SUMMARY

• Over extensive years of experience in IP Network Design, Network Integration, deployment and troubleshooting.
• Worked onNext Gen Firewallfeatures like URL filtering, SSL ForwardProxy,SSL Decryption,APP IDandThreat ID, Panorama in PA firewalls.
• Have deployed and configuredCisco Wireless Controller 5508,5520 seriesand integrated them with Cisco Access points 2700s, 2800s, 3800s access points which supports 802.11 AC Wave 1, 802.11 AC Wave 2.
• Deployed 16 Next generationPalo Alto Firewalls 5200s( 5280 and 5260),3200s and 3000sand integrated them to Panorama (Centralized management centre), configuring S2S tunnels, ACLS, NATs and static routes with Wildfire enabled on it for Sandboxing Malware viruses. Good Hands - on knowledge onPAN-OS.
• Deployed51 Different ASA and FirepowerNext Generation Firepower Threat Defence with IPS, IDS, AMP and URL filtering such as 5508-X,5516-X,5525-X,5545-X, 2100 and 4100 series as well in FMC.
• Knowledge of CiscoMerakiWireless Switches (MX 33) andSDWAN(MX100).
• Hands on experience in configuring high end routers like GSR 12000 series, 7500 series and Catalyst Switches like 7600, 6500, 4500 series. Extensive experience in upgrade, backup and password recovery ofCisco IOS.
• Expertise with Installation, configuration, and maintenance of Cisco Switches (6500, 4500, 4900, 3400ME, 3750, 3560, 2960, 1900 series); Nexus 2000, 5000 and 7000 series switches while implementing advanced features like VDC, VPC, OTV and Fabric Path and Juniper EX Switches (2200, 2300, 3300, 4200,4300, 4550, 9200), QFX Switches (5100,5200,10000), OCX1100 series.
• Lead the IWAN (Intelligent WAN - Cisco SD-WAN) and VPN (Secure Transport) for enterprise networks working with Cisco ISR 4k,1k routers streamline provisioning and DE provisioning of IP addresses to newly created VMs by using Infoblox update DNS records, and release IP addresses when the VMs are taken down by using Infoblox
• Experience in working with CiscoNexusSwitches like 5000 and 7000 series and Virtual Port-Channel configuration. Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches and 9K series.
• Substantial knowledge, including the configuration, of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+).
• Network/Security Engineer responsible for designing, integration, implementation and support ofLAN, WAN, F5 and Citrix load balancers, Cisco and Aruba Wireless, ACS, NAC, ISE, Call manager VOIP, SDN, SD - WAN, ASAs, Palo Alto Firewalls, Cisco Firepowerand Network Security.
• Deployment, Manag emend and Administering Cisco ASA FTD, Next Generation PaloAlto, SonicWALL, Fortinet Firewall, Juniper and Checkpoint series
• Deployed F5 LTM/GTM using One arm/two arm and N-path deployment methods and have migrated Citrix NetScaler from MPX 7500 to SDX 8920 Series.
• Deploying Cisco Aironet 2700, 3700 Series, Cisco 5507 and 5520s wireless controllers Cisco Meraki Enterprise Cloud Access Points and Wireless Bridges/Repeater for LAN Expansions.

TECHNICAL SKILLS

Cisco Routers: 2600, 2900, 3600, 3800, 7200 and 7600

Cisco L2 & L3 Switches: 2900, 3560, 3750, 3850, 4500, 4900, and 6500 series, Nexus 5K/7K, Cisco 6509.

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: Frame Relay, MPLS, PPP, HDLC, (E1/T1/E3T3), DS3, OC192.

Network Security: Cisco ASA, ACL, IPSEC, SSL, Juniper SRX, ACL, IPsec, VPN, Port-security, AAA, Zone-Based Firewalls, IOS based router security firewalls, IDS/IPS, Palo Alto firewalls.

OS products/Services: DNS, DHCP, Windows … XP), UNIX, LINUX.

Routing Protocols: RIP v1/v2, OSPF, EIGRP, IS-IS, BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Load Balancers: Gateway Load Balancing HSRP, VRRP, GLBP

Security and VPN: PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC, SSM, FWSM, FortiGate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, and Juniper Net screen firewall, Windows Patch Management (WSUS), YARA rules

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wireshark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, Solar winds Orion and HP OpenView, Ethereal.

Facilities: DS0, DS1, DS3, OCX, T1/T3

Wireless LAN controller: CISCO AIR-CT2504-5-K9 2504 WIRELESS CONTROLLER - Network management device, CISCO AIR-AP1702I-A-WLC 2504 WIRELESS CONTROLLER.

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Load Balancers: Cisco CSM, F5 Networks (Big-IP) LTM 8900, Cisco ACE 4710, GTM.

Operating Systems Windows: (98, ME, 2000, XP, Server … Vista, Windows 7), Linux

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-Security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, Blue Coat URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap.

Operating systems and Tools: Infoblox, Cisco IOS, Windows NT 4.0 (Desktop/Server), puppet, Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server, VMware V realize.

Network technologies: MANET, SONET, TDMA, FDMA, CDMA. DSL, POP3, VERSA, HP ArcSight.

PROFESSIONAL EXPERIENCE

Network Engineer

Confidential - Malvern, PA

Responsibilities:

• Configuring, Maintaining the Routers and Switches and Implementation of RIP, EIGRP, OSPF, BGP routing protocols and troubleshooting Remote infrastructure management of offices in different locations nationwide.
• Troubleshooting and escalation management of day-to-day issues for offices. Managing Co-location and Data centre infrastructure in North America.
• Administrating and managing Cisco ASA 5512 firewall
• Implanting VLAN routing and VPN security
• Configuring access servers to perform reverse telnet and configuring AAA.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues
• Designed VLAN’s and VTP topology, troubleshooting IP addressing issues and Updating IOS images.
• Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Review the client's Palo Alto configuration and map it to Cisco Fire power 9300 features
• Use configuration text files and screen shots with eventual access into the Palo Alto firewall to map objects, firewall rules, and NAT configuration to the Cisco world
• Migrate 40 NAT statements from Palo Alto NAT logic to Cisco NAT logic and documentation in spreadsheet including Static and Dynamic NAT with customer MAC addresses on some interfaces
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration. Experience in working with designing, installing, and troubleshooting of Palo Alto firewalls.
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements.
• Configure all Checkpoint, Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Design and Architecture of F5 LTM, GTM, APM, ASM and application delivery network.
• Responsible for Cisco ASA firewall administration across the network.
• Source of knowledge for SD-WAN and routing trends and technologies.
• Installing & rebuilding IP appliances, checkpoint appliances. Configuring & troubleshooting Checkpoint Cluster XL& VRRP
• Monitoring the network traffic with the help of Q radar and Cisco IPS event viewer.
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design
• Managed Cisco Wireless environments which hadCisco Wireless controller 5520along withAironet 3702i, 2602i,1142N and 3502iseries access points.
• ManagedPalo Alto Firewalls 5280 and 5160series and handled day to day tickets and changes to the configuration, S2S tunnelsand Remote access VPN through CLI and panorama.
• Integrated multiple Nexus 2k,5k,7k and 9k switches to Nexus Fabric manager (GUI) a centralized management centre at Headquarters toconfigure Overlay VX-LAN broadcast domains, VRFs,VPCs.
• Drive the project for implementing Viptela Software Defined WAN (SD-WAN) solutions and reduced Cost on MPLS for every fiscal year.
• Cisco code upgrade for IOS/NXOS platform for all core data centres included Catalyst 3750,3850,4500,2960X and NEXUS 2K,3K,5K,9K and Routers ASR-1K, 2900 Series, 4300 Series.
• Running migration cutovers of MPLS-VPN and DMVPN for newly acquired offices, including traveling to country-wide offices.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration. Experience in working with designing, installing and troubleshooting of Palo Alto firewalls.
• Configuring & managing around 500+ Network &Security Devices that includes Juniper SRX Firewalls, F5 BigIP Load balancers and Nexus Devices. Experience working with JUNOS OS on Juniper Routers and Switches.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.

Network Engineer

Confidential - Atlanta, GA

Responsibilities:

• Design and implement complete network and device required to connect different networks.
• Design, configure, and administer Juniper MX routers, SRX Firewalls, Cisco routers & switches.
• Design and configuring of OSPF, BGP on Juniper Router and SRX Firewalls
• Configuration and management of network routers (Cisco 6500, 7K; Juniper MX) and switches (Cisco 3850, 3750X, 3750, 3550; Juniper EX).
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4
• Worked on the Cisco ASR 9010 and Cisco ASR 9912 Routers at CORE level.
• Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
• Data center migration was involved in Access, Distribution and Core layers
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Experience with design and implementation of Data center migration.
• Expert in configuring Cisco Routers, Catalyst Switches, Nexus Switches.
• Upgrade Cisco 6500, 3750, 2960s, Nexus 5000, Nexus 2000, Nexus 7000 switch IOS software
• Worked extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches
• Identify, design and implement flexible, responsive, and secure technology services
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Establish AWS technical credibility with customers and external parties
• Experience working on Big IP/F5 load balancer, Citrix NetScaler, Cisco ACE load balancer and Juniper Equipment.
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies
• Hand on experience the configuration and implementation of various Cisco Routers and L2 Switches.
• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 500 hosts.
• Studied and analysed client requirements to provide solutions for network design, configuration, administration, and security.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Experience on Configuring Cisco ASR 9K/1K 7600 Series Routers.
• Worked on Migration of Juniper SRX firewalls for isolation of network segments and VPN's
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpointand Palo altoVPN experience
• Worked on OSPF using features like TSA, SA, NSSA and route summarization.
• Configured EBGP/IBGP policies, also tested BGP attributes such as Local preference, MED, AS-PATH, Community and Weight.
• Working knowledge of Firewall service module FWSM UPGRADE, FWSM RULESET conversion
• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 500 hosts.
• Performed client requirements to provide solutions for network design, configuration, administration, and security.

Confidential

Network System analyst

Responsibilities:

• Configuring and troubleshooting multi-customer network environment.
• Involved in network monitoring, alarm notification and acknowledgement.
• Implementing new/changing existing data networks for various projects as per the requirement.
• Troubleshooting complex networks layer 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
• Providing support to networks containing more than 2000 Cisco devices.
• Performing troubleshooting for IOS related bugs by analyzing past history and related notes.
• Commissioning and Decommissioning of the MPLS circuits for various field offices.
• Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost-effective network solutions to accommodate customer requirements and project scope.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Possess good experience in configuring and troubleshooting WAN technologies like MPLS, T1, T3, DS3 and ISDN.
• Troubleshooting complex networks layer 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
• Providing support to networks containing more than 2000 Cisco devices.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Rebuilding data centres and redundant sites for failover, F5 load balancers
• Migrated, created, and managed pools and clusters in F5 BigIP GTM 3DNS load balancers across multiple Datacentres.
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Involved in Configuration of Access lists (ACL) on Juniper and Palo ALto firewall for the proper network routing for the B2Bnetwork connectivity.
• Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, MLS, HSRP, VRRP,
• Understanding of mobile backhaul network on IP, Ethernet, ATM, PW & TDM.
• Experience of IP/MPLS/Optical Transmission network for access transport & back haul network to facilitate 2/3/4G Network.
• Designing, Implementing and TroubleshootingCisco3750, 3550, 3560, 4500,2924, 6513,6504,6506,6509,6500 series switches,GSR,ASRrouters withCisco IOSandIOS-XRand NX.
• Installing, configuring, and maintainingCisco Switches(2900, 3500, 3700 series, 6500 series).