Manager Network Engineer
Resume:
RAAG K
Cell: 510-***-****
EMAIL: ac2pu3@r.postjobfree.com
https://www.linkedin.com/in/raag-k-450548139/
PROFESSIONAL SUMMARY:
Network Engineer with Over 8 years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers using Cisco ACE, F5 LTM/GTM, Security Device Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer, Palo Alto Networks Firewall models (PA-2k, PA-3K and PA-5K).
Experience in Cisco: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, BGP)
Proficiency in the configuration of VLAN setup on various CISCO Routers and Switches.
Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP, and MST.
Access control server configuration for RADIUS & TACAS+.
Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
Implementation, working analysis, troubleshooting and documentation of LAN, WAN& WLAN architecture with excellent work experience on IP series.
Experienced working on network monitoring and analysis tools like SOLAR WINDS, CISCO works and RIVER BED and Wireshark. Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP, and MPLS.
Well experienced in configuring First Hop redundancy protocols like HSRP, GLBP, and VRRP.
Excellent communication skills, enthusiastic, motivated and a team player.
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP, and trunking).
Worked on configuring the Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders.
Implemented VDC, VPC, and OTV on the Nexus 5K and 7K switches.
In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
Experience with Linux Command Line Interfaces For logging into access points, etc.
Experience in installing and configuring DNS and DHCP server.
Experience in CheckPoint IP Appliances R65, R70, R75, R77 &Cisco ASA Firewalls.
Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
Provide L3 support for checkpoint and Palo Alto firewalls.
Involved in the integration of F5 Big-IP load balancers with CheckPoint firewalls for firewall load balancing and was responsible was troubleshooting and maintenance.
Provided administration and support on Bluecoat Proxy for content filtering and internet access between site and VPN client users.
Deployment and Management of Bluecoat proxies in the forward proxy scenario as well as for security in reverse proxy scenario.
Proficient in using Solar Winds Network Management tools like Network Performance Monitor (NPM), Netflow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
Provide 24/7 support.
CERTIFICATIONS
CCNA - Cisco Certified Network Associate
CCNP – Cisco Certified Network Professional
TECHNICAL SKILLS:
Router platforms
Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 7K, 5K, 2K & 1K.
Switch platforms
Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K)
Juniper Platforms
SRX, MX, EX Series Routers and Switches
Networking Concepts
Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi
Firewall
Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, CheckPoint (NGX, R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA-2K, PA-3K and PA-5K).
Network Management/Monitoring
Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump. Cisco DCNM, Firemon, MS-VISIO, Infoblox, HP Network Automation
Load Balancers
F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900, Bluecoatt SG8100, AV 510.
WAN technologies
Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET
LAN technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port-channel, VLANs, VTP, STP, RSTP, 802.1Q
Security Protocols
IKE, IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN
Networking Protocols
RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6
Operating System
Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix
PROFESSIONAL EXPERIENCE
United Airlines-Greater Chicago Area May’17- Present Network Engineer
Deployed and maintained security/network devices and data centers for Service provider network.
Experience with Installing and troubleshooting Data center migration with 24/7 support.
Configured and deployed VDC and VPC between Nexus 7018 and Nexus 5548 switches along with FEX 2248. Have a good understanding of Fabric Path.
Deploying and decommissioning the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
Working on Nationwide Site WAN Transformation from Cisco 2821 Router to Cisco 4321, 4431, 4451 and ASR 1000 routers, including Visio Network Design, NEWO, Configuration changes, Routing Redistribution.
Creating Network Design in MS-Visio for new servers, application to be placed into multiple Datacenter.
Involved in the configuration & troubleshooting routing protocols like MP-BGP, OSPF, EIGRP, RIP, BGP v4, and MPLS
Configuring DMVPN tunnels on routers 2800,4300, 4400 and ASR
Monitoring traffic on the circuits using NDC Flex Netflow monitor tool and SNMP.
Configuring MPLS on all the the WAN circuits.
Configuring zone based firewalls for security.
Creating route-maps and prefix-lists to advertise the routes over the network.
Configuring policy-map and class-map for queuing the traffic.and maintain OoS
Working on network design for new next-generation VPN solution, migration from Checkpoint VPN to Pulse Secure VPN from network prospect.
Experience supporting or testing LANs, VLANs, WLANs, VPNs, NAT devices, &/or DHCP servers.
Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
Implementation of various protocols like RIP, OSPF, BGP and STP.
Experience in troubleshooting complex data center environments. Performing analysis and diagnosis of highly complex networking problems in the Data Center environment.
Expert in configuring Cisco Routers, Catalyst Switches, Nexus Switches.
Worked extensively with ASR 9K(9010 9922), Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches.
Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard
Implementing FW rules using Firemon- Policy Planner.
Responsible for Checkpoint firewall management and operations across our global networks.
Implementing and managing Checkpoint Provider 1.0 Scalable security management for multi-domain environments
Design and implement Wireless Intrusion Prevention Systems (WIPS) to enforce security policies
Installing Cisco Wireless Controllers and Wireless Access Points.
Install and upgrade Cisco Wireless LAN equipment including but not limited to: 1100, 1200, 1300 and 3500 series Access Points; 4400 and 5500 series Wireless LAN controllers; 6500 & 3750 Core switch routers; 2960, 3560 & 3750 series switches.
Monitor and troubleshoot BGP, EIGRP, TI circuits, and cellular backup circuits via ICMP and SNMP ticketing systems.
Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
Configuration and providing management support for Palo Alto and Checkpoint Firewalls (R75, R76 and R77).
Configure, Support, update and install Checkpoint, Firemon systems. Provide monitoring of all Checkpoint firewalls and their logs/traffic
Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies and Rules for checking the devices coming onto Network, Remediation Process, Access and Controls, and Segmenting the Global Networks for NAC Solutions for both Cisco and Forescout NAC Appliances
Expertise in networking technologies like LAN, MAN, WAN and peripheral devices.
Develop Engineering Documentations to record F5 environment and change processes LTM/GTM/iRules.
Environment: Cisco routers 7200; Cisco Catalyst switches 6500, 4500, 2950; Cisco PIX Firewalls 535, 525 Routing Protocols OSPF, BGP; STP, VTP, VLAN; VPN, MPLS, HSRP, GLBP, Big-IP F5 Load Balancer, Cisco Works; MS Visio, Checkpoint, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy.
CenturyLink, Littleton, CO Jun’15 – April’17
Sr. Network Engineer
Responsibilities:
Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers and different Firewall Vendors
Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
Configured Aruba access points, troubleshoot connectivity issues with Aruba access points. Prepared wireless survey reports, reports documenting completed projects and AP placement maps.
Controller base Wi-Fi Networking with Meraki (Cloud Controller).
Configured and managed cloud-based wireless network.
Assisted development teams on architecting web interfaces and infrastructures that safely and efficiently power the cloud environment.
Design Cisco, Meraki, and Aruba WLAN/WiFi infrastructures.
Work with Relay Engineers to provide IT support, for server-based software, firewall request, Citrix access, and software configurations.
Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers and Cisco ASR 9K routers
Hands on experience in implementation and deploying BIG-IP F5 LTM load balancers for load balancing and network traffic management for business applications.
Configured VLAN’s, Private VLAN’s.
Subject Matter Expert for juniper Routing, Switching, Security, and VPN Systems.
Manage, assist, and maintain McAfee routing tables (static/default routes).
Configuring and troubleshooting on Bluecoat Proxy, Pulse VPN Devices, Firewalls, McAfee Email Gateways, Bluecoat Reporter and Director.
Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
Designed and Implemented Firewalls, F5Viprion deployments to Frontend and DMZ customers
Measure the application performances across the MPLS cloud through various routing and switching methods.
Hand on experience the configuration and implementation of various Cisco Routers and L2 Switches.
Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
Installed and configured DNS, DHCP. Responsible for creating and configuring FORWARD LOOKUP ZONE AND REVERSE LOOKUP ZONE.
Experience working with Nexus 7010, 5020, 2148, 2248 devices.
Redistributed required routes from OSPF into BGP. OSPF cloud is present in the US and is connected to all our customers over Sprint’s Frame Relay backbone
Managed Plan of Record with PLMs/SE/Sales/Marketing and followed up and monitor product lines of Juniper routing/switching/security portfolio (MX, PTX, EX, SRX)
Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ.
Configured EBGP load balancing and ensured stability of BGP peering interfaces
Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls through CSM.
Managing and configuring 4 juniper & Pulse SSL VPN appliances (SA-4500 & 4000) for TSNA and ATS customers
Deployed BIG-IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
Extensive use of NSM (Network and Security Manager) and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
Implemented F5 hardware refresh of older 3600 hardware to Viprion.
Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
Mapped, Network Diagrams and physical identification in MS Visio.
Preformed IOS upgrades on cisco routers and switches
Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of the implementation plan.
Environment: Cisco 2348/3560/4500/3750/3550/2960/6500 switches and Cisco 3640/1200/7200 /3845 /3600/2800 routers, Cisco ASA 500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP.
Hospira, Lake Forest, IL Jan’13 – Apr’15
Sr Network Engineer
Responsibilities:
Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Juniper firewalls, Palo Alto firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch security management.
Administering and evaluating firewall access control requests to ensure that these requests are compliant with client's security standards and policies.
Configuration and support of Juniper NetScreen firewalls and Palo Alto firewalls.
Successfully installed Palo Alto PA-3060 firewall then configured and troubleshot using CLI and worked with Panorama management tool to manage all Palo Alto firewall and network from central location.
Created users, manage user permissions, maintain User & File system quota on Linux servers.
Configured volume groups and logical volumes, extended logical volumes for file system growth needs using Logical Volume Manager (LVM) commands.
Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
Administer Palo Alto Firewalls to allow and deny specific traffic and to monitor user usage for malicious activity and future QoS.
Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs.
Maintaining Checkpoint security policies including NAT, VPN, and Secure Remote access, Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
Configuring Juniper NetScreen Firewall Policies between secure zones using Network Security Manager (NSM).
Configuration of Palo Alto Next-Generation Firewall mainly creating security profiles and VSYS according to client topology.
Configuration and installation of Palo Alto Networks 5050 application firewalls (NGFW).
Expertise in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering.
Maintained and updated Active Directory for authentication purposes.
Configuration and troubleshooting F5 LTM, GTM series like 6600, 6800 for different applications and monitoring the availability.
Deployment of data center LAN using Nexus 7k, 5k, 2k switches.
I was involved in migration projects, which involves replacing legacy devices to new Nexus devices and introduced VPCs in the new architecture.
Worked on Nexus platform 7k series, 5K series (5548, 5020 and 5010), 2248 and successfully implemented VSS on the Cisco catalyst switches.
Used FireEye to detect attacks through common attack vectors such as emails and webs.
Gained experience on working with migration to Check Point and Palo Alto next-generation firewalls.
Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
Implemented and administered Websense Web Security Gateway for web content filtering and DLP.
Improved network and system security through setup and ongoing maintenance of Riverbed IPS and FireEye.
Firewall deployment, rules migrations, firewall administration and converting existing rule-based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.
Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification, and administration.
Environment: Juniper SRX5400, SRX5600, and SRX5800 and Palo Alto PA-3060 & 5050 Firewalls, Bluecoat Proxies, Juniper IPD, Juniper NSM, Panorama, F5 LTM, GTM 6600, 6800, Nexus (2K, 5K, 7K and 9K), Splunk, Cisco ISE, Websense, Solar Winds NPM.
American Airlines, Fort Worth TX Aug’11 – Dec’12
Network Engineer
Responsibilities:
Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
Worked with site-to-site large scale network deployment and troubleshooting issues with all the site involved.
Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
Juniper Firewall Policy management using NSM and Screen OS CLI.
Daily technical hands-on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with the customer in a service/support environment.
Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
Install, configure, manage and troubleshoot Cisco SourceFire IPS appliances and defense Center.
Creating and provisioning Juniper SRX firewall policies.
Worked with JUNOS OS on Juniper Routers and Switches.
Experience on ASA firewall upgrades to 9.x.
Websense Web Security Gateway Installation, Upgrade & Configuration 8.4
Configured Panorama web-based management for multiple firewalls.
Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools.
Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
Install and configure Bluecoat Proxy SG in the network for web traffic management and policy configuration.
Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
Configuring and deploying Cisco ASA 5505; Cisco 594/294; I500 web sense manager at customer locations with minimum downtime possible.
Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
Work with Software Distribution teams to develop and execute Custom Prop for Endpoint systems
Manage and monitor security rules and policies for Endpoint Protection
Understand different types of NAT on Cisco ASA firewalls and apply them.
Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
Support the One to One proxy migration project from legacy, end of life and proxies to Blue Coat ProxySG units.
Configuration, operation and troubleshooting of BGP, OSPF, EIGRP, RIP, VPN routing protocol in Cisco Routers & L3 Switches.
Configured MPLS L3 and L2 VPNs for customers.
FWSM configurations in single/multiple context with routed and transparent modes.
Environment: Juniper routers and switches, Cisco routers 7200; Cisco Catalyst switches 6500, 4500, 2950; Big-IP F5 Load Balancer, Cisco Works; MS Visio, Checkpoint, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy, Cisco PIX Firewalls 535, 525 Routing Protocols OSPF, BGP, STP, VTP, VLAN, VPN, MPLS, HSRP, GLBP.
Cognizant Technologies, India Mar’09 – Jun’11
Network Engineer
Responsibilities:
Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /WAN
Configured and troubleshoot Juniper Ex 4500 and series switches and Juniper ACX series routers.
Involved in the deployment of Content Delivery Networks (CDN).
Experience with SQL for extracting the data from SQL database, related to network issues.
Experience working with Network-attached storage (NAS) to provide Local Area Network (LAN) nodes with file-based shared storage through a standard Ethernet connection.
Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco6500 catalyst switches.
Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GET VPN.
Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IPsec VPN tunnels.
Worked on the migration of existing PIX firewall to ASA firewall and with converting PIX rules over to the Cisco ASA solution.
Worked extensively on Cisco ASA 5500 (5510/5540) Series.
Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
Experienced in securing configurations of SSL/VPN connections, troubleshooting Cisco ASA firewalls and related network security measures.
Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
Experience working with Active Directory (as a centralized system) to automate network security management and user data.
Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP).
Experienced in working with Session Initiation Protocol (SIP) trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet.
Environment: Cisco Catalyst 2960/3750/4500/6500 Series Switches, Linux, Cisco 2800/2900/3000 Series ISR's and Cisco 3640/12000 /7200/3845/3600/2800 routers, SQL, Cisco ASA 5500, Juniper Ex switches, Active Directory, Juniper ACX series routers, Windows Server 2003/2008, ACL, SIP, RIP, OSPF, MPLS, BGP, EIGRP, Wi-Fi, LAN, MacAfee, WAN, WAP, IDS, IPS, Aruba WLAN, VPN, HSRP.
Contact this candidate