Engineer Network
Resume:
Surendra
******@*******.***
SUMMARY:
CCNP Certified Network Engineer with 8 Years of experience in planning, implementation, configuration, network designing, troubleshooting, maintenance and management involving LAN and WAN wireless Technologies.
In-depth experience/ knowledge in implementation, administration, and support of Cisco/Juniper devices for both networking and security.
Designing, implementing and troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
Designing, implementing and troubleshooting Cisco routers (800, 2800, 2600, 3800, 7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Cisco PIX & ASA devices.
Experience in Cisco security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
Configuring security policies including NAT, PAT, VPN’s and Access Control Lists.
Implementing security policies using ACL, PIX firewall, ASA and Routers.
Knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, Noting, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
Experience working with High performance data center switch like Nexus 7000 series.
Experience working with Nexus 7010, 5000 and 2000 Series.
Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system like Remedy Ticketing System.
Experience working with F5Load Balancer LTM and GTM module.
Experience with IPAM in planning, tracking and managing DNS/DHCP network.
Experience in configuration of VLANS, Trunks and VTP.
Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wire shark and Cisco works to support Network Operation Center.
Worked in management of DNS for DMZ/External servers manually.
Experience with different Network Management Tools and Sniffers like Wireshark (ethereal), HP-Open view, RSA envision, and Cisco works to support 24 x 7 Network Operation Center.
Experience with F5 load balancers and Cisco load balancers (ACE and GSS).
Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
Strong experience on Juniper SSG series Firewalls and Checkpoint R75, 76 Firewalls.
Experience with convert PIX rules over to the Cisco ASA solution.
Network security including NAT/PAT, ACL, VPN Concentrator.
Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
Provides technical leadership for problem escalation and resolution.
Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.
Hands on experience on Up-gradation of Cisco IOS & Firmware of different Cisco devices &
modules
TECHNICAL SKILLS:
Cisco Routers ASR900, ASR1000, 2600, 2900, 3600, 3800, 7200, and 7600.
Cisco L2 & L3 Switches 2960, 2900, 3550, 3560, 3750, 4510, 4900, 6500, and Nexus 5K/7K.
Routing Protocols RIP v1/v2, OSPF, EIGRP, IS-IS, BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.
Switching Concepts VLAN, STP, RSTP, VTP, Ether Channel, Port Fast, IP access Control lists, Uplink Fast and Backbone Fast, HSRP, and VRRP.
LAN Technologies Ethernet, Fast Ethernet, Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing,
VTP, STP, RSTP, Light weight access point, and WLC.
WAN Technologies Frame Relay, PPP, HDLC, Channelized links.
Gateway Load Balancing HSRP, VRRP, GLBP.
Various Features IOS and Features, DNS, DHCP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.
Network Monitoring Tools Wire Shark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, HP open view, Ethereal.
AAA Architectures TACACS+, RADIUS, and Cisco ACS.
Facilities DS0, DS1, DS3, OCX, T1/T3.
Load Balancers Cisco CSM, F5 Networks (Big-IP) LTM 8900, and Cisco ACE 4710.
Operating Systems Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7), and Linux.
Firewall & Security ASA Firewall (5505/5510,5550), Checkpoint, Cisco ASA, Juniper net screen (500/5200), Juniper SRX (650/3600), Pix (525/535), McAfee Web Gateway, Checkpoint (R62, R65, R70, and NGX), Palo Alto, and Fort iGATE 5000-series.
CERTIFICATIONS:
Cisco Certified Network Associate (CCNA).
Cisco Certified Network Professional (CCNP).
PROFESSIONAL EXPERIENCE:
PetSmart, Philadelphia, PA Apr 2016 - Present
Sr. Network Engineer
Responsibilities:
Configured Routing protocols such as EIGRP, OSPF, BGP static routing and policy based routing.
Configured name resolution on F5 Load balancers and contributed as a consultant to teams in need of High availability DNS.
Experience with the New switch/Server installations, assigning VLANs, Trunking, MST and respective port configurations including Management IPs with NX-OS, IOS
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
Experience in configuring, upgrading and verifying the NX-OS.
Design, Deploy, Manage, Troubleshoot Cisco Nexus 9K, 7K, 5K, 3K, Cisco Cat 6509, 4948, 3560, 3750, Cisco ASA 5585, 5525-X, 5512, Cisco ASR 9006, 1006, 1002
Experience in working with Cisco Nexus 9k, 7k, 5k, 2k Switches and Virtual Port Channel configuration
Installation of Cisco ASA 5500 series firewalls, Cisco 3500, 4500, 6500 series switches.
Configured HSRP and VLAN trunking 802.1Q, VLAN Routing on Catalyst 6500 switches.
Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series.
Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
Detailed knowledge of critical routing and switching features such as Class of Service/Quality of Service, Traffic and Performance Engineering, High Availability, and IP Services such as FTP, NAT/PAT, and NTP
Configure NAT and HIDE such as Dynamic, Static, and Manual NAT policies as required for user traffics going out to the internet.
Configured and troubleshooting Cisco unified UC560 manager VoIP systems
Created standard access lists to allow SNMP, NTP and logging servers.
Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
Researched, designed and replaced aging Checkpoint Firewall architecture with new next generation Palo Alto appliances serving as Firewalls and URL and application inspection.
Configured and maintained IPsec and SSL VPN's on Palo Alto Firewalls.
Investigation and resolution of 3rd line network support incidents.
Configuration, support and administration of Palo Alto and Checkpoint and to migrate all gateways and management servers to new hardware and software
Install, upgrade and configure Next-Gen Palo Alto Firewall series PA-200, PA-500.Installed Palo AltoPA-3060 Firewalls to protect Data Center.
Infoblox DNS IPAM for DNS/DHCP setup and management
Configured OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
Implemented DHCP, DNS, FTP, TFTP, SSH services for monitoring and automatic IP assignments for the guest clients.
Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Worked on migrating the LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations.
Worked on updating pools, members and nodes using the GUI interface for the local traffic managers.
Addressing Change Management request and support key projects, IPAM (IP Address Mgmt.), Performance Monitoring and event management.
Configured Cisco ASA 5510 Firewall to establish logical separation between legacy network & lab environment.
Working on Cisco 4400, 5500 series wireless controllers, Cisco 1130, 1140, 1200 3702, 3602 and 2600 Series Access point.
Experienced in DHCP DNS, AD, NIS, NFS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LDAP, HP Network, security management and system troubleshooting skills
Designed and Implemented DMZ for FTP, Web and Mail Servers with CISCO PIX 525 and PIX515E
Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wire shark and Cisco works to support Network Operation Center
Managed Cisco ASA firewall appliances and updated IPS featured signatures.
Experience with Network Automation using Perl, Python scripting
Exxon Mobil Information, Spring, TX May 2015 – Mar 2016
Network Data Engineer
Responsibilities:
Experience with Designing, Implementing and Troubleshooting Cisco Routers and Switches using different routing protocols like RIP, OSPF, EIGRP, BGP, ISIS & MPLS L3 VPN, VRF.
Hands on experience with LAN protocols like STP, RSTP, VTP, VLAN and WAN protocols like Frame relay, PPP, port channels protocols like LACP, PAGP.
Troubleshooting for complex layer 2 and Layer 3 as well as hardware incompatibility issues on the Nexus Data Center Switches using bottom up approach.
Implemented Layer 3 switching on sites using 6500 and 5500 switches that provide both L2 and L3 functionalities. Worked both on Cat IOS and IOS software, merging existing 5000 series Catalyst switches with new 6500 Series.
Installed, Configured and Troubleshoot Cisco Nexus 7K, 5K, with FEX extenders nexus 2K, in high availability. Configured vPC on nexus 5K for redundancy,
In-depth knowledge and proven expert proficiency in designing, engineering, configuring, and maintaining of large enterprise firewalls such as Check point, ASA and Palo Alto
Hands on experience with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
Configured and maintained IPSEC tunnels on Palo Alto Firewalls.
Maintained a Network with more than 600 Network devices and 20K end hosts.
Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
Exposure to wild fire feature of Palo Alto.
Planning and deployment of Cisco Identity Service Engine Solution.
Migration of network devices (Palo Alto, F5, Juniper, Aruba, Riverbed, Routers& switches) from one zone to other. Changing the management IP address.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher(RD), Route Target(RT), Label Distribution Protocol (LDP) & MP-BGP
Working Knowledge of Cisco IOS, Cisco IOS-XR, Cisco Cat OS, Cisco NX-OS
Implemented F5 Local Traffic managers (LTM), Global traffic manager (GTM), APM and ASM of series 8900, 6400, 6800, 3400, 5100, 3600.
Has done the Configuration on BIG IP (F5) Load balancers and also monitored the Packet Flow in the load balancers.
Worked as part of a team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
Update and record location and IP address management information systems in IPAM and Excel spreadsheets.
Worked on implementation and troubleshooting cisco LWAPP/CAPWAP Wireless Infrastructure
Installed and configured Cisco ASA 5500-X series firewall
Troubleshoot network issues; Racking and Stacking, Power assessment, KMV installation, cable management, raid configuration and implementation. DNS WINS, DG, IPv4/IPv4 Protocols and Subnet Classes, DFS, DMZ, DHCP, Static, IIS, VLAN and VPN Technologies, Brocade Switches.
Worked in wireless RF site surveys and RF spectrum analysis, documenting results, and provide recommendations on optimization and performance improvements.
Experience working with NX-OS 7010,7018, 5020, 2148, 2248 devices
Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
Configured, installed, & managed DHCP, DNS, & WINS servers
Scripting in Perl and Python to implement new functionalities in Cisco Intrusion Prevention and Detection
Configuration and Maintenance of ASA 5580-20, ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
Administrating on F5 LTM, GTM, ASM, APM on series 5050, 8900
Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
Python scripting for automation of difficult tasks
Environment: Cisco 3750/3550/3500/2960 switches and Cisco 7200/3700/3600/2800/2600/2691 routers, IGRP, RIP, OSPF, BGP, VPN, VLAN, DMZ
Atos, Irvine, CA Feb 2014 – Apr 2015
Network Security Engineer
Responsibilities:
Configured and deployment of routing protocols OSPF, EIGRP & BGP over Cisco Routers in Production environment.
Experienced with 1800, 2800, 2500, 2600, 2800, 3600, 3800, 3900, 7204, 7606 series Routers.
Worked on Layer 2 Switching and Cisco Nexus and did implementation on multiple sites, specifically Cisco 6509, 6513, 3750, 3850 and 4510 switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
Performing troubleshooting on VPN connectivity issues, slow network connectivity issues, identifying the root cause of the issues.
Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.
Installation, configuration and maintenance of Check Point R77.XX firewalls.
Configured and monitored Firewall logging, DMZ's and related security policies.
Updated Perl code to track down MAC addresses to a specific switch port
Performed Checkpoint firewall upgrade of firewalls from R76 and to R77 to R77.20 and R77.30.
Responsible for maintaining the IPAM, DNS, DHCP of the entire corporation using Infoblox
Configuration of ACLs in Check Point 77.30 firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
Responsibility is to design and deploy various Network Security & High Availability products like check Point R 77.XX and other Security Products.
Responsible for building and maintaining site to site VPN tunnels from core.
Managing a TACACS server for VPN user authentication and network devices authentication
Configuring IPSEC VPN on SRX series firewalls
Migrated Nortel SR1004 with Check Point R77.30 for implementing Site-to-Site VPN.
Implemented firewall auditing for effective functioning.
Upgrading code on Palo Alto firewalls PA5050/3020 to meet company security policy.
Implementing firewall changes and policy pushes when necessary.
Provided high level of security to the network by installing ASA 5520 along with ACLs
Configuration and Maintenance of ASA 5580-20, ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
Performed audit for Nortel and Brocade switches used in Network
Expert level knowledge of Cisco network security (IDS, ASA 5500 Firewall), network redundancy (HSRP, GLBP and VRRP)
Transitioned our DMZ firewalls from Cisco ASA to Palo Alto IDP, including Cisco s
on Core network switches
Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel for Brocade switches.
Involved in Configuring and Maintaining Cisco ISE Combining authentication, authorization, accounting.
Testing the firewall configurations before deploying at different remote sites.
Performing firewall deployments for different remote sites like community centers and fire stations.
PiLog India Private Limited, Hyderabad, India Jul 2011 – Jan 2014
Network Engineer
Responsibilities:
Installation and Configuration of wide variety of Cisco Routers such as 3600 series and Layer 2 switches such as 1900, 2900
Installed, Configured and troubleshooting performed on Cisco ASA 5500
Configure and Troubleshooting FortiGate firewall Appliances to Restrict Inbound Traffic from Untrusted Sources as endpoint security.
Configure the access policies and VPN policies in checkpoint firewall.
Implementing and Troubleshooting VLANS, Trunks, VTP & STP.
Configuration of ACLs in ASA 5500 firewalls for internet access for server/hosts in LAN and DMZ as requested by management
Experience with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network.
Configured VLANS on multiple catalyst switches performed troubleshooting on TCP/IP network problems, Administered Frame-Relay and networks.
Configured the Cisco router as IP Firewall and for NATing Configured RSTP, MST and used VTP with 802.1q trunk encapsulation.
Worked on Cisco routers 7200, 3800, 2800 and Cisco switches 4900, 2900
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include
Configured Firewall logging, DMZs & related security policies & monitoring
Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco PIX Firewall
Enabled STP Enhancements to speed up the network convergence that include Port-fast, Uplink-fast and Backbone-fast
Configured network access servers and routers for AAA Security (RADIUS/ TACACS+)
Responsible for Configuring SITE_TO_SITE VPN on Cisco Routers between Head Quarters and Branch locations
Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
Involved in troubleshooting of DNS, DHCP and other IP conflict problems
Used various scanning and sniffing tools like Wire-shark
Designed, configured, implemented site-site VPN on cisco ASA 5500 firewall.
Configured Firewall logging, DMZs & related security policies & monitoring
Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard
Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on Cisco PIX Firewall
Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM, GTM, ASM, APM
Worked on migration from F5 LTM to A10 LTM
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation.
Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall
Perform real-time system monitoring, traffic tracking, and trend analysis using Perl scripts to collect data on transceiver location and activity, and Cisco IOS commands.
Environment: CISCO 2600, 2800 and 3200, 3600 series routers, CISCO 1900, 2900, 3300 and 2950 switches, Routing Protocols (Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET).
Protechsoft Technologies Pvt Ltd, Chennai, India May 2009 – Jun 2011
Jr. Network Engineer
Responsibilities:
Installation and Configuration of wide variety of Cisco Routers such as 3600 series and Layer 2 switches such as 1900, 2900
Configure the access policies and VPN policies in checkpoint firewall.
Implementing and Troubleshooting VLANS, Trunks, VTP & STP.
Experience with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network
Configured VLANS on multiple catalyst switches performed troubleshooting on TCP/IP network problems, Administered Frame-Relay and networks
Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel for Brocade switches.
Configure and setup Cisco Firewalls, VPN Concentrators and Security appliances for access to vital business applications
Automated tasks in both Linux and Windows with scripting technologies (Perl, python).
Maintain efficient functional systems, network, and communication connectivity for all users, keeping current on new developments for all assigned areas.
Analyze, plan, test, implement, and trouble shoot systems, LAN/WAN Local Area Network, Wide Area Network and Communications Network Systems.
Configure and install client and server network software for upgrading and maintaining network systems; maintain multi-site network operations
Manage the configuration aspects of network devices such as configuration file management, inventory management, and software management.
EDUCATION
Bachelor of Technology from Manipal UNIVERSITY.
Contact this candidate