Engineer Network
Resume:
Krishna V
ac2es6@r.postjobfree.com
443-***-**** EXT: 822
Network Engineer with 7+ years of experience in Designing, Implementation, Administration, Operations and Troubleshooting IP networking technologies.
Configuring, Administering and troubleshooting the Checkpoint and ASA firewall.
Sound knowledge of Routing and Switching concepts and MPLS design.
Proficient in Cisco IOS and IOS-XR for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP, MPLS
Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
Extensive experience in IOS, IOS-XR, NX-OS upgrades/downgrades on 7600, ASR9k and Nexus 7k devices.
Performed various tests such as Scale testing, Convergence testing etc on Cisco Routers/Switches using IXIA, Spirent test equipment.
Extensive experience in testing various software codes in lab, raising bugs and working with Vendors such as Cisco, Juniper to get the fixes and validate them.
Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and OTV and successfully implemented VSS on the Cisco catalyst switches.
Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies on Juniper SSG320 and SSG140 Firewalls.
Worked with the installation of Palo Alto firewall, migrated with a team from predominantly checkpoint environment to Palo Alto global solution.
Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP).
Checkpoint level 3 operations support with hardware operation and fixed all problems.
Expertise in Migration of Firewalls from Nortel Contivity to ASA, ASA to Checkpoint, Checkpoint to Palo alto and Vice Versa
Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Net screen firewalls.
Implement changes on switches, routers, load balancers (F5 LTM and CSS), Wireless devices as per Design engineers.
Experience in various concepts including VLANs, VTP, VLAN Trunking using ISL and 802.1Q, STP, RSTP, PVST+, Ether channel using LACP, Inter-VLAN routing, CEF and DCEF.
Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Experience with checkpoint firewall policies provisioning.
Checkpoint level 3 operations support with hardware operation and fixed all problems.
Worked with the installation of Palo Alto firewall. Migrated with a team from predominantly checkpoint environment to Palo Alto global solution.
Checkpoint – R60/R65/R70/R75 software version with hardware Checkpoint 11000, 21000 series with VSX environment.
Good understanding of NAT & Firewall on Aruba Controllers.
Strong hands on experience on PIX Firewalls, Palo alto, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
Experience on working, implementing, configuration and managing Juniper SA 2500/4500/6500 SA devices with secure access services 7.1/8.0.
Strong Testing experience and excellent Test Procedure documentation skills.
Professional Certification:
Cisco Certified Network Associate
Cisco Certified Network Professional
TECHNICAL SKILLS:
Routers and Switches
Cisco Switches (2900, 2924, 2950, 3550, 5500, 6500, 6509, 6513), Cisco routers (2600, 2800, 3640, 3825, 7200, 7204, 7206, 7600), ASR 9k, Nexus 7k, 5k, 2k
Protocols
RIP, RIP2, PPP, OSPF, EIGRP, IS-IS, BGP, SNMP, HTTP, FTP, TFTP, HTTP, DHCP, SMTP, ICMP
WAN Technologies
Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines
LAN Technologies
Ethernet, TCP/IP, CDP, STP, RSTP, VTP, VLAN, Trunks, Ethernet channel, MPLS.
AAA Architecture
TACACS+, RADIUS, Cisco ACS.
Firewalls
ASA, PIX, SRX, Watch guard, ASDM, CSM, Checkpoint
Operating Systems
Windows 2000/2003/2008, windows XP/7, LINUX, Redhat, UNIX, Macintosh
Servers
Domain servers, DNS servers, WINS servers, Mail Servers, Proxy Servers, Print Servers, Application servers, FTP Servers
Load balancer
F5 Load Balancer, ACE, LTM & GTM series.
Monitoring Tools
Wireshark, Fiddler, Microsoft Network Monitor, solar winds and some sniffers
Cloud Technologies
Amazon Web Services (AWS)
Testing Tools
IXIA, Spirent
Professional Experience:
Safe Way, California Sep 2016 – Till date
Designation: Sr. Network Engineer
Responsibilities:
Design, implementation and operational support of routing/switching protocols in complex environments including IS-IS, BGP, OSPF, EIGRP, Spanning Tree
Configured and troubleshoot link-state protocols such as OSPF in single and multiple areas
Involved in configuring Juniper SSG-140, SRX-240, and Cisco ASA 5585.
Configured and maintained VPCs with 7010 and 5548 in the network. Also configured and maintained VDCs in 7010 switches, maintained VRFs in those separate VDCs.
Worked on Juniper MX960, M320 routers and EX 3200 series switch.
Racking and Stacking of Cisco 3750 Switches.
Designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
Designing, installing and troubleshooting of Palo Alto firewalls.
Migration from Cisco to Palo alto firewall & Cisco to Checkpoint firewall
Configuring Overlay Transport Virtualization (OTV) on Nexus 7k,2k
Tested new software version before upgrading in production routers, performed various tests such as Scale testing, Regression testing, Convergence testing etc using testing tools IXIA, Spirent.
Configuring RIP, EIGRP, OSPF and BGP in Juniper routers.
Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunning AS-path.
Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).
Worked on layer 2 protocol such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
Enable STP attack mitigation (BPDU Guard, Root Guard), using MD5 Authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.
NX-OS upgrade in Nexus 7010 through ISSU (In service software upgrade)
Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls.
Performed Network Address Translation on Cisco ASA 8.2 and 8.3
Responsible for Cisco ASA firewall administration across the network.
Experience configuring Virtual Device Context in Nexus 7010.
Implemented firewall rules in Palo Alto firewalls using Panorama for one of the environment.
Deploying the policies on firewall using the Checkpoint’s Smart Console Manager and Smart Dashboard.
Monitoring and troubleshooting traffic on Palo Alto 5020 firewall.
Troubleshoot the FW related issues by using the Checkpoint’s client software SmartLog and Smartview Tracker.
Disney, Orlando June 2015– Aug 2016
Designation: Network Security Engineer
Responsibilities:
Experience with devices Palo alto Network firewalls such as security NAT, Threat prevention & URL filtering
Experience with configuring Nexus 2000 Fabric Extender (FEX) hitch acts as a remote line card (module) for the Nexus 5000.
Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
Adding exemption, editing policy groups on Websense Management Server.
Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
Backup and restore of checkpoint Firewall policies.
Installed and configured four PIX 525 and two ASA 5505 in customer locations. In addition to that, two PIX firewall configured for the Guest access
Installed, Configured and maintained 2600, 3600, 7613 Cisco Routers and 3750, 4500 and 6500 series Cisco Switches.
Experience in Installation, configuration, and troubleshooting on Riverbed Steelheads.
Configuring RIP, OSPF and Static routing on Juniper M
Ability to engage with vendors to resolve equipment issues and identify future needs
Provide a Bill of Material for equipment required to meet future requirements
Configured STP for loop prevention and VTP for Inter-VLAN Routing.
Provide reports on a weekly basis of all system design and maintenance activity
Hands on experience in configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
Implementing and maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
Coordinate activities between departments to ensure uninterrupted business operation
Experience with Checkpoint Firewall policies provisioning.
Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.
Adding and removing checkpoint firewall policies based on the requirements.
Involved in Configuration of Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity
Scheduled maintenance of Nexus (2248, 5548, and 7010) switches so that there are no Orphan ports in the network, and all Users to be dual homed, so that they have sufficient redundancy.
Implemented two F5s in Active/Standby setups on BIG IP 10.2.4.
ACE Cash, Dallas Jan 2014 – May 2015
Designation: Network Engineer
Responsibilities:
Responsible for design & management of juniper Netscreen firewalls, juniper switches, Cisco switches
Configuration, Troubleshooting and Maintenance of Palo alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
Create and test Cisco router and switching operations using OSPF routing protocol.
Provide design and SDN/NFV networking support using Open-Stack, Juniper Contrail and Big Switch Networks
Juniper Contrail SDN Cloud Computing Open Networking Open flow/ODL
Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).
Responsible for the secure development lifecycle environment form NX-OS to Application Centric Infrastructure (ACI) in Data center, implemented in the lab environment.
Monitored Multi-customer ISP network and troubleshooting issues in a 24 X 7 environment.
Startup Splunk Syslog for all CDC Cisco Routers/ Switch including F5’s (LTM/GTM) Analyze intrusion detection system (IDS) and intrusion prevention system (IPS). Identify detection methods and techniques such signature based detection and anomaly based detection method.
Worked on Blue Coat Proxy SG to safeguard web applications (Black listing and White listing of web URL) in extremely untrusted environments such as guest Wi-Fi zones
Application Load Balancing with F5BigIPLTM and GTM devices, Cisco ACE, and Cisco CSS appliances.
Fine-tuned OSPF metrics to avoid routing loops and ensure redundancy in
Configuration and troubleshooting link state protocols like OSPF in multiple areas.
Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
Optimized performance of the WAN network consisting of CISCO 3550/4500/6500 switches by configuring VLANs.
Axis Bank, Hyderabad Apr 2012 – Aug 2013
Designation: Network Operations Engineer
Responsibilities:
Work on different networking concepts and routing protocols like BGP, EIGRP, OSPF and other LAN/WAN technologies.
Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
Pre-Change Window work (Setting up ISE by adding Network Devices, evaluating risk of enabling
authentication on a switch) in implementing ISE Monitor Mode
Installation and configuration of Citrix NetScaler MPX 8200.
Designed, implemented and maintained WAN technologies like DWDM, MPLS, VPLS and tunneling technologies.
Expert level Knowledge on working with Wireless LAN Controller's, Cisco NCS, Cisco AP's, LWAPS, Standalone AP's and Mesh AP's.
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Expert level Knowledge on working with Wireless LAN Controller's, Cisco NCS, Cisco AP's, LWAPS, Standalone AP's and Mesh AP's.
Implemented and configured BGP, BGPv6, using policy route-maps, prefix list to regulate advertise routes from specified Autonomous Systems. Verified BGP neighbor establishment and prefix received and converged with transit providers.
Implementation configuration and troubleshooting of Check Point Firewall R 71
Designed, validated and implemented LAN, WLAN & WAN solution to suite client's needs.
Worked on Palo alto Firewalls including PA 5000 and PA 3000 series
Configuring rules and Maintaining Palo alto Firewalls & Analysis of Firewall logs using various tools
Implemented firewalls using Cisco ASA, Cisco PIX, Check Point Provider-1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
Pioneer Broadband, Hyderabad June 2010 – Mar 2012
Designation: Network Administrator
Responsibilities:
Installed and configured workstations for IP based LAN’s.
Installation and configuration of Citrix access gateway.
Configuring IPSEC VPN on SRX series firewalls.
Used Edgesight for monitoring the citrix farms and troubleshooting the Citrix related issues.
User admin on the firewalls, adding and deleting users as they come and go.
Scanning and Adding LUNS whenever Storage team assigned to UNIX server.
Work in UNIX environment, verification of Logs using UNIX commands, working on Putty.
Had a chance to troubleshoot various application issues with respect to F5.
Configured and managed networks using L3 protocols like RIPv2.
Designed and implemented remote dial up solution for clients
Upgrading and managing Linux Kernel on Red Hat Linux 5 &6 & ESX Reboots.
Efficient in cabling as per co-location contracts with loop-back testing, including all DS1, DS3, T1, T3, CAT 6 and CAT 5 connections as per defined cabling procedures.
Contact this candidate