Phani Lavu
Sr. Network Engineer
ad5pe8@r.postjobfree.com
Summary:
** ***** ** ** ********** in design, development, implementation, troubleshooting and maintenance of Cisco & Aruba devices for both network and security.
Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches
Design and configuring of OSPF, BGP on Juniper Routers (MX960) and SRX Firewalls (SRX240)
Strong hands-on experience on PIX Firewalls, Palo Alto, FTD Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
In-depth Cisco technology experience/knowledge in design, implementation, administration, and support.
Experience in installing, configuring, and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATING, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy
Expertise with Installation of Arista 7250QX series switches on Spine Platform
Worked on Cisco Wireless LAN Controller 4402 Cisco Wireless LAN Controller Modules NME-AIR-WLC8-K9 with 3845 Services Router, Cisco Catalyst 3750G Integrated Wireless LAN Controllers, Cisco Unified Communications Manager.
Configures Aruba WLC’S master and standby
Configured Client-to- Site VPN using SSL Client on Cisco ASA 5520 ver8.2.
experience with IT security devices such as Check Point Firewalls, Blue Coat Secure Web Gateway, Source Fire IDS/IPS, Symantec DLP, Nessus, Juniper SSL-VPN, and Fore Scout (NAC)
Configured LACP, OSPF protocols on Arista 7250qx-64 switches
Monitored and Created traffic Pattern on Arista 7250 switches using Open flow
Experience working with F5 Load Balancer LTM and GTM module
Experience working with Nexus 7010, 5000 and 2000 Series.
Experience with design and implementation of Virtual Switching System (VSS)
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
Experience in implementing site-to-site and remote access VPN Technologies using GRE, IPSEC & MPLS.
Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
Good experience in deploying AD solution on AWS, AD on enterprise, and AD on hybrid cloud.
Experience in managing Active Directory Domain Controllers, DNS and DHCP Servers.
Strong experience on Administration and troubleshooting of Azure IAAS Components – VM’s, Storage, VNET, NSG, Availability sets, Site to site VPN.
Good experience in designing DHCP solutions, IP Address management solutions, VPN, Web application Proxy slution, Monitoring strategy and Direct Access Solution.
Proven Experience in Planning and implementing the High Available Network, Storage Solutions, failover Clustering, Business continuity and disaster solutions.
Patches Upgrade Procedure for secure computing and network environment.
Expertise in network protocols, Firewalls and Communication Network design.
Have Hands on experience on Cisco PIX Firewalls 535, 525; Cisco ASA 5550, 5520.
Good knowledge on security protocols, TACACS+ and RADIUS.
Involved in designing and deploying multitude applications AWS stack (Including EC2, Route53, S3, RDS, SNS, SQS, IAM) focusing on high-availability, fault tolerance, and auto-scaling in AWS Cloud formation
Managing and Administering Cisco ASA 5515, Palo Alto, SonicWALL, Fortinet Firewall
Deploying Cisco Aironet 2700, 3700 Series, Cisco Meraki Enterprise Cloud Access Points and Wireless Bridges/Repeater for LAN Expansions
Internet and WAN Circuit provisioning for client and coordinating with ISPs such as Verizon, ATT, Comcast, Rogers, Bell etc.
Deploying and managing Windows 2003/2008/2012, Microsoft Hyper-V 2012, Office 365 Cloud migrations, Microsoft Exchange 2003/2010, Blackberry Enterprise 5.5/10.0/10.1 (BYOD), MS Active Directory 2003/2008, Windows 2012 AD GPOs Domain/OU Level Security, VMware Virtualization, MS SQL 2003/2008, SAN/NAS Storage
Administering Microsoft Win2008 Migration, Microsoft Exchange 2003/2010 Migration, Win7 Migration, DNS/DHCP Deployments and Migrations, Symantec NAV Client/Server Deployment
Experience with Aruba WLAN infrastructure in large scale global deployments
Involved in configuring Juniper SSG-140, SRX-240, and Cisco ASA 5585.
Working knowledge with monitoring tools like Solar Winds & network packet capture tools like Wire-shark
Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
Technical Skills:
Routing Technology
RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, Static and Dynamic Routing.
Network Products
CISCO Routers 1700, 1800, 2500, 2600, 2800. CISCO High End Routers 3600, 3800, 7200, 12010, 12404. CISCO Switches 1900, 2950, 2950, 2960G. CISCO Campus Switches 3550XL, 4948 Core Catalyst 4503, 4507 RE, Catalyst 6500/6503/6507,Nexus series Arista switches, Aruba, ADVA
Cloud & SDWAN
ASAV’s, FTDV’s, silver peak, Cisco viptela, security gateway’s, Azure, AWS, Versa, ADVA
Security & VPN
PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC SSM, FWSM, FTD’S, Checkpoint’s Fortigate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, Juniper Net Screen firewall, Palo Alto Firewalls, Windows Patch Management (WSUS),SSL.
LAN Technology
Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.
WAN Infrastructure
Leased Line, ISDN/Dial-Up, Frame Relay circuits, Metro Ethernet, SDWAN, SAAS
WAN Technologies
HDLC, PPP, ATM, SONET, MPLS, VPN, IPSec-VPN.
Wireless
& Wi-Fi
Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.
Operating Systems & Tools
Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server, MS Exchange server, VERITAS Volume Manager.
Education: Master’s degree in Computer information Science Bellevue University Omaha USA, 2017
Certifications:
Cisco Certified Specialist - Enterprise Core (CCNP)
Cisco Certified Specialist - Enterprise Core - Credly
Junos, Associate (JNCIA-Junos)
Microsoft Certified: Azure Network Engineer Associate.
Microsoft Certified: Azure Network Engineer Associate - Credly
PROFESSIONAL EXPERIENCE
BP March 2023 – Till Now
Cloud Network Network Engineer
Deployed network solution using SDWAN and Network virtualization platforms globally
Configured VNF’s for Edge routers & traffic acceleration using a Network Virtualization platform.
Written python script to create inventory of devices on SDWAN platform.
Automated and changed configurations of edge routers using REST API’s and Python script.
Zero Touch Provisioned (ZTP) SD-WAN and VNF’s using Python and Ansible Tower.
Designed, tested, and delivered network solution for small size offices using SDWAN
Developed in-house automation framework and tool for network deployments.
Wrote automation use cases for global network deployments and maintenance.
Automated monitoring and configuration of IPsec, GRE, and VXLAN tunnels for remote sites.
Troubleshooting of network faults by making network changes and working with cross functional teams.
Designed and implemented Azure Virtual Networks, including subnets, VPN gateways, and ExpressRoute connections.
Configured and managed Azure Load Balancers to ensure high availability and optimal performance.
Configure, develop & test networking solutions in Centre for High Performance Computing (CHPC Data Centre).
Implemented and configured BGP and OSPF on network devices.
Experience configuring and troubleshooting of VRRP and HSRP.
Implementation and testing of QoS, forwarding classes, Split DNS, NAT, IPSLA, traffic steering, PBF using SD-WAN.
Designed and implemented hub-and-spoke network architectures, optimizing traffic flow and ensuring high network performance.
Configured and maintained hub devices to efficiently manage and distribute traffic to remote spokes.
Designing, deploying and troubleshooting IP and wireless networks, which includes enterprise IP networking, Aruba ClearPass, Aruba AirWave.
Managed and made necessary changes to Palo Alto Firewalls.
Configuring networking devices to use TACACS/RADIUS, LDAP, AD servers for authentication.
Ensured security and compliance by implementing role-based access control (RBAC) and integrating with Azure Active Directory.
Managed Infoblox to use as DHCP, DNS, IPAM (DDI solution) for Enterprise networks.
Helped sites in AMER, EMEA and APAC to transform Legacy Networks to use local internet breakout using Zsaler.
Operates and maintains (O&M) the Aruba ClearPass Policy Server and the Aruba AirWave Wireless Intrusion Detection System, and RF analysis
Configured and optimized ClearPass Policy Manager for user authentication, device profiling, and access control.
Network Automation: using Ansible playbooks & Ansible Tower for enterprise networking devices.
Implemented full-stack VMware and KVM virtualization solutions for Networks- Site of the Future (SoTF).
Coordinated with vendors and SME’s towards project execution of global network deployment.
Environment: Versa SD-WAN, Palo Alto, Python, Ansible, ADVA, VMWARE, ARUBA, LINUX, ZSCALER,Fire power,Clio
•
AT&T August 2022 – March 2023
Sr. Network Engineer
Extensive knowledge and hands-on experience of LAN, WAN, and telecommunication equipment, understanding of all OSI layers from application to physical, knowledge of RIP, OSPF and BGP, and experience with bandwidth utilization monitoring required
Responsible for managing and maintaining Datacenter, DR and network Infrastructure. Respond to outages, user problems by triaging and troubleshooting, plan for Device & OS upgrades
Have implemented OSPF within the four areas I administer. Setup Datacenter and DR in area 0 and other regions in different areas
Install, configure, administer, deploy and document firewall infrastructures
Migrated Cisco ASA Firewalls to Palo Alto Firewalls and Installed Palo Alto PA 7000, 5260,5250 firewalls to the Data Center and maintained IPSec and SSL VPNs
Performed Firewall migrations from ASA 55XX Series to Palo Alto using the PAN Expedition Tool
Operates and maintains (O&M) the Aruba ClearPass Policy Server and the Aruba AirWave Wireless Intrusion Detection System
Upgraded AOS on Aruba devices
Configured the ARUBA switches
Configuration of firewall (Palo Alto) security policies, Global Protect VPN, URL filtering, Data filtering and file blocking Profiles
Currently working on Palo Alto (3050, 5060,7000) and Panorama 100, 500 series machines, (PAN - OS 8.6)
Troubleshoot, Conduct Scans and Access Network issues, then patch Vulnerabilities and Mitigate DDoS attacks on Palo Alto Firewall
Use App-ID and URL Filtering for allowing or denying the Web Traffic and also prevent Hosts from accessing Malicious Websites
Configured ADS (Active Directory Sever) and LDAP with Palo Alto Firewall to authenticate User IDs
Configured TACACS+, LDAP, IPSec and RADIUS for Cisco ASA and Palo Alto firewalls
Expertise in Conducting security policy rule review to identify and remove rules that are not needed to reduce Palo Alto firewall policy lookup
Configure & monitor Global Protect and Gateways to create IPSec and SSL VPN's Tunnels with Users & Customers on Palo Alto Firewall
Configured ACLs in Cisco ASA 5520 firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT and Implemented and configured Fortinet firewall FortiGate 600, 800 series
Designed & implemented Fortinet network & third party equipment as per ISP SR (service request) the included Juniper, F5, Cisco Catalyst, Cisco Nexus 7K and higher end FortiGate
Create Rules (Pre, Post and Default), Objects, Device Groups and Templates on Panorama. Configure NAT/PAT Policies as well as Captive Portal
Perform Independent verification and validation of project requirements, including data
Configured site-to-site IPSec VPN from Cisco ASA to FortiGate firewall
Troubleshoot and created prevented measure to stop spamming by implementing, spam filtered ACL list, content filtering and configuring recipient variation through LDAP for the (FortiMail) spamming appliance
Provided customer support for (FortiGate & FortiMail) to protect and authenticate local-net and DMZ. Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways
Monitored and maintained Switches, Routes, Firewalls and Load Balancers. Assisting Tire III troubleshooting of Switching and Routing issues in Production environment
Deployed one-Armed and two-Armed Architecture with F5 BIG-IP Load Balancer including LTM, GTM, APM, ASM, and custom iRules development
Configure WAN technologies like PPP, HDLC, MPLS & Frame Relay on Cisco 7200 Edge Routers
Fixed issues related to Network and analyzed traffic flow using Wireshark & TCP dump
Administered Cisco catalyst (6500, 4500), Nexus (2k, 5k, 7k), and Juniper (EX2300 EX3400) switches, enabled all L2 critical configurations like 802.1Q encapsulation, Port channels, VTP, VLAN, inter VLAN routing, etc
Designing, deploying and troubleshooting IP and wireless networks, which includes enterprise IP networking, Aruba ClearPass, Aruba AirWave, and RF analysis
Implementation of wireless access over LAN. Reallocated Cisco Routers and Access-Points when needed
Experience with Network Automation, Firewall Migration (FTD, FMC) and experience with configuring onsite to cloud connectivity using AWS
Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration
Involved in troubleshooting network for health issues and reduced network downtime by using monitoring tools like Splunk and SolarWinds
Environment: Cisco, Juniper, Azure, Palo alto,F5,AWS,SPLUNK
SeaWorld Parks and Entertainment July 2021 – August 2022
Sr. Network Engineer
Managed all network and devices to include Cisco routers, switches, VPNs, SSL, Cisco PIX, Cisco FTDs, as well as content delivery networks (CSS, Citrix Net Scalar and F5 Big IP LTM and GTM 1600 and 3400 load balancers) enterprise environment.
Manage project task to migrate from Cisco ASA firewalls and Check Point firewalls to FTDs. Deploying of Cisco ISE on Nexus 5000/9k Cisco switches, and Cisco ASA and FTD firewalls. Executing RADIUS pre-deployment tasks like ISE setup, loading templates into Cisco Prime.
Implemented Zone Based Firewalls and Security Rules on the FTD Firewall.
Exposure to cisco umbrella in explicit mode for users trying to access Internet from Corp Network.
Editing and Changing Polices and Monitoring threats on firewalls.
Created the python script for the automation of OS updates and configure as per template.
Written the PHP script for the data collection of all interfaces using SNMP logging
Utilized the rest API’S in python scripts to post policies to configure the test environment as needed
Created an XML profile for the VPN and placed the policies on the profile
Created the json file for the umbrella client and joined the clients to the umbrella domain controller and collected the user browsing history.
Created the PHP script for the coping of the firewall rules from checkpoint to FTD.
Analyzed traffic pattern and implemented URL filtering using the FTD Firewall. Good understanding of creating various policies on FTDs.
Deployed the Hyperv ASA’s and used for the VPN purposes.
Re-image cisco DNA center and upgrade firmware from 1.2 to final 1.3.3.1.
Created the SDWAN appliance in AZURE and made the communication to the onperm with overlay.
Conducted troubleshooting and provided support for hub and spoke network-related issues, ensuring quick resolution and minimal impact on business operations.
Created the VNET and security gateways to the VM’s and established the communication.
Created the route table for the VNET subscriptions and able to communicate over the production subscription.
Created the backup ASAV’s in azure for the disaster recovery and they were able to communicate.
Used the azure backbone internet for the VPN to communicate to the cloud flair and Rackspace to deploy the code to the production.
Subject Matter Expert in Vulnerability Assessment using Qualys, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
Oversee Vulnerability assessment/ external penetration testing of scoped systems and applications to identify system vulnerabilities.
Maintaining and Configuring FTD Platform and FMC with Dual Authentication and User Authentication and User. Configuring network interfaces, static routes, NAT rules in FMC and thereafter pushing to individual FTD devices.
Experience with Linux configuration management methods to secure the computers so that they maintain compliance to meet cyber security requirements.
Performing the software upgrade from version 6.6 to 7 on FMC and VM-300 series Firepower firewalls. Performed centralized control of next-generation firewalls at internet edge, in the data center, and in the private and public cloud deployments using FMC.
Experience with deployment of FTD firewalls for different NAT, video conferencing traffic.
Maintained the SDWAN for the organization and added the overlay’s using the silver peak.
secured all traffic flow between overlay private MPLS and performed optimization for demanding security protocols such as SSL/TLS and HTTPS.
Had configured the Cisco ACI Spine and Leaf and EPG’s and contracts
Had worked on NGFW’s on all the vendors.
Collaborates with other cyber security defense teams in the mitigation of Distributed Denial of Service (DDoS) attacks and other security related incidents
Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM & GTM.
Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
Complete basic configurations on the F5 Big-IP LTMs and GTM load balancer on existing network to split traffic on webservers.
Environment: PASS, Cisco, Arista, Silver peak, Azure, Red hat, Palo alto, Checkpoint Firewall, AIX, VPN, DHCP, DNS, NGFW, Silver peak, VOIP.
AT&T, Middletown, NJ Apr 2021– July 2021
Sr. Network Engineer
Maintaining technical expertise in all areas of network and computer hardware and software interconnection and interfacing, such as routers, switchers, firewalls, gateways, etc
Work with multiple network teams and automation teams to streamline testing methodologies and developing a common testing framework
Actively monitor and manage the network and optimize system performance
Execute automation test cases. Work on developing test automation tools
Develop and document test plans on network devices, execute those tests to plan, and document and present test results
Execute test cases. Design and develop test plans for networking features, equipment, and solution testing
Evaluating and reporting on new network technologies to enhance capabilities of the network.
Supporting and configuring all routers, switches, and firewalls
Managing the testing and implementation of upgrades and changes to the network systems.
Worked extensively with Nexus 9K, Catalyst 3K, 6K and ASR 1K.
Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
Environment: CISCO routers and switches, OSPF, BGP and IS-IS routing protocols, Arista switches, Juniper MX routers, blue coat,CISCO 7010, 7204, 7206,3850, VLANS, CSU/DSU’s, SNMP, NAT, Cisco IOS, HSRP, VLAN trunking 802.1Q, F5 Networks, CISCO ASA, Aruba, and Checkpoint firewall.
AT&T, Frisco, TX Sep 2020– March 2021
Sr. Network Engineer
Roles &Responsibilities:
Working with Network Design and implementation teams on different projects across United States.
Experience in manipulating various BGP attributes like Local Preference, MED, Extended Communities, Route-maps Route-Reflector clusters and route policy implementation.
Deploying and decommission of Nexus 7K, 5K, VLANs on core ASR 9K and its downstream devices.
Performed DHCP Profile, HSRP, BGP, IPV6, OSPF Bundle Ethernet implementation on ASR 9K redundant pair.
Configured PPP, BGP, CIDR IP RIP, MPLS and OSPF routing.
Hands on experience with cisco wan technologies, specifically DMVPN
Assisted in MPLS migrations, implemented backup for existing WAN connection by using the site-to-site IP sec VPN tunnels.
Configuring and installing 6500, 4500 in Campus networks.
Experience with WCS predictive maps & RF Engineering Planning.
Switches Replace branch hardware with new 2851 routers and 2960 switches.
Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves in modern wan links.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GetVPN.
Involved in cisco iWAN technologies, specifically Wan Optimization
Configuring routing protocols EIGRP, RIP, LDP, OSPF, MPBGP, and BGPV4.
Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalysts
Build Logical design and Implementation of Wireless Solutions.
Leading Solutions for Virtualization, on SDN/NFV, WAN, VPN, MPLS, BGP and WAN Optimization & Building Strategy for SDN, Virtualization and open stack Innovations.
Utilized lab environment and OSS platform for GSM / UMTS, LTE architecture, VoIP and 3GPP specifications
Deploying and decommissioning Cisco switches and their software upgrades.
Maintain complex LAN/WAN networks with several VLANS and provided support for routing protocols and providing secure sessions over internet using IPsec and SSL encryption.
Worked as 4G lab validation engineer for Sprint on Ericsson-CISCO EPG lab environment setup and solutions.
Support for Zscaler web security service.
Performed deployment, administration, monitoring and troubleshooting of existing 4G lab equipment.
Implement and maintain all aspects of the VOIP network infrastructure.
Participate in multi-discipline design teams to provide solutions and capacity planning of VOIP equipment and network
Conduct Proof of Concepts for emerging technologies and present recommendations to design teams and management
Resolve Cisco UC Manager 10.x VOIP client business problems through research, installation and customization, network administration, and network management support
Provide on-call operational level support for all aspects of the Cisco VOIP hardware and software
Provide VOIP architecture and infrastructure design for data center and site deployments
Knowledge on shell Scripting and Python Scripting.
Environment: Cisco 3500 series switches, Cisco Routers 3700/2600 series, Cisco PIX firewall-515/525/535, Windows 2000//NT/XP, Checkpoint Firewall-NG, AIX, VPN, DHCP, DNS, Linux, Cisco IDS 4235, MRTG, NMS- Cisco Works, OSPF, EIGRP.
United Airlines, IL SEP 2017 – Mar 2020
Sr. Network Engineer
Responsibilities:
Installing, configuring, troubleshooting, and managing Cisco Switches, Routers, firewalls as a part of network support team.
Expertise in installing, configuring, and troubleshooting of Cisco Routers (7200, 3800, 3600, 2800, 2600) and Cisco Switches (3500, 3700, 6500) series switches (CAT OS/IOS).
Upgrading various Cisco IOS switches like 3650,3750,3850,4506, Aruba 3810 and various Routers like ASR 1001, ISR 4331, ISR 4431 to fix the bug issues and maintain the stability of the network.
Implementing the IOS upgrades by coordinating with the Netops, Voiceops and firewall (SecOps) Teams.
Wirelesses network troubleshoot and support based on CISCO Aironet 1100, 1200, Cisco 1520/1522 Mesh Access Points. Maintain security and privacy with sharing permission.
Cisco IOS, Nexus OS 2000, 5000, Catalyst switches, Firewalls administration, ISDN line, Checkpoint upgraded to R80.
Upgrading the firmware on CX770 & CX5070 Steelhead to Rios 9.6.3 and SF2000 Steel Fusion’s to RIOS 5.1.2 versions.
Upgrading Aruba wireless controllers 7030, 7220 models to the latest version to fix the bug issues and provides latest features.
Worked on penetration testing, vulnerability assessment (VA) and security auditing using Wire shark
Created AWS Route53 to route traffic between different regions. Configure IAM and Security Group in Public and Private Subnets in VPC.
Wirelesses networks troubleshoot and support based on CISCO Aironet 1100,1200, Cisco 1520/1522 Mesh Access Points. Maintain security and privacy with sharing permission.
Creating New changes and Incidents using Service-Now tool.
Communication with site engineers for getting the maintenance windows to perform the IOS upgrade of switches and routers etc.
Provide technical documentation for Upgrade of Cisco IOS devices and document any issues connected to those devices.
Upgrading the IOS on Gigamon cluster TA10 model to v5.6.
Configuration and troubleshooting different types of routers and switches to fix the issues.
Create RFC for every change with details and notify a group of people who might be affected by those changes.
Working on Turnovers and adding TACACS to the newly deployed devices.
Monitoring the network alerts by using NNMI (Network Node Manager) tool.
Hands on Knowledge/experience on F5 load balancers, its methods, Implementation and troubleshooting on LTMs and GTMs.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Configuration and Administration of Palo Alto Networks Firewall to manage large scale Firewall deployments.
Daily monitoring of network traffic using sniffers (wireshark) and access logs to troubleshoot and identity network issues.
Worked extensively on Cisco ASA 5500(5510/5540) series and have experience with converted PIX rules over to the Cisco ASA solution.
Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
Troubleshoot and hands on experience on security related issues on Checkpoint IDS/IPS.
Collecting information of Network infrastructure, packet capturing, network monitoring using SNMP tools Solar-winds.
Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
Created Visio Documentation to give complete picture of network design for each building.
Keeping track record of customer network at NOC 24 X 7.
Environment: CISCO routers and switches, OSPF, BGP and IS-IS routing protocols, Arista switches, Juniper MX routers, CISCO 7010, 7204, 7206,3850, VLANS, CSU/DSU’s, SNMP, NAT, Cisco IOS, HSRP, VLAN trunking 802.1Q, F5 Networks, CISCO ASA, Aruba and Checkpoint firewall.
Voya Financial, Atlanta, GA DEC 2016 – Sep 2017
Sr. Network Engineer
Responsibilities:
Designed, validated and implemented LAN, WLAN & WAN solution to client’s needs.
Implement ATM/Frame Relay between data centers utilizing Cisco routers & switches.
Installation and configuration of wireless AP’s to provide network connectivity to various buildings.
Installed cisco 5508 WLAN controllers and configured Access points.
Configured Cisco routers for MPLS VPN connectivity and VRF tables on edge routers for customer usage of the MPLS network.
Configuration and programming new circuits EPL, ELAN, L2VPN, L3VPN, VPRN, QoS, MPLS TE LSP, BGP, OSPF, RSVP.
Configuring and troubleshooting of the wireless Access points (AP1140, AP1231, AP2600, and AP3600, AP3702I), Wireless LAN Controller (WLC2106, WLC4400, WLC5500) and Wireless client issues
Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800.
Utilized NSGs for layer4 Access Control List (ACLs) for incoming and outgoing packets. Leveraged VNET system routes and underlying route table that holds Local VNet Rules, On-premises Rules, Internet Rules and IP Forwarding as design basis.
Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the VPN networks
Managed Juniper NetScreen Firewalls and Intrusion Prevention and Detection (IDP) Device
Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP & BGP.
Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
Experience working with High performance data center switch like nexus 7000 series
Experience working with Nexus 7010,7018, 5020, 2148, 2248 devices
Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
Upgraded load balancers from Radware to F5 Big-IP v9 which improved functionality and scalability in the enterprise.
Managed the F5 BIGIP GTM/LTM appliances to include