Shiva Kumar

Phone: 848-***-****

Email: ac2iht@r.postjobfree.com

Professional summary:

Network Professional with Around 9+ years of experience in Design, Deployment, Security, Troubleshooting and Management in Branch, Campus and Data Center environments.

Extensive hands-on knowledge of a wide range of technologies, tools, protocols, TCP/IP and OSI models.

Adept at solving business needs by utilizing and integrating best practices and leading edge technologies.

Design and implementation experience in building Cisco ASA Firewalls, Palo Alto firewalls, F5- Load balancer, Juniper firewalls and FWSM Blade modules on Cisco Switches. AIP-SSM Modules and IDSM modules from CISCO and Sourcefire IPS.

Experienced in DNS, SMTP, FTP, HTTPS, remote access L3VPN solutions and protocols such as STP, RSTP, PVST, HSRP and VRRP. Implementation of traffic filters on Cisco routes using Standard extended NAC (Network Access Control) list.

Experience in Integrating ISE with external identity stores such as Windows AD, Cisco ACS LDAP. Supported Cox Communications with a nationwide Cisco ACS deployment. Exposure to SDN and Network Function Virtualization (NFV) technologies like Cisco ACI.

In-depth expertise in analysis, implementation, troubleshooting & documentation of LAN/WAN Architecture and good experience on IP services.

Analyzed information provided from existing legacy AAA system to migrate to ACS.

Hands-on experience on IP Addressing, Sub-netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts and Cisco ISE (identity service engine).

Extensively worked on Juniper models EX 2200, EX 4200, EX 4500, MX-480, M Series, SRX210 and SRX240, understanding DOCSIS 2.0/3.0/3.1.

Design and implementation of juniper Failover, Active/Active failover (Multiple Context), Active/Standby Failover and Checkpoint Cluster XL and VSX.

Worked on Cisco Firewalls Cisco ASA (5505, 5506-X, 5585Series), Checkpoint R75, 76Firewall, configured Palo Alto firewall and Cisco Pix Firewalls (525, 520, 515, and 506).

Administrated a network using Network Access Control List (NAC) to enhance security of the LAN network.

Designation and Implementation of Aruba Wireless solution including Aruba S3500 mobility switch, Aruba105, 175, 225 Campus AP, Aruba 7210 & 7220 AP Controller. Experience configuring Virtual Device Context in Nexus 7k, 5k and 2k.

Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.

Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2003/2008, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments.

Experience Working with F5 based profiles, Virtual IP's, iRules for virtual IP's, monitors and pool members. Hands on experience on automation and tools such as Python

Experience working with ASR_9000 series switches with IOS_XR. Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Environment.

Experience in Solar Winds Network Performance Monitor (NPM), Network Configuration Manager (NCM), Network Traffic Analyzer (Net flow) and IP Address Manage.

Configuration and troubleshooting of Cisco PIX Firewall in a failover configuration. Handling and managing antivirus server and client support for Escan, quickheal, sophos.

Technical Knowledge on Cisco DMZ, ASA 5500 series, Cisco Prime, Riverbed Shark, Packet Design Route Explorer and IPSLA.

Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.

Experience in troubleshoot network issues including boundary protection devices, Cisco Nortel/Avaya and Bluecoat Proxy Servers. Implementation of DHCP, DNS, FTP, TFTP, MPLS, ATM and ISDN

Trunk, Vlan, Ether channel, port security, routing protocols including EIGRP, OSPF & BGP and Other related technologies such as multicasting, IP Telephony & IP Video.

Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.

Advanced knowledge of VMware tools stack-v Realize Application Services. Ability to manage all phases of network installation and administration.

Manage and maintain enterprise telephony infrastructure, including PBX administration, VOIP/SIP architecture, ACD/IVR functions, vendor and client management. Extensive Knowledge of voice communications technology and VoIP Protocols

Good knowledge on implementing F5 BIG-IP load balancer, F5 GTM based on topology load balancing methods and LTM, GTM series like 6400, 6800, 5000 and 2000 for the corporate applications and their availability

Cisco ASA 5510 and 5585-X Series Firewalls, VPNs (Site-to-Site, Remote user), RADIUS, LDAP, and TACACS+.

Managing and maintain SOPHOS antivirus server and clients.

Expertise in Unified Communication (UC) technologies including SIP trunking, Session Border Controller (SBC), IP-PBX, PSTN gateway.

Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems.

Excellent interpersonal, communication and organizational skills with the ability to interact effectively with employees at all levels within the organization.

Implementing security policies using Cryptography, ACL, AAA Security on different series of routers.

Experience with different Network Management Tools and Sniffers like Wireshark (ethereal), HP-Open view, RSA envision, and Cisco works to support 24 x 7 NOC.

Configure VRRP&GLBP and VLAN Trunking 802.1Q&ISL, STP, Port Security on Catalyst 6500 switches.

Knowledge of JUNOS platform and worked with JUNOS upgrade of Juniper devices.

Technical Skills:

Network Hardware : Cisco routers (1900, 2600, 2800, 2900, 3600, 3800,

3900, 7200, and 7600), Cisco L2 & L3, Juniper (JUNOs) routers

& firewalls, Cisco ASA, Cisco PIX, Cisco Checkpoints, Catalyst

Switch (2900XL, 2950, 2960, 3560, 3750, 4500, and

6500), Nexus switch (2248, 5548 &7010), Cisco

Firewalls and Blue Coat Proxy Servers.

Protocols : Routing (RIP, EIGRP, OSPF, OSPFv2, BGP, Static

Routing), VoIP, SIP, MPLS, SDN, NFV, Summarization, Redistribution,

Switching (VLANS, Trunking, Inter-VLAN, STP,

RSTP), NTP servers, DNS, UDP, TCP/IP, TFTP server,

IEEE 802.1Q and Multi-layer switching.

LAN/WAN Technologies : Ethernet, NAT, PAT, SMTP, DNS, DHCP, Frame- Relay, SNMP, ATM, Metro-Ethernet, ISDN, PPP, HDLC and VPNs.

Wireless standards : 802.11 a/b/g/n, 802.3 standards, WEP.

Security : Network Access Control list (NAC), address filtering,

TACACS+/Radius, SOPHOS antivirus, port Security, IPsec, SSH and

Cisco Access Points.

Load balancer : F-5 BIG-IP LTM (3900 and 8900), F-5 GTM, and Palo Alto-3060/2050.

Management tools : Cisco Prime, Cisco ISE, Wireshark, Riverbed shark OPNET

Modeler, Putty, Telnet, VMware, Solar winds, MS

Office and Visio, Packet design Router,

Operating system : Windows, Linux

Microsoft Office : Word, Access, Powerpoint.

Certifications:

Cisco Certified Network Professional (CCNP)

Cisco Certified Network Associate (CCNA)

Education:

Bachelor’s degree in Electronics and Communications from JNTU-H

PROFESSIONAL EXPERIENCE:

EMC, Santa Clara, CA Feb2016 - Present

Sr. Network Security Engineer

Responsibilities:

As a Sr. Network security Engineer Working with Different Teams supporting ASA Firewall, F5 Load Balancer, Wireshark and Blue coat Proxy Servers.

Creating security and access policies to the end users using Cisco ISE connected within the network.

Removed huge amounts of redundant Access Control Lists from various ASA 5500 series Firewalls as part of the Firewall Rule Optimization Project.

Worked on Palo Alto Firewalls and the Panorama Network Security Management Box in order to route over the data logs to the Logging device.

Configuring IPSEC VPN on SRX series firewalls.

Responsible for core infrastructure to include two functional data-centers, as well as multiple office locations.

Integrated Cisco Security Manager with Cisco ACS Server 4.1.

Responsible for the agency's and telecommunications systems.

Responsible for entire LAN and WAN/WLAN maintenance and troubleshooting of the company network. Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements.

Mentor and educate team members on various network technologies and equipment.

Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using CLI.

Configuring and resolving various OSPF issues in an OSPF multi area environment.

Using python scripts to compare data consistency between different systems and also for data loading and replication.

Provide solutions to Tier 1/2 escalated issues, tickets and assessing cabling issues such as Token Ring, Ethernet, and Fiber Optic.

Configuration was running and completed in timely manner. Configure policies and enabled rules to alerting on intrusion events.

Involved in IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.

Deploy 802.1x authentication (both Wireless and Wired network) for office users using Aruba Clear pass access management system.

Configuring Aruba Controllers integrating with Cisco ACS and RADIUS severs for Dot1x authentication.

Configured, Monitored and Maintained Virtual server farms consisting VMWARE

Implemented VMware vSphere 5.0 with Enterprise Plus Features of vDistributed Switch

Configured Cisco 7200 routers which were also connected to Cisco ASA5500 security appliances providing firewall security.

Configure VDCs and implement Layer2 topologies using Fabric Path, VPC+, L2-L3, VRFs, HA and Port Channel.

Provided Cisco PIX firewall remote monitoring and diagnosis of security logs for response of network threats and attacks.

Troubleshoot and maintain corporate VoIP network including, adds moves and changes on Cisco Unified Communications Manager and support for remotes store networks. Develop solutions for complex network problems and administrative requirements.

Used packet capture technologies such as Wireshark to capture, filter and interpret VoIP packets in order to properly troubleshoot issues with SIP trunks.

Design network system architecture and implement the prototype of the system using Software Defined Network (SDN).

Applying SDN design principles to cellular networks and Internet routing (BGP) and Scaling Internet routing through filtering without requiring global coordination.

Supported evolving new network architectures using Software Defined network (SDN) and Network Function Virtualization (NFV).

Implementation of security system including access-list and NAT design for Cisco PIX firewall 535 series.

Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.

Configured various Router interfaces like ATM interface, T3 interface, and Channelized T1 interfaces.

Configuring TCP, UDP protocols like DHCP, ARP, and DNS.

Troubleshooting Network Connectivity issues in Local Area Networks (LAN) using Packet Capturing Methods (Wireshark).

Analyzed and tested network protocols (Ethernet, TCP/IP) using Wireshark tool.

Monitored bandwidth, network activity, and network alert by analyzing data provided by Solar Winds Orion platforms. (Network Performance Monitor, NetFlow Traffic Analyzer, Network Configuration Manager, & Server & Application Manager).

Used Solarwinds Network Configuration Manager (NCM) to complete weekly backups, and verify configuration changes by team members.

Research into Multiple 802.11 standards for possible vulnerabilities within security.

Worked with blue coat proxy to actively utilized and monitor the web security and WAN optimization.

Configuration and troubleshooting of Cisco Routers such as Cisco 3640, Cisco GSR 12416,21418(with PRP and RPR processors), Cisco catalyst 6509,7613 with supervisor cards

Configuring, Monitoring and Troubleshooting Cisco’s ASA 5500 security appliance.

Worked with multiple customers over a period of time to enhance their network, resolve and create work around for known IOS issues.

Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel along with troubleshooting of inter-VLAN routing.

System testing with PPP, L2TP, STP, and Network Access Control List (NAC) enabled.

Creating network designs using the Microsoft Visio and Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module and GTM’s for managing the traffic and tuning the load on the network servers.

Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM.

Worked on team that designed and implemented F5 Big IP load balancers that resulted in improving application performance.

Installation and management of overall administration of LAN, WAN, systems involving design of network layouts, configuration and maintenance, Commissioning Routers & Switches, firewalls, IPS and ensuring maximum uptime during site deployment to VoIP.

Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.

Experience working with Nexus 7010, 5020, 2148, 2248 devices and Cisco Nexus 7k series data center platform

Commissioning and decommissioning, configuring, URL and Web filtering, monitoring, SNMP traps, logging, blocking on Palo Alto devices, migrating from one network to other.

Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing) and also redundancy for Routers, Switches and Firewalls.

Documenting the security policies enforced in internet access using Microsoft Visio.

Network problem identification and resolution using Python Scripting.

Environment: Cisco 7200, 7204, and 7206 Routers, Switches: Nexus 7K, 5K, 2K, Cisco Distribution layer switches such as 4510, 4948, 4507, 7k, 5k and 2k series. Cisco ISE, Cisco PIX, DOCSIS 2.0/3.0/3.1, Firewalls 5GT, BIG IP F5 LTM, Blue coat proxy, Aruba, VoIP, EIGRP, RIP, OSPF, BGP, CISCO ASA, DHCP, DNS, Spanning tree and 802.11 wireless standards.

Univar, Redmond, WA Apr2015–Jan2016

Network Security Engineer

Responsibilities:

Creating a rule on the checkpoint firewall for a NAT (used NAC to block unauthorized users) to the VLAN IP and allowing the IPsec traffic.

Configured and set up of Juniper SRX firewalls for policy mgmt. and Juniper SSL VPN's.

Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN.

Knowledgeable in application transport and network infrastructure protocols (SSL/TLS, DNS, DHCP, WINS, NTP, FTP, HTTP, SMTP, CIFS, LDAP).

Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.

Troubleshoot Frame Relay; T1, T3, IP and OSPF related router and circuit issues.

Configuring Vlan’s, VTP’s, enabling trunks between switches.

Monitor, troubleshoot, test and resolve Frame Relay, ATM and PPP.

Responsible for the design, development and implementation of VoIP systems.

Documenting and Log analyzing the Cisco PIX series firewall.

Migrated Cisco Secure ACS 4.2 for Windows to ACS 5.3 hardware appliance.

Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.

Created Protection Groups and Recovery Plans using SRM 5.0 and VMware best practices

Experience with Server consolidation using VMware vSphere 4.1

Plans, coordinates, implements and supports the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.

Palo Alto integration with VMware Virtual Desktop infrastructure.

Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.

Co-ordinated and Upgraded Cisco ASA’s IOS images during window time and working other team members to order new circuits for connecting to MPLS ring.

Worked on commissioning and decommissioning of the MPLS circuits for various field offices & POPs.

GRE tunneling & Site-to Site VPN configuration between other two sites in USA.

Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).

Using python for Data Analysis, graph generation through dataframes and email automation using python modules.

Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.

Dynamically controlling the network access in reducing the risk of threats using CISCO ISE

Troubleshoot Frame Relay; T1, T3, IP and OSPF related router and circuit issues.

Worked on Juniper devices like M, MX, T routers on advanced technologies like, MPLS VPNs, TE and other service provider technologies

Environment: Cisco 2990/3550/6550 switches, Cisco 7200/3845/3600/2800 routers, DOCSIS 2.0/3.0/3.1, VoIP, SIP Cisco ISE, EIGRP, RIP, OSPF, BGP, MPLS, and Juniper, SRX firewalls VPN, Palo Alto, and Ether Channels.

Keolis, Boston, MA Jan2014 – Mar 2015 Data Network Engineer

Responsibilities:

Responsible for installation, configuration, as needed administration and troubleshooting on various networking applications and hardware including routers, switches and related LAN/WAN equipment.

Interacted with WAN team for connecting at different building sites.

Planning and management of IP addressing, Subnetting of the entire network and Responsible for monitoring and controlling the entire network.

Configuring, maintaining, redistribution and troubleshooting routing Protocols RIP, OSPF, EIGRP, MPLS, BGP, and SIP trunking.

Designation and Implementation of Aruba Wireless solution including Aruba S3500 mobility switch, Aruba105, Aruba 7210 & 7220 AP Controller

Deploy 802.1x authentication (both Wireless and Wired network) for office users using ArubaClear pass access management system

Configuring Ethernet, Serial interface, static, and default routes on different series routers and also Configuring PPP, Frame Relay, ATM and ISDN.

Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using smart view tracker.

Troubleshoot connectivity issues and Monitor health of the firewall resources as well as work on individual firewall for advanced troubleshooting.

Configure Fast Ethernet main and sub-interface assignments as required for inter Vlan routing and Implement NTP server, DHCP server, and TFTP server.

Configuring Network Access control list, Firewall, route maps and route policy on the routers. Worked on SNMP, syslog server for logging, and device management.

Configuring Cisco ASA 5000 series firewalls and experience with checkpoints and managing security of the network and using sniffers.

Configure &Troubleshooting 802.3 bridging standard, Supporting media access protocols and DOCSIS2.0/3.0/3.1

Conceptualized, designed and lead deployment team for a long-range wireless service offering using 802.11x products from Cisco wireless solutions.

Has extensive knowledge in implementing and configuring F5 BIG-IP LTM-6400, 8900 load balancers.

Provide Tier II Load Balancer expertise on F5 Big IP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 Big IP Load Balancers

Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.

Configured VLAN trunking with Palo Alto interface and Configured routes on Palo Alto firewalls 3060, 5060, 7050.

Installed and configured related equipment connected to the Juniper FW and Performed Remote Install of Juniper Firewall.

Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, 802.3 and 802.11 wireless standards, DOCSIS 2.0/3.0/3.1, Juniper, F5 Load balancer, Palo Alto, DHCP, DNS, Port-Channel, MPLS, BGP, OSPF, EIGRP.

Halona Technologies, Hyderabad India Apr2011 – Nov2013

Network Support analyst

Responsibilities:

Primarily responsible in designing and maintaining the budget for the whole network.

Preparing Client Machines for users with Operating Systems, Software, antivirus and required utilities and mailing clients etc.

Perform daily maintenance, troubleshooting, configuration, and installation of all network components.

Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.

Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.

Created network diagram for employees using the Microsoft Visio and Performed daily maintenance, troubleshooting, configuration, and installation of all network components.

Good experience in systems administration, including analyzing, installing, maintaining, and repairing hardware, software, peripherals, and networks.

Worked with Remedy Ticketing tool in maintaining and keep a track of logs/monitor

TCP/IP network planning, Implementation and Management with subnets.

Configuration of CISCO Routers (3600, 4000 Series) and 3550, 4500 series switches.

Implementation of Virtual LANs across Routers and Switches.

Implemented and configured LAN Protocols: Ethernet, VLANs, VTP and STP.

Designed and implemented IP Addressing, Subnetting, Route Summarization and Route Distributions

Implemented and Configured IP Routing Protocols: OSPF, EIGRP, and RIPv2.

Have ability to install and maintain Microsoft Exchange and worked extensively on different applications.

Environment: LAN, WAN, Subnetting, VLAN, VTP, VPN, NAT, OSPF, BGP, EIGRP

Z-Tech Solutions, Hyderabad India May 2008 – Mar 2011

Technical Network Support

Responsibilities:

Perform daily maintenance, troubleshooting, configuration, and installation of all network components.

Cisco routers, switches setup including WAN routers, coordinating with leased line vendors

Install Windows Server 2003, configure IP addresses, network printers and configure Client Access for PCs.

Troubleshoot and support Cisco Core, Distribution and Access layer routers and switches.

Lead technical consultant for IT systems with Front Office Staff Corporate.

Primarily responsible for incident and problem management.

Creating groups, users and policies in Active Directory and Schedule changes and work through maintenance requests over weekends.

Part of Network Operation Center NOC offshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.

Experience in Supporting and troubleshooting VPN-Sites to Site and Remote access using Juniper SRX firewall and Optimized NTP system for operations during site isolation.

Performed 802.11a/g/n Wireless Site Survey and Design for Spectra support center.

Built IPsec based Site-to-Site VPN tunnels between various client locations.

Debugging abilities at L1, L2, L3, and L4 protocols in an Internet-centric environment. Troubleshooting Active Directory, DNS, and DHCP related issues.

Point-to-Point, Frame Relay, T3, ATM, WAN troubleshooting.

Implementation of HSRP, DHCP, DNS, FTP, TFTP, ARP.

Environment: Cisco 7200/3845/3600/2800 routers, NTP, TACACS, EIGRP, RIP and Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN's and SSL.

Contact this candidate