Network Engineer
Resume:
Sandeep
Ph: +1-732-***-****
E-Mail: ac24ag@r.postjobfree.com
PROFESSIONAL SUMMARY:
CCNP certified Network Engineer with 8+ years of professional experience in Network Planning, Implementing, Configuring, Troubleshooting and Testing of networking system on both Cisco and Juniper Networks.
Experience in implementing and configuring protocols such as HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
Designing and configuring networking features such as VLAN, ISL, STP, VTP, 802.1X, Port Security, L2PT and SPAN.
Worked on network topologies and configurations, TCP/IP, UDP, ATM, bridges, routers, hubs and switches.
Experience in Cisco: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay & MPLS).
Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, NAT, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using CISCO ASA/PIX firewalls, Cisco, VPN client in addition to providing TACACS+ and RADIUS services.
Working knowledge of Cisco Firewalls, Checkpoint firewalls and F5 Load Balancers.
Specialized in Firewall Security & VPN, Web-filtering, IPS/IDS, QOS, Cisco CSS and F5 load Balancer.
Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on ASM, APM, LTMs and GTMs.
Familiar with Remedy, Secure Computing's Sidewinder Firewall, Cisco PIX Firewalls and ASAs, SSGs, Firewall Switch Modules, Bluecoat Proxy devices, Wise Package Studio, Symantec Ghost and Antivirus.
Strong Knowledge base in F5 BIG-IP Local Traffic Manager (LTM) and F5 BIG-IP global traffic Manager (GTM), F5 load Balancers, Data Center Technologies such as VPC, VDC, VSS, OTV and Fabric Path.
Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
Expert level Knowledge on working with Wireless LAN Controller's, Cisco Meraki, Cisco NCS, Cisco AP's, LWAPS, Standalone AP's and Mesh AP's.
Expertise knowledge on CISCO Prime infra and CISCO LMS tools.
Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access.
Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
Hands on experience with Red Hat Enterprise Linux.
Worked with Red Hat Enterprise Linux with virtual servers using VMware.
Experience with Windows server products and Linux server products.
Experience working with Nexus 7K, 5K, 2K devices, configuration of Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000.
Working knowledge of network monitoring/management tools like Solar winds, OPNET, New Relics, Live-action, Net Flow Analyzer, HP Open View, Cisco Works, Ethereal.
Good knowledge and experience in installation, configuration, and Administration of Windows 2000/2003, HTTP, FTP, DNS, NTP, DHCP servers under various LAN and WAN environments.
Adept knowledge in preparing technical documentation and presentations using Microsoft Visio/ Office.
Creating and provisioning Juniper SRX firewall policies.
Experience in handling A10 networks for balancing the network traffics.
Experience with regulatory compliance audits such as PCI, SOX, ISO 17799.
Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment.
Knowledge about managing different Palo Alto firewalls, Palo Alto PAN, ADRM, desktop antivirus, IPS, Authentication, NextG Firewalls, and VPN.
Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
Experience in F5 GTM, LTM, APM, and Viprion Series of devices. Worked on Cisco ACE 4710 Load balancers and Cisco WAAS, WAVE accelerators
Experience using Cisco ASR 1K, 9K series switches.
Experience working with JUNOS OS on Juniper Routers and Switches.
Working knowledge of frame relay, MPLS services, IPSecVPN's, OSPF, BGP and EIGRP routing
Protocols, Nating, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS,
TCP/IP, UDP, SNMP, OSPF, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
Strong knowledge on Sniffing tools like Wireshark and Tcpdump.
Experience with 802.11x wireless technology like creation of SSID, WAP, WPA and WPA2.
Expert level of knowledge about TCP/IP and OSI models.
Hands on with Upgrading Cisco OS, Jun OS using TFTP server.
TECHNICAL SKILLS:
Cisco routers: 7600, 7200, 3900, 3800, 3700, 3600, 2900, 2800, 1800 series, ASR1K,
ASR1002X.
Cisco Switches: 6509,6513, 4500,3500,5500,5000,2900.
Cisco nexus switches: 7000, 5000, 2000.
Cisco Meraki Routers: MX65W, MX84, MX100, MX450, MX600.
Cisco Meraki Switches: MS220, MS350, MS425.
Routing: OSPF, EIGRP, BGP, RIP-2, Static Routing, Default Routing.
Switching: VLAN, VTP, STP, PVST+, RPVST+, RSTP, MSTP, CHAP, Inter VLAN routing & Multi-Layer Switching, Ether Channels, Transparent Bridging, PAgP, LAcP.
Juniper: MX 80 3D, MX240, MX480, MX960, J2350 Routers and EX-2200, EX-4200, EX-4500 switches and SRX210, SRX240, SRX3600/650 Firewalls.
Services: HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP
and FTP.
Network Security: Checkpoint, Cisco ASA, Cisco PIX, Juniper SRX, Palo Alto, IPSEC, VPN, ACL, TACACS+, RADIUS, AAA, SSH.
Load Balancer: Cisco CSS, F5 Networks Big-IP, LTM, GTM, ASM, APM
Application Software: Cisco Packet tracer, GNS3, Wire Shark.
Operating Systems: Windows XP/Win 7, Ubuntu, Kali Linux, Red Hat, Cent OS, Mac OS.
Network Management tools: Solar winds, OPNET, New Relics, Live-action, Net Flow Analyzer, HP Open
View, Cisco Works, Ethereal, SNMP. .
Software: VMware ESXi 6.x, VMware Workstation, C, C++, Python and Matlab.
CERTIFICATION:
Cisco Certified Network Professional in Routing and Switching.
Cisco Certified Network Associate in Routing and Switching.
PROFESSIONAL EXPERIENCE:
Lam Research, Fremont, CA Aug 2016 – Till date
Sr. Network Engineer
Responsibilities:
Installed, Maintained and Troubleshot Cisco ASR 1K, 3925E and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production network.
Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
Designed, Implemented and Troubleshot Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, GSR, ASR routers with Cisco IOS and IOS-XR and NX.
Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900.
Installed, configured and managed Cisco Meraki routers MX65W, MX84, MX600 and Cisco Meraki Switches MS350, MS220.
Responsible for configuration of Cisco catalyst switches 4506E, 4503E.
Involved in Life Cycle Project of replacing the supervisor module to 8L-E and upgrading code to the latest on Cisco Catalyst Switch 4506E.
Created Business cases for hardware refreshment for BigIP Load Balancers, Proxy-BlueCoats, RSA-Envision Cisco Routers, and Switches.
In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
Used IPSec VPN tunneling to provide access to user machines and partners in another network. Provided application level redundancy and availability by deploying F5 load balancers LTM.
Protecting the Web applications using Web Application Firewall (F5 ASM).
Monitoring the application level vulnerabilities and patching using F5 ASM accordingly.
Server load-balancing utilizing F5 LTM-BigIP, including, AFM, APM and ASM modules.
Restricting access level permissions to users and blocking/filtering network using checkpoint firewall. Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
Configured and Installed PAN OS for two new Palo Alto devices.
Configured High Availability as active and passive firewalls
Ability to solve any issue regarding Palo Alto Firewalls.
Implementation of Checkpoint Firewall R76, R77.10 to protect and authenticate local-net and DMZ.
Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation
Implemented antivirus and web filtering on Juniper SRX 240 at the web server as well as configuration of F5 Big-IP LTM-6400 load balancers and experience working with F5 technologies (LTM, GTM, APM, V9, V10, V11).
Worked with lifecycle of network auditing and vulnerability management using Qualys VM.
Working with Cisco ASA, Juniper, Palo Alto firewall (Configuration/Troubleshooting of CA Production which are hosted in Data center)
Handled Incident tickets related to the issues in the Firewall along with the connectivity issues.
Complex troubleshooting to include network protocol and log analysis, raw data captures, and the correlation of disparate events spanning multiple devices and platforms.
Involved in upgrading the WAN network from existing 7200vxr with ASR1004 and 3845/3945 routers.
Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
Responsible for monitoring the health of the Network using New Relics, Live-action and SolarWinds.
Worked on Layer 2 protocols such as VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
Experience with Racking, Stacking, configuring, Nexus 2K, 5K and 7K.
Responsible for Data Center Migrations and its operations including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 5k and 7k.
Actively involved in switching technology Administration including creating and managing VLANS, Port security – 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.
Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
Configured ACL’s in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
Mondelez, Hanover, NJ Apr 2015 – Jul 2016
Sr. Network Security Engineer
Responsibilities:
Installed and configured new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548and Nexus 2k as per the requirement of the Organization.
Installed, configured and managed Cisco Meraki routers MX65W, MX84, MX600.
Expert in installing, configuring, maintaining and troubleshooting switching and routing technologies like EIGRP, BGP, OSPF, RIPv2, Ether Channel, RSTP, 802.1q, Port Security, HSRP, VRRP on Cisco ASR Routers and Cisco Catalyst Switches.
Worked on Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator. Router/ Microsoft VPN Server to access certain limited network resources from customer locations.
Implemented and maintained logical design models (L2/L3, spanning tree, VTP, VLANs, physical cabling), remote VPN software, network control protocols (QOS, PoE, NTP, DHCP), network management protocols (CDP, FTP, TFTP, SNMP), and security protocols (SSH, HTTPS, AAA).
Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing and for the B2Bnetwork connectivity.
Provide Tier III Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall
Responsible for configuring IPSec VPN tunnels, IP communication, and routing (OSPF, EIGRP, BGP).
Deployed and maintained security systems, including integration, testing, troubleshooting, and updating/upgrading of various security tools and appliances such as antivirus, IPS, malware detection tools, DLP, Identity and Access Management and encryption tools.
Integrated Cisco Security Manager with Cisco ACS Server 4.1, Bluecoat Cisco SSL VPN, Clean Access and ACS
Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0, configured BIG IP (F5) Load balancers and monitored the Packet Flow in the load balancers.
Worked with Blue coat and handled the Trouble Tickets on F5 Load Balancers.
Experience with F5 LTM, GTM - design, implementation, maintenance, and troubleshooting of large network consisting of Load balancing, WAN, LAN, and VPNs
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
Successfully installed Palo Alto PA-3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls.
Experience in Juniper MX 80 3D, MX240 3D, MX480 3D, MX960 3D, MX2010 and MX2020.
Configured, installed, & managed DHCP, DNS, & WINS servers.
Maintained virtual servers With VMware ESXi 6.5.
Configured and Troubleshot CISCO 12000, 7500, Juniper MX 480, MX960 series routers and EX4200 & EX3200, 3560 series switch for LAN/WAN connectivity.
Installed and configured of Juniper J-Series (J2350) and M-Series(M10) routers.
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA and JUNIPER SRX Firewalls.
Worked with firewalls like Palo alto, Cisco ASA, Checkpoint, Juniper SRX.
Managed Core network upgrade, Unified Communications & Identity Services Engine (ISE) deployment.
Configured firewall switch module on Cisco 6506 distribution layer switches, configuring VTPs, trucking, NAC product, inter- vlan routing, port fast, uplink fast, backbone fast on access layer switches
Enabled STP attack mitigation (BPDU Guard, Root Guard), Using MD5 authentication for VTP.
Planned and installed Frame Relay WAN links to the branch offices.
Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
Tested and implemented various BGP attributes such as Local Preference, MED, AS-PATH, Community, Extended community using route-maps.
Implementation traffic filters on Cisco routes using Standard, extended Access list.
Environment: Juniper firewalls 5GT, 208, SSG 5, 140, 550, 550M, NSM, IDS/IPS 6500/3750/3550/3500/2950 switches, Juniper (M320, T640), Load balancing, Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, Ether Channels.
Texas Waste Management, Houston, TX Jan 2014 – Mar 2015
Sr. Network Engineer
Responsibilities:
Responsible for complete branch network infrastructure that includes Cisco Switches, Cisco Nexus, Palo Alto Firewalls, Cisco ASA Firewalls, Cisco Routers, and WAP’s, WLC’s, F5 LTM Load balancers, HP IPS.
Installed, Configured and troubleshot Cisco Routers (ASR1002X, 3945, 3845, 3600) and Switches (6509E, 4507, 4500-X, 4900M, 3850, 3650, 2960) to perform functions at the Access, Distribution, and Core layers.
Configured and troubleshot Cisco Nexus 9K, 7K, 5K and 6500, 4900 series catalyst switches.
Installed, configured and managed Cisco Meraki routers MX100, MX450 and Cisco Meraki switches MS425.
Migrated new Pulse Secure, Juniper MAG SSL VPN’s, Palo Alto Firewalls, F5 LTM, GTM Load balancers (10 Gbps) and their HA units to Virtual Appliances (used Xtreme I/O flash array from EMC2 SAN’s for storage, Cisco UCS for processing and RAM) for reduced OPEX, minimal CAPEX, increased N/W Virtualization (NFV).
Configured Cisco ASR 9K WAN routers for WAN Connectivity.
Configured Juniper SRX firewalls for new datacenter.
Configuration and provisioning on cisco 76XX series routers and 65XX series switches and opening Cisco Technical Assistance (TAC) cases in resolving Cisco bugs.
Designed, Implemented & troubleshot of Juniper switches, routers and Firewalls EX-2200, EX-4200, EX-4500, M Series, SRX210, SRX240, SRX3600/650.
Implementation of Site-to-Site VPNs and DMVPN over the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.
Monitoring network infrastructure using SNMP tools HP NNM, Solar-winds and Opnet.
Analyzed and resolved problems with Cisco Internet Operating system (IOS), Cisco NXOS, ASA firewalls, data packet routing, switching, proxy services, and engineering for IP data networks, VPNs, and IPSEC.
Configurated L2/L3 Switches and implemented EIGRP, OSPF and BGP on the routers.
Configured HSRP between VLANs, Configuring Ether-Channels, Port Channel on Cisco 6500 Catalyst Switch.
Planning and configuring the routing protocols such as Static Routing & Default Routing on the routers.
Configured Linux servers to access SAN and NFS.
Configured and troubleshot UNIX and Windows servers etc.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
Worked on NXOS, IOS, and IOS-XR BXB to N7K-NXOS (MPLS) system test.
Involved in design and deploying various network security & High availability products like Cisco ASA and other security products.
Environment: Solar winds, Windows server NT /2000 Windows XP. CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.
Cendura Software Pvt Ltd, Hyderabad, India. Feb 2012 – Dec 2013
Network Administrator
Responsibilities:
Installed & configured standalone and HA pair Load-Balancers - BIGIP-LTM/GTM's on 1600, 3600, 8900, 6900/6900S, 8900/8950S, 2000S, 2200S, 5200S, 7000S, Cisco CSS, Cisco ACE.
Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications.
Worked on migrating the F5LTM 5100 version 9.2 to 5100 LTM version 9.4and F5 GTM configurations.
Maintained Cisco 2960, 2975, 3750-E, 4500, 6500 Series Catalyst Switches, Nexus 3k,5k.
Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
Responsible for Configuring site-to-site VPN on Cisco Routers between Head Quarters and Branch locations.
Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls.
Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Configuring MPLS, VPN (IPSEC, GRE) in VPN concentrators and QOS in integrated networks.
Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
Installed and Configured Active Directory in Windows Server 2003 and helped System Admins to set up LAN network in the company.
Installing and maintaining Windows NT Workstations and Windows NT Server.
Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.
Aryabhatta Solutions, Hyderabad, India Aug 2009 – Dec 2011
Jr. Network Engineer
Responsibilities:
Performed comprehensive network management functions like design, implementation and administration of all nodes of internal network such as firewalls, VPN, switches, routers and wireless networks.
Coordinated with senior engineers with BGP/OSPF routing policies and designs and worked on implementing strategies for the expansion of the MPLS VPN networks.
Configured and managed site to site IPSEC VPN with different partners. Troubleshot remote access services like Citrix Netscalar, Cisco VPN clients.
Took backup and upgraded Cisco 3600 Router IOS Software and Catalyst 3560, 4500 switch configurations.
Configurated of Cisco Routers (2800 Series) and 2900, 3750 series switches.
Installed and managed Cisco Catalyst 3500XL, 2960 series Switches and Cisco 1800, 3900 series routers.
Performed daily maintenance, troubleshooting, configuration, and installation of all network components.
Troubleshot routing protocols such as BGP, EIGRP, and OSPF.
Configured and administrated Active Directory, DHCP and DNS in Window server 2008.
Configured STP for loop prevention and VTP for Inter-VLAN Routing. Designed VLAN's and set up both L2 and L3 logical to have it communicate to the Enterprise network.
Implemented inter- VLAN routing and extended ACLS on 3560 and 3750 switches to allow communication between the required networks and restrict other communications.
Configured Firewall, QOS by SDM and provided security by Prefix list, Access- List and Distribution List.
Installed and maintained both Linux and UNIX systems.
Updated all network diagrams and documentation.
Environment: Cisco 4500/3560/2900/2800 routers, TACACS, EIGRP, RIP, Solaris, Juniper VPN's, SSL.
EDUCATION:
Bachelor of Technology in Electronics and Communication Engineering.
Contact this candidate