Manager Network
Resume:
Manoj. M
ac05gm@r.postjobfree.com
SUMMARY:
Cisco Certified Network Engineer with 8+ years of experience in the industry which includes Designing, Implementation, Installation, Configuration, Deployment, Troubleshooting, Network Operations, Administration Support And Network Security.
Excellent knowledge and experience on different platforms like Cisco, Juniper, Palo Alto, Checkpoint, F5 Load Balancers And Vmware.
Strong hands on experience in layer-3 Routing and layer-2 Switching. With Cisco switches (9K,7K,5K, 2900, 3550, 3750, 6500, MDS 9000, 5000 NX-OS) series, juniper (EX, QFX, QFabric) series switches, Broadcom switches, Brocade (ICX, SLX CES), juniper (MX960, MX480, LN, CTP) series routers, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers.
Experience in Configuring and implementing Palo Alto Firewalls, checkpoint firewalls, PIX Firewall (506, 515, 525, 535), cisco ASA (5505,5510,5520) Firewall, Cisco ISE (Identity Service Engine) Juniper (SRX 220,300, Csrx ) series firewalls.
Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520 ver8.2.
Modified and worked in the following platforms to support customer Voice: Cisco Unified Call Manager 6.x through 8.x, Cisco Unity Connection, voice gateways.
Design and install Cisco UC Cluster Environment (CUCM, CUC) for many Clients.
Experience in installing and troubleshooting of WAN technologies like T1/T3, DS3,STM1, OC3, SONET, Gigabit and STM4 circuit types.
Hands on experience on cisco wireless LAN CONTROLERS and ACCESSES POINTS. Experience in Physical cabling, IP addressing (ipv4 & ipv6), Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, ISIS BGP).
Supports multiple business lines and a network of global data centers through the administration of SSL certificates.
Experience in Configuration and Support of LAN protocols on Cisco Switches such as Layer2, Layer3 and Multi Layer.
Up-grading and degrading the OS (IOS, NX-OS, JUNOS) for switches and routers as per requirement
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
Functional Understanding of DNS DDOS and DOS threats and mitigation techniques.
Responsible for installation, configuration and troubleshooting of Cisco NAC on both client end and Manager Server.
Subject Matter Expert for Symantec Endpoint Protection anti-virus, McAfee anti-virus & Symantec Data Center Security & Credant Encryption enterprise security solutions.
Working on Evergreen project for Cisco devices migration for more than 200 sites and configuring L3, L2, Distribution and Access layer to load balance traffic.
Strong Knowledge of the 7 layers, TCP/IP, IP Addressing and IPV6.
Experience with working cisco meraki wireless and meraki mobility manager.
Load Balancing using Cisco ACE, Kemp, ADC, F5, Security Device Manager (SDM).
Deployed Enterprise manager to monitor and manage BigIP F5 devices.
Engineered traffic management solutions, including designing, low level engineering for F5 LTM, GTM, ASM, APM environment
Performed F5 appliance (LTM, GTM, APM, and ASM) maintenance and system upgrades including hot fixes and security configurations.
In-depth knowledge and experience in WAN technologies including OC3, E3/T3, E1/T1, Point to Point, MPLS and Frame Relay.
Configured and troubleshooting the F5 LTM and APM and providing level 2 support for the customers.
Wide experience in implementing and managing F5 BIG-IP load balancing, including GTM, APM, ASM, and custom iRule development.
Enterprise Exchange 2007 SP3, Run & Maintain/Configure Exchange environment, 16K+ users, 5 Cluster (10 node CCR ESX VMWare Mail store) 25+ node messaging system, Exchange PowerShell, Mailbox restoration, User support Outlook 2007/2010 clients, EMC Email Source One Archiving, ActiveSync, RSA Security, Symantec Email Security, Room Wizard Administrator. CRM Application integration.
Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) solution, as well as the Cisco Nexus 9k, 7k, 6k, 5k, 4k, & 2k.
Monitored system security to maintain protection and align processes with corporate objectives, including review of security certification, configuration plans, and risk compliance.
Experience in using netscout sniffer analysis for testing the performance of the network.
Configured and maintained netscout ngenius 4200 series packet flow switch as load balancer.
Expertise in Virtualization with vSphere, VMware ESXi 5/4.1/4 and 3.x hosts and Virtual Center server
Implemented vSphere 5.0 for Proof of Concept & Supporting vCenter environment in large-scale production environment.
Design nextgen data centers with nexus 9500/9300 ACI, openstack, DCI, EPGs/bridge domains, OTV, and VXLAN.
Experience in QoS on multicast VPN.
Experience working on the EPC network and 3G/LTE call flow.
Configured Amazon Virtual Private Cloud (VPC) on AWS's scalable infrastructure.
Implementation, configuration and management (manually and using iApps templates) of F5 2400 Viprion series using 2100 series blades, and Brocade (Foundry) devices in a multi-platform network/storage environment.
Implementation of Firemon for firewall policy compliance, rules cleanup, and complexity reduction.
Experience through Hand-on Experience with configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay and VOIP (Voice-Over Internet Protocol).
Aggregating switch links using LACP and PAGP protocols.
Outstanding experience in designing and configuring of Layer 2 / 3 networking features such as VLAN, ISL, STP, VTP, 802.1X, Port Security, L2PT and SPAN.
Implementation and Troubleshooting of WAN authentication protocols- PPP, CHAP and PAP.
IP addressing and IP address scalability by configuring NAT/PAT.
Experienced working on network monitoring and analysis tools like, Solar Winds, Cisco Works, River Bed, Cisco Prime, NETQOS, EMAN.
Problem Analysis and Troubleshooting (Wireshark, Solarwinds, NetMRI, CiscoWorks/Prime, MRTG, and Custom Scripts)
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
Design and build Windows 2000, 2003, 2010 2012, Servers.
Active Directory installation, maintenance and upgrades, Responsible for all software installations on both the servers and workstations. This includes Antivirus software and any custom applications.
Analyze, monitor, troubleshoot, and investigate security-related anomalies with various tools such as AlienVault SIEM, Imperva Securesphere Web Application Firewall, Barracuda WAF, SCCM, etc.
Maintain and upgrade Imperva WAF from version 8.x to 10.x. Maintain and review the events and make necessary changes including setting up new applications.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
Hands on experience with Nokia 8950 MMIG.
Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
Experience with BlueCoat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
Used tools such as HP ArcSight, BlueCoat Reporter 9 web proxy, Network Security Manager (NSM, NMN) and Palo Alto to correlate network events/alerts to get a more in depth analysis of network traffic.
Hans on experience with Spirent Test tool.
Experience in Network Intrusion detection/Intrusion Prevention System.
Experience on working with Netcracker, Cramer.
Worked with ticketing tools like ServiceNow, Remedy tool.
Hands on experiences on McAfee EPO with deploying and removing agent on client’s machine, removing virus and manually updating DAT files.
Knowledge on Python scripting.
Strong Knowledge on SDN (software defined network).
Education:
Holds Bachelor’s degree in Electronics and Communication Engineering.
Certifications:
Cisco Certified Network Professional (CCNP)(R/S).
Cisco Certified Network Associate (CCNA)(R/S).
TECHNICAL SKILLS:
Operating Systems
Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008/2012 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.
Equipment’s (Switches, Routers)
Cisco routers (7600, 7200, 3900, 3600, 2800, 2600,2500, 1800 series, ASR 9K (9922) and ASR 1K) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX480, 240, 80 series, EX, QFX Series Routers and HP(7000) series Switches.
Routing
OSPF, EIGRP, ISIS, BGP (EBGP/IBGP), RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, IPV4, IPV6.
Switching
VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.
Firewalls
ASA 5500 series, checkpoint, Juniper Netscreen Firewall ISG100, 2000, SSG, SRX, Palo Alto.
Load Balancer
ACE Module, GSS & F5 LTM
LAN Technology
Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.
WAN technology
Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.
Various Features &Services
HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.
Wireless & Wi-Fi
Canopy Wireless Device (point to point/point to multipoint), D-Link Wireless (point to point), D-Link Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.
AAA Architecture
TACACS+, RADIUS, Cisco ACS.
PROFESSIONAL EXPERIENCE:
Holland America Group, Seattle, WA Jun 2015 to Present
Sr. Network Engineer
Responsibilities:
Designed and support the consolidation of data centers utilizing Broadcom, Nexus 2K, 5K, 7K and juniper (EX, QFX) switch infrastructure.
Configure, test and troubleshoot pre-migration 1G, 10G, IPTV(nokia 8950) and LAG (Link Aggregate) circuits on Juniper MX960 routers.
Configure and maintain all Palo Alto Networks Firewall models (PA-3k, PA-5k.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
Hands on experience on all software blades of Check Point Firewall. 24x7 on-call step-up support as a part of the safety operations team.
Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
Use HTTP forward Proxy in Blue coat Proxy server.
Working closely with knowledge center management to investigate the information center sites for cabling necessities of assorted network instrumentation.
Configured Class of service Policies, Traffic Policies on MX960 and MX480.
Juniper MX960 enterprise-ISP routing via BGP.
Provided application level redundancy and accessibility by deploying F5 load balancers long-term memory.
Management of F5 Viprion based load balancer as LTM and GTM for hundreds of applications serving the needs of thousands of users local and abroad.
Worked on BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway.
Dealt with creating VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5 ASM cookies issues and configures ASM policies
Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture.
Configure F5 Load balancers for SSL handling, Design and Implemented Virtual Server Farm for Web site load balancing in DMZ.
Troubleshoot network connectivity by utilizing Netscout Infinistream and Riverbed Steelhead and Juniper wan accelerators.
Created the AAA servers for LDAP and AD authentication in F5 APM.
Worked on Cisco ISE with Access control and AAA protocols.
Configured VPC and attached Amazon Elastic IP, VPC peering to connect from one VPC to other VPCs
Configured EC2-Classics platform to communicate with instance in an VPC using private ip address.
Monitored VCP log information of network traffic in and out network interface VPC.
Integrated AWS Network with our existing production and corporate network.
Monitor all Malware incidents thru Sourcefire IPS system.
Configure and install Aruba wireless controllers and access points.
Implementation and troubleshooting of 802.11a/b/g/n technology with primary focus on Cisco Unified Wireless Network.
Installed and configured databases on Unix/Linux platforms, managing swap configurations, virtualization (VMware Esxi 5, 5.5 and Oracle Virtual Box)
Implementation and troubleshooting of wireless guest access.
Creating solid SecureX (SOS) architecture with the identity Services Engine.
Using Solarwind, NetScout and windows performance and resource monitor to figure out that we were losing PCoIP packets that was degrading the VDI environment.
Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
Configuring ADC (Application Delivery Controller).
Using ISE Deployment Assistant (IDA) to validate and document endpoint authentication status during monitor mode deployments.
Configured complex ISE implementation involving 6 agencies with GETVPN, DMVPN, SSL VPNs.
Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).
Used troubleshooting skills to fix Multicast routing issues and used WireShark to source packet level issues.
Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access.
Runs IDA Diagnosis Tool to get the endpoint information (i.e., Switch Name, Connected Interface, MAC
Address, ISE Endpoint Information), which is used to estimate the failure, risks before change windows.
Performed Imperva, SecureSphere DAM an WAF Health Checks.
Having knowledge Center style expertise, putting in and Configuring Network Devices in a very knowledge Center as well as mend the cables within the Patch Panel. style and enforced network
Experience in using netscout sniffer analysis for testing the performance of the network
Hands-on expertise within the network management of circuit’s mistreatment TDM and Frame Relay Managing and providing support to numerous project groups with regards to the addition of recent instrumentation like routers switches and firewalls to the DMZs.
Designed WLAN network in newly constructed emergency management center.
maintaining and operation including design and rollout of over 360 Cisco Wireless devices utilizing Cisco WLAN controllers.
Worked on maintaining carrier grade features to SDN control plane with ONOS Distributed Core, thus providing scalability, high availability and sharp performance.
Implemented a framework for testing ONOS scale-out effect which was based on topology discovery throughput and latency for Southbound and Intent latency and throughput for northbound traffic
Provided redundancy in a very multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
Migrate Multi-site backups from Netbackup & Commvault to Networker 8.2 and/or Avamar 7.2 & Data Domain. As a result faster, source based de-duplicated backups, Virtual Backup Appliance integrated to Vcenter, while using existing backup hardware and network.
Backup all applications (Oracle, Sharepoint, SQL, Exchange, Active Directory), Operating Systems (UNIX, Linux, HPUX, Solaris, Windows), VMware and NAS devices (Isilon, VNX, NetApp, PureStorage) via Networker module, agent & plugins, to simplify backup, recovery process and administration
Handling enterprise outages effectively and driving towards the resolution. Coordination of fault escalations in conjunction with the first high-level technical management of high priority or technically complicated calls.
Knowledge and skill of 802.11 a/b/g/n LAN normal for wireless Technology.
Working with capability management on network information measure utilization coverage of the websites WAN
link and merchant co-ordination for brand spanking new site turnovers / WAN links.
Designing large scale MPLS & Frame relay on Cisco environment for more than 5000 Retail sites, 100 Distribution centers, 100 offices and 3 datacenters. About 50 sites with Tellabs 8660/8630/8605. MPLS-TE, L2/L3 VPN services for 2G/3G base stations. MPLS-TE, L2/L3 VPN services for 2G/3G base stations. 1588v2 synchronization.
Preparing Metrics report description on SLA performance of tickets and method quality report back to analyze team performance & discussion on the advance areas (By monthly).
Providing coaching to new commers and effectively operating towards a method quality improvement within the Team.
Configure best route map configurations in the new Cisco IOS XR Routing Protocol Language (RPL).
Supporting EIGRP and BGP supported the network by partitioning level two & three issues of internal groups & external customers of all locations.
Office 365 Admin - create and configuring new user ids, profile on online exchange with Distribution List, Groups, SharePoint Access.
Install, configure, and troubleshoot Cisco CMTS and DOCSIS related devices.
Provide monitoring and alerting of critical applications using the Riverbed SteelCentral NetProfiler, Transaction analyzer, and NetSensor.
Troubleshoot Network connectivity/Security issues using Fore Scout Counter Act Console.
Perform packet analysis using Riverbed SteelCentral ARX and SteelCentral packet analyzer.
Performing troubleshooting on slow network property problems, routing problems that involves OSPF, ISIS, BGP and distinctive the foundation reason for the problems.
Adding users and devices to TACACS Server, Generating reports from TACACS, Incident Handling, tracking and responding to all incidents of TACACS Server, Handling Account renewals, password reset for TACACS .
Extensive active expertise with complicated routed local area network and WAN networks, routers and switches.
Hands-on expertise with Ether Channel, Spanning Tree, Trucking, ACLs, Syslog. Expertise within the setup of HSRP, Access-Lists, and RIP, EIGRP, Fabricpath and tunnel installations.
Configuring Cisco Meraki and managing them.
Insure telecom systems are functioning at their peak performance.
Developed network reporting tools in MS Excel based upon end user requirements to analyze NetFlow and traffic data.
Analyzed system demand, forecasted traffic, and monitored individual traffic flow using NetFlow provided by Cisco Stealthwatch (previously Lancope) and internal Excel-based tools
Installed and implemented Forescout Counter ACT which used for discovering devices connected to network and monitoring them.
Participated in understanding the EPC architecture.
Executing RADIUS pre-deployment tasks like ISE setup, loading templates into Cisco Prime.
Installed and implemented Digital guardian DLP (Data Loss Prevention), network DLP and Data visibility and control.
Used monitoring tools (Zenoss, Orion Solarwinds, SCOM, Putty, Cacti, and NetMRI) to address outages and service degradation of routers (Cisco 18xx and 38xx series), switches (Cisco 2950, 3550, 3560, 3750, 45xx, and 65xx series), APC power supplies, and data circuits for over 50 national government office sites and data centers
Outstanding experience in designing and configuring of Layer 2 / 3 networking features such as VLAN, ISL, STP, VTP, 802.1X, Port Security, L2PT and SPAN.
Interaction with IDT and AVERT team for critical issues related to IPS Signatures.
Tested MacAfee's e-mail security products (group shield, portal shield, IPS, Spam killer with exchange 2003/07/10.
Proficiency in configuration of VLAN setup on varied Cisco Routers and Switches.
Work allotted tickets to see the purpose of failure and resolve issues remotely utilizing obtainable tools and different Operation Center resources.
Manages InfoBlox NetMRI for inventory, policy compliance and configuration management.
Monitor the network using cisco prime, HRping.
Analyzed and tested network protocols (Ethernet, TCP/IP) mistreatment Wireshark tool.
Provide step-up support to L1 members of network team.
Worked with completely different ISP globally for any WAN circuit and BGP routing problems. Gap up cases for cerium routers, river bottom optimizer problems.
work & intensify issues effectively so as to satisfy client SLA's (service level agreements).
Perform downside management and root cause analysis for purchaser’s.ma
Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
Environment: Nexus 2k/5k/7k, juniper EX, QFX Cisco 6500/7500/7200 Routers, Broadcom switches, Juniper SRX100, Palo Alto Fire Walls, checkpoint, Bluecoat proxy server, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Checkpoint, Cisco ASA, Cisco ACI.
Wayfair, Boston, MA Jan 2014 to May 2015
Network Security Engineer
Responsibilities:
Responsible for fitting the infrastructure surroundings with majority of Cisco ISE & Palo Alto appliances except for varied different instrumentality.
Efficiently exploitation ServiceNow tool for generation of tickets, distribution severity to incidents, following up with incident standing and troubleshooting incidents.
Excellently used Splunk to research and monitor incident management and incident resolution issues.
Analyzed and monitored incident management and incident resolution issues exploitation Splunk.
Backed up Electronic health record systems via File system backup (EPIC). Thus, faster backup and restore times.
Perform 24x7 log monitoring - review and analyze system security logs.
Monitored & analyzed system logs on Symantec Endpoint Protection anti-virus, Symantec Data Center Security & Credant Encryption servers.
Responsible for implementation/installation of LAN/WAN/SAN, Aruba Switches, Aruba WirelessAP’s and Aruba Virtual Controllers.
Hands on Experience in wireless RF site surveys and RF spectrum analysis.
Good Experience in performing wireless site surveys using Air magnet software.
Working on Cisco 4400, 5500 series wireless controllers, Cisco 1130, 1140, 1200 3702, 3602 and 2600 Series Access point.
Upgraded Showtime content network with Arista switches.
Configured TCP idle timeout settings for Azure Load Balancer, Configured the distribution mode for Azure load balancer, and configured multiple VIPs for a cloud service. Configured Site-to-Site connection in the Azure portal
Experience in the AWS cloud networking like VPC, Direct Connect, etc.
Working with F5 APM sessions and manipulating session using iRule and configuring and maintaining Webtops and Portal Access.
Experience on the load balancers including AWS ELB
Experienced in deployment, management and standardization of DNS/DHCP/IP management, DDI
Services (IPAM).
Work with SSL Offload and implementation of SSL certificate and Key & Web Acceleration and TCP Optimization.
Solution program manage TrustSec and SecureX cross multiple Business Units.
Made recommendations for the findings, what rules and which ones to be turned on within the IDS.
Administration of Cisco Meraki Network switches, routers and teleworker gateways.
Support, Trouble shoot and upgrade small Aruba Wireless Networks at 2,200 remote dialysis clinics across the united states.
Policy provisioning, access to specific segments of the networks through Cisco ISE.
Engineered, configured and deployed routers using Cisco ISE.
Daily responsibilities included design, implementation, support and administration of multiple security products running CheckPoint Provider-1, SourceFire.
Trained in products like Extrahop, Clear Pass, Splunk, F5, Palo Alto, Gigamon and Inflobox.
Modified existing ACL's, IPsec and preform network translations. WAAS installed for increased network efficiencies and speed. Setup InfloBox for local DHCP & DNS configuration. Axon's for accessing Motorola and Symbol wireless network. Configure Imdyne, SMDR, LRT devices and IP adjustments for local NAS.
Using InfloBox - Grid Manager - to Assign IP address to new server Builds, Production DNS System - Used for IPAM.
Do static and dynamic (SMA/DMA) malware analysis on malicious files (in virtual environment) caught by IPS/IDS technology using verity of security tools (Netwitness, Sourcefire, Fidelis, Splunk, BigFix, ePolicy Orchestrator (ePO), Site protector etc.
Work with ONOS to break free from the operational complexities of proprietary interfaces and protocols.
Lead effort to replace 1000+ Aruba 200 controllers and over 2000 AP61 in Dialysis clinics across the USA.
Administration of Meraki MDM for organizational cell phones and tablets.
Junos upgrade and configuration on chassis clusters of SRX 240 devices.
Creating virtual chassis (EX switches) and chassis clusters (SRX 240).
Design for Guest Network and Mobile Access Network for NAC Solution, comprising of an Aruba Wireless LAN Controller solution in DMZs/Internet Gateways with Fore Scout Counter Act NAC Appliances for NAC.
Work with layer 2 technologies including Ethernet multi mode fiber, single mode fiber and media converters.
Developed disaster recovery procedures for Symantec Endpoint Protection anti-virus, McAfee anti-virus & Symantec Data Center Security enterprise security solutions.
Used Test Tool Spirent for testing a switch to Verify ONF Open Flow Specification.
Researched, designed, and replaced aging stop firewall design with new next generation Palo Alto appliances serving as firewalls and URL and application review.
Maintained/monitored a multi-vendor LAN/WAN consisting of Juniper, Cisco, and ATM equipment in a multicast heavy network environment.
Implemented and configured Cisco NAC-L2-802.1X and performed Riverbed RIOS operating system upgrades throughout enterprise architecture.
Managed a team with serval team members to Upgrade ASA’s from 8.x to 9.x, Install Firepower and FireAMP for Endpoints, Sourcefire.
Linux / Unix systems integration with puppet, pulp and RHSAM.
Linux and UNIX systems integration with Microsoft Active Directory.
Security Device - Palo Alto/ASA Firewalls, Sourcefire IPS/IDS, Cisco Identity Services Engine (ISE), VPN
Upgraded and updated Cisco IOS from 12.3T to 12.4. Accustomed DHCP to mechanically assign reusable information science addresses to DHCP shoppers.
Directed implementation of Fore Scout Network Access Control system for automated network security and DOD Compliance.
Configuring and troubleshooting perimeter security devices like stop NGX R77 Gaea, Provider-1/MDM, Secure Platform, Palo Alto and cisco ASA Firewalls.
Palo Alto style and installation (Application and URL filtering, Threat bar, information Filtering).
Proactively monitored network health and activity through NetQoS NFA, eHealth, Infoblox, Proteus, ServiceNow, zScalar, Wireshark and Splunk.
Deployments of top of rack (TORs) switches using Arista DCS-7050SX and Cumulus Edge-Core to allow network connectivity via MLAG/CLAG of a new environment built from Dell, HPs and Supermicros servers
Update and modify KB network monitoring tool, NetFlow, Solarwinds and NETMRI for all new/old devices
Identify and resolve network threats Recognizing Man in the middle attacks, DDOS, Session Hijacking, Rogue Access Points, Honeypots, WarDriving, WarChalking, Phishing, Vishing and Social Engineering
Generate a wide variety of reports on firewall and IDS activity notifying the end customer concerning suspicious traffic.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs exploitation varied tools.
Upgrading the equipment with latest OS (IOS, NX-OS, JUNOS).
Black listing and White listing of web URL on Bluecoat Proxy Servers.
Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's.
Serve as the primary data point for internal and external auditing processes, including third-party data for quarterly and annual reports.
Interaction with IDT and AVERT team for critical issues related to IPS Signatures.
Experience in using netscout sniffer analysis for testing the performance of the network.
Configured and maintained netscout, ngenius 4200 series packet flow switch as load balancer.
Successfully put in Palo Alto PA 3060 firewalls to protects information Center and provided L3 support for routers/switches/firewalls.
Integrated ISE with an MDM solution for mobile devices including onboarding using EAP- TLS.
Maintained SIPRNet Cisco ACS (TACACS) servers.
Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS (Radius and TACACS+), and Cisco Prime Infrastructure.
Integrated TACACS and LDAP for user authentication on webpage and device
Implemented Zone primarily based Firewalling and Security Rules on the Palo Alto Firewall Exposure to wild hearth feature of Palo Alto.
Maintained and managed networks running EIGRP and BGP routing protocols.
Regularly performed firewall audits around stop Firewall-1 solutions for purchasers.
Provided tier 3 support for stop Firewall-1 software system to support customers.
Work on stop Platform together with supplier sensible Domain Manager. Worked on configuring, managing and supporting stop Gateways.
Configuration of routing protocols EIGRP and BGP for little to medium sized branches supported company branch standards, together with distribution and route maps.
Experience configuring multiple
Contact this candidate