SUMMARY

• Network engineer over 9 years of experience in Routing, Switching and Firewall Security including network planning, implementing, configuring and troubleshooting network devices.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 series, and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Cisco Nexus 7000 series, 5000 series, 2000 series data center switches, Juniper EX/ MX/ SRX series.
• Implemented and configured Palo Alto Networks Firewall models, Cisco PIX (506E/515E/525), ASA Firewall (5505/5510), Juniper SSG series Firewalls, Checkpoint R75, 76 Firewalls, Security Device Manager (SDM) and centralized management system to manage large scale firewall deployments.
• Experience with F5 load balancers for load balancing and network traffic management for business applications. Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP, and MPLS.
• Good working experience on Cisco iOS XR including migration services, policy upgradation and IOS management on Cisco CRS - 1, CRS-3 and ASR 9K.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP, and Trunking).
• Experienced working on network monitoring and analysis tools like SOLAR WINDS, CISCO works, RIVER BED and Wireshark.
• Experience with Bluecoat Proxy and VPN Technologies including B2B and Remote.
• Hands on experience in Configuring, managing, troubleshooting of web security and filtering using WebSense/ForcePoint (Version 7.0X).
• Experience with ArcSight platform server for upgradation and support.
• Experience in Cisco: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, BGP)
• Troubleshooting of complex network systems including high-end routers: CISCO GSR, ASR1K, ASR9K, 2600, 2800, 3600, 7200, 12000 Series Routers, and Catalyst 4500, 6500, and 7600 switches
• Proficient in Configuring Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• Experience with Cisco ASA/Checkpoint/Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Good Knowledge in AirTight tool for WLAN controller, switch and centralized intelligent management platform.
• Good working experience with Aruba controller configuration.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
• Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP. Exposed to handling and troubleshooting issues on NAT.
• Strong Knowledge in WAN technologies including T1,T3, ISDN, HDLC, Point to Point, ATM and Frame Relay.
• Working knowledge on configuring access lists. Troubleshooting DNS/DHCP issues within the LAN network.
• Worked extensively in Configuring and Monitoring F5 BIG-IP load balancer, Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Strong knowledge of access control server configuration for RADIUS & TACAS+.
• Good knowledge on Bluecoat proxy server SG.
• Knowledge of advanced technologies like VOIP, H.323, SIP, QOS, Multicasting, MPLS and MPLS-VPN.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Configured and deployed QOS and defined class of service (COS) WRED and WFQ for bandwidth management.
• Experience on-site analysis, identification and resolution support of IBM System-X server.
• Provided troubleshooting and diagnostic support at L2/L3 level using different technologies and tools such as spunk 6 (Log tool), SysLog and server monitoring and BMC Remedy ticketing tool.

TECHNICAL SKILLS

Cisco Routers: Cisco1800, 2500, 2600, 2800, 3600, 3750, 3800, 7200, ASR 1K and 9K.

Cisco Switches: 6500, 7600, 5800, 2900, 4000, 3500, 4500, 5000, Nexus 2K, 3K, 5K and 7K, MSFC, MSFC2.

Cisco Nexus: 5020, 5548, 5596T, 2148, 2248TP, 2348UPQ, 7010, 7702

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192.

Network Security: Cisco ASA, ACL, IPSEC, WebSense/ForcePoint.

OS products/Services: DNS, DHCP, Windows (2000/2003/2008 , XP), UNIX, LINUX.

Routing Protocols: OSPF, EIGRP, BGP, ISIS, VRF, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Gateway Load Balancing: HSRP, VRRP, GLBP, EBGP

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wireshark, Netflow Analyzer, Cisco Works, Ethereal, SNMP, HP open view, ArcSight.

Security Server Protocols: TACACS+, RADIUS.

Facilities: DS0, DS1, DS3, OCX, T1/T3

Load Balancers: Cisco CSM, F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Cisco ACE 4710.

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7/8), Linux, UNIX, Cisco iOS XR

Firewall & Security: Checkpoint (R62, R65, R70, NGX), Cisco ASA, Palo Alto, Juniper SRX, FortiGate 5000-series.

Scripting: Perl, HTML, SQL

PROFESSIONAL EXPERIENCE

Confidential, NYC NY

Sr. Network Security engineer

Responsibilities:

• Managing and Troubleshooting Cisco ASR 9K, 7600 Routers, Cisco 4510, 4500-X, 4948, 3560 X, 3750X and 2960S Switches, Load Balancers and Cisco Firewalls for deployment on network. Support network access issues with other enterprise support groups.
• Working on Installation, configuration and troubleshooting of WebSense/ForcePoint (Version 7.0X) for URL filtering service.
• Managing data center and network by using solar winds NPM,NTA,NCM and F5 load balancer, Citrix load balancer also working on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices.
• Responsible for monitoring and stability of ArcSight platform with supporting ArcSight change/upgrade requests.
• Monitoring Cisco ASR9K series aggregation services router which are running with Cisco IOS XR Version 4.3
• Performing system upgrades on 3K (3650, 3750 and 3850), 4K (4800, 4948) series Catalyst, 7600 and ASR9K (9010, 9922) series routers.
• Deployed Layer-2 technologies like VLANS, VTP, STP, RSTP, Inter-VLAN routing, VLAN Trunking, Ether Channels, VLAN access-maps and port security.
• Configuration, Troubleshooting, and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Used AirTight Server API for exchange commands in WLAN controller, switch and centralized intelligent management platform.
• Supporting Symantec Endpoint Protection manager server and workstation clients in an enterprise environment.
• Worked on Migration of Juniper SRX firewalls for isolation of network segments and VPN's, ARS(9k,901,903)
• Working on latest cisco switches like Nexus 2000, 5000 and 7000 series switches while implementing advanced features like VDC, and VPC.
• Deployed BIG-IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
• Worked on F5 BIG IP LTM 3600 load balancers to configure Nodes, Pools and VIP’s on a need basis.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.
• Participated in project for an existing system to store configuration details from network hardware devices in aMySQL database using Perl for maintenance and compliance reference.
• Design and Implement Remote access VPN server using Checkpoint NGX R60 and NG R 55 & Cisco ASA
• Troubleshooting, optimizing and documenting LAN/WAN technologies and T1/T3 WAN technologies.
• Deployed Cisco ASA and Bluecoat ProxySG (Web Security Appliance S200/S400/S500) for URL Filtering Policies.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Configured Static, IGRP, EIGRP, and OSPF, BGP Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Successfully installed Palo Alto Next-Generation PA-500, PA-3060, and PA-5060 firewalls to protect Data Center with the use of IPS feature. Also used security devices ASA, Juniper, Palo Alto.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Working on to set up OSPF dynamic routing on ASA by using and following their current network structure.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Redistributed required routes from OSPF into BGP. OSPF cloud is present in the US and is connected to all our customers over Sprint’s Frame Relay backbone.
• Monitoring SAN (Storage Area Network) to Increase storage utilization and improve data protection and security also to enhance application performance.
• Installed and configuredESXi to deploy virtual machines and perform administrative tasks to manage hosts.
• Working on firewall technologies like ASA 5580 and various Checkpoint Appliances.
• Created multiple policies and pushed them in to Checkpoint Firewall (Gateways) and the Checkpoint Management Server with SPLAT operating system.
• Serve as part of a team of network engineers responsible for base wide network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches.
• Design, implement and administer IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers.
• Worked on migrating the LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations.
• Design Aruba WLAN for remote airfield access utilizing solar-powered access points.
• Implementing load balancers like Cisco ACE and A10. Also deploying GRE tunnels and Remote Access VPN.
• Creating IP-prefix-list, route-map, distribution list for performing route manipulations.
• Maintaining documentation of various changes made on devices and submits them for approvals and works along with alerts team and intimates them the changes to be made.

Confidential, Alpharetta, GA

Sr. Network Engineer

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Responsible in supporting Symantec Endpoint Protection manager server to encrypt hard drives and removable media.
• Installing, Maintaining and Troubleshooting Cisco ASR 9K, 7600 Routers and Cisco 4510, 4500-X, 4948, 3560 X, 3750X and 2960S Switches for deployment on production network.
• Deployed on Nexus 7000, 5000 and 2000 series with V-Block servers and Cisco UCS E-series.
• Working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Responsible for configuring, upgrading and verifying the NX-OS and IOS XR.
• Configured Checkpoint firewalls with cluster gateways including pushing policies and processing user requests to allow access through the firewall using Smart Dashboard and identify unused rules and schedule change to mark it for permanent deletion at later point of time.
• Build up site-site VPN connections for third party connectivity using ASA Firewalls.
• Successfully installed Palo Alto PA-3060 firewall then configured and troubleshot using CLI and worked with Panorama management tool to manage all Palo Alto firewall and network from central location.
• Implemented and deployed BIG-IP F5 LTM load balancers for load balancing and network traffic management for business applications.
• Created MOP’s to perform system upgrades on 3K (3650, 3750 and 3850), 4K (4800, 4948) series Catalyst, 7600 and ASR9K (9010, 9922) series routers.
• Maintained windows for applying various network related configurations, patches, service packs (ASR 9K) and implementing best practices.
• Performed extensivetestingaround the upgrade, migration and configuration functionality of our software.
• Configured Easy VPN server and SSL VPN to facilitate various employee’s access internal servers and resources with access restrictions.
• Used troubleshooting applications and tools such as Checkpoint Smart View Tracker, Smart View monitor, Wireshark, Tcpdump, Trace route, Solarwinds, NetScout and command line utilities to identify, report and provide resolution to all kinds of firewall and VPN related connectivity issues.
• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Installed new Aruba wireless Network infrastructure utilizing Aruba 3400 and 3200 controllers.
• Responsible for design, Implement & troubleshooting of Juniper switches, routers and Firewalls EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240, SRX 3600/650.
• Involved in project for migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Proficient in handling Networktraffic generators like IXIA and Spirant and Networkprotocol analyzers like Wireshark.
• Transitioned Load Balancing efforts for Citrix products from F5, to NetScaler.
• Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM.
• Configured and implemented Juniper Firewall, SSG Series, NetScreen Series ISG 1000, SRX Series.
• Implementation of Site-to-Site VPNs and DMVPN over the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.
• Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Managed Juniper M320 routers including installation, upgrade, configuration and network management.
• Worked on creation of firewall rules on Checkpoint Smart Dashboard and install policies.
• Involved in management of corporate Checkpoint Firewall implementing security protocols and alleviating network attacks.
• Deployed Palo Alto Firewalls for web filtering and application control.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Worked on FortiGate 5000-series security appliance to maintain SSL Inspection, Application control, Firewall and VPN management.
• Extensive use of NSM (Network and Security Manager), FortiOS 5 and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of the implementation plan.

Confidential, Shawnee, KS

Network Engineer

Responsibilities:

• Responsible for troubleshooting the TCP/IP networks for connectivity, outages and slow network issues and recommended appropriate and cost-effective solutions for the congestion.
• Deployed VLANs on core ASR 9K, Nexus 7K, 5K, 2k and its downstream devices.
• Network consists of Heavy Cisco equipment such as: Cisco 3560, 2950, 2924 switches, Cisco 6509, 6513, 5500 series Layer 3 switches, Cisco 3825, 3640, 7200 series routers, Cisco Pix firewall 500 series and Wireless Access points Cisco 1230.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance. Also Build Logical design and Implementation of Wireless Solution.
• Responsible for deploying various network security & High Availability in Checkpoint Firewall.
• Configured routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGP V4.
• Configured HSRP between VLANs, Configuring Ether-Channels and Port Channel on 6500 catalyst.
• Configured VMware and managing and maintenance of VMs (virtual server).
• Involved in convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Checkpoint and Cisco ASA VPN experience.
• Supported Symantec Endpoint Protection managed for server and workstation in enterprise environment.
• Upgraded Virus definition on messaging and enterprise servers MacAfee.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Configured IPv4 and IPv6 PIM Sparse Mode, Source Specific Mode and Bidirectional to test Multicast in a VSS environment using IXIA as the Traffic generator.
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Configured the Cisco ASR to use the VRF routing functions to completely split the traffic through the network. Also responsible for Cisco ASA firewall administration across our global networks.
• Involved in project for migration of Checkpoint R54 to SPLAT.
• Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configured Nexus 5020 and 7702 with multiple distribution VDC’s running EIGRP for route propagation between them.
• Configured Nexus 2000 Fabric Extender (FEX) hitch acts as a remote line card (module) for the Nexus 5000.
• Continual network monitoring of data center support, troubleshoot and diagnose hardware problems.
• Configured various Router interfaces like ATM interface, T3 & Channelized T1 interfaces.
• Responsible for configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416, 21418(with PRP and RPR processors).
• Configured and implemented F5 BIG-IP LTM, GTM load balancers to maintain global and local traffic.

Confidential, NYC NY

Network Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies. Cisco CLI, Cisco works, Network Security, Network Analysis Tools.
• Responsible for develop, design and implement firewall infrastructure surrounding Checkpoint and Cisco Firewalls and a good experience with security tools and protocols like NERC/CIP and SOX.
• Worked on Checkpoint Firewall policy and traffic passing managed firewalls via logs and packet captures.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Monitoring server image files and responsible for server data backup for disaster recovery.
• Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external configuration and security.
• Responsible for Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Estimated Project costs and created documentation for project funding approvals.
• Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration. Created and delivered internal trainings for BGP.
• Planned resources and presented project status to higher management.
• Deployed 7613 as PE and CE routers and configured the Edge Routers.
• Troubleshooting on T1, T3, OC-3 and OC-12 and Tracking of Chix services and maintaining Autoport server.
• Configured egress and ingress queues for ISP facing routers using CBWFQ.
• Responsible for generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support using BMC Remedy online ticketing tool.
• Supported EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.

Confidential

Network Engineer

Responsibilities:

• Configured/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP as well as assisting with customer LAN /WAN.
• Worked for Installation and maintenance of IBM servers, Microsoft windows Server and RAID configuration for data redundancy.
• Supported business applications like Juniper Network’s Junos Pulse client, IBM lotus notes, Sccm, Microsoft exchange, share point, Lync, SafeNet client and SAP Application using the BMC remedy online ticketing tool.
• Responsible for maintenance and utilization of VLANs, Spanning-tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches.
• Worked with Session Initiation Protocol (SIP) trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet.
• Implemented redundant Load balancing technique with Internet applications for switches and routers.
• Support Network Technicians as they require training & support for problem resolution including performing diagnostics and configuring network devices.
• Convert Branch WAN links from TDM circuits to MPLS and convert encryption from IPsec/GRE to GET VPN.
• Configured the Cisco router as IP Firewall and Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Carried out on-site analysis, identification, and resolution of server errors for end users.
• Onsite support for IBM System-X server to troubleshoot hardware or software related issues.
• Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.
• Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.
• Worked with monitoring team to create alert for SQL servers using various threshold for memory usage, I/O usage, disk capacity, long running queries, jobs failure which include backups, maintenance and jobs for periodical data movement on database.
• Worked on Microsoft active directory to manage network resources, provide roles and access to user.
• Provided troubleshooting and diagnostic support at L2/L3 level using different technologies and tools such as spunk 6 (Log tool), server monitoring and BMC Remedy.
• Actively involved in incident tickets, problems and service outage management process.
• Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.