SUMMARY

• CCNA, CCNP Certified professional with around 8 years of experience with networking installations, Configurations testing, troubleshooting, implementing, optimizing, maintaining enterprise data network and service provider systems.
• Working experiences with Routers, Switches, Load Balancers, Firewalls, and Proxies.
• Hands - on experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Strong experience with routing protocols (RIPv1/2, IGRP, EIGRP, OSPF, BGP), IEEE 802.11, switching (VLANS, VTP Domains, STP and Trunking)
• Extensively worked with Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox).
• Hands on experience on Cisco Routing, Switching and Security with Cisco hardware/software Cisco Catalyst 6500, 4500, 3500, 3750, 2900 XL series switches, Cisco 1800, 2600, 2800, 3600, 3800, 7200 series routers.
• Implement and troubleshoot Static NAT, Dynamic NAT, PAT, Spanning Tree Protocols (STP), MSTP, RSTP.
• Experience in configuring and troubleshooting route Re-distribution between Static, RIP, EIGRP, OSPF, and BGP protocols and in Route Manipulation.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Working experience on Blue Coat Proxy SG to safeguard web applications.
• Implement and configure security using Palo Alto PA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20 Gaia and Provider-1/MDM.
• Worked with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP, and TELNET.
• Design and implementation experience primarily on Cisco WSA proxy.
• Installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Configuring the Network Admission Control (NAC).
• Work with Cisco ASA security appliances including Sourcefire, FirePower services, and Fire Sight Management Console.
• Experienced working on network monitoring and analysis tools like SOLAR WINDS, CISCO works and RIVER BED and Wireshark.
• Proficient in using Network Management Application layer software’s like SNMP, Solar winds, NTP and Syslog.
• Configured VDC, VPC, and OTV on the Nexus 5K and 7K switches.
• Using IP Address Manager (IPAM) provides a centralized management of the IP address space, including IPv4 andIPv6 Address Management.
• Proficient in implementing first hop redundancy protocols like HSRP, VRRP, and GLBP.
• Configure B2B VPN and troubleshoot VPN Phase 1 and Phase 2 connectivity issues.
• Working with Nessus tool for Running vulnerability reports.
• Extensive and in-depth knowledge in Security, including VPN, IPSEC, and GRE.
• Strong experience in Network management application SNMP, Cisco Works LMS, HP OpenView, Solar winds, Ethereal.

TECHNICAL SKILLS

Cisco router platforms: 2500, 2600, 2800, 3600, 3700, 3800, 7200, 7609.

Cisco Switch platforms: 2900XL, 2950, 2960, 3560, 3750, 4500, and 6500.

Firewalls & Load Balancers: Cisco ASA 5585, 5550, 5540, Juniper SRX5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Palo Alto PA- 2000/3000/4000/5000 , F-5 BIG-IP, LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600), Cisco L2 & L3, Juniper routers (M7i, M10i, M320)

Switches: Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 5548 &7010)

Routing: RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static Routing

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, 802.1x, Cisco Secure Access Control Server (ACS) for TACACS+/Radius.

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.

Network management: SNMP, Cisco Works LMS, HP OpenView, Solar winds, Ethereal.

Software: Microsoft Office Suite, MS SQL Server 2008, HTML.

PROFESSIONAL EXPERIENCE

Confidential, Columbus, GA

Network Engineer

Responsibilities:

• Worked in data center environment.
• Proficient experience in configuring Nexus 7010, 5548, 2248 and 2148 switches and deep understanding of architecture.
• Experience on configuring HSRP & STP protocols on Data center switches includes Catalyst 6509, 6504 series and Nexus 7009, 3064, 3048 switches.
• Configured Nexus7010 including NX-OS Virtual Port Channels, Nexusport profiles, NexusVersion 4.2 and 5.0, NexusVPC peer links.
• Responsible for day to day management of CiscoDevices, Traffic management and monitoring.
• Involved in Branch upgradation project.
• Helping hand in upgrading Cisco 3750 switch stack to 3850 switch stacks. Also involved in troubleshooting and monitoring.
• Involved in Configuring and implementing of Composite Network models consists of CiscoASR 1002 routers and Cisco 2950, 3750, 5000, 6500 Series switches and Nexus 2k, 5k, 7k switches.
• Installed, managed and troubleshoot Cisco ASR 1002 router, 3850, 2950 catalyst switches.
• Troubleshooting the Network Routing protocols (BGP, EIGRP and RIP) during the migrations and new client connections.
• Involved in meetings with engineering teams to prepare the configurations per the client requirement.
• Installed and configured Ciscorouters using routing protocols such as EIGRP and BGP.
• Closely working with remediation team.
• Worked with Qualys vulnerability report.
• Working on Cisco vulnerabilities, action plan and their remediation.

Confidential, Bellevue, WA

Sr. Network Engineer

Responsibilities:

• Daily technical hands-on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with the customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Implemented configuration back-ups using WinSCP, cyber fusion to automate the backup systems with the help of public and private keys.
• Deployment and Management of Bluecoat proxies in the forward proxy scenario as well as for security in reverse proxy scenario.
• Demonstrated understanding of network security concepts and systems including F5, WSA, Palo Alto, ASA.
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
• Managing & administering Cisco WSA.
• ConfiguringCiscoASA withfirepower.
• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Configuration of core router, distributed switches, Firewall (ASA) with IPS (Sourcefire) and adding it into FireSight.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Deep understanding of IDS/IPS such as Sourcefire and Foresight.
• Implementing Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Working on the network team to re-route BGP routes during maintenance and FW upgrades.
• Running vulnerability scan reports using Nessus tool.
• Cisco ASA security appliances including Sourcefire, FirePOWER services, and Fire Sight Management Console.
• Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including a crypto map, encryption domain, PSK etc.
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine the priority of response.

Environment: Cisco ASA 5580/5540/5520 , Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco Sourcefire, Splunk, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Bowie, MD

Sr. Network Engineer

Responsibilities:

• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
• Deploy, configure, and support Aruba wireless controller and AP devices globally, also a direct escalation path for all wireless issues.
• Enterprise and Public Safety Wireless LAN/WAN (802.11, Mesh).
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Implementing security solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20 Gaia.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Exposure to wildfire feature of Palo Alto.
• Exposure to design and implementation experience primarily on Cisco WSA proxy.
• Configuration and Maintenance of Cisco ASA, ASA 5540, ASA 5520, ASA 5510 series firewalls and configuring site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third-party connectivity.
• Experience configuring and managing Cisco Web Security Appliance (WSA) in an enterprise environment.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
• Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• F5 BigIP iRules programming and troubleshooting.
• Worked on F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Worked with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP, and TELNET.
• Configure and Monitor Cisco Sourcefire IPS for alerts.
• Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
• Worked on VPN configuration, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
• Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel.
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.

Environment: Cisco ASA 5580/5540/5520 , Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, IEEE 802.11Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco WSA, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Portsmouth, NH

Sr. Network Engineer

Responsibilities:

• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Daily technical hands-on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with the customer in a service/support environment.
• Deployed Next-Generation Firewall ASA-X, SonicWALL, Palo Alto and Fortinet.
• Creating and provisioning Juniper SRX firewall policies.
• Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
• Experience on ASA firewall upgrades to 9.x.
• Solved problems on a case-by-case basis with a deep understanding of networking/firewall concepts, particularly with Fortinet devices.
• Assisted with migrations from CISCO to Fortinet Security platform.
• Configuring/Managing Intrusion Prevention System (IPS): Cisco lPS / Fortinet & Checkpoint UTM.
• Worked on configuration, maintenance, and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
• Understand different types of NAT on Cisco ASA firewalls and apply them.
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Troubleshooting connectivity issues through Bluecoat as well writing and editing web policies.
• Involved in Upgrading bluecoat proxy servers from SG s to SG B.
• Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
• Performed Fortinet Firewall OS upgrades via Fortinet Manager.
• Support Data Center Migration Project involving physical relocations.
• 24 x7 on call support.

Environment: Juniper (SRX, JUNOS, ScreenOS, NetScreen SSG), Cisco (CheckPoint, ASA Firewalls), Palo Alto Firewalls, Big IP F5 LTM/GTM, TCP/IP, FortiGate.

Confidential, Austin TX

Network Engineer

Responsibilities:

• Firewall Policy Provisioning and troubleshoot connectivity issues through the firewall.
• Worked on Check Point Security Gateways and Cisco ASA Firewall.
• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
• Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
• Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, building Fortigate High Availability using Fortigate Clustering Protocol (FGCP).
• Firewall Compliance and Rule remediation for compliance such as SAS 70 Audit.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• VLAN design and implementation, Spanning Tree Implementation and support using PVST, R-PVST, and MSTP to avoid loops in the network. Trunking and port channels creation.
• Working with OSPF as the internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Documentation and Project Management along with drawing network diagrams using MSVISIO.

Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.

Confidential

Network Engineer

Responsibilities:

• Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
• As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST, and MSTP to avoid loops in the network. Trunking and port channels creation.
• Responsible for Firewall upgrades as well as Troubleshooting, Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
• Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.
• Configured Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.
• Install Windows Server 2003, configure IP addresses, network printers and configure Client Access for PCs.
• Work with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.
• Administer and support Cisco based Routing and switching environment.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.

Environment: PIX, CISCO routers, and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.