured DNS and DHCP for servers using Infoblox.
• Completed basic configurations on the F5 Big-IP LTMs and GTM load balancer on existing network to split traffic on web-servers.
• Provide data center support upgrading and configuring ASR 5k device to support SDM/SD-WAN
• Installing and Configuring Palo Alto Pa-500 series and Pa-2000 series firewalls using Panorama.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Experience with working on Palo Alto Next-Generation Firewalls Security profiles.
• Worked with the installation of Palo Alto firewall, migrated with a team from predominantly Cisco ASA environment to Palo Alto global solution.
• Managing theAWSsecurity policies andnetworkconfiguration, includingAWSdirect connect, vpn failover, Multiple VPC's, user and site access to servers and accounts.
• Created S3 buckets in theAWSenvironment to store files, sometimes which are required to serve static content.
• Used security groups,networkACL’s, internet gateways and route tables to ensure a secure zone for organization
• Hands on experience in Aruba S2500 switches, Aruba 7200, 3600 series wireless controllers.
• Migrated fromCisco3650 switches to Aruba 3810 series switches.
• Experience with Virtualization technologies like installing, configuring, VMWare vSphere. Creation, management, administration and maintenance of virtual servers and clients.
• Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewall using Panorama.
• Created Access policies on APM module using AD and LDAP authentication for external clients.
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
• Hands on Experience configuring and testing F5 I Rules using Browser(IE), HTTP watch.
• Worked on F5 LTM series like 1600, 6400 and Viprions for the corporate applications and their availability.
• Setup high availabilityASApair with Firepower.
• Focused on working withCiscoChannel partners to build practices aroundCiscoACI.
• ImplementedCiscoApplication Centric Infrastructure (CiscoACI) as a solution for data centers using a Spine and Leaf architecture.
• Expert in troubleshooting production issues and resolving incident and change tickets related toCiscoACI.
• ApplyCiscoISE configuration to switches.
• Increasing business speed, agility, and efficiency by taking charge of core network and security using Infoblox.
• Created many security policies depends on the requirement using Deployment wizard in ASM.
• Implemented VoIP solutions using SIP & H.323 for Cisco routers 2851 and practiced sound knowledge of Avaya VoIP products. Design and Architecture of F5 LTM, GTM, APM, ASM and application delivery network.
• Securing the applications from threats by offloading the SSL in ASM.
• Designed and implemented Aruba wireless infrastructure to ensure full connectivity and continuous service.

Environment: Cisco 3850/3750/3500/3650/6500/7600 switches, SÁ 5500 firewall, Palo Alto PA-3060 firewall, ASR router 1002/1006,CiscoACI,CiscoISE, AWS, juniper EX-2200, EX-4200, M-320 router, SD-WAN, juniper SRX 5800 Fire wall, F5 LTM 1600/6400, Citrix NetScaler, OSPF, BGP, EIGRP, VLANS, LAN,WAN

Confidential, Houston, TX

Network Consultant

Responsibilities:

• Responsible for the planning, design, implementation, organization and operation ofPaloAltoFirewalls based perimeter security network and network security devices including but not limited to PA-5200, 5000 and 3000 series Firewalls.
• IntegratedCiscoISE with RSA multifactor for the VPN users across multiple State of Texas Agencies and hands on experience with the DUO multifactor solution.
• Core Network Migrations and Replacements for the devices with end-of-life and end-of-support, which also includes theCiscoASAtoPaloAltofirewall migration across multiple agencies.
• Designed and implemented the network architecture for The Madison Yards Way state office building with multiple different agencies using a Multi VSYSPaloAltofirewall to reduce duplication and maximize efficiency of network services.
• Successfully installedPaloAlto(PA-5260,5060,3060,3020) firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Implemented and supported local and remote usingCiscodevices (Ciscorouters 1601,1721, 1841, 2505, 7507 and 7513;CiscoSwitches 2926, 3750, and 6509 series).
• Implemented and supported disaster recovery facility for fail-over purpose, which included the backbone routers, VPN and DMZ networks.
• Configured static/dynamic routing for VPN customers with Managed Router Service (MRS) and customers using Proxy Radius servers. Also implemented Network Address Translation (NAT) on managed routers
• Troubleshot network connectivity/performance problems (serious fault investigation management and resolution).
• Monitored LAN and WAN links and handled capacity planning which included installation, configuration and maintenance ofCiscodevices (Ciscorouters 1603, 2500, 7507 and 7513;CiscoCatalyst Switches 2926, 5005, 5505, 6509 and 8540).
• Troubleshot network connectivity /performance problems and provided resolutions.
• Designed and replaced agingCiscoASAFirewall architecture with new next generationPaloAltoappliances serving as Firewalls, URL and application inspection.
• Experience with Wildfire, URL and application inspection feature ofPaloAltoand implemented Positive Enforcement Model with the help ofPaloAltoNetworks.
• Configured and maintained IPSEC and SSL VPN's onPaloAltoFirewalls.
• Experience in configuring, implementing, managing, and monitoringPaloAltoVirtual System (VSYS) firewalls using Panorama.
• Integrated and ConfiguredCiscoASAFirewalls with ISE to the Posture policy compliance perform CoA for remote VPN IPSec, SSL AnyConnect users.
• ConfiguredCiscoISE and switches to authenticate and authorize devices and users.
• Deployed BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
• Configured F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Managed F5 Big-IP GTM/LTM appliances to include writing iRules, SSL offload and everyday tasks of creating VIPs.
• Worked with Enterprise Intrusion Detection / IPS (Snort, Source fire, Juniper IDP, IBM ISS).
• Implementation of L3 MPLS-VPN and Migration of branches to the new MPLS cloud4.
• Building the VPN tunnel and VPN encryption.
• Used IAM for creating roles, users, groups, and implemented MFA to provide additional security toAWSaccount
• Configured and implemented F5 BIG-IP GLB and LTM load balancers.
• Modified and reconfigured Two factor authentication BIG-IP APM authentication.
• Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Configuring and troubleshootingCiscoASAFirewalls for Site to site VPN tunnels.
• Configuring failover and working on SSL-VPN when in active/standby failover onCiscoASA
• ManagingCiscoASAFirewalls using ASDM (Creating and Modifying Rules)

Environment: Cisco2960,3750,3850,4500,6500 switches andCisco3945, ASR 1004,1002-X routers,CiscoASA-5585,5500,5520,5555 firewalls,PaloAltoPA-5260,5060,3060,3020,500 firewalls,CiscoNexus 7K/5K/2K, LAN, OSPF, BGP, EIGRP,CiscoISE, F5 Big-IP LTM & GTM.

Confidential, Austin, TX

Network Consultant

Responsibilities:

• Responsible for troubleshooting, installing, administering and supporting network infrastructure for W.W. Grainger.
• Performed regular upgrades to network infrastructure components and diagnosis of complex networking problems by developing detailed implementation plans including communication strategies, validation and back out procedures.
• Provided support for all network security-related issues or queries including existing and new technologies, vendors and applications.
• Coordinating with the network staff to develop and enhance processes and procedures for disaster recovery.
• Performed work outside of normal business hours related but not limited to: on-call incident escalation and off-hours maintenance work.
• Responsible for network uptime and all changes are executed on time, in accordance with service level agreements with the State business.
• Implemented a backup strategy along with a disaster recovery plan in the event that the servers or critical network components should go down to prevent lost revenue.
• Troubleshooting, installing and supporting agencies site-to-site and remoteASAVPN connections throughout the State of Texas.
• Involved in multiple migration projects and migrated the existing firewall configurations fromCiscoASAtoPaloAltofirewalls.
• Tested L2 protocols (VLAN, STP, flavors of STP, PVST, HSRP, VRRP & LACP) and routing protocols (OSPF, MPLS, EIGRP & RIP). Testing network features: NAT, ACLs, Multicast, Traffic shaping, queuing on an L2 and L3 switches.
• Network maintenance and system upgrades (service packs, patches, hot fixes and security configurations).
• Worked within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure
• Selected and implemented security tools, policies, and procedures in conjunction with the company's security team and liaise with vendors and other IT personnel for problem resolution.
• Configured and troubleshot PPP WAN connectivity of T1 & NxT1 between access router & remote access router complexes to ATM switches.

Environment: Ciscorouters 1601,1721, 1841, 2505, 7507 and 7513;CiscoSwitches 2926, 3750, and 6509 series, OSPF, MPLS, EIGRP & RIP