SUMMARY

• 8 years of IT experience in implementation, troubleshooting and maintenance of complex Network & Security devices.
• In - depth Cisco technology experience/knowledge in design, implementation, administration and support.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Network security including NAT/PAT, ACL, VPN Concentrator.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Worked on Load BalancerF5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
• Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience
• Implementing and Troubleshooting Cisco Routers (2800,2900,3900,3800,7600) using Static, RIP, IGRP, OSPF, EIGRP& experience with Checkpoint, Cisco PIX & ASA devices
• Experience with Troubleshooting tools for example protocol analyzers, load generators & network traces
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT’ing, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP& Multicasting protocols
• Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches
• Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Good domain knowledge in Linux source code 2.6x & Shell scripting
• Network Security - Anomaly Detection in Attack Prevention System, Network and Host IPS/IDS, Cisco PIX firewall, Vulnerability scanning, Penetration testing, Buffer Overflows, Cross Site Scripting,
• Cisco Pix Firewalls (525, 520, 515, 506), VPN Concentrator 3000 series, Cisco IOS Firewall feature set (IOS 12.X).
• NetScreen Firewalls (NS-5XP, NS-5GT, NS-500)
• Palo Alto Firewalls (PA-3000 and PA-6000 series)

TECHNICAL SKILLS

Security: Anomaly Detection in attack prevention system, IPS/IDS, Penetration Testing and Web application testing, Buffer Overflows, Session Management, Cisco PIX, and Security attacks like DoS, DDoS, Spoofing, Nexus & Cisco IOS, Cisco Works

Protocols & Standards: TCP/IP Protocol Suite, Ethernet, Token Ring, FDDI, OSPF, EIGRP, Rip, BGP, HSRP, L2/L3/L4/L7 Switching, VLAN’s, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.

Networking: Operations Research, Cisco Routers (800, 2600, 2800, 3800, 4500), Switches (2950, 3560, 6500), Snort network intrusion detection systems (IDS). Network penetration testing tools like NMAP, Netfilter, IPTables, Ethereal, SONNET, MPLS, DSU/CSU

PROFESSIONAL EXPERIENCE

Confidential, Warren, Michigan

Sr. Network Engineer

Responsibilities:

• Maintained & implemented network architecture at company’s corporate office.
• Troubleshooting experience with networks, identifying the root cause of the network failure with other support engineers
• Maintenance and analysis of the network in the plant for any possible up-gradation
• Used and Maintained Routing Protocols BGP, EIGRP and OSPF in the Network.
• Implemented traffic filters utilizing standard, extended access-lists, distribute-lists, & route maps
• Working experience of F5 LTM 6900, creating virtual servers, pools and nodes
• Used different load balance methods, persistence and profiles on F5 LTM
• Actively worked with LAN/WAN engineering as a team to resolve IDCN connectivity issues.
• Worked on LLD for recent News migration to Plano as a lead engineer.
• Helped new team members to understand existing infrastructure as well as process to bring them up to speed.
• Providing configurations for Cisco 6500, 4500 & 3750 catalyst switches with port security, VLANs, VTP, PVST+ and working with Nexus 7010, 5548, 5020, 2148, 2248,9K series devices.
• Worked on troubleshooting customer related issues to router configuration and layer 1, 2 issues
• Configuration of DHCP servers and troubleshooting also other IP conflicts.
• Keeping the DNS records updated across the environment
• Responsible for layer 2 security which was implemented using a dedicated VLAN ID for all trunk ports, setting user ports to non-trunking, deployed port security when possible for user ports.
• Cisco ASA 5540 firewall experience creating access rules for various DMZ containers for both inbound and outbound traffic.
• Configured Protocol Handling, Object Grouping, and NAT on ASA Firewall (5505).
• Install, configure, administer and troubleshoot Cisco PIX/ASA firewalls, checkpoint firewalls and Juniper net screen firewalls
• Worked with WAN team during migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Configuring of WAN service (frame relay, DDR, NAT/PAT and private addressing) & LAN services (Ethernet, VLNA’S, Trunking) on Cisco routers and switches.
• WAN Pilot project to convert branch from dual T1 circuits to iWAN only broadband circuit. To Enable Internet WAN connectivity for the Lab in Hauppauge. Test and turn-up IWAN link and disable the 2 existing T1 circuits, running branch on IWAN only. After testing was completed site will be placed back on either dual TDM circuits or TDM with IWAN backup circuit.

Environment: Branch office environment with Cisco 1900, 2900 series switches, Cisco 2500, 2600, 2800 series routers, Nexus 7k,9k series, F5 load balancer, routing protocol BGP,EIGRP, OSPF Juniper and Cisco ASA Firewalls, CSS/ACE load balancers.

Confidential, MD

Sr Network engineer

Responsibilities:

• Participated in meetings with business units and solution architect to gather information for new projects.
• Worked on commissioning of catalyst 2900, 4500, 6500 series switches, Nexus 5K/7K/9K along with FEX. Upgraded IOS/NXOS from default version to company standards.
• Worked with SiteOps team to get the servers and switches racked/stacked and cabled.
• Involved in configuring ACS for TACACS+ authentication for newly added network devices.
• Configured L2 switching technology including new VLANs, VTP, STP, inter VLAN routing, HSRP/VRRP.
• Involved in configuration of various 7200 series routers with WAN team to include newly added networks in existing routing policy.
• Configured ACE/CSS/F5 load balancers for server load balancing, health check, and SSL offloading.
• Commissioned Checkpoint Firewalls: Virtual as well as SPLAT firewalls.
• Designed and implemented various Rule Base Policies, NAT, and Antispoofing for Checkpoint and Netscreen Firewalls.
• Experience with F5 load balancers and reverse proxy design and setup.
• Utilized working knowledge of SmartView Monitor, SmartView Tracker, Smart Dashboard and Audit tools of Checkpoint Firewalls.
• Utilized expertise of reading Firewall logs along with tools such as TCPDUMP and FW monitor on command line to monitor active traffic on firewalls in order to troubleshoot many connectivity issues.
• Actively worked with LAN/WAN engineering as a team to resolve IDCN connectivity issues.
• Helped new team members to understand existing infrastructure as well as process to bring them up to speed.
• Actively Participated in Change Control meetings to present high impact changes to be carried out.
• Exhibited strong Project Management skills, Conducted network baselines and made necessary recommendations.
• Provided 24X7 production supports during handover of projects to SBU and provided 2nd level on-call support on routinely basis.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.

Environment: Cisco Catalyst 6500, 4900, 2900 series Switches, Nexus 5500, Checkpoint/Juniper Firewalls, Cisco.ACE (ACE20), CSS and F5 Load Balancers, GIGAMON/GTAP, Cisco ACS for authentication, Routing Protocol (BGP), DNS Infoblox, IPAM, HPNA, Cisco Works.

Confidential, Berkeley Heights, NJ

Sr. Network Engineer

Responsibilities:

• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive,peer link.
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks
• Experience with deploying the Layer 3 MPLS VPN in all the Branches and Campus locations.
• Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
• IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Subject matter expertise supporting and maintaining F5 Big-IP load balancers
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX
• Security appliance, Failover, DMZ zoning, & Configuring VLANs/routing/NATing with the firewalls as per the design.
• Decommission serial T3 circuits and replace with MPLS circuits. MPLS clouds were provided by carriers ATT, Verizon or Level 3.
• Experience Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Work with Carrier to test and turn-up circuits.
• Experience in design and implementation of new branch/New Campus test and turn up.
• Experience on troubleshooting of complex BGP and OSPF routing problems,

Environment: Router 2800, 3800; Cisco Catalyst Switch 3550, 2960. T1 Controllers, DS3 Lines (T3 Lines), Fiber and Ethernet cabling.

Confidential, Folsom, NJ

Sr. Network Engineer

Responsibilities:

• Experience in configuring routing protocols like EIGRP,RIPv2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS And IOS on CAT6500 in a complex data centre environment
• Coordinated with senior engineers with BGP/OSPF routing policies and designs, worked on implementation Strategies for the expansion of the MPLSVPN networks
• Involved in setting up Voice VLANs on distribution switches, and configuring access switches ports for AVAYA IP PHONES
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst switches
• Configuring PAGP and LACP protocol along with BFD link detection protocol
• Experience with hybrid CatOS to Native Cisco IOS code migration involving Catalyst 6503 to Catalyst 6504 switches
• Upgrading IOS on 2960 and using 2960 switch as a PAGP between VSS
• Working knowledge of PPP Protocol with Enhanced Flex WAN module on 6500 catalyst switch
• Involved configuring ppp multilink group, dialer group, PPP authentication protocols like PAP, CHAP
• Working knowledge of Terminal server and the configurations
• Installation of L3 Switching Engine policy Feature Card & Distributed Forwarding Card DFC3C
• Experience with design and implementation of Data center migration at NBC Universal
• Data center migration was involved in Access, Distribution and Core layers.
• Working knowledge with 10 gigabit Supervisor Engine 720 on 6500 catalyst switches
• Implementing 3750 Rack/Stack switches using Cisco Stack Wise technology
• Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 catalyst switches.
• Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS
• Working knowledge of configuring VOICE VLANS on core, Distribution layer switches
• Configured Access ports with Voice VLANS and Service Policy for VOIP Phones
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000series to provide a flexible Access Solution for a datacenter access architecture.
• Hands on experience installing Sup720 for Cisco 6509-E series and its Gigabit Ethernet port deployment in the core network

Environment: 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, 7206, 2611, 6748, 6708, 2960, T1 Controllers, DS3 Lines (T3 Lines).

Confidential, Newark, NJ

Network Engineer

Responsibilities:

• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1)
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches
• Involved in designing GRE tunnels for encryption of data flow from source to destination
• Experience in migration of Frame-relay based branches to MPLS based technology using multi layer stackable switch like 6500 series and 2800 series router
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Involved in configuring IP Quality of service (QoS)
• Have experience with Cisco Works LAN Management Solution
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Netinfo, Infoman Virtual Change) and experience with developing network design documentation and presentations using VISIO
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology

Environment: Branch office environment with Cisco1900,2900 series switches, Cisco 2500,2600,2800 series routers, Juniper and Cisco ASA Firewalls, CSS/ACE load balancers.

Confidential, Clifton Park, NY

Network Engineer

Responsibilities:

• Involved in redesign of traffic anomaly system to increase the detection method and algorithm efficiency.
• Capturing data in the kernel stack and analyze the packets in various locations on the network stack
• Hands on experience with firewalls, firewall rules & Tool NetCool
• Distributed denial-of-service (DDoS) attacks on public servers have recently become more serious. A detection and defense mechanism against SYN flood Attacks has been proposed in previous work.
• Experienced in WAN environments, installing and troubleshooting data circuits (OC, T1, E1, T3, MUXES)
• Experience with SONET Multiplexing protocols and DWDM technologies.
• Understanding current vulnerabilities attacks and counter measures, assessing the impact of traffic on customer networks, conducting research on emerging security threats.
• Mentoring and training security analysts, creating and maintaining documentation for Traffic anomaly Sys.
• Experience testing of a prototype Traffic Anomaly system that monitors TCP/IP network traffic. Each network packet is characterized by the (source host, Source port, destination host, Destination port, Flag). The system monitors the network for the occurrence of mismatch, which represent unusual traffic patterns within the network.
• Experience in creating and maintaining firewall configurations, updating documentation and log analysis.
• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Assist internal project teams by determining rules that need to be added to the firewalls and identifying the proper routing and addressing for new devices in managed DMZ*s.
• Experience in troubleshooting of complex BGP and OSPF routing problems
• Experienced in SYSLOG analysis & Proxy servers
• Experience with network based F5 Load balancers with software module GTM & Checkpoint
• Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer
• Experience with GTM F5 component to provide high availability with providing services across data centers
• Experience with Using LTM F5 component to provide 24“7 access to applications
• Experience with using F5 Load balancer in providing worldwide data and file sharing, continuous internet connectivity, optimized web performance

Environment: Corporate office architecture with highly reliable & secured network including Router Series(2800,3600,7204), Catalyst Switch Series(2900, 4500,6500),ASA Firewall(5505), Juniper Netscreen and Checkpoint firewalls

Confidential, Rochester, MN

JR Network Engineer

Responsibilities:

• Provide high level technical support, including identifying and resolving problems on Cisco supported products for e-Commerce infrastructure. This included external routing and internal/intranet routing for DMZ servers.
• Implemented cable multi-service operator (MSO) to capture traditional Telco subscribers with IP telephony and provide relevant QOS.
• Configured EIGRP, BGP, and MPLS.
• Configure Firewall, QOS by SDM and provide security by Prefix list, Access- List and By Distribution List.
• Moved Core switches and several non-Cisco devices under strict deadlines to maintain network functionality
• Implemented new ultra-secure networks in multiple data centers that included Cisco, Juniper security devices.
• Designed VLAN’s and set up both L2 and L3 logical to have it communicate to the Enterprise network.
• Scheduled preventive maintenance for fire-protection systems, including new protocols. Utilize MS Windows, Word, and Excel for reporting/documenting process.
• Satisfactorily Resolved Problems in timely manner with focus on providing a high level of support for all customers.

Environment: Assists the IT Manager to plan, direct, and control the technology infrastructure to include systems and services of the network infrastructure, Internet, security, desktops, Web server, and other network services provided to internal users, and the telephone systems.