QUALIFICATION PROFILE

• 10+ year of professional experience in Networking Planning, Implementing, Configuring, Troubleshooting and Testing of networking system on Multi - vendors.
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system remedy.
• JuniperSRXFirewallSecurity Engineer with over seven years experience in WAN/MAN/LAN/WLAN Networks in Multi VendorFirewallTechnologies (Juniper/Cisco)
• Experience of routing protocols like EIGRP, OSPF, RIP, and BGP
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, series switches.
• Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration from Juniper Net screen SSG-550 toPaloAlto5000
• Experience in integrating identity federation with Cloud (SaaS) SAML based applications using F5 APM.
• Strong production experience in managing F5 BIG-IP APM and LTM.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Hands on experience on all software blades of checkpoint firewall
• Configuring VPN, clustering and ISP redundancy in Checkpoint firewall
• Configuring, maintaining and troubleshooting IPS and IPS-1 in Checkpoint
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers
• Worked on OSPF and BGP and implemented policy based routing on Cisco Routers to increase network performance.
• Experience with F5 BIG-IP local traffic manager for performing load balancing across servers in a single data center
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIXsecurityappliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Implementation ofDHCP,DNS, FTP, Cisco catalyst switches, VLANs, STP, Ipv4, Subnetting, IPv6, Network
• Lead administrator for 14F5LTMLoadBalancers, and 4F5GTMAppliances.
• Migrated Cisco ASA firewall to next generation Palo Alto firewalls.
• Experience in Supporting and troubleshooting Checkpoint (R77 Gaia, R75, R70, R65, Provider-1, SPLAT, IPSO, Smart Center Server and VSX),PaloAlto(PA-5000 series and below, Panorama) and Cisco firewall (ASA 5540, 5520, PIX 535, CSM and ASDM) technologies.
• Experience in setup of Access-lists, and RIP, EIGRP and tunnel installations
• Configure Cisco routers and switches to bring new location on location on line within the current network forVOIPcommunication.
• DMZ Network infrastructure knowledge including topology, security policies, firewalls and the L2/L3 switch and router infrastructure is required.
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls.Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA(TACACS+ & RADIUS)
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches
• DMZ design and implementation
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks
• Good understanding of NAT & Firewall on Aruba Controllers
• Monitoring and troubleshooting traffic through Smartview Tracker
• Enhanced level of experience with OSPF, BGP, MPLS, and TCP/IP
• Excellent leadership with good written and oral communication
• Worked extensively on Juniper MX series Router and EX series Switches
• Great team player and able to work under pressure
• Strong knowledge in HSRP, VRRP redundancy protocols
• Strong experience on Juniper SSG series Firewalls and checkpoint R75,76 Firewalls
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies
• Hands-on experience using Cisco Virtual Switching system(VSS)
• Installing, configuring and troubleshooting of ASR1K
• Hands-on experience with Cisco Nexus 7000, Nexus 5000 and Nexus 2000 platforms
• Expert in administration of F5 Load Balancer

TECHNOLOGIES AND TOOLS:

Cisco Routers: 7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800

Juniper: EX 3300, 4300Juniper Net Screen 5GT Wireless, SSG5, 204, SSG 320

Cisco Switches: 6500, 4900, 4500, 3750, 3500, 2900

Nexus Switches: N2k, 5K, 7K

Other: Fortinet, Check point, Palo Alto, Netgear.

Switching Technologies: VLAN’s, Inter-VLAN routing VTP, Ether Channel (Static, PAgP, LACP), Spanning Tree Protocol(MSTPPVST, RSTP), Basic Port Security, First-hop Redundancy protocols (HSRP, VRRP, GLBP)

Routing Technologies: Static Routing, RIPv1, RIPv2, EIGRP, OSPF, BGP(Basics),TCP/IP, UDP, IP-sec, Basics of MPLSPolicy Based Routing,Route Redistribution, Route SummarizationAccess Lists

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port-channel, VLANS, VTP, STP, RSTP, 802.1Q

WAN Technologies: Frame Relay, ISDN, ATM, MPLS, Leased lines & Exposure to PPP, DS1, DS3, OC3, T1/T3 & SONET

Network Security: AAA rules, TACAS+, RADIUS Check point, Cisco ASA

Load Balancers: Cisco CSM, F5 Networks (BIG-IP,GTM,LTM)

Infrastructure Services: DHCP, DNS, SNMP, POP3, FTP, TFTP

Network Management: SNMP, SSH, Telnet, ICMP

IP Technologies: VOIP, FXO/FXS/E&M/T1/ISDN/PRI, Call Manager Express

Network Tools: Solar Winds, SNMP, Cisco Works, Smart View,Wireshark,Infoblox,QIP

PROFESSIONAL EXPERIENCE:

Confidential, Charlotte, NC

Sr.Network Engineer

Responsibilities:

• Responsible for support of network security and network devices such as a routers, and wireless access points, Firewalls.
• Part of a team for designing and implementation of Network Infrastructure.
• IDS / IPS,Firewallmonitoring and change in rule base, ASAnetworkfirewalldeployment, configuration, troubleshooting and support.
• Configured and installed F5 VIPRION 4800, BIG-IP 11000, BIG-IP 11000, BIG-IP 5000, Cisco CSS 11506 Content Services Switch, Cisco CSS 11503 Content Services Switch, Cisco CSS 11501 Content Services Switch Cisco CSS
• Working with configuring F5 LTM 8950, 6900, VIPRION 2400 models
• Migrating from Cisco ACE load balancer to F5 LTM load balancer
• Working with F5 in configuring Virtual Servers, Configure Nodes and Configuring the load balancing Pools
• Troubleshoot WAN/MAN/LAN/WLAN issues. Diagnosed and troubleshoot all layers of the OSI Model/TCP-IP from theSRXfirewallperspective. Bilingual management for support technicians tiers I, II and III.
• Integrated Palo Alto next-gen firewalls with overlay VMware NSX SDN network.
• Handling CRQs (Change Requests) related toFirewallconfiguration, troubleshooting and Implementation
• Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Exposure of large complex Checkpoint, Cisco ASA & Palo Alto Firewalls Environment.
• Checkpoint, Cisco ASA Firewalls, Catalyst 6509 Switch/Routers, Palo Alto & Juniper SRXs. Routed/RoutingProtocols: BGP, OSPF, and MPLS.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring and installation of Cisco 2500, 3640, 7200, and 7940 Routers.
• Configured HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP.
• Configure Outbound SSL decryption onfirewall, URL filtering for blocking malicious websites based on categories or the content.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto, Cisco ASA Firewalls.
• Configuring, Administering and troubleshooting the Checkpoint, PaloAltoand ASA firewall.
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various plannednetworkchanges on thenetwork.
• Coordinated with LAN/WAN engineers the development and implements security policy.
• Part of a team working in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trucking, STP, Inter-VLAN routing, LAN security.
• Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port based authentication.
• Prepared documentation for various VLANs and Voice sub networks and worked on Visio for the same.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trucking, STP, RSTP, port aggregation & link negotiation.
• Performing network monitoring, providing analysis using various tools like Wireshark, Solar winds, SevOne, Splunk, nGeniusONE etc.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Supporting EIGRP and BGP network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Conducted complex to simple network configuration/troubleshooting of technologies such as VPN, Source-Destination-Static/NAT, iBGP/eBGP, OSPF, IPv4/6, VRRP, GRE,SRXCluster, etc; and all other technologies in the TCP/IP-OSI stacks
• Experience in manipulating various BGP attributes like Local P, MED, Extended Communities, Route-maps Route-Reflector clusters and route policy implementation.
• Coordinated with a team to remove EIGRP from all devices and making OSPF the primary routing protocol.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP)
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Installed and configured DNS and DHCP server.
• Troubleshooter DHCP and other IP conflict problems.
• Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
• Configuring remote users to access corporate LAN with VPN connectivity.
• Configured and installed new IP addresses for new users by using IP Addressing and Subnetting Scheme.
• Strong hands on experience in Troubleshooting for QOS, connectivity and hardware problems on Cisco Networks.
• Excellent in documentation and updating client'snetworkdocumentation using VISIO.

Confidential, Monterey Park, CA

Sr.Network Engineer

Responsibilities:

• Responsible for support of network security and network devices such as a routers, and wireless access points.
• Responsible for designing and implementation of Network Infrastructure.
• Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices.
• Configure allPaloAltoNetworksFirewallmodels (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scalefirewalldeployments.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Integrated and evaluated Cisco ACI, VMware NSX, and Arista CVX SDN solutions.
• Working on the project of F5 LTM and GTM code upgrade project, doing couple of them every week.
• Implementation of BGP to optimize WAN routing on the core and edge routers.
• Implement changes on switches, routers, load balancers (F5 and Brocade), wireless devices as per engineers instructions and troubleshooting any related issues
• Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall Palo Alto and Cisco FWSM), Load Balancers and DNS and IP Manager using Infoblox.
• Mutual redistribution of OSPF and BGP routes using route maps.
• Responsible for complete datacenter layout and migration, configured ACI after migration of datacenter usingnexus 9k, 7k.
• Involved in upgrades to the WAN network from existing 7200vxr with ASR 1004 and 3845/3945 routers.
• Upgrading branch network connectivity with total refresh of the network infrastructure with new 3845 routers and 2960 switches.
• Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in network environment
• Designed a test manual and automated test cases are perform the over Network testing tool IXIA and Spirent.
• Setup, install, maintain and troubleshoot Juniper Wireless 5GT, SSG 320, NS 204 and SSG 5 IPSec Firewall/Gateway
• Implementation and configuration of GLBP/HSRP on multilayer switches for first-hop redundancy
• Hands on experience testing iRules using browser (IE), HTTP watch on F5 load balancers.
• Design and implement the security application ASA and Sonicwall for the Site to Site; any connect, SSL and Remote access VPN of many clients.
• Worked with IXIA test. Also used different tools like ANUE and JDSU.
• Worked with Check Point, Smart Console R70.20 R75.40, Smart Dashboard Check Point External Cluster, Smart View Tracker, Smart View Monitor, Smart Provisioning, Smart Update, Eventia Reporter and Analyzer, SIEM, IPS/IDS.
• Intrusion Prevention System - IDS/IPS (IBM ISS IPS) Implementation and Upgrade for SiteProtector.
• Managed F5 BIG-IP LTM application to load balance server traffic
• Configuration of virtual Servers, Nodes, and load balancing pools
• Implemented the Policy Rules, DMZ and Multiple VDOM's for Multiple Clients of the State on the Fortigate Firewall.
• Planning/Implementation of the Cisco VPN clients to Cisco any connect
• Design and configuring of OSPF, BGP on Juniper Router and SRX Firewalls
• Configuration and extension of VLAN from one network segment to their segment between different vendor switches (Cisco and Juniper)
• Provide Tier II Load Balancer expertise on F5 BIG-IP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the BIG-IPLoad Balancers.
• Experience on Network Monitoring & Testing tools such as Wireshark/Ethereal, Cisco Works, and IXIA, Spirent.
• Strong experience working with Cisco routers IOS-XR, ASR1k, 7600, 7206vxr, 7505, 7507, 4540, 3645, 2621, and … 2550, 2950, nexus 7k switches.
• Configuration and troubleshooting of Cisco Routers such as Cisco 3640, ASR1K
• Convert campus WAN links from point to point to MPLS and to convert encryption from IPSec/GRE to GetVPN
• Configuring AAA on cisco ASA, configuring Authentication, authorization, radius attributes, TACACS+ AV Pairs, configuring accounting.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000, and Nexus devices.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Responsible for Cisco ASA firewall administration across our global networks
• Key contribution include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, and BGP
• Involved in the redistribution into OSPF on the core ASA firewall
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Involved in the modification and removal of BGP from the MPLS routers.
• Also prepared documentation for various VLAN’s and Voice subnetworks and worked on Visio for the same.
• Migrating of existing IPSEC VPN tunnels from Pre-Shared key to Authority for purpose of scaling.

Environment: Cisco ASA 5505/5510/5520, Cisco Routers 2900 series, Cisco Switches 2950/2960/3750 HSRP, Ether channel, OSPF, EIGRP, BGP, STP, RSTP, PVST,VTP, MPLS, ATM, PPP, HDLC, SNMP, DNS, DHCP, MS exchange 2010, Xenserver 6.0, xcenter, Hyper-V 2008/2012

Confidential, New York, NY

Network Engineer

Responsibilities:

• Actively participated and completed many projects based on MPLS VPN, Internet Solutions for corporate customers
• Actively participated implementation and customization of customer network
• Hands on experience working on Cisco 7600, 12K, ASR routers & Juniper MX series routers
• Designing, Provisioning and Installation of the customer sites in IPSA for MPLS Backbone.
• Performed wireless network design, site surveys, as well as Troubleshooting and repairing any issues that occurred on site
• Designs for the WAN 2.0 initiative, cloud connectivity and Cisco ACI.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• WAN technologies and Cisco Datacenter ACI expertise used to deploy and enforce segregation policy at an enterprise scale.
• Implemented L3 SVI's and L2 VLANs, Inter VLAN Routing and HSRP configuration in Nexus on F series module.
• Secured network access with Cisco Secure (RADIUS/ TACACS+)
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network
• Managed the corporate Internet facing ASA5200 which included VPN access using IPSec and AnyConnect client access and a dual-homed DMZ.
• Support corporate, field and remote users with Hyperion applications and Smart View
• Configure policy-based and route-based firewall solutions on Juniper SRX1400, SSG5, Cisco ASA 5525
• Configuration of EIGRP from SP to internal/Local network.
• Configuring Switches, Firewalls, Routers- CiscoGSR12000, Cisco 2960, 2650, 2900, Switch, Cisco PIX 515E.
• Implementation and testing of ISDN BRI/PRI circuits
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Implemented and configured Citrix Netscaler and F5 load balancers.
• Worked extensively on firewalls and configuration of Cisco (AAA) ACS server, RADIUS and TACACS+ for VPN users and implementation of secured VPN on Cisco routers, PIX and VPN concentrator appliances.
• Migrated VLANS from ASA(perimeter firewalls) to FWSM’s for better security management
• Configured IPv4 and IPv6 PIM Sparse Mode, Source Specific Mode and Bidirectional to test Multicast in a VSS environment using Ixia as the Traffic generator.
• Responsible to troubleshoot the connectivity between CPE router and the COLT’s edge router (SAR)
• Used Spirent and IXIA test tools, and done SNMP testing
• Involved in L2/L3 Switching Technology Administration including making
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security.
• Built a DR Hot site including 6509 core, ASA5200 with DMZ, ACE and GSS Provided On-site support of remote offices
• Worked closely with RIR(Regional Internet Registry) to procure PI(Provider Independent) and PA
• Responsible for troubleshooting complex networking issues in service provider MPLS & internet IP addresses and AS numbers for COLT and customers
• Configured L2 and L3 security features on devices.
• DNS/DHCP management using Infoblox and auto IOS code upgradation.

Environment: Cisco 3750, 3550, 3500, 2960 Switches and Cisco 2600, 2800, 3700, 3825, 7200 router and Juniper MX routers

Confidential, Sanjose, CA

Network Engineer

Responsibilities

• Configured Cisco routers for OSPF, RIP, RIPv2, IGRP, EIGRP, static and default route
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications
• Supporting Development team for the access to corporate network and outside world. Providing access to specific IP, Port filter and port access
• Configured the Cisco router as IP Firewall and for NATting, switching(Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches
• Installing new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations
• Working on creating new load balancing policies by employing BGP attributes including Local P, AS-Path, and Community, MED
• Providing technical support to the LAN/WAN systems
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint.
• Administration and Operation support for TACACS and RADIUS Appliances
• Configuring all the required devices and equipment for the remote vendors at various sites and plants
• Real time monitoring and network management using Cisco Works LMS
• Monitoring Memory/CPU on various low end routers in a network
• Provided technical support on hardware and software related issues to remote production sites
• Maintained redundancy on Cisco 2600, 2800, and 3600 router with HSRP