SUMMARY

• I have got 8+ years of working experience in Network Administration, Design, Implementation and Troubleshooting.
• I have put rigorous efforts in order to increase my ability in this competitive field of networking and simultaneously utilize them to enhance my skills.
• Worked on Cisco catalyst series 2900, 3560, 3750, 4500, 4900 and 6500.
• Detailed understanding of different layer 2 protocols like VLANs, VTP, STP, RPVST, Port Security, and Ether Channels (LACP and PAGP).
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70, R71, R75 and R77), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3kand PA-5 k).
• Worked on F5 LTM/GTM, BIG-IP, load balancing, iRulesand WAN acceleration.
• Experienced in Data-Center Nexus 7009, 7018, 5548P, 5596T, 2148T, 2224T, 6000, ACI, UCS switches.
• Worked on configuring the Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders.
• Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches and also implemented VSS on Cisco catalyst 6509 and 6513 switches.
• Worked on Cisco 1800, 2600, 3600, 7200 and 7600 routers.
• Experienced and skilled in configuring Routing Protocols RIP, EIGRP, OSPF and BGP on Cisco routers like 2600, 2900, 3600, 3900, 7200 and 7600 series.
• Designed Redundancy Gateways for Campus Network using HSRP/VRRP/GLBP.
• Worked with MPLS in establishing peer ship with BGP protocol.
• Experienced with route manipulation by using Offset-list and route filtration by using Access-lists, Distribution-list and Route Maps.
• Applications use in analyzing the threats are McAfee EPO, IBM Qradar, Counteract Forescout, Lansweeper, and Active Directory.
• Protected the Web applications using Web Application Firewall (F5 ASM).
• Solid understanding of various WAN technologies such as Frame-Relay, PPP and HDLC.
• Expertise in implementing Security policies like IDS, IPS, PAT, NAT, VPN and Access lists.
• Performed security operations on Cisco ASA 5520, 5550 firewalls.
• Worked on migration from a full mesh frame relay to Point-Point T1 and implementation of IPsec VPN.
• Expertise understanding in implementing and configuring F5 Big-IP LTM-3900, and 6900 LOAD BALANCERS, maintained policies.
• Troubleshooting and monitoring application issues using tools like Wire-shark.
• Excellent inter-personal skills with the ability to work in a team of large members with minimum supervision necessary.
• Experienced in Microsoft Visio creating a detail physical and logical network diagrams.
• Experienced in Windows server (2010, 2012R2) and forensic tools (FTK, MPE+, Encase)

TECHNICAL SKILLS

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, LWAPs.

WAN Technologies: HDLC, PPP, Frame Relay, Channelized links (E1/T1/E2/T2).

Switching Technologies: VLANs, Inter VLAN routing and Port Channels, VTP, Spanning Tree Protocols like PVST+, RSTP+, Multi-Layer Switching, Port security, VSS, CEF and DCEF.

Switches dealt with: Nexus 5548, 5596, 6000, 7009, 7018; Cisco Catalyst 6506, 6509, 4928, 4948, 4507, 4510, 3750, 3560, and 2960.

NEXUS Features: VDC, VPC, VRF, FEX, F & M Series line cards.

Routing Protocols: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route redistribution, Route filtering, Summarization, Static route.

Routers dealt with: Cisco 7606, 7609, 3845, 3660, 2921, 2691, 1812.

Network Security Technologies: ASA 5520/5550 and PIX 525 Firewalls, ACL, IPsec, IDS, Citrix Netscalers.

Load Balancers: F5 Network (Big-IP) LTM 8900 and 6400.

Redundancy Protocols: HSRP, GLBP, VRRP.

VPN Technologies: GRE Tunneling, Remote Access VPN, Site-to-Site VPN.

Operating Systems: Windows (98, ME, 2000, XP, Vista, Windows 7, 8.1), Windows Server (2010, 2012R2), Linux, Ubuntu, and IOS.

PROFESSIONAL EXPERIENCE

Confidential, Lancaster, PA

Sr. Network Engineer

Responsibilities:

• Work with client engineering groups to create, document, implement, validate and manage policies, procedures and standards that ensure confidentiality, availability, integrity and privacy of information.
• Researched, designed and replaced aging Cisco ASA firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Performed site refreshes on Cisco switching and Aruba wireless infrastructure at several locations.
• Configured, implemented and troubleshooting issues on Checkpoint R77.10 Gaia, R75, Cisco ASA 5540, 5000 series firewalls for the client environment.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
• Worked on VPN configuration, routing, NAT, access-list, security contexts and failover in ASA firewalls.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto, Cisco ASA Firewalls.
• Configuring, Administering and troubleshooting the Checkpoint, Palo Alto and ASA firewall.
• Configured IPSec VPN (Site-Site to Remote Access) on Cisco ASA (5200) series firewalls.
• Rule consolidation and rule lockdown process in the ASA firewalls.
• Supported 200 Cisco ASA firewalls in configuring and maintenance.
• Deployment of Cisco ASA firewalls and migration of end of life ASA firewalls to New ASA firewalls
• Cisco Firewalls include ASA 5585x, 5580, 5550 Series Hardware managed through CLI, ASDM as well as CSM.
• Lead NSX VXLAN solution for Hybrid colocation.
• Configuring & Administration of the Checkpoint Firewall that includes creating Hosts, Nodes, Networks, Static & Hide NAT's.
• Experience in creating multiple policies and pushing them into Checkpoint Firewall (Gateways) and hands-on experience in managing the Checkpoint Management Server and Gaia operating system.
• Experience working with Palo Alto firewalls managed through Panorama management platform.
• Configure High Availability on Palo Alto firewalls.
• Defining, tracking and maintaining the standard baselines and configuration sets of security devices and implementing industry best practices with regards to Firewall, IDS/IPS, IPsec VPN, SSL VPN.
• Applied security enhancement by implementing certificates and RSA keys for authentication.
• Installed and administered RSA Secure ID token authentication servers.
• Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors.
• Work with the Cisco Meraki Sales team and on strategic sales initiatives like customer outreach and channel training to grow business in targeted regions.
• Verify Firewall status with Checkpoint Monitor. Creation and implementation of Application delivery architectures which includes load balancing on F5 BIG IP modules.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
• Use of Web application firewall providing reverse proxy-based protection for applications deployed in physical, virtual / public cloud environments.
• Actively involved in F5 ASM policy configuration and deployment. Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, and IDS/IPS.
• Configured High availability, User ID on Palo Alto firewall.
• Design and Architecture of F5 LTM, GTM, APM, ASMand application delivery network.
• Configured and utilized many different protocols such as OSPF, ISIS, BGP/MP-BGP, OER, MPLS, LDP, Multicast, IPv4/IPv6 protocols.
• Utilized knowledge of Spanning Tree Protocol, BGP, MPLS, OSI model layers 1-2 to create network layouts.
• Build disaster recovery network build, F5 load balancer, Infoblox DNS.
• Responsible for investigating Data Loss Prevention using Symantec DLP.
• Configured EIGRP routing and BGP route maps to allow traffic from subnets out to the core to Datacenter on the ASR 1002 devices.
• Implementation and configuration of Cisco L3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, dot1Q trunk, ether channel
• Configure and troubleshoot Routing protocols such as OSPF and EIGRP for routing internally and BGP for external routing.
• Forescout CounterACT- NAC, endpoint compliance, real-time intelligence and policy-based control.
• Experience with Monitoring wireless networks and performing site surveys.
• Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP.
• Used BMC Remedy tool for ticketing purpose.

Environment: Cisco ASA 5580/5540/5520 , CheckpointR70, R75, R77.20 Gaia, Palo AltoPA-5000/3000, Big IP F5 LTM/GTM, Nexus switches, CRS1CRS3CRSX, Routers, TCP/IP, VPN, Bluecoat Proxy servers, IDS/IPS. SIEM and monitoring, BMC Remedy, Cisco Prime, Forescout CounterACT, Tufin.

Confidential, Wilmington, DE

Network Engineer

Responsibilities:

• Responsible for implementing, supporting, and maintaining 24x7 network services.
• Coordinated efforts with Engineer's to ensure all network devices conformed to defined network standards.
• Primary responsibility is to design and deploy various network security & high availability products like Checkpoint, Cisco ASA, and other security products.
• Configured and troubleshot HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS and Route Maps.
• Configured and maintained Cisco 7200, 4400, 5000 and 6500 platforms.
• Configured and started up the tail connections.
• Troubleshot connectivity issues involving VLAN's, OSPF, QoS etc.
• Support, monitor, and manage the IP network.
• Provided Tier 3 helpdesk support for any Cisco Network WAN/LAN, Cisco ISE, Cisco Wireless, Cisco Prime Infrastructure, Cisco unified communication and Cisco Collaboration product that my team couldn't solve.
• Delivered executive briefing of head to head results, due to the complexity of 802.1x and hardware upgrade requirements to implement Cisco's ISE solution the decision was made to move forward with ForeScout's CounterACT NAC Solution.
• Experience with configuring Nexus 5000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7K and 9K.
• Configured High Availability on Palo Alto firewalls and maintained.
• Performance monitoring of various applications and web servers to maintain quality of service and network stability.
• Upgraded multiple Checkpoint firewall and managed network security policies which include access control, NAT, content security, and authentication.
• Maintained core switches, created VLAN's and configured VTP.
• Designed IP Addressing schemes, VLAN tables, and Switch port assignments, Trunking and Ether-channel implementation.
• Gained hands on experience with VLSM, STP, VTP, VLAN Trunking.
• Installed and set up Cisco routers and switches according to deployment plans.
• Applied access lists and NAT configurations based on implementation guidelines.
• Managed and developed network projects designed to strengthen network continuity and deployed security elements in an attempt to meet and exceed contract requirements, including system analysis and troubleshooting.
• IP Distribution for existing devices and new devices as they were added.
• Preformed maintenance on equipment as necessary, performed device upgrades, modification of configurations, password changes, and diagnostic testing.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in an event where a core router became unreachable.
• Responsible for maintenance of multiple CheckPoint-1 firewalls on NT environment.
• Worked with vendors and engineering team to test new hardware and procedures.
• Prepared and maintained documentation using MS Visio.
• Route configuration and point code checks for System Technician and Network Technician.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Worked with other team members in testing of the network architecture.
• Implemented, configured redundancy protocols HSRP, VRRP, GLBP for Default Gateway Redundancy.
• Implemented, configured, and troubleshot various routing protocols like RIP, EIGRP, OSPF and BGP etc.
• Performed network monitoring and provided analysis using various tools like Wireshark and SolarWinds.
• Responsible for Cisco ASA firewall administration, Rule Analysis, and Rule Modification.
• Configured, monitored, and troubleshot Cisco's ASA 5500.
• Experience migrating VLANS.

Confidential, Newark, NJ

Network Security Analyst

Responsibilities:

• Involved in the activity of DATA-Center migration of Cisco catalyst series 4500, 6500 switches with the new Nexus 2148, 2224T, 5548, 6018, 7010 using F3/M3 line-cards with 10GE & 40GE interfaces and Supervisor 2E.
• Involved in migration from Legacy Catalyst 6509 with SUP-720, Catalyst 4507 with SUP-6 to Nexus 9k with SUP-2E as part of the data center refresh.
• Configured and deployed VDC and VPC between Nexus 7018 and Nexus 5596, 5548 switches along with FEX 2248. Have a good understanding of Fabric Path.
• As part of Data Center fabric remediation/refresh project, deployed Cisco Nexus switches and implemented features like FEX Links, VPC and VDC.
• Involved in the troubleshooting aspects of complex network infrastructure using routing protocols like EIGRP, OSPF and BGP.
• Configured and deployed DMVPN routers at non-MPLS locations.
• Working with the rule base and its configuration in Cisco ASA, Palo Alto, Juniper and Checkpoint firewalls.
• Configured and deployed Cisco Catalyst 6506, 4948E, 4510 switches and Cisco 3660, 3845, and 7609 series routers.
• Installed and Configure Network Management Platforms such as LMS 4.2.5, ACS 5.X and Cisco ISE 2.2
• Deployed VSS on Cisco Catalyst 6509 switches and provided post-deployment support for issues.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Implemented firewall policies on Cisco ASA.
• Worked on TACACS+ server for AAA authentication.
• Applied ACLs for Internet access to the servers using Cisco 5550 ASA firewall and performed NAT.
• Performed Security operations in terms of pushing new policies and deploying new rules.
• Performed security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
• Involved in the configuration and maintenance of IPsec Site-Site VPN.
• Supported in giving access to the User machines and partners exterior to the network using IPsec VPN tunneling and SSL.
• Planned and implemented network designs, including WAN, LAN, MPLS.
• Responsible for simulating network operations with the usage of packet analyzer like Wire shark, and use to resolve tickets whenever there is an issue.
• Had experience in configuring and implementing Prefix-lists, Route-maps, and Ether-channels.
• Working knowledge on Python, Unix/Linux scripting.

Confidential, Tampa, FL

Network Support Engineer

Responsibilities:

• Responsible for level 2 support of existing network technologies / services & integration of new network technologies / services.
• Configured VSS on Cisco Catalyst 6509 switches in order to have redundancy. Worked on T1/E1/T3 technologies and different LAN & WAN technologies.
• Worked with HAProxy-based protection for applications deployed in physical, virtual and public cloud environments.
• Writing and using browser-driving Python scripts to access and combine web-based reports of accounts for which the software has stopped reporting, and generating composite reports from downloaded Excel spreadsheets of devices and accounts not reporting using the openpyxl and xlrd Python frameworks.
• Involved in F5 LTM GTM and ASM planning, designing and implementation.
• Worked on implementation of the basic F5 ASM, F5 Fire pass and VE, F5 APM.
• Supported various LAN environments consisting of Cisco 6500 switches with Sup-720.
• Designed and implemented Cisco 7500, 7200, 6500, 3600, 2600 Series routers in lab environment to reproduce various issues and test fixes for them.
• Troubleshooting complex LAN /WAN infrastructure that includes routing protocols EIGRP, OSPF and the security using Citrix Netscalers.
• Configured Access-lists, Distribution-lists, Offset-lists and Route Redistribution.
• Supported multi area OSPF implementations.
• Involved in configuration of OSPF Summarization (Summarizing internal and external routes).
• Scalability of OSPF by Filtering of Intra, Inter and External OSPF routes
• Used various BGP Attributes and various Route-filters such as named Access-lists, Prefix lists, Route-maps to permit or deny routes and to change various attribute
• Connected networks using tails for automated connectivity.
• Network Administration of Cisco IOS and NX-OS devices (Nexus Datacenter Class Switches Series 9000, 7000, 5000, Cisco Nexus Series 2000 Fabric Extenders, Cisco Catalyst 4507, 4506, 3560 and 2960 access and core switches)
• Experienced in implementation and troubleshooting knowledge of protocols and technologies, especially in the following: BGP4, OSPF, IPv4, and Ethernet.
• Used Wireshark and tcpdumps for tracing and analysis.
• Configured Ether channels, Trunks, VXLAN, HSRP in a LAN environment.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Responsible for performing administration on BGP, OSPF routing protocols.
• Implemented route redistribution between OSPF and EIGRP.

Confidential

Jr. Network Engineer

Responsibilities:

• Responsible for monitoring the Network performance based on company’s Service Level Agreement (SLA).
• Documented the company’s design, implementation and troubleshooting procedures.
• Configured VLANs with 802.1Q Tagging according to the Server team’s requirements.
• Tested the new zone for failover capabilities and redundancy. Connected the Distribution routers to the Core routers via OSPF Areas.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Performed IOS upgrades on various catalyst series switches and maintained latest IOS versions according to company’s policy.
• Responsible for cabling and labeling based on day to day requirement, and Racking & Stacking of various network equipment and made sure that there are no connectivity issues using ping and tracer.
• Provided Helpdesk support that involved identifying and escalating the tickets to specific groups.
• Resolving all computer related problems, such as troubleshooting operating system failure, scheduling and updating virus checks on servers and desktops.