Raghuram V
Sr. Network Engineer
Ph No: 908-***-****
Email id: *********.*******@*****.***
Professional Summary:
Over 8 years of experience in the design, implementation, troubleshooting and documentation of LAN/WAN networking systems in Branch, telecommunication and Data Center environments. Proficient with network hardware and technologies including routers, switches, firewalls, Ethernet, Fast Ethernet, Gigabit Ethernet.
In depth expertise in routing protocols (BGP, OSPF, EIGRP, RIPv1&2), Switching architecture and protocols (VLAN’s, Trunking and Spanning Tree). Hands-on experience in configuring Cisco routers/ Switches to perform functions at the Access, Distribution, and Core layers.
Worked on different management tools like Solar winds, Wireshark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, HP open view. Security Server Protocols TACACS+. Installation, configuration and maintenance of Palo Alto Firewalls. Working experience in wireless environment like cisco ASR and CSR system.
Solving issues in intra wireless n/w like dealing with access controllers and access points. Experience in working with Nexus. Excellent working knowledge of TCP/IP protocol suite and OSI layers. Experience with Firewall Administration, Rule Analysis, Rule Modification.
Implemented traffic filters using Standard, Extended and Named access-lists. Experience in configuring and troubleshooting IPSEC site to site VPN solutions. Working experience with Datacenter Switches such as Nexus 2K, 5K and 7K. Solid understanding of GSM, UMTS & LTE Network architecture, Call flow and Traffic Engineering
Working knowledge of transport connectivity such as T1, CAT5&6 Ethernet, DS1, DS3, Fiber, OC3 and OC12, OC48
Responsible for Checkpoint and Cisco ASA firewall administration across our global networks. Expertise in telecom OSS support and integration of new network elements through OSS. Experience in Tier- 2 support, BMC Remedy tool, NMS ticketing system, network troubleshooting, handling escalation, Root cause analysis (RCA) and SLA’s
Understanding of latest security trends, vulnerability assessment techniques and attacks like DOS and Man in the middle attack, Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP, Ether channel, STP, RSTP and MST. Worked on upgrading F5 device from 11.4 to 11.5.3 to remediate HTTP classes and profiles and Upgrading and relicensed F5 LTM.
Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, AAA (TACACS and LDAP). Configured F5 GTM Wide IP, Pool Load Balancing Methods, probers and monitors recreating Http and https redirect VIP's to client from data servers. Experience in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
Proven ability in problem-solving, decision analysis, prioritizing work flow, multitasking and team collaboration and Demonstrated leaderships skills and have ability to lead team if necessary. Team player with excellent verbal and communication skills with ability to lead varied team sizes and capable of working with minimum supervision. Experience with F5 Load Balancing. Strong hands on experience on PIX, Firewalls, ASA (5540/5550) Firewalls.
Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ &RADIUS). Expertise in VOIP protocols like H.323, MGCP, SIP, and SCCP. Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools. Working Knowledge with monitoring tools like Solar Winds and Network packet capture tools like Wire-shark.
Used ATM tool for quick view of configuration on LTM VIP, POOLS and ITG, ESD and service now ticketing tool for F5 tickets. Provided 24x7x365 availability and on-call support as required by the projects. Excellent working knowledge of TCP/IP protocol suite and OSI layers. Experience of communicating with customers, solving complex problems in a timely productive manner.
Technical Skills:
LAN Technologies
VLAN, VTP, Inter-VLan routing, STP, RSTP, PVST, IGMP, 802.1x
WAN Technologies
Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines, SES
WLAN
Autonomous AP’s, Lightweight AP’s, WLC, WDS, WLSE, Standards– 802.11a, 802.11b, 802.11G
Network Securities
NAT/PAT, VPN, Filtering, Load Balancing, IDS/IPS, IPSec, ACL
Firewall
Cisco ASA5585X, ASA5525, ASA5510, Pix525, 535, Juniper SRX series, Palo Alto, Check Point R6X, R7X
Devices
Routers (1700, 1800, 2500, 2600, 2800, 3200, 3600, 3700, 3800, and 7200), Cisco L2 & L3 Switches (3750, 3560, 4500 & 6500) Series, Nexus 2k, 5k and 7k’s, Cisco FWSM’s, ASA Firewalls (5510, 5520, 5540 & 5585), Juniper Ex switches, Mx Routers, Aruba equipment
Routing Protocols
RIP, EIGRP, OSPF, BGP
Routed Protocols
TCP/IP, IPX/SPX
Infrastructure Services
DHCP, DNS, SMTP, POP3, FTP, TFTP
Network Managements
SNMP, SSH, Telnet, ICMP, Cisco Works, HP Open-view, Solar Winds, Cyber Ark, Wireshark, NetMRI, VSphere5.0
IP Telephony
VOIP, T1/ISDN/ PRI, Call manager Express, SIP, H.323
Documentation
MS Office, MS VISIO
Scripting Language
Shell scripting, Python
Operating Systems
Windows 10/8.1/ 7 /Vista/XP/NT/2003, UNIX, Ubuntu Linux
Professional Experience:
United Health Group, Raleigh NC Aug 2015 – Present
Sr. Network Engineer
Responsibilities:
Strong experience in Networking, including hands-on experience in providing network support, installation and analysis for a broad range of LAN/WAN communication systems.
Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series) and QFX 3500s as Layer 3 switches to enable routing between VLANs.
Managed corporate Checkpoint smart console R77, R75.20 and R75.40 implementing security rules, experience on using Smart Dashboard, Smart view Tracker to mitigate network attacks.
Change and Incident Management using HP Service Manager. Schedule day to day firewall related changes and seek CAB approval if required for production impacting changes.
Involved in Firewall Administration, Rule Analysis, and Rule Modification. Troubleshooting connectivity issues on the firewall using smart view tracker, monitor health of the appliance using smart view monitor etc.
Writing MOPS for Decommissioning Ports, adding new Firewall rules, adding VLan Trunks.
Configuration of Palo Alto firewalls for remote site implementation. MPLS Circuits implementation between the different sites. Migration of servers from one datacenter to another, providing switch connections to the new servers, updating Check Point Firewall rules for the new servers, A10 to F5 load balancers Migration.
Support Disaster Recovery for the applications between Primary and DR Data center locations. Strong knowledge of Cisco and Juniper software, Nortel (IOS/XR and JunOS) and hardware. Creating new nodes and Pools in F5 load balancers to support newly added servers in Layer 3 environment.
Expert Level Knowledge about TCP/IP, Spanning-tree, and OSI models. Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability. Worked on F5 models like v2400,4200,5200,3400,8900,1600, 6400, 6800, 8800 and Versions like 11.5.x(11.5.1,11.5.3,11.5.4),10.1.0,10.2. x. Configuration, migrations, upgrades of F5 Big IP LTM 3400, 6400, 8900 running v4.x to 10.2.x, Active/Standby.
Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall. Actively responsible for PIX 7.x/8.x, ASA 8.x and Cisco FWSM 2.x/3.x upgrades and network refresh projects and Troubleshooting, IOS Security Configurations, IPSec VPN Implementation and Troubleshooting, DMZ/ASZ Implementation and Troubleshooting.
Configured SNMP with private community strings to monitor Linux servers through the SNMP management server. Software Defined Networking (SDN) – VMware NSX, Cisco ACI. Worked on monitoring links using Solar Winds NPM.
Configured Client-to-Site VPN using Client on Cisco ASA 5520 ver8.2, ASA 5510. Involved in the Team of Data Center Operations to perform duties like administration and monitoring of Cisco Routers and Switches according to the organization requirements.
Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor. Support Data Center Migration Project involving physical re-locations. HP site scope is used for enterprise security and provide solutions for proactive approach to integrates information correlation, application analysis and network-level defense.
Configuring and implementing Remote Access Solution: IPsec VPN, AnyConnect VPN and SSL VPN. Deployed and configured Cisco ASR 1000, 7000, 9000 series routers. Planned and implemented network designs, including WAN, LAN, MPLS.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design. Relocated and reconfigured Cisco routers, Wireless AP's and HP Procurve switches as needed.
Daily work involved supporting local LAN HP Procurve switches and Cisco WLAN. Assisted in creating network design standards for hardware and software. Experience with various Ticketing systems such as Remedy, USD and creating work orders with citrix web applications.
Involved in Network Designing, Routing, DNS and IP Subnetting, TCP/IP protocol. Experience in implementing LDAP security models. Utilized Resource Analyzer and go analyzer for performance testing and troubleshooting and Knowledge on managing LDAP Policy store.
In-depth knowledge and hands-on experience on IP Addressing, Subnetting, VLSM and ARP, reverse & proxy ARP, Ping Concepts. Worked with Cisco Catalyst 6500, 4500, 3750, and 3560, 2960 switches and Cisco 2800, 3600, 3800, 7200, 7600 and ASR series Routers.
Schedule and participate in weekly meetings with various teams involved in the project to discuss the bottlenecks if any and contribute to design a solution framework. Maintain Configuration, Documentation (VISIO's) and Records Management.
ITIL Based Service Delivery and Management. Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations.
Involved in the team for designing and Configured Nexus 7000/5000/2000 in Top of Rack & End of Row Architecture for a Scalable Production Network that supports Rack & Blade server architecture in a Multi-Tenancy environment using VPC, VDC & VRF. Experienced in Configuring/Troubleshooting Routing Protocols EIGRP/OSPF/BGP/RIP.
Boston Medical Center, Boston, MA May 2013 – Aug 2015
Sr. Network Engineer
Responsibilities:
Installation, configuration and maintenance of Palo Alto Firewalls, Cisco ASA firewalls. Deployed and managed Varonis specifically Data Governance, Data Advantage and Data Alert modules in complex environments. Dealing with intra wireless n/w system like ACL’s and access points.
Demonstrate the features and benefits of Varonis software to the staff and documented the operations. Used Varonis Data advantage and Data Alert to monitor and analyze and alert file system activities on NAS.
Implement and support Netscreen/Juniper SA 4500 SSL VPN Solution, ISG for DMZ solution. Strong working knowledge of Checkpoint VSX virtual firewall. Day-to-day work involves changes on the Checkpoint Firewall using the Smart Dashboard NGX R70 software and connecting via Smart Center management. Authentication is done using an RSA Secure ID.
Work on Routing and Switching on the third-party segment using Cisco based Routers and switches. Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover configurations, GRE Tunnel Configurations, VRF configuration and support on the routers.
Solving the issues of wireless devices and maintaining the hardware. Configuration and support of Juniper Netscreen firewalls. Switch experience includes Cisco Catalyst switches: CISCO 3750, 4500, 6500 series switches and Cisco Nexus switches 7000 and 7700 series.
Performed Checkpoint firewall upgrade of 50 firewalls from R55 to R65. Administered Juniper 50, 200, 500, and SSG 520 firewalls. Troubleshoot and hands on experience on security related issues on Cisco ASA/PIX, Checkpoint, IDS/IPS, Palo Alto and Juniper Net screen firewalls. Configuration and maintenance of Juniper Net Screen SSG-550. Worked on Infoblox Actionable Network Intelligence controls and secured the network from the core - One unified platform including DNS, DHCP, and IPAM (DDI).
Configured Routers for OSPF, EIGRP, BGP protocols. Hands on experience and Good Understanding of OSPF, BGP, MP-BGP, MPLS-VPN. Configuration and maintenance of OSPF protocol which was the enterprise IGP. Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Creating Stub Areas & configuring Summarization for effective Routing. Using PBR with Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing.
Configured Object Grouping on Palo Alto Firewalls. Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP. Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
Protocol Handling and Code up gradation on Palo Alto Firewalls. Conducted vulnerability assessments and generic security scans of both systems and networks to identify and mitigate security vulnerabilities using Nessus Vulnerability Scanner. Design, implement and provide second level support for host load-balancing solutions at SWA. Working knowledge of the UNIX and CLI based command to implement the networking tools.
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support. Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
MasterCard, O’Fallon MO Jul 2011 – Apr 2013
Sr. Network Engineer
Responsibilities:
Worked on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
Responsible for the installation, configuration, maintenance and troubleshooting of the company network. Duties included monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of application and equipment and to provide support for Cisco network.
Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers and Cisco ASR 9K routers, upgrading system images on Nexus 5 and 7 multi-layers’ switches using kick start and FTP server.
Data center fabric migration from legacy catalyst to nexus. Implement the firewall rules using Net screen manager (NSM). Manage the Net screen SSG550 and ISG1000 and 2000 firewalls with the NSM. Used 7000 series switches with 10 and 18 slot chassis with F series module. Used VPC as the multi chassis port-channel solution for Nexus switches.
Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers, Configuring VLAN, spanning tree, VSTP, SNMP on EX series switches. Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls. Performing the daily health Check in Telecom and Networking. Installed and configured Cisco ASA firewalls. Worked with Checkpoint FW1 NG, PIX, and Net screen firewalls
Troubleshoot traffic passing managed firewalls via logs and packet captures. Planned and implemented various security projects including (Intrusion Detection Systems deployment, network monitoring, and network architecture).
Working experience with Cisco nexus 7706, nexus 9300, 9372. Worked on cisco policy trace, Access policies, and URL categories to either give or block the access to particular websites using Iron Port Proxies. Worked on CLI to enable the ports and configuration of switches and routers. Upgrading the IOS to the newest version using the console, TFTP server on Firewalls, switches and Routers.
Physically connecting the ports between the switches and the servers on to the racks. Setting up the WIFI connections whenever needed as per the user’s requests.
Enabling the TCP, UDP, SMTP ports to allow the traffic from one server to another server by Performing the trace route to find out where the traffic is blocked by the firewall. Setting up the Agents in Cisco Unified Call Manager (UCM), unity, ICM. Performed testing of agent Extension mobility phones.
Assigning the Channels to each agent on VOIP ULTRAVAM devices. Troubleshooting the VAM and HUB servers when an issue arises. Troubleshooting issues with vendors in case of failures in call recording. Troubleshooting connectivity issues to web links on both internal and external domains.
Worked on configuring internet connection within the organization by consulting with different Vendors Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design.
Troubleshoot the BIG-F5 1600 LTM through constant contact with the vendor. Configuring and troubleshooting site-to-site IPSEC VPN tunnels on VPN concentrators and ASA firewalls with private vendors. Deploying and decommissioning the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480 and M Series, SRX210 and SRX240. Worked on commissioning and decommissioning of the MPLS circuits for various field offices. Network Cabling, dressing, labeling and troubleshooting various network drops onsite. Worked on Organization’s cell phones issues, weekly documentation of updates on our technical work.
Deloitte, India Sep 2008 – Jun 2011
Network Engineer
Responsibilities
Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, and BGP v4. Configured IP access filter policies.
Configured CIDR, IP, RIP, PPP, BGP and OSPF routing. Identify, design and implement flexible, responsive, and secure technology services.
Experience with Firewall Administration, Rule Analysis, Rule Modification. Troubleshoot traffic passing managed firewalls via logs and packet captures. Configured and resolved various OSPF issues in an OSPF multi area environment. Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO.
Configuring IPSEC VPN on SRX series firewalls. Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210. Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, CHECKPOINT, AI, NGX, Nokia IP 740/530/340 Appliances on IPSO platform.
Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
Estimated Project costs and created documentation for project funding approvals. Planned resources and presented project status to higher management.
Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers. Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
Created and delivered internal trainings for BGP. Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing. Installed different software on the systems. Install and managing network devices including Hubs, Switches.
Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope
Configured egress and ingress queues for ISP facing routers using CBWFQ. Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
Ability to analyze, configure and troubleshoot networks. Worked on Unix, Linux, Windows Platforms and also involved in capacity planning of Network maintenance.