Network Engineer Manager
Resume:
Lokesh
Sr. Network Engineer
Mobile: 908-***-****
Email: ac1jjz@r.postjobfree.com
PROFESSIONAL SUMMARY
Experience in Networking, including hands-on experience in IP network design, installation and analysis.
Network Professional with 8 Plus years of experience in Designing and troubleshooting LAN, WAN, MPLS in Branch, Campus and Data Center environments.
Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and Dynamic routing protocols such as EIGRP, OSPF, BGP; ability to interpret and resolve complex route table problems.
Implementation of traffic filters on Cisco routes using Standard, extended Access list.
Expert Level Knowledge about TCP/IP and OSI models.
In-depth expertise in analysis, implementation, troubleshooting & documentation of LAN/WAN
Architecture and good experience on IP services.
Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers using Cisco ACE, F5 LTM/GTM, Security Device Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer, Palo Alto Networks Firewall models (PA-2k, PA-3K and PA-5K)
Experienced in installation, configuration and maintenance of Cisco ASR 9K, 7200, 3900, 2800, 2600, 2500 and 1800 series Router / Cisco Nexus 7010, 5548, 2148 Catalyst Cisco 6500 (sup 720), 4500 (SUP 6), 3750, 2950 series Switches.
Experience configuring Virtual Device Context in Nexus 7k, 5k and 2k.
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
Configuring RIP, OSPF and Static routing on CISCO/Juniper EX/MX/SRX series Routers.
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Environment
Technical Knowledge on Cisco DMZ, ASA 5500 series firewalls.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN.
Worked on configuring the Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders. And Implemented VDC, VPC, and OTV on the Nexus 5K and 7K switches.
Experience in implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether-channel, STP, RSTP and MST.
Experience in troubleshoot network issues including boundary protection devices, Cisco
Nortel/Avaya and Bluecoat Proxy Servers
Expert level knowledge of MPLS and its applications (VPLS, L2VPN, L3VPN, NG-MVPN, EVPN, MPLS-TP, Seamless MPLS) along with different vendor specific standards. Strong knowledge base in the design and deployment of Blue Coat Proxy SG and Checkpoint firewalls
Implementing security policies using ACL, ASDM, IPSec, VPN, and AAA Security on different series of routers
Hands-on configuration and experience in setting up Cisco routers to perform functions at the
Access, Distribution, and Core layers.
Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate
Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall.
Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
TECHNICAL SKILLS
Router platforms
Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 7K, 5K, 2K & 1K.
Switch platforms
Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K)
Juniper Platforms
SRX, MX, EX Series Routers and Switches
Networking Concepts
Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi
Firewall
Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, CheckPoint (NGX, R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA-2K, PA-3K and PA-5K).
Network Management/Monitoring
Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump.
Load Balancers
F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900, Bluecoat SG8100, AV 510.
WAN technologies
Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET
LAN technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q
Security Protocols
IKE, IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN
Networking Protocols
RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6
Operating System
Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix
CERTIFICATIONS
CCNA
CCNP
EDUCATION DETAILS
●Bachelors in Computer Science Engineering from JNTUK
PROFESSIONAL EXPERIENCE
Hitachi, Englewood, CO Oct 15 - Present
Sr. Network Engineer
Responsibilities:
●Created Data-filtering profiles in Palo Alto devices which helps to prevent sensitive information.
●Firewall Policy provisioning on Palo Alto devices using Web UI as well as PANORAMA. Provide day-to-day operational support for all firewall and VPN platforms including Checkpoint and Palo Alto firewalls.
●Perform upgrades on Palo Alto OS devices in High Availability pair. Firewall OS upgrades and Maintenance of OS up maintaing dates as part of addressing Vulnerabilities on Firewalls.
●Configuring rules and Palo Alto Firewalls & Analysis of firewall logs using various tools.
●Configured Perimeter firewall and support Site to Site VPN tunnels. Security Policy, Provisioning, Managing Security zones and interface configurations on Palo Alto Firewalls.
●Configured and implemented APP and URL Filtering on Palo Alto Firewalls. Configured Firewall logging, DMZs and related security policies and monitoring.
●Manual testing of l2, protocols such as STP, RSTP and checking whether they work properly on switches. And then configuring the VLANS on Cisco switches.
●Involved in configuration of Access lists (ACL) on checkpoints firewall for the proper network routing for B2B network connectivity.
●Responsible for performing the functional testing and bug verification of L3 protocols using cisco routers.
●Worked with network services like DNS, DHCP, DDNS, IP4, IP6, IPSec, VPN etc.
●Familiar with Bluecoat Proxy SG S200, S400.
●Configured Nexus 7010 and 7700 with multiple distribution VDC’s running EIGRP for route propagation between them.
●Configuring change event auditing for DHCP and IPAM services.
●Worked extensively with ASR 9K (9010/9922), Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches.
●Monitor performance of network appliances and WAN utilizing using network analyzer like Wireshark.
●Experience with the connectivity of Cisco Networking Equipment with F5 Load Balancer.
●Configuration and providing management support for Palo Alto and Checkpoint Firewalls (R75, R76 and R77).
●Configuration, Troubleshooting, and Maintenance of Palo Alto Firewalls (36+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
●Successfully configured and maintained Site to Site IPSEC and SSL VPN's on Palo Alto firewalls.
●Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
●Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.
●Experience with ALG (RTP, RSTP and FTP, DNS, HTTP), DHCP.
●Helped installed F5 VIPRION load balancers for one of our new data centers.
●Install and upgrade Cisco Wireless LAN equipment including but not limited to: 1100, 1200, 1300 and 3500 series Access Points; 4400 and 5500 series Wireless LAN controllers; 6500 & 3750 Core switch routers; 2960, 3560 & 3750 series switches.
●Experience with configuring Hot Standby Routing Protocol (HSRP) and VLAN Trunking Protocol(VTP).
●Expertise in networking technologies like LAN, MAN, WAN and peripheral devices.
●Develop Engineering Documentations to record F5 environment and change processes LTM/GTM/iRules.
●Experience in working with LTM and GTM for scaling and securing DNS infrastructure during high volumes.
●Deploying Cisco ASA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
●Experience in Configuring and troubleshooting Palo alto switches PAN 5060
●Documenting network configuration, root cause analysis, MOPs for all new equipment and creating equipment configuration backups and monitoring to work with existing DIRM network systems.
Environment: Cisco Catalyst 7509, 6500, 4500, 4000, 3750, 3850, 3560, F5 BIGIP LTMs-6900, Cisco ASA 5525 firewalls, Power Connect Switch 5548,Infoblox,MPLS,Multicast,Nexus-7k, Palo Alto 5060,PCI,SOX,OTV,VPC,Nexus-FEX,IOS,IOS-XR,NX-OS,IPSEC,Frame Relay, OSPF, EIGRP, BGP, IS-IS, ASR 1k,9k,cryptography,L2&L3 VPN, Metro Ethernet,802.1Q,Riverbed Steelhead, UCS, Multicasting.
Carnival Corporation, Miami, FL Apr 14 – Sep 15
Sr. Network Engineer
Responsibilities
●Created object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT.
●Work with users to verify connectivity and troubleshoot Firewall related connectivity issues. Worked with Firewalls and updating policies on a day to day basis. Work on Change and Incident Tickets.
●Convert User requests into firewall change requests and update firewall policy using smart dashboard and verify the connectivity with users.
●Configured Site to Site VPN tunnels on various platforms including Check Point and ASA firewalls.
●Responsible for Check Point Firewall support and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
●Implemented Zone Based Firewalling and Security Rules on the Palo Alto and Exposure to wild fire feature of Palo Alto
7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
Experienced in providing a plan, designing and implementing the services for the enterprise class data center networks with leading technologies such as virtual port channel (vpc), virtual extensible LANs, Fabric path and Overlay Transport Virtualization (OTV) in NX-OS
Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM
Strong networking capability and knowledge of different firewall platforms to help in random identification and isolation of issues during outages and incidents.
Designed 10 gigabit networks using Cisco Nexus 7000 series switches, and Cisco 3800 series routers
Maintenance of Citrix-Netscalar 9800 load balancer to monitor the traffic at the severs end.
Managed rules on Cisco checkpoint NGX firewall.
Implementing security policies using ACL, ASDM, IPSec, VPN, and AAA Security on different series of routers.
Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls
Worked with Juno OS and Juniper M&T series switches.
Worked with Cisco ACE GSS 4400 Series global site selector Appliances.
Configuring and enable netflow on layer 3 ingress ports with defined active timers.
Good working knowledge of common end user operating systems and internal/external DMARC identification.
Experience with email security standard implementation policies such as SPF, DMIK and DMARC.
Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding and also Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
Implemented traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
Worked on Iron Port to secure the mail infrastructure.
Dealt with Aruba/cisco wireless access points 205 series supporting 802.11 ac.
Setting Aruba Access to link distribution switch system and then to WLAN controller.
Configured SMTP rules and policies to manage email routing through Iron Port C370.
Used NetFlow Data statistics from NetFlow engine and export it to a NetFlow Collector for storage.
Worked with Processes like RFI, RFE and RFP.
Deployed, configured and implemented Cisco 6800 catalyst switch.
Dealt with monitoring and documenting the services in compliance to the SLA requirements as a noc team member.
Experience in working with Network automation tools and testing for network change and configuration management.
Worked with HP Network Automation software that automates the complete operational lifecycle of network devices from provisioning to policy-based change management, compliance, security administration and assist with the security Audits.
Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
Experience working with Exchange 2010 SP3 for planning and deployment.
Worked with Management tools like CSM and Cisco ACS.
Worked with Cisco IOS, NX-IOS, IOS-XR.
Worked with MPLS to improve quality of service (QoS) by defining LSPs that can meet specific service level agreements (SLAs) on traffic latency, jitter, packet loss and downtime.
Worked with Load balancing device like F5 Big-IP local traffic manager (LTM) 1600.
Hands on experience in F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
Experienced in working with BIG-IP Edge Portal and BIG-IP Edge Client.
Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers
Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
Implemented various OSPF scenarios on networks consisting of 7600 routers.
Configured policy based routing for BGP for complex network systems.
Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local preference.
Worked with Nagios for monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH).
Installation of vBlock products for the virtualization.
Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs in the network.
Provided full visibility and notification of authorized and unauthorized network access with integration of CISCO ASA/FWSM and NAC solution.
Installed, configured and set security policies on cisco and checkpoint firewalls, VPN.
Analyzed and tested network protocols (Ethernet, TCP/IP) using Wire shark tool.
Environment: Checkpoint-R65, R70,NGX,VPN,Solar Winds, IP, IPSEC, AAA-Radius, Tac-acs, ACS, SNMP, Infoblox, DNS, DHCP, OSPF Troubleshooting, Bigip F5-LTM-1600, 3600, GTM, Viprion, Active Directory, OSPF, EIGRP, Out-look servers,Nexus-7k,Cisco Routers-7600, 7200, 3800, Cisco Switches-2950, 3500, 5000, 6500,HSRP,GLBP,ACE-GSS-4400,VM-ware-ESXi-6,Vsphere,Vcenter,UCS
Deloitte, India Jul 12 – Mar 14
Network Engineer
Responsibilities
●Configured Cisco ASA firewalls in Single and Multiple Context Mode firewalls. Upgrade of Cisco ASA Firewall in Active/Standby mode.
●Cisco ASA Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
●Configured ASA 5510 appliance as a Firewall and as a VPN server. Troubleshoot TCP/IP problems; troubleshoot connectivity issues.
●Troubleshooting latency and throughput issues on MLPS and Dedicated Internet Access circuits.
●Cisco ASA Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
●Coordinated with higher-level support and external vendors for resolution.
●Monitored Network Management System and responded to events, alarms and trouble tickets.
●Coordinated and managed events and trouble tickets related to network failures and thus followed by technical support which included problem determination, customer notification and updates with regard to escalation(s)
●Implementing and troubleshooting firewall rules in Juniper SRX 5400, 550, 5600 Checkpoint R77.20 Gaia and VSX as per the business requirements
●Worked on Juniper SRX Versions 300, 3400, 3600, 220 implementing new and additional rules on the existing firewalls for a server refresh project
●Upgrade of Juniper firewalls and management servers from SRX 110 to SRX 5400
●Established IPSec VPN tunnels between branch offices and headquarter using Juniper SRX Firewall
●Responsible for all Juniper SRX firewalls consisting of SRX 3560, 1400, 550. Using CLI and/or Junos Space Security Director for management. Install, upgrade, troubleshoot, design, etc.
●Installation and maintenance of Cisco Layer 3 switches 3750, 4500X, 6500 and Cisco 3550/4500/6500 switches in multi VLAN environment.
●Expertise in the administration, support and operation of the Orion SolarWinds platform including Network Performance Monitoring (NPM), Network Configuration Manager, Server & Application Monitor (SAM), NetwFlow, Traffic analyzer and IP address Manager.
●Responsible for Check Point, Cisco ASA and Palo-Alto firewalls configuration and administration across global networks for providing IPS/IDS.
●Upgrade of Juniper firewalls and management servers from SRX 3750 to SRX 6509.
●Included network services such as DNS, email, web, Servers, VPN and Firewall.
●Migrated from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
●Troubleshoot TCP/IP problems; troubleshoot connectivity issues in multi-protocol Ethernet, Environment.
Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, GSR Router 1240X, Checkpoint & Juniper SRX.
Synergy Technology, India Apr 09 – Jun 12
Network Engineer
Responsibilities:
●Configured various Routing protocols such as RIP, OSPF, EIGRP, static routing.
●Maintaining Core Switches, creating VLANs and configuring VTP.
●Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
●Performed redistribution with OSPF, EIGRP, RIP version 1 and 2 to enable communication with backbone.
●Troubleshooting of Cisco 2900, 3900, 6500, 7500, 7200 Series routers.
●Configured static NAT, dynamic NAT, dynamic NAT overloading.
●Back up a Cisco IOS to a TFTP server and Upgraded and restored a Cisco IOS from TFTP server.
●In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
●Responsible for designing, implementing and troubleshooting temporary infrastructures for Live Webcasting Events
●Involved in F5 BIG IP LTM administration, familiar with enterprise level traffic managers like 6800, 3600, 1600,3400 series
●Upgrade Cisco Routers and Switches IOS using TFTP
●Installed and configured Cisco IP Phone 794x, 796x, 7937’s and IP Communicator
●Creating dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA
●Installation and management of overall administration of LAN, WAN, systems involving design of network layouts, configuration and maintenance, Commissioning Routers & Switches, firewalls, IPS and ensuring maximum uptime during site deployment to VoIP.
●Configuring and adding, moving, removing of various IP phones like (7941, 7961, and 7971)
●Knowledge on VOIP protocols like H.323, RTP, SIP and good understanding about VOIP devices.
●Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
●Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds etc.
●Implementation and configuration of F5 Big-IP LTM-6400 load balancers
●Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
●Responsible for Cisco ASA firewall administration across our global networks
Contact this candidate