SUMMARY

• 8+ years of experience in routing, switching, systems design, administration and troubleshooting.
• Strong hands on experience in configuring and troubleshooting of Cisco 7600,7200,3800,3600, 2900,2800,2600 series routers and Cisco Catalyst 6500,4500,3500,3750 series switches and Nexus 2000, 5000 and 7000 switches.
• Expert in installing, configuring and troubleshooting of Juniper EX2200, EX2500, EX3200, EX4200, EX4500 series switches and Juniper MX80, MX40, MX10, MX5 series routers.
• Implemented firewalls using Cisco ASA, Cisco PIX, Checkpoint Provider - 1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
• Strong knowledge in Juniper JUNOS platform including SRX Firewalls, Network & Security Manager (NSM), Juniper Space and STRM, Juniper UAC, Juniper Pulse.
• Experienced in Network Security, Juniper Firewalls, SSL VPN, Checkpoint, RSA, Cisco Nexus, Cisco ACE, Cisco Wireless.
• Involved in designing L2VPN services and encryption system and other VPN with IPSEC based services.
• Worked on MPLS-VPN designs and MPLS-QoS for the migration of Frame relay to MPLS system.
• Configured and maintained TACACS+/ Radius servers for AAA authentication and user authorization.
• In depth knowledge in designing, implementing and configuring Palo Alto firewalls.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Experience working with Cisco Nexus2148 Fabric Extender and Nexus5000 series to provide a Flexible Access Solution for a datacenter access architecture and configuring Virtual Device Context in Nexus 7010
• Implemented enterprise wide network infrastructure and ecommerce support solutions including, network intrusion detection, encryption and monitoring.
• Experience with network security design implementation Assessment, evaluation, design, and implementation of solutions related to following security areas: Large corporate firewall extranets, mail, Internet, internal enclave, PCI and Industrial control systems.
• Implementing, maintaining and troubleshooting switching tasks such as VLANS, VLAN Trunking, Inter VLAN routing, CEF and DCEF.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as RIP, EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP
• Maintaining and updating inventory using Network Management Application layer software’s like SNMP, Wireshark, NTP, and Syslog.Managed enterprise grade server/application load balancing using F5 LTM/GTM.
• Expert in F5 products and technology (LTM, SSL offloading, GTM).
• Good Hands on experience on F5 Global and Local Traffic Manager and load balancer, CSS and ACE load balancers.
• Expert level knowledge of application migrations from Cisco ACE to F5 Load balance.
• Expert in Migration of application, server, service groups from Citrix NetScaler to F5.
• Developed IT strategies, policies and procedures consistent with the businesses strategies and vision while effectively protecting: data confidentiality, integrity, and availability in turn providing security and limiting liability.
• Demonstrated success record in: Managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.

TECHNICAL SKILLS

Routing: RIP, EIGRP, OSPF and BGP.

Routers: Cisco (7600, 7200, 3800, 3600, 2900, 2800, 2600 series).Juniper (MX80, MX40, MX10, MX5 series).

LAN Switching: Ethernet, Fast Ethernet, Gigabit Ethernet, VLAN, VTP, STP, ETHERCHANNEL, Port Security.

Switches: Cisco (6500, 4500, 3750, 3500 series).Juniper (EX4500, EX4200, EX3200, EX2500, EX2200 series).

Networking Concepts: TCP/IP, Access-lists, Routing, Switching, Subnetting, Designing, PPP, ISDN, ATM, WEP, WAP.

Security: NAT, PAT, L2/L3VPN, IDS, IPS, IPsec, IKE, Access-lists, Cisco ASA, Cisco PIX, Checkpoint NGX, Juniper SRX.

Infrastructure services: DHCP, DNS, SMTP, FTP, TFTP, POP3.

Monitoring Tools: Wireshark, Nmap, Cisco Packet Tracer, GNS3.

Platforms: LINUX, UNIX, Windows, Mac.

Languages: C, C++, Java, Python, SQL, HTML.

PROFESSIONAL EXPERIENCE

Confidential, Dallas, TX

Senior Network Engineer

Responsibilities:

• Involved in configuring and implementing of composite Network models consists of Cisco 7600, 7200 series routers, Nexus 2000, 5000 and 7000 switches, Juniper EX4200, EX4500 series switches, Juniper MX80, MX40 series routers.
• Primary responsibility is to design and deploy various network security & High Availability products like check point other security products.
• Experience designing, implementation and troubleshooting of Juniper platform
• Configuration and Maintenance of ASA, ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
• Configure IPSEC VPN tunnels between Checkpoint and other non-Checkpoint endpoint devices using IKE pre-shared keys, 3DES and MD5.
• Upgraded the NX-OS in nexus 7018, 7010 and nexus 5548 and 5596.Consolidated multi-tiered environment into a pair of Nexus 7000 switches using VPC and VRF.
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Checkpoint firewall and Cisco 3800 series routers.
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus version 4.2 and 5.0, Nexus VPC peer links.
• Designed and implemented cloud security and security strategies on Cisco and Palo Alto firewalls
• Supported Palo Alto Panorama cloud security and worked on some troubleshooting issues.
• Migration of application, server, service groups from Citrix NetScaler to F5.
• Configure and troubleshoot Bluecoat as forward proxy for all Web URL filtering.
• Responsible for reviewing current and planned network designs, particularly F5 load balancer implementations. Identified opportunities for implementation of network best practices
• Configure Bluecoat proxies using Bluecoat director for content and URL filtering.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM
• Configured F5GTM solutions, which includes Wide-IP, Pool Load Balancing Methods, probers and monitors
• Strong knowledge and understanding with IPsec, Juniper SA Remote Access VPN, and Source Fire intrusion prevention systems
• Involved in configuration of access-control lists on Juniper and Palo Alto firewalls for proper network routing and B2B connectivity.
• Network Segmentation-application migrations for enterprise Private Data Firewall and data behind ASA 5585-Xs
• Migrated Checkpoint R65 to R75 and Installed Smart-Reporter which allows us to run reports on Security rules usage.
• Configured and deployed Application based load balancing using F5 LTMs & site level load balancing on F5 GTMs using 3900 & 6900 BIG-IP appliances.

Environment: Cisco 7600, 7200 routers, Nexus 2000, 5000 and 7000 switches, Juniper EX4200, EX4500 switches, Juniper MX80, MX40 routers Cisco ASA, ASA 5540, ASA 5520, ASA 5510, PIX 535 firewalls, Palo alto firewalls, F5 LTM, GTM, Juniper JUNOS platform including SRX Firewalls, Network & Security Manager (NSM), Juniper Space and, STRM, Juniper UAC, Juniper Pulse, Bluecoat.

Confidential, Columbus, OH

Network Engineer

Responsibilities:

• Optimized performance of the WANnetworkconsisting of Juniper EX2200, EX2500, EX3200 switches by configuring VLANs and troubleshoot Juniper MX10, MX5 series routers
• Performed IOS upgrades/Password recovery on Cisco 3600, 3800 series routers and Nexus 2k, 5k, 6k and 7k switches.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540).
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Upgraded code on Palo Alto firewalls to meet company security policy.
• Used Palo Alto dashboard to monitor servers and status of firewalls.
• Configured IPsec tunnels with Palo Alto to enable secure transport and cloud based/site-to site VPN to both Azure.
• Troubleshooting VLAN/Trunk Issues with Nexus Switches connecting to ESX servers.
• Performed corporate data center refresh project by replacing existing Catalyst based legacy switches to Nexus 7000s, 7100s, 5000s, 2000s & Nexus 6000.
• Implemented zone based firewalling and security rules on the Palo alto firewall
• Deployed and managed new Data Center Fabric with new Fabric Extenders - Nexus 2148 and 2248, Fabric Interconnects using 5548 and 7010, 7018 switches with F and M series modules and Supervisor 2E.
• Experienced with Juniper Steel Belted RADIUS, with ability to implement and troubleshoot.
• Perform Checkpoint and PIX firewall/IDS design, integration and implementation for Cyber Trap client networks.
• Configured and deployed VDC and VPC between Nexus 7018 and Nexus 5548 switches along with FEX 2248. Deployed Horizontal connectivity using OTV. Have a good understanding of Fabric Path.
• Designed and Implemented Cisco PIX525 and ASA5550 firewall’s interfaces with FTP, DNS, HTTP servers on DMZ with different security levels.
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Adding websites to URL filtering block list in Bluecoat proxies and upgrading firmware on the Bluecoat proxies.
• Migration of 300+ virtual servers in F5 Load balancer as part of web and application server migration.
• Migrated, created, and managed pools and clusters in F5 BigIP GTM 3DNS load balancers across multiple Datacenters.
• SSL offloading on F5 LTM’s, worked on both the server ssl profiles and client ssl profiles.
• Implementation and management of Bluecoat proxy servers to replace existing ISA proxy servers layered with Websense content filtering.
• Configuring VIPs, Virtual Servers, I-rules, Pool members, Health monitors in F5 load balancer for LTM and GTM Environments.
• Design and deployed F5 LTM load balancer infrastructure per business needs from the ground up approach.
• Migrated Checkpoint R65 to R75 and Installed Smart-Reporter which allows us to run reports on Security rules usage.
• Configuring VIPs, Virtual Servers, I-rules, Pool members, Health monitors in F5 load balancer for LTM and GTM Environments.

Environment: Juniper EX3200, EX2200, EX2500 switches and MX10, MX5 routers, Cisco 3600, 3800 series routers, Nexus 2000, 5000 and 7000 switches, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540), Palo alto firewalls, Checkpoint R65, R75, F5 LTM, GTM, Cisco ACS, ASA, NAT, Bluecoat proxy, Access-list, VPN, IDS, IPS, IPSEC, Q RADAR, NAT, RADIUS, IKE, DMZ.

Confidential

Network Engineer

Responsibilities:

• Troubleshooting of Cisco 2900, 2800, 2600 series routers Cisco Catalyst 6500, 4500 series switches.
• Involved in implementing & Designing the switched network. Configured STP, VTP and DOT1Q in switching network.
• Troubleshoot issues related to connectivity, STP, Vlans, trunking, VTP, Layer 2 switching, Ether Channels, Inter-vlan routing, log messages, high CPU utilization and parameters that can degrade Performance of the network.
• Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured OSPF and EIGRP in the core routers and core switches and specified route redistribution and created virtual links to non-back bone areas.
• Configured OSPF for Stub area, Totally Stubby Area and NSSA.
• Configured and Maintained BGP features such as load balancing, Route Reflectors, BGP metrics such as maintaining the Enterprise IP Addressing scheme with allocation of new IP Pools for user subnets, and updating the port on the switches MED, AS Path, Local Preference, Communities.
• Configured static NAT, dynamic NAT and dynamic NAT overloading.
• Worked on BGP configuration for providing redundant internet connectivity using BGP attributes, Route maps, prefix-lists etc.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Daily monitoring of network traffic using sniffers, Wireshark and access logs to troubleshoot and identify network issues,
• Work with customers to create secure SSL VPN, load balancing, and network configuration polices on multiple vendors over 50,000 users.

Environment: Cisco 2900,2800,2600 series routers, Cisco Catalyst 6500,4500series switches, STP, VTP, NAT, DOT1Q, VLAN, RIP, OSPF, EIGRP, BGP, VPN, IPSEC, GRE, WAP, Wireshark.

Confidential

Junior Network Engineer

Responsibilities:

• Develop, plan and maintain documentation necessary for operation in support of LAN to WAN connectivity
• Provisioning and troubleshooting Ethernet services, Gigabit networks and Connectivity issues with WAN types (T1, E1, DS3, and Frame relay) data circuit debugging
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
• Designed VLAN’s, access lists (ACL), troubleshooting IP addressing issues and Updating IOS images and other hardware installation.
• Created VLAN and Inter-Vlan routing with Multilayer Switching.
• Implemented ISL and 802.1Q for communicating through VTP.
• Performed administrative support for RIP, OSPF routing protocol.
• Configured EIGRP for Lab Environment.
• Dealt with NAT configuration and its troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.
• Assisted in troubleshooting complex layer 1,2 and 3 connectivity using Wireshark protocol analyzer and recommended solution for better performance,
• Analyzed and tested network protocols (Ethernet, TCP/IP) using Wireshark tool.
• Generating daily reports, cumulative reports (link outages for a month), ISDN report, Inventory reports, maintaining Network Configuration Tables and Network Topology diagrams
• Created & documented wiring and network diagram using MS-Visio.
• Real time monitoring and network management using Cisco Works LMS and Wireshark.
• Troubleshoot and resolved dynamic routing, Ethernet switching and host connectivity issues in a window and network environment

Environment: Cisco 2900,2800,2600 series routers, Cisco Catalyst 3500, 3750, 2950 series switches LAN, WAN, TCP/IP, NAT, PPP, ISDN, STP, Vlans, Trunking, VTP, Inter-vlan routing, RIP, OSPF, EIGRP, BGP, GLBP, Port channel management, Wireless LAN PHY standards 802.11a, 802.11b, 802.11g and 802.11n, FTP, HTTP, DNS, DHCP, F5 LTMs, QOS, Wireshark.