SUMMARY

• Cisco Certified Network Engineer with Around 7+Years of experience in the industry, which includes expertise in the areas of Routing and Switching
• Expert Level Knowledge about TCP/IP and OSI models
• Security Standards: HIPPA, PCI, KCM
• In - depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services
• Troubleshoot and configure B2B and Remote access VPN
• Troubleshoot and worked on Cisco ISE 1.2
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts
• Expertise in configuring and troubleshooting of Palo Alto, Juniper Net Screen & SRX Firewalls and their implementation.
• Expert level knowledge of routing protocols such as RIP,EIGRP, OSPF
• Skilled in developing applications in Python language for multiple platforms
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST
• Hands on experience in configuring Cisco Nexus 2232, 2248, 5548, 6001 and 7018(Sup 2E) and worked on nexus protocols VPC, VRF, VDC and FEX Links.
• Experience with managing and setup of Checkpoint firewalls in HA using VRRP protocol.
• Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANs, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
• Very good understanding on Nexus 7K architecture including F series and M series modules.
• Strong hands on experience on ACL, Cluster Firewall, and Experience in VLAN Tunnel optimization
• Having Good knowledge in additional firewall technologies such as Cisco ASA/Firepower, Checkpoint / Juniper / Fortinet. Proficient in Implementing MPLS over OSPF, BGP and VPN for secured connection.
• Extensively worked on Internet Group Management Protocol (IGMP)-V1, V2, V3.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Experience in troubleshoot network issues including boundary protection devices, Cisco Nortel/Avaya and Bluecoat Proxy Servers.
• Implementing and configuring protocols such as HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Successfully installed Palo Alto PA-3060, PA-5060, PA-7050, PAs-7080 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Experience in configuring first hop redundant protocol HSRP and redistribution between routing protocols troubleshooting them
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy
• Configuration of call signaling protocols on Voice Gateways SIP, H.323, MGCP.
• Maintain Zone base firewall using CSM
• Troubleshoot and push the policy on IBM Proventia MX1004 series Firewall
• Expert knowledge of cable connectors and replacement as RJ-11, RJ-45, V.35, RS-449
• Experience in change management
• Fluent in Python, PHP, MySQL, Linux, and adjacent technologies.

TECHNICAL SKILLS

Protocols: RIP, RIP V2, EIGRP, OSPF, IGRP, HSRP, VRRP, GLBP, LACPPAGP, DNS, SMTP, SNMP, FTP, LDP/TDP, WLAN, 802.11/802.11 e, WEPPOP3, LADP, Juniper radius

LAN technologies: Cisco series 1200 Aironet Access Points, Juniper Routers, VLAN, Trucking, VTP, STP, MST, RSTP, Port Mirroring, Ether channel (PAGP & LACP, load balancing), Optimizing STP (Port fast, Uplink fast, Backbone fast, Root Guard, BPDU Guard), 802.1Q-in-Q Tunneling, Wi-Fi (802.11a/b/g/n)

WAN Technologies: Frame Relay, ISDN, PPP, Leases Lines, Cable modem, DS1, DS3, T1, T3

Network Products: CISCO Routers 1700, 1800, 2500, 2600, 2800, 2851. CISCO High End Routers 3600, 3800, 7200. CISCO Switches 1900, 2950, 2950, 2960G. Switches 550XL, 4948 Core Catalyst 4507 RE, 6509, Cisco PIX 500 series, Cisco ASA 5500 series, Juniper Routers

Network Management Tools: Whatsupgold, HP Openview, Cisco WAN Manager, Cisco works 2000, solar winds

Authentication: RADIUS, TACACS+, digital certificates

Monitoring Tools: Wire shark, HP Open View, CSM ASDM, Infoblox IPAM

Operating Systems: Windows 2003/2008 server, Windows XP/7, Unix, LINUX, Solaris

Firewalls: Checkpoint, Juniper (Netscreen), Cisco FWSM-Pix/ASA-IOS, IBM-MX, Palo Alto

Servers: Domain Servers, DNS Servers, WINS Servers, Mail Servers, Proxy servers, Print Servers, Application Servers, FTP Servers

Remote Access: IP Sec VPN, VPN, Remote/Secure client, Site to site VPN, tunneling

Juniper Platforms: M,J and Mx series Routers

PROFESSIONAL EXPERIENCE

Confidential

Network Engineer

Responsibilities:

• As a Network Specialist in Union Bank of Switzerland my primary responsibility is to perform Network changes as per the requirements on Network Devices (Routers, switches, Firewalls & Load balancers).
• Taking up escalations in network issues and to resolve the technical issues with in specific SLA time.
• Modifications and addition of firewall routes for all the B2B VPN tunnels with third party vendors. Most of the VPN’s terminate on routes in Roche but there are ACL’s which are filtered on firewalls. We also modify anti-spoofing groups assigned to interfaces depending upon the ip’s involved in the B2B VPN traffic
• Troubleshooting B2B VPN issues on Checkpoint and ASA firewalls. Confidential network has over 2000 B2B VPN tunnels configured on both ASA and Checkpoint firewalls which our team supports.
• Install and upgrade Bluecoat Proxy SG (900, 810 and SG9000 series) and Proxy AV (510,810 and 1400 series) in all the Datacenters.
• Working experience with A10 and F5 Load Balancer.
• Checkpoint Firewall policy provisioning in a Provider-1 NGX platform with multiple CMA's.
• Working with administration of Checkpoint firewalls through Checkpoint Provider 1.
• Implementing various changes on Checkpoint firewalls like creating objects, modifying rules on policies, adding routes on firewalls, issues while pushing policies to firewalls and monitoring the performance of the firewalls using Smart view Monitor.
• Monitoring logs on various devices like Checkpoint firewalls using Smart view tracker and on Cisco ASA devices check logs via Cisco ASDM.
• Configuration and troubleshooting L3 switches with VLAN, STP, SPAN, ETHERCHANNEL, HSRP, VRRP and GLBP.
• Substantial knowledge with expertise in implementing, maintaining and troubleshooting L2 switching tasks such as VLANs, VTP, VLAN using ISL and 802.1Q, Port Security, STP, RSTP, PVST+, Ether Channel using LACP and Inter-VLAN routing.
• Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Environment.
• Provide support for internal and remotely to business customers within a IT Service helpdesk environment.
• Analyze, document and manage issue resolutions within the Service Desk ticketing system, BMC Remedy.
• Monitored the Enterprise Network using management tools like Wireshark, TCPdump, Cisco Prime, Net Flow, PRGT, Solar Winds
• Making changes to User Realms, Resource Profiles, Resource Policies and User Roles depending upon the requests we get.
• Dealing with Internet related issues with respect Blue Coat Proxies.
• Making changes to the Blue Coat Proxy devices using Director which is like Central Management Server for all the Blue Coat Proxy devices.
• To know the infra of Confidential and accordingly be aware of traffic flow and changes required on different devices and plan and troubleshoot accordingly.
• Managing and Monitoring all the network devices like Switches, Routers, Firewalls to check if they are down or have any critical alerts and pulling up the utilization reports using tools like Spectrum, NetQos, Voyance.
• Turning off Caching and Scanning on Blue Coat Proxy for various URL’s.
• Managing then Cisco Web Security Appliances like adding routes, white listing url’s on daily basis depending on the requests from user. We use a SDM which is device Manager to make the changes and push them to all the available proxy devices.
• Help users by troubleshooting various issues related to Cisco WSA devices.
• Opening up TAC cases with various Vendors like Blue Coat, Cisco, Checkpoint, F5 and work closely with the TAC engineers to resolve the issues.
• Perform WebEx sessions with users as a part of troubleshooting and help them with resolution of the issues.
• Experience in designing, configuring and implementation of LAN, WAN, Ethernet and IP routing protocols such as OSPF, RIP, BGP and EIGRP.
• To understand and support the vast network of Confidential for Firewall, Load Balancers, Global Site Selectors, CCE’s and Bluecoats changes and incidents.
• To realize the criticality of downtime, outages, incidents and its impact on Confidential business and to minimize them.
• Perform level1, level2 troubleshooting for traffic going across Checkpoint using Smart View Tracker and Smart view Monitor.
• Providing On Call Support 24 x 7 every alternate week.
• To interact with users, other teams to recognize the issue and impact and resolve it.

Confidential, Pleasanton, CA

Network Engineer

Responsibilities:

• Working on a Network Environment Segmentation project to migrate all enterprise PHI and PII application and data behind Cisco ASA 5585-Xs.
• Configuring and troubleshooting B2B and Remote site VPN for corporate users & vendors
• Configured VPN on Cisco firewall and Juniper SRX.
• Troubleshooting and maintain remote access Any connect VPN profiles.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Administering Bare Metal Virtualization with VMware using ESX 4.0, VCS and VSphere Client.
• Wrote Python Scripts to parse XML Documents and load the data in database.
• Involved in configuring and troubleshooting Juniper Firewalls including UTM features like anti-virus, deep inspection (IDP), URL filtering and screening.
• Installation and Configuration of Cisco routers 2500 series, 2600 series, 3600 series, 3800 series and 7200 series.
• Troubleshooting and maintain remote access Any connect VPN profiles. Configured F5GTM solutions, which includes WideIP, Pool Load Balancing Methods, probers and monitors
• Designed schemes for IP addressing, subnetting and routing policies using BGP/OSPF.
• Involved in the troubleshooting aspects of complex network infrastructure using routing protocols like EIGRP, OSPF and BGP.
• Major initiatives, develop roadmaps and standards, and oversee all aspects of the Visa corporate, mission critical, global international web hosting network covering over 60 countries including over 100 routers, 200 switches, 190 VLANs, 16 pairs of Netscreens, ASA Firewalls Switching Modules (FWSM) and 18 Cisco Content Switching Modules using high-end Cisco Catalyst 6500 switches
• As part of Data Center fabric remediation/refresh project, deployed Cisco Nexus switches and implemented features like FEX Links, VPC and VDC.
• Configured and deployed VPC between Nexus 7010 and Nexus 5596, 5548 switches along with FEX 2248.
• Migrated Distribution switches from Cisco 6509 to Nexus 7010
• Experience working with High performance data center switch like nexus 7000 series
• Experience working with Nexus 7010,7018, 5020, 2148, 2248 devices
• Configured dynamic routes, static routes and source IP routes for intra-net access. The routing protocol used within the network was OSPF
• Created Virtual Machine templates for Windows server 2003/2008 using VMware vSphere and cloned them.
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, from scratch to match design.
• Used BGP attributes such as Local preference, ASPATH and extended communities for path control/manipulation.
• Troubleshoot intra-net and internet connectivity issues using PING, Traceroute
• Configured VLANs with 802.1q tagging, Ethernet port-channels using LACP for redundancy and load-balanced access to servers
• Troubleshooting complex outing issues while dealing with BGP/OSPF.
• Maintaining and updating VPN Gateways for ensuring force of latest Security policy to deny all input requests from all non-compliant devices.
• Adding Policies to the SRX 3600, 240, ISG firewalls and monitoring the logs.
• Interact with the customers and on call support to troubleshoot the issues.
• Verifying and configuring rules in firewalls and maintaining Corporate Firewalls & Analysis of firewall logs.
• Experience in Checkpoint Firewalls and VPN, Checkpoint IDS-IPS, McAfee Antivirus Endpoint Protection Solution EPS
• Configuring and troubleshooting Juniper Netscreen Firewalls using NSM.
• Have worked on Juniper series of firewall. These include Netscreen 5GT, 208, SSG 5, 140, 550, 550M and high end firewalls like ISG 1000, NS 5200.
• Upgrading IDP on the NSM and migrating firewalls.
• Basic networking concepts such as TCP/IP (IP, TCP, UDP, SNMP, DNS, DHCP, FTP, HTTP, HTTPS, ICMP, SMTP, POP3, IMAP, ARP, IPSEC, NAT, Subnetting).
• Aware of network analyzing tools like tcpdump, WireShark, for monitoring STRM( Security threat Response Manager), NSM (Network Security Manager) for Juniper firewalls
• Implementation, administration: Design / Configuration changes, Defining events/signatures policies and its actions, Logging and Log analysis.
• Involved in Cisco ASA IOS code up gradation from 8.2.4 to 8.4.5Configuring VLANs, STP, VTP and Inter-VLAN routing in LAN environment with L2 Ethernet Switching
• Applied VLAN configuration to differentiate applications with RPVST & HSRP.

Confidential

Network Support Engineer

Responsibilities:

• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Installation and Configuration of Cisco 5515, 5540, Series Firewall.
• Configuring VLANs, STP, VTP and Inter-VLAN routing in LAN environment.
• Configuration & maintenance of Cisco 2600 series routers with OSPF protocols.
• Upgrading the network by translating protocol like EIGRP to OSPF.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Checked and configured Cisco 7613 routers at data center.
• Coded massively-scalable monitoring system that polled/graphed 100,000+ OIDs every 30 seconds (Python, Linux)
• Configured Access List (ACL) to provide restricted user access to resources all over the company.
• Configured OSPF summarization in a Multi area network consisting of Stub/Totally stub areas.
• Supported multi area OSPF implementations.
• Improvement of OSPF convergence timings by controlling LSA generation, LSA flooding, SPF calculation, LSA throttling.
• Improving OSPF convergence by controlling SPF algorithm, LSA/SPF throttling.
• Migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Troubleshooted latency and throughput issues on MPLS and Dedicated Internet Access circuits.
• Responsible for coordinating with service providers for WAN link outages.

Confidential

Network Engineer

Responsibilities:

• Major initiatives, develop roadmaps and standards, and oversee all aspects of the Visa corporate, mission critical, global international web hosting network covering over 60 countries including over 100 routers, 200 switches, 190 VLANs, 16 pairs of Netscreens, ASA Firewalls Switching Modules (FWSM) and 18 Cisco Content Switching Modules using high-end Cisco Catalyst 6500 switches.
• Performed migration from Cisco PIX 535 to Netscreen 5000 Series as a solution to converged, multifunction security and VPN services within a single platform.
• Deployed and implemented corporate infrastructure using protocols OSPF.
• Creating dedicated VLANs for Voice and Data with QOS for prioritizing the VOICE over the DATA.
• Installing and configuring Cisco Security Manager in the server and adding firewall modules to the manager.
• Operational support for worldwide production network, including MPLS & frame-relay
• Analyze and troubleshoot various networks using monitoring tools and sniffers.
• Verifying and configuring rules in firewalls and maintaining Corporate Firewalls & Analysis of firewall logs.
• Experienced with PPP and TCP/IP internals and debugging techniques
• Configured VTP domain, trunk links, ether channels and remote VLANs on Cisco and other vender’s switches.
• Troubleshooting the network for the connectivity issues and network performance issues.
• Documentation of layer3 to layer 1 network topology using MS VISIO and other tools.
• Merged recently acquired companies to existing network. Provided Tier 2 and Tier 3 hands on support for NOC utilizing tools such as Cisco Works, Concord Health and HP Open view.