SUMMARY

• 8 years of extensive experience in network design, implementation, troubleshooting, engineering, managing & migration of large - scale enterprise Campus networks and Data Center networks.
• Excellent knowledge and experience on different platforms like Cisco, Juniper, Checkpoint, ASA, Palo Alto, F5 Big-IP LTM load balancers.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Configuring and implementing routing protocols including RIP, TCP/IP, and RIP v1/v2, OSPF, EIGRP and BGP.
• Strong Knowledge in WAN technologies including E3, E1, T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay and PPP.
• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series and Cisco catalyst 6500, 4500, 3750, 3500 and 2900 series switches.
• Configuring VDC & VPC in Nexus 9k, 7k, 5k and 2k.
• Experience in working with IPSEC Site to Site, Remote VPN using different encryption methods.
• Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Juniper MX series.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Collaborated with third party vendor in cabling, configuring, and introducing new pair of F5 load balancer in the datacenter.
• Experience in installing and configuring DNS, DHCP server.
• Experience in installing and troubleshooting of WAN technologies like T1/T3, DS3, STM1, OC3, SONET, Gigabit and STM4 circuit types
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Developed and presented LAN/WAN/WLAN network engineering design packages.
• Experience in Network Protocol Testing and analyzing the Signaling of VoIP Protocols H323 and SIP as per standard RFCs.
• Participated in a 24/7 working environment to resolve urgent trouble tickets filed by customer security admins.

TECHNICAL SKILLS

Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008/2012 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.

Equipment’s (Switches & Routers): Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series, ASR 1K, 9K) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX480, 240, 80 series, EX Series Routers and Switches.

Routing: OSPF, EIGRP, BGP (EBGP/IBGP), RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, IPV4, IPV6.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Firewalls: ASA 5500 series, checkpoint, Juniper Netscreen Firewall ISG100, 2000, SSG, SRX, Palo Alto.

Load Balancer: ACE Module, GSS & F5 LTM

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.

Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

PROFESSIONAL EXPERIENCE

Confidential, Nashville, TN

Sr. Network Engineer

Responsibilities:

• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Successfully implemented the datacenter segmentation project with 7K, 5K and 2K Cisco Nexus architecture, ISR and ASR 1001, 1004, 1006 series routers, F5 BIGIP 4000s and 7200v load balancers and Palo Alto Pa-5000/3000 series firewalls.
• Supporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configured Nexus 7000, 5000, 2000, ASR 9k, Cisco 6500, 3560/3750s series multilayer switches.
• Handling Complaints for Intranet and Extranet over MPLS backbone. Checking the connectivity between different locations.
• Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• Perform ISSU upgrade on Nexus 7010 devices by operating the supervisors in active/standby mode on the devices by determining ISSU compatibility.
• Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
• Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM.
• Designed application mapping and application delivery using F5 BIG IP LTM.
• Provided design, engineering, and implementation of new F5 deployment and transition from Cisco ACE and CSS environment. Implement F5 APM for new SSL VPN access with F5 GTM.
• Licensing and provisioning of F5 modules such as LTM, GTM, VCMP (Virtual Cluster Multi Processing.
• Configured different load balancing methods on F5 LTM & GTM and worked on one-connect profiles and HTTP compression and several persistence profiles.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Successfully configured and maintained Site to Site IPSEC and SSL VPN's on Palo Alto firewalls.
• Configuring rules and Maintaining Palo Alto & Analysis of firewall logs using various tools.
• Exposure to wild fire advance malware detection using IPS feature of Palo Alto.
• Responsible for Cisco ASA firewall administration across the Network. Installing & rebuilding IP appliances, checkpoint appliances. Configuring & troubleshooting Checkpoint ClusterXL& VRRP.
• Involved in configuration of Access lists (ACL) on ASA firewall for the proper network routing for B2B network connectivity.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Provided proactive threat defense with Cisco ASA that stops attacks before they spread through the network.
• Responsible for Cisco ASA firewall administration across the Network. Installing & rebuilding IP appliances, checkpoint appliances. Configuring & troubleshooting Checkpoint ClusterXL& VRRP.
• Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Provide second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer.
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place. Implementing IPsec and GRE tunnels in VPN technology. Designed, configured, implemented site-site VPN on Cisco ASA 5500 firewall.
• Integrating Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance perform CoA for remote VPN IPsec, SSL AnyConnect users.
• Monitored and analyzed Intrusion Detection Systems (IDS) & Intrusion Prevention System (IPS) to identify security issues for remediation.
• Implemented Juniper SRX FW Interface, MIP and VLAN using NSM.
• Configuration of new Juniper SRX firewalls for remote site implementation.
• Configuring DNS and DHCP scoops using Infoblox.
• Integrating Configuring RSA SecurID with ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.

Confidential, Seattle, WA

Sr. Network Engineer/ Systems Design and Strategy

Responsibilities:

• Redesigns and upgrades corporate/datacenter backbone to 10G DWDM on Cisco ONS and Nexus class infrastructure.
• Implements and monitors MPLS (MPLS-VPN), QoS (Layer 2 and Layer 3) and BGP technology.
• Designs 10 gigabit networks using Cisco Nexus 7000 series switches and Cisco 3800 series routers.
• Analyzes and tests network protocols (Ethernet, TCP/IP) using WireShark tool.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550. This project also involved in configuring and testing EIGRP and BGP protocols.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Nexus 9k, 7k, 6k, 5k switches and Catalyst 4500 switches.
• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems).
• VLAN's design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Design and integration of Juniper SSG series firewalls, SA VPN Appliances, J series Routers and EX-series switches.
• Managed Plan of Record with PLMs/SE/Sales/Marketing and followed up and monitor product lines of Juniper routing/switching/security portfolio (MX, PTX, EX, SRX).
• Configuring RIP, OSPF and Static routing on Juniper M and MX Series Routers.
• Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Developed and implemented core network consolidation plan. Included redundant configuration of Juniper EX8200.
• To support 64-bit machines Cisco SSL VPN ASA5500 is migrated to Juniper SSL VPN 6500.
• Configuring Routing protocols like BGP, OSPF, MPLS, multicast and L2 protocols in Cisco ASA to check it is passing through via ASA in customer deployments.
• Converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Creating a rule on the checkpoint firewall for a NAT (used ACLs to block unauthorized users) to the VLAN IP and allowing the IPsec traffic.
• Migrated from Checkpoint to Cisco ASA firewall. Implemented Bluecoat Proxy 810 security devices. Third Party security appliances to Cisco technologies.
• Configuring Site-Site VPN on Checkpoint Firewall with R77 GAIA.
• Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers.
• Provided tier 3 support for CheckPoint Firewall-1 software to support customers.
• Implemented Checkpoint FW Interface, NAT and VLAN using R77 GAIA Smart Dashboard.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Worked on the migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Implemented F5 hardware refresh of older 3600 hardware to Viprion.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Building the VPN tunnel and VPN encryption.
• Experience CSM, F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic.
• Configuration and installation for F5 reverse proxy load-balancers.
• Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.
• Contributed in implementation and configuration of F5 BIG-IP LTM-6400 load balancers, redistribution into OSPF on the core ASA firewall, working with Checkpoint Support for resolving escalated issues.
• Plan, design and test the application migration from F5 load balancer to new A10 load balancers.
• Creating App by APP configuration conversions from F5 to A10 load balancers and test it in Lab.
• Created WIDE-IPs, WIDE-IP Pools and corresponding members in GTM’s.
• Worked with Juniper SRX550 and Palo-alto Next-Gen PA-5000 Firewalls implementing and managing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies.
• Contributed in implementation and configuration of F5 BIG-IP LTM-6400 load balancers, redistribution into OSPF on the core ASA firewall.

Confidential

Network Engineer L2

Responsibilities:

• Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
• Troubleshoot MPLS issues with in the core and edge.
• Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Cisco ASA, NOKIA Firewalls, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
• Maintaining & Troubleshooting L2 LAN switches.
• Analyze Level 1 issues based on TCP/IP model of Communication.
• Monitor/support the WAN, MAN, LAN, VPN, switches, routers.
• Working on DNS, DHCP Request.
• Performed migration of legacy Bigip and 3-DNS devices to newer version of LTM 8900 boxer.
• Worked on Checkpoint Firewalls Clusters of both High-Availability and Load-Sharing. Implemented firewall policy change on the Checkpoint clusters.
• Worked on projects of Migrating CMA R65 to R77 through Provider-1, MDS Environment.
• Providing requested permissions by adding/modifying the Checkpoint Firewall Policies and rules.
• Implementing and Managing VPN Networks of the Customer through Checkpoint firewalls.
• Created VSYS Builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone.
• Configured Checkpoint Firewall's Web Defense to mitigate malicious traffic.
• Palo Alto App ID migration from the legacy-based port rules for PA 5060, 7050.
• Integrating Palo alto firewall with Active directory for user-identification.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Installation of Palo alto user-id agent on Active directory, Migrating URL filtering policies from Bluecoat to Palo alto.
• Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.

Confidential

Network Engineer

Responsibilities:

• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Created OSPF multi area summarization plan. Created stub, totally stub areas.
• Tested routers and Line Cards using SmartBits and done Performance Analysis of both LAN/WAN infrastructures.
• Upgraded distribution switches from .
• Involved in managing the Routing Protocols OSPF and BGP on 7200 and 7600 and on ASR
• Interacted with business users from a service delivery and service support perspective.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Configured Routing protocols such as VLANs, VTP, STP, MSTP, VRRP and HSRP
• Configured STP for switching loop prevention, and VLANs for data and voice along with configuring port security for users connecting to the switches.
• Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site to site VPN and remote VPN
• Configured NATs, ACL and routing on Cisco routers, firewalls, and layer 2 & layer 3 switches.
• Configured policy-based routing for specific traffic, route filtering with route maps and route redistribution.
• Implemented Network monitoring tools Wireshark and Manage Engine IT360.
• Implemented IP Telephony and Cisco VoIP 7960 phone systems in the company.
• Worked in Multi-vendor environment containing Juniper, Cisco and Nortel routers.
• Worked as a member of NOC and involved in troubleshooting LAN/WAN issues.