Network Engineer
Resume:
Jigar Gheewala
Email ID: **********@*****.***
Number: 732-***-****
Available for C2C
Professional Summary
•6 years of IT experience in design, development, implementation, troubleshooting and maintenance of complex Network & Security devices & Network Security.
•Expertise in network protocols, Firewalls and Communication Network design.
•Experience with Troubleshooting tools for example protocol analyzers, load generators & network traces.
•Strong Knowledge of Hyper-V, VMware workstation virtualization.
•Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 series, and Cisco 2600, 2800,3600, 3800, 7200, 7600 series routers, Cisco Nexus 7000 series, 5000 series, 2000 series data center switches, Juniper EX/ MX/ SRX series.
•Experience in Configuring and deploying Cisco Catalyst 6513E, 4948E, 4510 switches and Cisco 3660, 3845, and 7609 series routers.
•Deployed and configured Palo Alto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia.
•Worked extensively on Cisco Firewalls Cisco PIX 500 & ASA 5500 Series.
•Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc on cisco and Juniper routers.
•Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
•Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
•Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
•Strong experience on Juniper SRX series Firewalls, Cisco ASA 5520 and Checkpoint R75, 76 Firewalls.
•Experience with F5 load balancers - LTM, GTM series like 6800 and 8900 for the corporate applications and their availability.
•Adding websites to blocked list on the bluecoat proxies based upon business requirements.
•Monitored network with ServiceNow and Solarwinds.
•Well versed and experienced in routing and switching protocols RIP, OSPF, EIGRP, BGP and VLAN.
•Working knowledge on configuring access lists. Troubleshooting DNS/DHCP issues within the LAN/WAN network.
•Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCPdump and Linux operating system servers.
•Sound knowledge of Routing and Switching concepts and MPLS design.
•Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
•Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring Transparent/routing/NATing with the firewalls as per the design.
Education
New York Institute of technology, NY DEC-2016
Master’s in Information network and computer security
Technical Skills
Routing and Switching : 2900, 3600, 3800, 7200, 7600, ISR-AX and ASR-1k, 9k& Cisco Catalyst switches 3560, 3750, 4500, 4900, 6500
Routing Protocols : OSPF, EIGRP, BGP, ISIS, VRF, PBR, Route Filtering, Redistribution, Summarization and Static Routing.
Switching Protocols : Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Lightweight access point, WLC.
Firewall Vendors : Checkpoint R65, R71, R75, R77.20 Gaia, Juniper & Cisco ASA/PIX, Palo Alto
Load Balancer : Cisco CSM, Akamai GTM, F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Cisco ACE 4710.
Load Balancing Protocols: HSRP, VRRP, GLBP, EBGP
Connections : DS0, DS1, DS3, OCX, T1/T3, Cable Modem, xDSL and Wireless.
IP Services Management: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.
URL Filtration : Websense, Bluecoat
AAA Architecture : TACACS+, RADIUS
Operating Systems : DNS, DHCP, Windows XP, UNIX, LINUX
Professional Experience
Network/ Firewall Engineer Windstream communications, Cranford, NJ Jun 2016 -Present
•Involved in the Design, deployment and configuration of Global data centers. Part of the Data center consolidation project in the AMER region.
•Acted as an L2 Technical approver for any changes made to the network, which involved changes to the Switches, routers, firewall, Load balancers.
•Provided technical expertise and support of network devices and security peripherals including Cisco routers and switches.
•Hands-on experience Installing & configuring firewalls for various remote locations with Checkpoint NG & NGX, Cisco ASA (5500), Palo alto PA-200, Juniper SRX and Fortinet.
•Responsible for maintaining multi-vendor network environment and configuring different policies in the firewalls to provide connectivity.
•Migrated and implemented new solutions with Cisco ASA Firewall (5500) series.
•Implementing security Solutions using Palo Alto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia.
•Extensively worked on Data Center switching technology including Nexus 7K, 9K and 5K and Catalyst switches configuring VPC.
•Experience in configuring site-to-site IPsec VPN tunnels in various offices sites.
•Worked with the network architects and application teams across the globe to ensure that the requirements are met according to the network architecture for the successful migration of the applications.
•Configure and administer network devices consisting of F5 load balancers, Bluecoat proxies servers, DNS servers, Application servers, Juniper SRX's firewall, Palo Alto Network Firewalls, and Checkpoint Firewalls.
•Designed, implemented, and managed network security countermeasures including firewalls and intrusion detection/prevention systems (IDS/IPS).
•Experience configuring various networking protocols, specifically OSPF, BGP and EIGRP in the core Switches of cisco 6500 and Nexus 7k and 9k and troubleshooting issues with the network.
•Responsible for troubleshooting and analyzing root cause of major network outages and any critical issues involved with the network.
•Experience configuring the switch ports, VLAN’s, Port Security, STP, VSS and other protocols and troubleshooting on cisco core switches of 6513 and cisco 6510.
•Designed and configured various Juniper EX 4200 switch, MX 10 and MX 40 routers, QFX 5100 firewall and SRX 110 and SRX 220 firewall devices.
•Redundant MX chassis with multiple core QFX chassis utilizing virtual chassis and EX virtual chassis serving as access layer.
•Managed over 100 network devices including cisco and juniper Switches, firewalls, and Routers.
•Experience with convert PIX rules over to the Cisco ASA solution.
•Configuring NAT policies, PAT, ACL’s and route maps.
•Experience working on F5 Load Balancing devices, specifically LTMs, GTM’s, APM and ASM. Experience in conducting upgrades, fail over, configuring pools, complex irules, virtual servers, and managing certificates on the F5 devices.
•Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
•Handled issues with VPN vendors to Add, Delete or Update policies for VPN encryption domains.
•Managed and set up VLANs and deploy new VMware environment.
•Hands on Experience with Solarwinds for network monitoring.
•Experience working with network monitoring devices like Solar Winds and Wireshark for troubleshooting issues.
•Acted as a senior on-call network engineer during the cut over of applications as a part of consolidating the data centers.
Network Security Engineer Sundance Networks Inc, Stroudsburg, PA Jan 2015 to May 2016
•Checkpoint and ASA firewall Business to business (B2B/VPN) design, configuration and implementation for Vendors.
•Designed and deployed Juniper SRX firewall for Security in the remote locations.
•Checkpoint and ASA firewall rule design, implementation, testing and review for different user application access.
•Managed and monitor performance of firewalls and report of unusual firewall activities.
•Troubleshoot client's VPN-tunnel whenever needed to restore access between VPN end-points.
•Troubleshoot Checkpoint and ASA firewall access to restore user application connectivity as needed.
•Deployed URL filtering and IPS policy on checkpoint firewall and Cisco ASA globally
•Worked with client to bring an existing non-functioning B2B VPN tunnel status UP/Active to pass encrypted/secured traffic between end-points.
•Resolved VPN issues on-call when needed to restore connectivity.
•Extensive NAT configuration to include Dynamic/PAT/Hide/Static/Twice-NAT as applicable to user/vendor's traffic.
•Cisco ACL design and implementation.
•Re-structured access to the security devices by setting up radius authentication for device administrator user accounts.
•Setup contractor remote access VPN using Cisco Anyconnect client VPN via ASA firewall.
•Designed and deploy cloud security, for Stroudsburg cloud infrastructure in Microsoft Azure and AWS.
•Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
•Configuring and Implementation of VPN-Sites to Site and to Remote access in Cisco ASA, Juniper firewall (SRX) and Checkpoint firewall.
•Configuring IPSEC VPN (Site-Site to Remote Access) on Juniper SRX series firewalls.
•Implementation of Site-to-Site VPNs with DMVPN over the internet based on traffic with ASA 5500 series Firewalls.
•Manage and deploy enterprise level wireless controller 4404 in Datacenter environment.
•Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration.
•Deployed with configuring Virtual Server and Configuring Load balancing in F5 LTM.
•Installing of Access Points for their better performance and lower RF levels, noise and channel interference levels with other AP's.
•Configuration and troubleshooting of CSM (cisco security manager), integration with ASA devices.
•Extensive use of NSM (Network and Security Manager), FortiOS 5 with fortigate firewall and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
•Support senior wireless network engineer in researching, planning and implementing wireless network security protocols and technologies.
•Maintaining of documentation on utilization, capacity and outages for Wi-Fi network.
•Configuring Virtual Chassis for Juniper switches EX 4200, Firewalls SRX-210.
•Deployed on Nexus 7000, 5000 and 2000 series with V-Block servers and Cisco UCS E-series.
•Configured Easy VPN server and SSL VPN to facilitate various employees' access internal servers and resources with access restrictions.
•Management of corporate Checkpoint Firewall implementing security protocols and alleviating network attacks.
•Worked as part of a team handling facility circuit turn-ups, facility network re-design/ re-addressing and VPN cut-overs.
•Interacting with Solarwinds for monitoring the Network of the company.
•Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
•Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers.
Network Engineer Atlantic Health System, Morristown, NJ Oct 2013 to Dec 2014
Responsibilities
•Designed WAN structure to prevent single point of failure in case of link failure.
•Monitored, troubleshoot, configured, and deployed LAN/WAN solution.
•Configure corporate, wireless and Lab devices, which includes Bandwidth upgrade, adding new devices, Decom the devices, testing.
•Deployed Cisco routers and switches, and administered network monitoring services
•Implementation of network, which includes configuration of routing protocols, leased lines, ISDN lines, VLANs, IOS installations.
•Configured and troubleshoot issues with VLAN, Inter-VLAN routing, NAT/PAT, Access-List, and IOS Firewall.
•Configure and troubleshoot remote access and virtual private network (VPN) connections.
•Configuring, troubleshooting, and enables IPsec for transport mode, tunnel mode, policies and rules. Installing, Configuring and troubleshooting NAT and Internet connection sharing.
•Experience with adding and removing employees for the authorized users list. Maintaining their password security, monitoring usage of individuals and repairing the damage equipment.
•Encouraged implementation of physical security to the access of network and security devices.
•Encouraged network redundancy for backup of network devices in case of disaster recovery.
•Managed network evaluation, and troubleshoot various network problems.
•Replaced multiple Cisco clustered PIX firewalls with checkpoint cluster and deployed High Availability for security management server.
•Implementing network Security with Cisco IOS features Set, NAT, and Simple Network Management Protocol.
•Handling disaster recovery planning for company internal network.
•Configured EBGP and ensured stability of BGP peering interfaces.
•Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of the implementation plan.
•Hands of experience with Network operations, supporting infrastructure and administration.
•Migrated from legacy catalyst 6500 to nexus 9K.
•Performing troubleshooting on slow network connectivity issues, routing issues involves OSPF, BGP, and identifying the root cause of the issues.
•Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, spanning tree, 802.1q.
•Deploying and decommissioning the VLANs on core Nexus 7K and 9k, and its downstream devices.
•Switching related tasks included implementing VLANs, VTP, RSTP and port security.
•Physical wiring installation and troubleshooting. Assist with windows 7/server operations system experience with OSI level troubleshooting of security system, network and application interaction functions.
•Troubleshoot firewall issues through command-line using CLI commands and GUI interface using smart console.
•Provide support for troubleshooting and resolving Customer reported issues.
•Gathered security requirements for efficient cloud data storage.
Jr. Network Engineer Mrigko System, Surat, India Sep 2012 – Sep 2013
Responsibilities:
•Preparing Client Machines for users with Operating Systems, Software, antivirus and required utilities and mailing clients etc.
•Migration of RIP V2 to OSPF, BGP routing protocols.
•Designed and implemented IP Addressing, Subnetting, Route Summarization and Route Distributions
•Implemented and configured LAN Protocols: Ethernet, VLANs, VTP and STP.
•Have ability to install and maintain Microsoft Exchange and worked extensively on different applications.
•Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
•Worked on IGMP, PIM protocols for implementing IP multicast routing in the enterprise network.
•Configuration of CISCO Routers (2800, 3600 Series) and 2900, 3750 series switches.
•TCP/IP network planning, Implementation and Management with subnets.
•Enabled SNMP traps for our Cacti Monitoring tool to monitor traffic and check the regular health of Servers and Network Devices
•Implemented and Configured IP Routing Protocols: OSPF, EIGRP, and RIPv2
•Monitored network-using SNORT.
•Worked with Remedy Ticketing tool in maintaining and keep a track of logs/monitor
Network Technician Penetration Technologies, Surat, India Jul 2011 to Aug 2012
Responsibilities
•Setting up windows server 2000/2003 as domain controller & adding client machines to domain.
•Was managing Users, user’s rights, permission, account policies, group policies, securing files & folders, etc. on the domain server.
•Troubleshooting Network problems.
•Upgrading hardware for computer when required.
•Managing remote location user pcs at grid stations and troubleshooting the same either remotely or visiting the clients as and when required.
•Upgrading all clients from windows Xp and installing, configuring SQL Server 2000 Database.
•Re-punching of around 200 points done on jack panel, managing of network cables in the server room.
Contact this candidate