SUMMARY

• Over 7+ years of experience in IP Network Design, Network Integration, deployment, Network Security, design, install, support, troubleshooting.
• Experience in Cisco: Physical cabling, IP addressing, wide area Network Configuration (Frame - relay &MPLS), routing protocol configuration (RIP, EIGRP, OSPF, BGP).
• Expertise in working with Cisco ASA and PIX firewalls with IP sec tunnels, zones, global protect mode, Zone based tunnels, IKE Crypto.
• Designed, implanted and installation on AWS cloud engineering for AWS internal business units.
• Worked in vendor platforms such as Cisco, Juniper routers and Switches, F5 load balancer, Checkpoint firewalls and Cisco ASA and PIX firewalls.
• Worked with multi-vendor devices (Cisco, Juniper, Checkpoint, Arista etc) of the AWS
• Worked on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers using Cisco ACE, F5 LTM/GTM, Security Device Manager (SDM), Cisco Works, Solar Winds, Sniffer, Palo Alto Networks Firewall models (PA-2k, PA-3K and PA-5K).
• Strong hands-on experience on Cisco Catalyst (series 3850, 3560, 4500, 6500), Cisco Nexus (series 2K, 5K, 7K,9K), Cisco Routers (series 7300, 4000, 3800, ASR 9000), Firepower (4100), Load Balancers (Citrix NetScaler, Cisco ACE, F5 BIG-IP LTM/GTM ADC), IDS/IPS (HIDS, NIDS, NIPS, HIPS), Fire eye, Splunk, Palo Alto Networks Firewalls (PA-820, series PA-3K, 5K), Checkpoint IP Appliances (NXG R60, R70, 3100, 5900),Fortinet Firewalls.
• Experience with F5 LTM, GTM and APM modules for application load balancing. Worked on migration from cisco ACE to F5. Worked on SSL off loading, Virtual servers, Monitoring, Profiles, irules, SNAT.
• Good knowledge of IPv4 and IPv6 Addressing, IP Subnetting, Fixed Length and Variable Length Subnet Masking (VLSM), OSI and TCP/IP models. Experience in migration of IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker, Transport Relay Translation (TRT), In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3, SONET POS OCX/ GigE circuits.
• In-Depth Knowledge and experience of various wireless 802.11 standards, controllers, Access Points, Wi-Fi analytics from various vendors (Cisco Meraki, HPE /Aruba, D-Link and Netgear), SD-WAN (MX 65, MX100, MX400).
• Hands on Experience on FortiGate firewalls (7040/7030) by implementing security policies and firewall rules.
• Hands on experience in configuring high end routers like GSR 12000 series, 7500 series and Catalyst Switches like 7600, 6500, 4500 series. Extensive experience in upgrade, backup and password recovery of Cisco IOS.
• Experience in working with Cisco Nexus Switches like 5000 and 7000 series and Virtual Port-Channel configuration. Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches and 9K series.
• Expertise in installing, configuring and troubleshooting Juniper Switches (series EX3300, EX4200, EX4600), Juniper Routers (series J, M and T) and Juniper series SRX Firewalls, Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1. Experience deploying ACI in Network-Centric model.
• Experience with TACACS/RADIUS servers, migration from ACS and Aruba ClearPass to ISE. Experience with windows and Infoblox DNS and DHCP servers, IPAM, internal and external grids.
• Experience with WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPSec tunnels, ISP circuits, Customer Edge configurations. Experience with SD-WAN solutions that include Viptella and Versa.
• Knowledge and operational experience with SDN, Cisco ACI, VXLAN, VTEPS, VNI, Bridge Domain, Arista Cloud Vision, EVPN, MP-BGP, Spine and Leaf Architecture
• Strong experience in creating firewall policies as per the requirements on Palo Alto (PA-5020/PA-3020), Cisco ASA
• Responsible for Cisco ASA (5540/5580) and Palo Alto firewalls (PA-5020/PA-3020) configuration and administration across global networks.
• Worked in Data center environment with Cisco UCS 6200 interconnects Cisco UCS B-series Blades and Cisco UCS 5100 series blade server chassis and implemented RAC mounted servers
• Configured Cisco 1000v switches for virtual VMware servers in the Cisco UCS environment
• Troubleshooting and Configuration of Cisco ASA 5580, 5540 FWSM, firewalls for all the connecting to City net.
• Managed all network and devices including Cisco routers, switches, VPNs, SSL, Check Point, Cisco PIX, Cisco ASA, Cisco FWSM as well as content delivery networks (F5 BigIP LTM and GTM 1600 and 3400 load balancers)
• Proficient in monitoring and managing networks using SolarWinds Netflow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM); Cisco Prime, Arista, Security Device Manager (SDM), Cisco Works; Infoblox, HP OpenView and Wireshark. writing shell scripts.
• Experience with Cisco IOS, Cisco ACI, F5. Strong understanding in cloud, managing systems and networks in an AWS and Azure environment. Primary support for all Blue Coat Proxy activities on the network security team.
• Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
• Thorough experience in configuring Virtual Local Area Networks (VLAN) with IEEE 802.1Q, VLAN trunking protocol (VTP), shortest path bridging, Multiple VLAN Registration Protocol and VLAN Cross Connect (CC).
• Cisco ASA and FWSM, F5 AFM, A10 WAF, IDS/IPS and general knowledge of security features and protocols
• Experience in Solarwind to log and even the suspicious activity and security threats, conducting an investigation and respond to mitigate issues in real-time, which include blocking IP addresses, disable accounts, changing privileges and permissions and killing applications.
• Network Performance Monitor tool for F5, BIG-IP, Wireless network monitoring.
• Design, Build and Implement various solutions on F5 Load balancers and F5 Global Traffic Managers (GTM)
• Good understanding of SNMP, IP SLA and Network Monitoring with experience in tools like PRTG.

TECHNICAL SKILLS

Router and VoIP Platforms: Cisco Routers series 7300, 4000, 3800, 2000, 1900; Juniper T4000, MX10, MX40, ACX2200, ACX5000; OnSIP, Avaya products, cisco IP phones

Routing Fundamentals and Protocols: Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, IPv4 and IPv6 addressing, subnetting, VLSM, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, 802.11, Policy Based Routing, Redistribution, Port forwarding, Arista.

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000, 9000; Nexus series 2K, Netgear switches,5K, 7K; Nortel/Avaya 5510, 5520; Juniper EX3300, EX4600, EX4300, EX3400

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, MulticastRSTP, Multi-Layer Switching, 802.1Q, Ether Channel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Juniper Net screen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Netgear Firewall, Fortinet, Palo Alto Networks (PA series 2K, 3K and 5K), WAF, ACI.

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-Security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, Blue Coat URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Security Device Manager (SDM), CiscoWorks; TCP Dump and Sniffer; SolarWinds NetFlow Traffic Analyzer, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SevOne, SiteScope.

Load Balancers: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, ASM, Citrix NetScaler, APM

WAN technologies: Frame-Relay, ISDN, ATM, MPLS, PPP, DS1, DS3, OC3, T1 /T3 lines, SONET OC3-OC192, SDH, POS, PDH

Cloud Computing and Automation: AWS, Microsoft Azure, Cisco Meraki, C, Python scripting, Shell, Cloud Migration

Other Networking Protocols and Fundamentals: DHCP and DNS server, Shell, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, BitTorrent, SMTP, RADIUS and TACAS+, PBX servers, SDN, SAN

Operating Systems: Windows 10/7/XP, MAC OS, Windows Server, Nexus OS, Cisco IOS-XR, Linux, UNIX

Wireless Technologies: Canopy Wireless Devices, D-Link Point-to-point Wireless, D-Link APs, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers

Microsoft Office: Visio, Excel, PowerPoint, Word

Change Management: ServiceNow

Clouds: AWS,Azure,GCP

PROFESSIONAL EXPERIENCE

Confidential, Denver,CO

Sr. Network Engineer

Responsibilities:

• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
• Worked for the Global Deployment and Operations team to support multiple migrations in switching, routing, firewalls, LB and Proxies
• Established AWS, Azure technical credibility with customers and external parties
• Performed Palo Alto design and installation (with Application and URL filtering, SSL decryption, SSL Forward Proxy). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Successfully installed PA-5000 series in Data Center as perimeter firewall
• Implemented with Cisco Layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Migrated ASA firewalls to PA next gen using the migration tool in PA. Migrated all IPSEC tunnels, ACL’s, NAT rules and policies
• Configured and designed OSPF, EIGRP and BGP at Distribution and Core layers. Configured OTV layer 2 connection between Data centers on Nexus (Cisco ASR 9K, Nexus 7k and 9K)
• Installing, configuring Cisco Catalyst switches 9300,6500, 3750 & 3550 series, Access control lists, ISDN, ATM, load balancing switches and configured IPX/SPX, HDLC, BGP, EIGRP, OSPF and VRRP on various sites.
• Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco 9300 catalyst switches
• Experience with Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater visibility and scalability in a data center environment.
• Worked with Cisco Channel partners to build practices around Cisco ACI, worked on configuring tenant policies, VXLAN, VTEPS, VNI, Bridge Doamins.
• Worked on Juniper devices like M, MX, T routers on advanced technologies like MPLS VPNs, TE and other service provider technologies (EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240)
• Experience with configuring BGP, OSPF in M and MX series routers. Worked on several BGP attributes like MED, AS-PATH, for route optimization. Worked on Route-Reflector, Route-Redistribution among routing protocols
• Designed, implanted and installation on AWS cloud engineering for AWS internal business units.
• Architecture of Dev, QC, and Prod internal Corp and customer facing Ecommerce VPCs for AWS cloud
• Worked on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.
• Managed theAWSsecurity policies andnetworkconfiguration, includingAWSdirect connect, vpn failover, Multiple VPC's, user and site access to servers and accounts.
• Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network (QIP) using Solarwinds IPAM and Infoblox DNS/DHCP servers. Experience with DHCP scopes, IP reservations, DNS host entries, pointers, delegations, Zones, DNSSec etc.
• Provided security and networking knowledge in the planning, researching, designing, and testing of new networking technologies for perimeter firewall security, Intrusion Prevention/Protection System (IPS), DNS and DMZ security, and Internet Security in support of established Info Security program initiatives for the next 3 years
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2960, 3500, 7600, 3750, 3850 series, 6500 series) Cisco Routers (4800, ASR 9K, 800), Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Zscaler Proxy and Versa SD-WAN appliances
• Conducted a POC on Versa and Viptella SD-WAN solution as a team and worked on evaluating the solutions
• Migrated Nexus 7Ks & Nexus 5Ks to an ACI Fabric consisting of 9336PQ Spines & 9332PQLeafs
• Worked on PAC file updates, Internet proxy migration from Ironport to Zscaler cloud. Access policies, AD based, user based, location-based access. (Tools: ZAPP client)
• Worked on Bridge Domains, VXLANs, VTEPS, VNID. configuration of routing using BGP among multiple Leaf to spine switches. Thorough understanding of Application Profile, Tenants, End Point Group, Inter Subnet Tenant Routing, Routing within Tenants, Router Peering and Redistribution. Worked on Migration project from traditional Data Center Architecture to Spine Leaf
• Worked on connections handoff using Bridged Interface to an External Route. L3- EPG configurations, AEP configurations. Integrated existing Layer 2 and Layer 3 networks with ACI
• Play a key role in the company’s direction towards Cloud Computing platforms by creating a strategy for transition plans. (Tools: Azure AD and AWS, Office 365)
• Worked on network design improvements involving BGP, EIGRP, OSPF, IP metric tweaking and load balancing.
• Design, implement, and develop network designs for applications used in TMO.
• Troubleshooting of Linux and Unix servers for application delivery servers. Install Dockers, Cisco and HP servers.
• High-level network troubleshooting and diagnostic experience using Packet capture tools like Wireshark.
• Configured network using routing protocols such as EIGRP, BGP and OSPF and troubleshooting L2/L3 issues.
• Worked on Riverbed steelhead appliance to troubleshoot delay, jitter issues. Captured traffic and analyzed for root cause. Wrote policies and rules in steelhead.
• Worked on Orion (Solar Winds) for mapping network diagrams, updated Orion with commissioned and decommissioned network devices.

Environment: AWS, Azure, Aruba, Leaf architecture, Cisco UCS, SD-WAN, Cisco SD, VPN’s, F5, NATing, Check point, Cisco ASA Firewalls, Trunks, OSPF, CoS, QoS, VPLS, EVPL, RSVP. Cisco Identity Services Engine (ISE), Palo Alto firewall, Juniper EX4200 & EX4550, Checkpoint Firewall (R75, R76, R77, Nexus 9k, 7K, 5K

Confidential, Menomonee Falls, WI

Firewall Engineer

Responsibilities:

• Installing, configuring Cisco Catalyst switches 9300,6500, 3750 & 3550 series, Access control lists, ISDN, ATM, load balancing switches and configured IPX/SPX, HDLC, BGP, EIGRP, OSPF and VRRP on various sites.
• Worked on stacking of the devices based on the network requirement with Cisco Catalyst 9300 series depending on the requirement with a stack count of 8, 6, 2, 3.
• Created S3 buckets in theAWSenvironment to store files, sometimes which are required to serve static content.
• Used security groups,networkACL’s, internet gateways and route tables to ensure a secure zone for organization in AWS public cloud.
• Configured L2 and L3 security features on devices
• Experience with design and implementation of Virtual Switching System (VSS) on 9400 Switches
• Implemented Cisco Meraki Enterprise Wireless solutions for corporate infrastructures.
• Performed upgrade process for Cisco ISE software from version 1.0.4 to 1.1 ADE-OS
• Hands on experience installing and configuring Cisco ISE 1.3 and later upgrading to 1.4.
• Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
• Installing, Configuring and troubleshootingCiscoRouters (ASR1002X, 3945, 3845, 2800, 3600) and Switches to perform functions at the Access, Distribution, and Core layers.
• Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco 9300 catalyst switches
• Experience with Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater visibility and scalability in a data center environment.
• Worked with Cisco Channel partners to build practices around Cisco ACI, worked on configuring tenant policies, VXLAN, VTEPS, VNI, Bridge Doamins.
• Worked with Tufin secure change-firewall optimization tool to implement rules.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Hands-on Experience withCISCONexus 7000, Nexus 5000, and Nexus 2000 platforms.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall. Exposure to wild fire feature of Palo Alto.
• Worked with Palo Alto firewalls PA250, PA4050, PA3020 usingPanoramaservers, performing changes to monitor/block/allow the traffic on the firewall. Technical assistance for LAN/WAN management
• Worked on F5 BIG IP LTM 3600 load balancers to configure Nodes, Pools and VIP's on a need basis.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Configured systems log on the Palo Alto firewall and moved the logs toSplunk.
• Worked with Palo Alto firewalls PA5050 usingPanoramaservers, performing changes to monitor/block/allow the traffic on the firewall.
• Configured DNS and DHCP for servers using Infoblox.
• Completed basic configurations on the F5 Big-IP LTMs and GTM load balancer on existing network to split traffic
• Responsible for Palo Alto and Cisco ASA firewall administration across our global networks Maintenance and configuration of Cisco ASR1000 series
• Expert in design, configuration and deployment of F5 Solutions with extensive experience working with APM
• Creation of ASM policies (Application security) on F5 Virtual servers.
• Configured one-time password for BIG-IP APM to add more security at the time of initialization of the application
• Experience with Using GTM, APM & LTM F5 component to provide 24"7 access to applications
• Installing and configuring new Cisco equipment including Cisco catalyst switches 9300, Nexus 7010, Nexus 5548 and Nexus 9k as per the requirement of the Organization.
• Experience with F5 load balancers andCiscoload balancers (CSM, ACE, and GSS).
• Configured and managed F5 ASM (Application security manager). Developed security policies.
• Worked with team to build connectivity to and disaster recovery servers through F5 Big IP LTM load balancers
• Thorough understanding and Experience in F5concepts which include Virtual servers, Pools, Health monitors, SSL Profiles, Persistence profiles, Load balancing methods, HA pair, irules.
• ImplementedCiscoMeraki Wireless network.
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
• Implementation and Configuration (Profiles, irules) of F5 Big-IP LTM-6400 load balancers
• Experience working in SD-WAN technology. Part of a migrating team from MPLS to SD-WAN.
• Experience with configuring DMVPN tunnels for the MPLS and ISP clouds, which are responsible for Transport Independent Design of IWAN.
• Experience with LAN protocols like VSS, STP, RSTP, MST, VTP, VLAN.
• Experience with SDN/NFV technologies including Open Stack Neutron, VM ware, NSX, Open flow, Open daylight, Open v Switch, Open Contrail, orCiscoACI.
• Managed the network engineering team for the modification of the global wide area network to support Office 365 and Skype for Business using SDWAN
• Deployed and configure Cisco Meraki SDWAN at 30 sites globally
• Configured Bluecoat as a forward proxy for all Web URL Filtering.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers annd Administrating.
• Configured and Created wireless sites using theCiscoMeraki System dashboard.
• Implemented site to site VPN onCiscoMeraki MX64, MX65, MC84, and MX400.
• Administrated LAN andWANwith of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• ConfiguredCiscoISE for Domain Integration and Active Directory Integration.
• ConfiguredCiscoISE for Wireless and Wired 802.1x Authentication onCiscoWireless LAN Controllers, Catalyst Switches, andCiscoASAFirewalls.
• Worked withCiscoASA5500-X with Firepower services.
• Drafted and installed Checkpoint Firewall rules, ACL on Bluecoats with regular upgrades on firewalls and Bluecoats.
• Coordinated with Vendors for creating and modifying firewall, NAT rules and Maintaining Site to Site and SSL VPN.
• ConfiguredCiscoAMP (Advanced Malware Protection) for endpoint security systems.
• Working and Deployment experience withCiscoAMP to clean up the viruses and custom detection to control malware outbreaks.
• Involved in network integration and support of load balancers across F5 platforms
• Worked on Palo-alto Next-Gen PA-5000 Firewalls implementing and managing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies
• Configured EBGP load balancing and Ensured stability of BGP peering interfaces
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering
• Implemented site to site VPN in Juniper SRX as per customer.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.

ENVIRONMENT: Cisco 6500/4510/4500 X/4948/3560X switches, Leaf Architecture, Nexus 9000, 5000,3000, 9504, 9300, 3200, 2308,CiscoASR 1k/7200/3925E/2951E GSR 7000/12000 Routers,CiscoISE, Aruba 7200/3600 wireless controller, Nexus 2k/5k/9k,CiscoNexus 7000,ASA 5500/5510/5540 fire walls, Windows 2000/2003/2008/ R2/2012, Juniper SRX firewall, MX routers, Palo Alto firewalls, SSLVPN, F5 load balancer LTM >M, Citrix Net scalar, BGP, EGBP, VPC, VDC, OSPF, AWS,Azure

Confidential, Sanata Clara, CA

Network Engineer

Responsibilities:

• Scripting for automation of processes for Windows Servers. Familiarity with main script languages like Power Shell, PHP, Shell, Perl, Python.
• Proficient in Palo Alto Next-Generation Bluecoat web proxy, HP ArcSight, Splunk Enterprise, Wireshark, FireEye, and various internet tools to assist in analysis.
• Responsible in troubleshooting onCiscoISE added new devices on network based on policies on ISE.
• Performed site refreshes onCiscoswitching and Aruba wireless infrastructure.
• Used Bluecoat Proxy SG Appliances to effectively secure Web communications and accelerate the delivery of business applications.
• Hands on experience in Aruba S2500 switches, Aruba 7200, 3600 series wireless controllers.
• Migrated fromCisco3650 switches to Aruba 3810 series switches.
• Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewall using Panorama.
• Worked with Enterprise Intrusion Detection / IPS (Snort, Source fire, Juniper IDP, IBM ISS).
• Implementation of L3 MPLS-VPN and Migration of branches to the new MPLS cloud4.
• Expert in configuring, implementing and troubleshootingA10load balancer in the enterprisenetwork
• Test and implement cisco ACI based network infrastructure as open stack underlay network
• Update customer networks by configuring routers, switches, and in corporate the SDWAN into the network design.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies usingCiscoASA5500 series firewalls.
• Optimized IPS signatures on theCiscoFire Power management center to reduce false positives by disabling unnecessary rules and using the threshold, suppression, and pass rules features.
• Experience CSM, F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic.
• Implemented many numbers of security policy rules and NAT policy rules on Palo Alto, created Zones, Implemented Palo Alto Firewall interface, Palo Alto IDS, and VLAN.
• Developed a python script, which will parse all trace files and calculate throughput, latency and drop rate
• Experience with working on firewalls like CISCO ASA 5500 series (5510,5540), JUNIPER SRX series and also PALO ALTO (pa-3060, pa-5060), etc.,
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configured VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches.
• Worked on Checkpoint Firewall to create new rules and allow connectivity for various Applications. Checkpoint is used as an internal firewall for application security in Kodiak network.
• Implemented Firewall rules and NAT rules by generating precise methods of procedure (MOPs). Responsible for packet capture analysis, syslog and firewall log analysis.
• Experience in F5, Cisco ACE 4710 Load balancers. Migration Experience from ACE to F5 and NetScalers to F5. Worked on critical applications on Layer 4 and layer 7 load balancing. Experience with Virtual server, Pool, Node, Profiles - TCP, http, https, ftp, fastl4, Persistence - Source IP, SSL, Cookie, SNAT, iRules, iAPP, SSL offloading.
• Designed and implemented remote dial up solution for clients. Blue Coat Admin Experience.
• Increasing business speed, agility, and efficiency by taking charge of core network and security using Infoblox.
• Installing, Maintaining and Troubleshooting ofCiscoASR 1K, 7200, 3925E and 2951E Routers andCisco6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production.
• Deployed Viptela SD-WAN, worked with the team in implementing and designing of SD-WAN infrastructure and providing WAN connectivity across the enterprise.
• Responsibilities include software upgrade, license activation, configuring/installing new GSR router 7000,12000, Nexus switch 9000, 5000,3000, 9504, 9300, 3200, 2308, F5-5050 and maintaining network documentation.
• Worked on Cisco ISE deployment which was a replacement for the ACS and provided new long term and short-term guest wireless services for the Port Authority.
• Experience working with High performance data center switch like nexus 9000, 7000 series.
• Serve as technical leadership for Cisco Identity Services (ISE) Security Consulting Services projects. Act as a delivery engineer within our strategic Cisco Identity Services Engine (ISE) specialization team.
• Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k.
• Created many security policies depends on the requirement using Deployment wizard in ASM.
• Implemented VoIP solutions using SIP & H.323 for Cisco routers 2851 and practiced sound knowledge of Avaya VoIP products. Design and Architecture of F5 LTM, GTM, APM, ASM and application delivery network.
• Designed and implemented Aruba wireless infrastructure to ensure full connectivity and continuous service.
• Configured and managed with Aruba/cisco wireless access points 205 series supporting 802.11 ac.
• Set Aruba Access to link distribution switch system and then to WLAN controller. Configured AP groups, Authentication roles, SSID, 802.1X, RF parameters, 2.4 and 5 GHZ bands, provision Aps etc.
• Coordinated with a team to upgrade network by changing primary routing protocol to OSPF from EIGRP and Participated in the modification of BGP from multiple MPLS powered routers

Environment: VSS, DNS, NAT, Spine, Cisco ASA, VPN, Checkpoint, Cisco Firewalls, C programming, Cisco PIX, F5 (LTM),ASM,APM, Load balancers, RIP, OSPF, Juniper, Shell, VSTP, SNMP, Infoblox, VLANs, Port Security, VDC, VPC, OTV, Nexus 5k, 7k, Netgear switches, Juniper SRX550, Palo-alto,Netgear Firewall, IPsec, Wireshark, SolarWinds, VoIP, Aruba, 802.11, WLAN, EIGRP, BGP, DHCP, Blue coat, HSRP,VRRP,GLBP, VTP, ACL,WAN, DS1, DS3, T1, T3, CAT 6 and CAT 5 connections, Aruba, AWS, Azure

Confidential

Network Engineer

Responsibilities:

• Configuring and troubleshooting multi-customer network environment.
• Involved in network monitoring, alarm notification, and acknowledgment.
• Implementing new/changing existing data networks for various projects as per the requirement.
• Troubleshooting complex networks layer 1, 2to layer 3 (routing with BGP, EIGRP, OSPF protocols) technical issues.
• Performing troubleshooting for IOS related bugs by analyzing history and related notes.
• Carrying out the documentation for tracking network issue symptoms and large-scale technical escalations.
• Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-around technical support.
• Commissioning and Decommissioning of the MPLS circuits for various field offices.
• Preparing feasibility report for various upgrades and installations.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security.
• Worked on the security levels with RADIUS, TACACS+.
• Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
• Identify, design and implement flexible, responsive, and secure technology services
• Created scripts to monitor CPU/Memory on various low-end routers in the network.
• Installed and maintained local printer as well as network printers.
• Handled installation of Windows NT Server and Windows NT Workstations.

Environment: MPLS, BGP, EIGRP, OSPF, NTA, IPAM, VLAN, Port Security, Trunking, LAN, RADIUS, TACACS+, LAN, WAN, MPLS, Solar Winds.