SUMMARY

• Overall 8 years of experience in Network design, deployment and operations of both Cisco and Juniper Networks
• Design, develop, and document comprehensive test plans to setup of test scenarios, both hardware and software components, and Executes and update test cases with TCL/TK scripting.
• Experience testing Cisco & Juniper routers and switches in laboratory scenarios and then deploy them on site for production.
• Very sound knowledge IPV4/IPV6, implementation of Subletting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Designed and deployed new Cisco catalyst 6513 and 6509 with dual Supervisor Engine 720 at both Distro and Core layer.
• Experience with Checkpoint Firewall policy provisioning
• Experience working with OTV & FCOE on the Cisco Nexus 7010/5548 between the datacenters
• Responsible for Cisco ASA firewall administration across our global networks
• Hands on experience on Up - gradation of Cisco IOS of different Cisco devices & modules.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco Nexus 7k, 5k, 2k, Cisco 7600, 7200, 3800, 3900, 2800, 2900 series Routers, Cisco Catalyst 6500, 4500, 2960 and 3750 Stack Switches.
• Provides technical leadership forproblem escalation and resolution.
• Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
• Implemented traffic filters using Standard and extended access-lists, Distribute-Lists, prefix lists and Route Maps.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their
• Strong background in mathematics and have very good analytical and problem solving skills.

TECHNICAL SKILLS

Operating Systems: Windows (Server 2003/2008, Vista, Windows 7), Sun Solaris OS.

Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000.

Switches: Cisco 3750, 4507, 4510 & 6500 series switches, Nexus 7010, 5548.

Routing: MPLS,OSPF,EIGRP,BGP,RIP-2,PBR,IS-IS,Route,Filtering,Redistribution,Summarization,Static Routing.

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Network security: Cisco (ASA, PIX) 5510, ACL, IPSEC VPN, GRE VPN

Load Balancer: F Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.

WAN: Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing.

Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMPSYSLOG, NTP, DHCP, CDP, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Management: SNMP, Solar Winds, HP open view, and Wire shark

Reports: Microsoft (Visio pro.)

PROFESSIONAL EXPERIENCE

Sr. Network Engineer

Confidential, Mountain View, CA

Responsibilities:

• Experience with migrating all the Partner IPSEC VPN tunnels from one data center to another data center.
• Configuring numerous LAN/WAN technologies including leased point-to-point circuits,MPLS, ISDN, various Ethernet speeds/media
• Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
• Provide consultancy services to customers on a variety of network security products including firewalls, VPNs, authentication, load-balancing, data loss prevention, security information and event management
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Designing, configuring, implementing and troubleshooting (LAN) VLAN’s, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Worked on Solar winds Orion for analysis and monitoring purposes
• Implement and configured GLBP (on core switching and also for VPN redundancy), HSRP on different location of office on the switched network and managing the entire multilayer switched network
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Configuring, testing, and troubleshooting routing and switching issues and related protocols associated with packet networks including MPLS and traffic engineering (QoS).
• Designing and configuring IP address schemes.
• Deployed the Cisco 3500 Access Points using Cisco Wireless controllers 5500 and 2500 and WCS System
• IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Configured and supported Cisco firewall PIX 500 series.
• Configuring AAA using Tacacs+ and ACS server.
• Configuration and troubleshooting expertise on Nokia Horizon Manager, IPSO 4.x, 6.x, CheckPoint Provider-1, (NGX) VRRP Active-standby HA, monitoring and remediating alerts with Proactive and security policy with reports from Firemon
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX
• Security appliance, Failover, DMZ zoning & Configuring VLANs/routing/NAT ing
• With the firewalls as per the Design
• Experience with deploying the Layer 3 MPLS VPN in all the Branches and Campus locations.
• Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
• Experience with layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports

Network Engineer

Confidential, Jersey City, NJ

Responsibilities:

• Configured Cisco 7204 routers which were also connected to Cisco ASA Firewall (5505) security appliances providing perimeter based firewall security.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall 5505.
• Configured Protocol Handling, Object Grouping and NAT on ASA Firewalls (5505).
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Designed perimeter security policy; Implemented Firewall ACL’s; Allowed access to specified services; Enabled IDS/IPS signatures in Firewall & fine-tuned TCP & UDP.
• Involved in Installing and Configuring a Cisco secure ACS server for AAA authentication (RADIUS/TACACS+).
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
• Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Troubleshoot latency and throughput issues on MPLS and Dedicated Internet Access circuits.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Was responsible for designing and implementation of customer’s network infrastructure.
• Supported the telephony specialist in the phased migration from PBX based systems to VOIP. Configured separate VLAN for VOIP to implement QoS and security for VOIP.
• Designed, Implemented and configured HSRP on different location of office on the switched Network and Managed the Entire multilayer switched network.
• Configured and Maintained the Local Network using 2900, 6500 series Switches and 2800 series Routers. Configured and installed the 3600 series Router.
• Implemented and Maintained Routing Protocols EIGRP and OSPF in the Network.
• Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues.
• Handled switching related tasks included implementing VLANS, VTP and configuring Fast-Ethernet channel between switches.
• Achieved proficient in Adaptive Security Device Manager (SDM) and used it while performing security audit on routers.
• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls

Network Administrator

Confidential

Responsibilities:

• Experience in configuring routing protocols like EIGRP,RIP v2, OSPF & BGP and Cisco ACS protocols like
• RADIUS and TACACS
• Involved in setting up Voice VLANs on distribution switches, and configuring access switches ports for AVAYA IP PHONES
• Designed MPLS VPN and QoS for the architecture using Cisco multi-layer switches
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS
• And IOS on CAT6500 in a complex data center environment
• Coordinated with senior engineers with BGP/OSPF routing policies and designs, worked on implementation
• Strategies for the expansion of the MPLS VPN networks
• Experience with design and implementation of Data center migration at NBC Universal
• Data center migration was involved in Access, Distribution and Core layers.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
• Working knowledge with 10 gigabit Supervisor Engine 720 on 6500 catalyst switches
• Implementing 3750 Rack/Stack switches using Cisco Stack Wise technology
• Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 catalyst switches.
• Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS
• Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500 and 6500) in multi VLANs environment and inter-VLAN routing, HSRP, ISL trunk, ether channel.
• Hands on experience installing Sup720 for Cisco 6509-E series and its Gigabit Ethernet port deployment in the Core network
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000series to provide a flexible Access Solution for datacenter access architecture.
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst switches
• Configuring PAGP and LACP protocol along with BFD link detection protocol
• Experience with hybrid CatOS to Native Cisco IOS code migration involving Catalyst 6503 to Catalyst 6504 switches
• Upgrading IOS on 2960 and using 2960 switch as a PAGP between VSS
• Working knowledge of PPP Protocol with Enhanced Flex WAN module on 6500 catalyst switch
• Involved configuring ppp multilink group, dialer group, PPP authentication protocols like PAP, CHAP
• Working knowledge of Terminal server and the configurations
• Working knowledge of configuring VOICE VLANS on core, Distribution layer switches
• Configured Access ports with Voice VLANS and Service Policy for VOIP Phones
• Installation of L3 Switching Engine policy Feature Card & Distributed Forwarding Card DFC3C
• Working knowledge of Firewall service module FWSM UPGRADE, FWSM RULESET conversion
• Converting access-lists to Firewall rule sets on FWSM module with 6509-E Catalyst switches
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches

Network Engineer

Confidential

Responsibilities:

• Dealt with the escalation problems from Level1, Level 2 for routing, switching and WAN connectivity issues using ticketing system Remedy.
• Involved in Configuration of Access lists (ACL) on cisco routers for the proper network routing for the B2B network connectivity.
• Provisioning and troubleshooting Ethernet services, Gigabit networks and Connectivity issues with WAN types (T1, E1, DS3, and Frame relay) data circuit debugging.
• Involved in configuration and management of different Layer 2 switching tasks which includes address learning, efficient switching etc.
• Involved in HSRP standby troubleshooting and load balancing protocol GLBP, Port channel management of the network
• Designed VLAN’s, access lists (ACL), troubleshooting IP addressing issues and Updating IOS images and other hardware installations
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues
• Dealt with NAT configuration and its troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.

Network Engineer

Confidential - TX

Responsibilities:

• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• ConfigureVRRP & GLBP andVLANTrucking802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Network Cabling, dressing, labeling and troubleshooting various network drops onsite.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trucking, STP, Inter-Vlan routing, LAN security.
• Worked on the security levels with RADIUS, TACACS+.
• Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc)
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Worked on a broad range of topics such as routing and switching, dedicated voice access, planning and implementation, large-scale high-visibility outages, change management coordination, proactive monitoring and maintenance, disaster recovery exercises, and core network repairs
• Implemented new device of Cisco & Juniper as per policy reviewed by network architect.
• Worked on different Cisco & Juniper devices of access, distribution and core.
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
• Responsible for Cisco ASA firewall administration across our global networks
• Identify, design and implement flexible, responsive, and secure technology services
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Configuration and troubleshooting expertise on Nokia Horizon Manager, IPSO 4.x, 6.x, CheckPoint Provider-1, (NGX) VRRP Active-standby HA, monitoring and remediating alerts with Proactive and security policy with reports from Firemon.
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Deployed UCS Invicta Scaling System C3124SA appliance and scalable nodes for high performance storage.
• Working on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.