Network Engineer Security
Resume:
Saketh
Sr Network Engineer
************@*****.***
SUMMARY
* ***** ** ************ ********** in Planning, Implementing, Configuring, Troubleshooting of networking system on Cisco and Juniper devices.
Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing systems like remedy and Magic.
Experience of routing protocols like EIGRP, OSPF, RIP, and BGP.
Excellent knowledge of TCP/IP protocols IPV-4 and IPV-6.
Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, series switches. Advanced knowledge in design, installation and configuration of Juniper NetScreen Firewall, SSG series and NSM Administration.
Worked on MX-80, MX-480, SRX-100, SRX-110, SRX-550 and EX-4200 Juniper devices.
Implementation and administration of Juniper WX/WXC devices for WAN Traffic acceleration
Strong knowledge of Vmware vSphere administration within Cisco Unified Computing System environment.
Juniper SRX and SSG series, Check Point VSX series, Cisco ASA series, Cisco PIX and Palo Alto Firewalls Administration
Knowledge of Checkpoint VSX, routers and switches
Experience in Network LAN/WAN deployment,
Experience with DNS/DFS/DHCP/WINS Standardizations and Implementation
Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches.
Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2148, 2248).
Experience in the setup of Access-Lists, and RIP, EIGRP, and tunnel installations.
Proficiency in configuration of VLAN setup on various Cisco Routers and Switches.
Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
Hands-on experience in using network stimulator tools like OPNET, Solarwinds Orion.
Experience deploying BIG-IP F5 LTM, GTM Load Balancers for load balancing and traffic management of business application.
Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
Strong knowledge in HSRP, VRRP redundancy Protocols.
Experience in Network Management Tools and sniffers like SNMP, Wireshark and Cisco works.
Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, VOIP-Cisco Call Manager installing and configuring proxies.
Access control server configuration for RADIUS & TACACS+.
Hands-on experience using Cisco Virtual Switching System (VSS).
Knowledge of advanced technologies like Multicasting, MPLS and MPLS-VPN.
Good knowledge on Riverbed Virtual Services Platform (VSP) and Big-IP F5 Load balancers.
Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.
Sound knowledge of virtual firewalls like checkpoint VSX, IDS, IPS, encryption techniques including virtual systems.
Good knowledge on VLAN Trunk Protocol (VTP).
Design, configure, troubleshoot and implement wireless and/or data networking(LAN/WAN) solutions for mid-sized to enterprise-level clients
Conduct Wireless RF Surveys and document results
Develop comprehensive project-based System Designs, Network Diagrams, Migration Plans, and Test Plans
Effectively communicate with internal Account Executives and potential clients to assess and make solution recommendations
Extensive knowledge of computer hardware and software applications.
Excellent leadership with good written and oral communication. Great team player and able to work under pressure 24x7 duty rotation
Responsible for the build out of Volo Data Center with emphasis on Fabric Path and OTV implementation
Worked on OTV to extend L2 VLANs between data centers over IP on Nexus 7010 switches
Manage a team of Buyer/Planners supporting six distribution centers nationally for OTV projects
Configuring cisco switches with NX-OS and IOS-XE& implementing VLANs
Work as Layer 3 IP Network Engineer on ASR9k Edge router with IOS-XE Platform in a network lab environment.
Research and apply Cisco IOS-XE images to L3 Catalyst 3650 switches
Supporting and running four Cisco catalyst Switches 4500, 6500, 3650, 3560, 3750 (inter VLAN routing and EIGRP)
Configuration of IPSEC, DMVPN and GRE tunneling technologies
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/ GRE to GetVPN
Certifications:
CCNA, CCNP
Technical Skills:
Cisco routers: Cisco 7200,2800,2600,3800,3600(ISO -Version 12.0, 12.2)
Cisco Switches: Cisco Catalyst 6509,6513,3500,5500,5000,2900(IOS- Version 12.4)
Cisco nexus data center switches: 7000, 5000 (NX- OS version 5.1,5.2)
Load Balancer: Cisco CSS, F5 Networks (Big-IP)
WAN Optimization: Cisco WAAS, PPP Multilink
Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing
Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi- Layer Switching, Multicast Operations, Layer 3, Switches, Ether-channels, Transparent Bridging
Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
Tools: NetScout, Genius One and Performance Manager
Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP
Management
AAA Architecture: TACACS+, RADIUS
Cryptographic Algorithms: DES, 3DES, RSA, SHA, MD5, Diffe-Hellman Key exchange.
Firewalls: Checkpoint, Cisco ASA, Cisco PIX, Juniper SRX
Other Networking technologies : TCP/IP, MPLS, VoIP, H.323, VPN, IKE, IPsec
Application Software: Packet tracer, GNS3, wire shark.
Operating Systems: Windows XP/Win 7, Ubuntu, Mac OS.
Network Management tools: Solar winds (Network Configuration Manager, Network Performance Monitor)
PROFESSIONAL EXPERIENCE
US Foods, Rosemont, IL Jul 2016 - Present
Sr. Network Engineer
Responsibilities:
Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201 and 3945E.
Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches by enabling networked devices to communicate effectively
Hands-on knowledge in configuring cisco 3500, 4500 series switches to implement information sharing and resource allocation for increased productivity.
Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, WISM, STP (Spanning tree Protocol), RTSP & Multicasting protocols
Helping them to set up point to point OSPF connection on their Cisco and juniper routers like MX, EX, ASR series devices with their current network
Worked on In-Service Software Upgrade Infrastructure which enables user to upgrade between two di
erentJunos OS releases with no disruption on the control plane and with minimal disruption of traffic
Automated network implementations and tasks and designed monitoring tools using python scripting
Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure
Work in groups with other engineers to solve customer network complications.
Monitoring tools: Design, implementation, tuning and troubleshooting. Worked on to pre-configure router in data center for new connection as network design structure.
Managing data center and network by using solar winds, NPM, NTA, NCM and F5 load balancer and citrix load balancer
Working on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices.
Set up point to point OSPF connection on juniper SRX and SSG series.
Tested JUNOS images on juniper MX router platforms covering various protocols and technologies like OSPF, BGP, LDP, MPLS, Layer3 VPNs
Working on to set up OSPF dynamic routing on Cisco ASA Firewalls by using and following their current network structure.
Monitor, operate and support network security devices such as cisco ASA, juniper and checkpoint VSX firewalls
Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs.
Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and 9000 Core with VPC and 3172 TOR.
Incorporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-protocol Label Switching(MPLS)
Working on as security devices Cisco ASA series, checkpoint VSX, juniper SRX & SSG series, Palo Alto firewalls.
Configuring rules and Maintaining checkpoint VSX, Palo Alto Firewalls & Analysis of firewall logs using various tools
Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
Firewall policy configuration on Checkpoint, ASA and Palo Alto Firewalls. Site to site VPN configuration checkpoint firewall ASA and Palo alto Firewalls.
Migrated firewall rules from Cisco ASA to Palo Alto and Checkpoint Firewalls. Remote access VPN configuration and administration on Cisco ASA 5540 firewalls.
Establishing VPN Tunnels using IPSec encryption standards and configuring and implementing site-to-site VPN, Remote VPN.
Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
Designed & implemented VPN connectivity for customer premise equipment to Cisco VPN 3000 series concentrator.
Experience in site-to-site and remote access VPN solutions. Configured security policies including NAT, PAT, and VPN, Route-maps, Prefix lists and Access Control Lists.
Managing & administering Cisco WSA. Experience Network security concepts and systems including F5, WSA, Palo Alto, ASA.
Responsible for deploying, maintaining, and monitoring Cisco IronPort email and web security appliances (ESA, WSA respectively).
Hands on experience in F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs
Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
Documenting workflow process, managing and implementing standard policy and procedures.
Worked in AWS technologies that support automation using cloud formation to create EC2 instances
Configured and managed tool that auto discovers auto scaling EC2 instances in VPC
Worked with automation tools such as puppet, implementing cookbooks in chef, Jenkins, etc.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Hands on Experience testing iRules using Browser(IE), HTTP watch.
Dealt with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency, redirection of the URL.
Migrated multiple sets of F5 LTM devices from version 10.x to version 11.x operating systems.
NiSource, Merrillville, IN Jan 2015 – Jul 2016
Sr. Network Engineer
Responsibilities:
Implementation and Troubleshooting Cisco Routers such as Cisco 1900, 2900, Cisco ASR 1k and Cisco 9k.
Experience working with ASR 9000 series switches with IOS-XR
Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version
Migrated juniper firewalls to Palo Alto network firewalls and carried out troubleshooting and configuration of the same.
Configuring Cisco Switches Such as 4500, 6500, stack switches 3750.
Configuration and Administration of Cisco and Juniper Routers and Switches
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256
Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer
Hands on Experience testing I Rules using Browser (IE), HTTP watch for f5 load balancers.
Configure and Juniper EX and MX series switches and routers
Worked on Network Layer technologies including Routing & Signaling protocols, Layer3 VPN and Multicast
supported by juniper core and edge, MX series routers
Experience working with JUNOS OS on juniper routers and Switches
Configured LDP, OSPF, and BGP for new deployments of core/edge routers (Cisco and juniper).
Implemented antivirus and web filtering on Juniper SRX 240 at the web server
Migrated Juniper EX series switches to Cisco 3500 series and 6500 series switches
Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data Environment
Created documents for various platforms including Nexus 7k, ASR1k enabling successful deployment of new devices on the network
Experience configuring Virtual Device Context in Nexus 7k series switch.
Experience with configuring Nexus 5000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
Experience configuring and managing Cisco Web Security Appliance (WSA) in an enterprise environment.
Expertise in VPN configuration, routing, NAT, access-list, security contexts in ASA firewalls.
All-encompassing execution& configuration proficiency of Firewalls, Cisco ASA Appliance ASA 5510.
Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS) and deploying GRE Tunnel.
Experience in analyzing security logs generated by Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, network flow systems, Anti-Virus, and/or other security logging sources.
Monitor SIEM and IDS/IPS feeds to identify possible enterprise threats. Actively investigate, respond to and remediate security incidents
Network security including NAT/PAT, ACL, and ASA Firewalls.
Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as Firewalls and URL and application inspection
Good knowledge with the technologies VPN, WLAN and Multicast.
Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing
Protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and
Followed the change process as per IT policy It also includes the configuration of port channel between
Experience with communicating with different with different customers, IT teams in gathering the details
for the project
Serve as part of a team of network engineers responsible for network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches across multiple offices.
Design, implement and administer enterprise network infrastructure utilizing Juniper routers across locations.
Installed dual DS-3 SAN replication WAN with Riverbed Interceptors and 6050 Steelhead appliances to
optimize the traffic
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
Experience in migration with both Checkpoint and Cisco ASA VPN.
Hands-on experience with converting Checkpoint VPN rules over to the Cisco ASA solution.
Configured, Monitored and Troubleshot Cisco's ASA Security appliances
Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port \Security, STP and RSTP.
Experience in installing and configuring DNS (BT Diamond), DHCP servers.
Replace branch hardware with new 3900 routers and 2960 switches.
Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used
for local routing only) which involves new wan links.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports,
Setting the user ports to non-trunking, deployed port security when possible for user ports
DesigningF5 solutions/support for migration work of applications and websites from Cisco CSS Load
Balancers to the F5 Big-IP Load Balancers.
Installed and Configured the F5 BIG-IP LTM, configured virtual servers and associate them with pools for
Internal web servers.
Involved in configuring Juniper SSG-140 and Check point firewall
Involved in the TACACS+ implementation.
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP,
Disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention
Worked on configuration commissioning and upgradation of the MPLS circuits for various branch offices.
Knowledge of modifying and maintaining bluecoat proxy pac files
Managed LAN, WAN and bluecoat proxy servers
Added websites to the URL filtering blocklist in bluecoat proxies .
Responsible for leading and implementing IP network build-outs and provide Tier2/3 operational production support in a mixed Cisco Router/Switch/Wireless, Load balancer, Infoblox, Palo Alto Global Enterprise network.
Entered new network devices In Infoblox, reserved IP in DNS for UPS / Switches for deployment.Made dhcp and dns changes through infoblox.
Configured DNS entries through the use of Infoblox. Used Infoblox to create and manage newly created DHCP scopes.
Responsible for Enterprise DHCP Server (InfoBlox) and VPN, SSL, and NetMotion Accounts.
Citibank, Jersey City, NJ Oct 2013 – Dec 2014
Network Engineer
Responsibilities:
Implemented antivirus and web filtering on Juniper SRX 240 at the web server
Dealt with creating VIP (virtual servers), pools, nodes and applying I Rules for the virtual servers
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
Configured cisco ASA 5510 firewall to establish logical separation between Legacy network & lab environment.
Performed network monitoring, troubleshooting, implementation and maintenance of juniper and checkpoint firewalls
Migrating the policy from cisco ASA firewalls into Palo-Alto & vice versa.
Implemented Zone Based firewall and Security Rules on the Palo Alto Firewalls
Regularly performed firewall audits around CheckPoint firewall solutions for customers.
Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
Modified internal infrastructure by adding switches to support server farms and added servers to existing
DMZ environments to support new and existing application platforms.
Experience with converting cisco catalyst 6500 switches to Cisco Nexus in the data Center environment
Associate. Responsible for design, installation, configuration, administration and troubleshooting of LAN/WAN network infrastructure and security using Cisco and juniper routers
Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-3600 load balancers
Routine Administration (Design, Implementation & Operations support) of Citrix, BIG-IP and F5 load balancers
Provided Layer-3 redundancy by implementing HSRP and GLBP for High availability
Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
Troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP, MPLS
Implemented Access lists and policy mapping on Juniper routers installed in each branch across all the locations.
Worked on external customer wireless network infrastructure
Supported day to day operational needs for customer infrastructure
Support pre-sales wireless network engineering activities
Leverage understanding of LAN/WAN technologies in order to support, design, and integrate complex wireless LANs
Worked with a team on planning, designing, configurations, deployments and support of LAN/WAN/WLAN infrastructure
Worked with VMware hypervisor and virtualization monitoring tools.
Participated in the evaluation of vendor hardware, software, and wireless communications products
Operational support and troubleshooting of production wireless network issues
Provided technical support case escalation for customer wireless infrastructure
Documentation of advanced enterprise wireless solutions and designs
Wireless design and validation, including RF site surveys of complex indoor and outdoor deployments
Supported internal wireless network infrastructure operational requirements
Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
Experience working with ASR 9000 series switches and routers with IOS-XR
Experience with deploying PIM Sparse-mode/Dense-mode multicasting in Campus locations.
Design, implement and administer enterprise network infrastructure utilizing Juniper routers across locations.
TMG Health, Jessup, PA Apr 2011 – Oct 2013
Network Engineer
Responsibilities:
Experience in software development using python scripting
Experience in working with cisco ASA firewalls
Implement Cisco IOS Firewall IDS using 2600 series router
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
Configured and debugged policy based routing for special traffic, route filtering with route maps, route redistribution.
Configured VLAN Trucking 802.1Q, STP, and Port Security on Catalyst 6500 switches.
Performed OSPF, BGP routing protocol administration.
Worked on F5 load balancers and ASA firewalls
Router memory & IOS upgrade with TFTP.
Network Assessment and Documentation (including technical, operational, and economic assessment)
Responsible for designing and implementation of customers network infrastructure
Help negotiate hardware, software, and circuit contracts for customers
Redesign customers office copper and fiber cable plant for scalability
Build and maintain Visio documentations for Clients
Was Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
Ensured network, system and data availability and integrity through preventative maintenance and upgrade.
Reliance Communications, Mumbai, India Aug 2008 – Mar 2011
Network Assistant
Responsibilities:
Support for new store rollout, circuit and wan installations
Configured and supported multiple remote site installations
IP Address management using IPAM
Maintain and troubleshoot Hub and spoke frame relay with EIGRP
Installation & configuration of ISDN BRI/PRI circuits.
Implement port security on Cisco switches
Responsible for monitoring & operations of all data network related products and services
Contact this candidate