SUMMARY:
Cisco Certified Network Engineer with 8+ years of professional experience, performing Network analysis, design, Implementing, capacity planning with focus on performance tuning and support of large Networks.
Expert Level Knowledge about TCP/IP, Spanning-tree, and OSI models.
In-depth knowledge and hands-on experience on IP Addressing, Subnetting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
Experience in configuring and troubleshooting of static and dynamic routing protocols such as RIP v1/v2, EIGRP, OSPF, IS-IS BGP and MPLS.
Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
Worked on NX-OS, IOS, IOS-XR BXB to N7K-NX-OS (MPLS) system test.
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment.
Experience in Cisco Routing and Switching using 3600, 3700, 3800, 5300, 6500, 7200, 7600Nexus 7k, Nexus 5k, Nexus 2k& ASR 9000, 1000 series routers.
Strong work experience with MPLS, VPN, WLAN and Multicast technologies.
Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
Advanced knowledge installation, configuration, maintenance and administration of Palo Alto firewalls, Panorama, Checkpoint Firewalls and VPN.
Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
Network monitoring and testing from Operation Center (NOC) from a network management perspective.
Good knowledge on DMZ zone based security configuration on Cisco routers.
Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
Network security including NAT/PAT, ACL, IDS/IPS, and Cisco PIX, ASA/ Firewalls.
Proficiency in monitoring and analyzing the load balancing of network traffic using Wireshark and Solarwinds.
Excellent experience in Checkpoint Firewall installation, configuration and troubleshooting.
Experience in Physical cabling, IP addressing, configuring and supporting TCP/IP
Extensive experience in handling network failure issues.
Excellent communication and interpersonal skills.
Fast learner with excellent problem solving capabilities.
CERTIFICATIONS AND EDUCATION:
Bachelors of Technology –SR Engineering College
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional – Routing & Switching (CCNP)
TECHNICAL SKILLS:
Cisco Routers:ASR1,9, 3900, 3800, 3700, 7206VXR, 7500
Cisco Switches: 6500, 4510, 3750X, 3550, 3650, 3750G, 2960
Routing Protocols: EIGRP, OSPF, BGP, RIPv2
Switching Concepts: VLAN, STP, RSTP, VTP, Ether Channel, Port Fast, IP access Control lists, Uplink Fast and Backbone Fast, HSRP, VRRP.
Network Securities: NAT/PAT, VPN, Filtering, Load Balancing using f5 and Cisco ACE, Cisco ASA Firewalls 5580-20, IPSEC and SSL VPNs, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, ACL, IOS Firewall features, IOS Setup and Security Features.
Network Topologies: Frame Relay, ISDN, Gigabit Ethernet, OSI and TCP/IP layered architecture.
LAN: 10/100/1000 & 10 GBPS Ethernet
WAN: MPLS, Frame Relay, Dialup, VoIP, Cisco Routers and Switches, CSU/DSU,
WLAN:IEEE 802.11, PHY and MAC layer functionality, WLAN controller/Aruba/Meru
Operating Systems: Windows Servers 2003/2008/2012, Windows 7, Windows Vista, Windows XP troubleshooting.
Sniffers: Solar winds, Wire shark, Packet tracer.
PROFESSIONAL EXPERIENCE:
Yum Brands, Irvine, CA Jun’16 - Present
Sr. Network Security Engineer
Responsibilities:
Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
Configured VLAN’s, Private VLAN’s.
Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
Subject Matter Expert for juniper Routing, Switching, Security, and VPN systems
Implementation of Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls
Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
Designed and Implemented Firewalls, F5Viprion deployments to Front end and DMZ customers
Measure the application performances across the MPLS cloud through various routing and switching methods.
Configured inside ACL, outside ACL, inside, outside interfaces.
Configured NAT and PAT policies.
Configuration and troubleshooting of EIGRP, OSPF, BGP.
Configuration and troubleshooting of CSM, integration with ASA devices.
Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
Installed and configured DNS, DHCP. Responsible for creating and configuring FORWARD LOOKUP ZONE AND REVERSE LOOKUP ZONE
Redistributed required routes from OSPF in to BGP. OSPF cloud is present in US and is connected to all our customers over Sprint’s Frame Relay backbone
Managed Plan of Record with PLMs/SE/Sales/Marketing and followed up and monitor product lines of Juniper routing/switching/security portfolio (MX, PTX, EX, SRX)
Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ.
Implementation of Access Lists for allowing/blocking desired traffic.
Configured EBGP load balancing and ensured stability of BGP peering interfaces
Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
Managing and configuring 4 juniper SSL VPN appliances (SA-4500 & 4000) for TSNA and ATS customers
Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
Extensive use of NSM (Network and Security Manager) and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
Implemented F5 hardware refresh of older 3600 hardware to Viprion.
Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
Building the VPN tunnel and VPN encryption.
Mapped, Network Diagrams and physical identification in MS Visio.
Preformed IOS upgrades on cisco routers and switches
Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
National Geographic Partners, Washington DC Dec’14 – May’16
Sr. Network Engineer
Responsibilities:
Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
Network Engineer for Datacenter consolidation project. Consolidated 16 global Datacenters consisting of Cisco 6500, 4500, 2800, ASA 5540, F5 BIG-IP 3600, Consolidation was in preparation to upgrade Datacenters to Nexus 7000, 5000, 2000, and ASR 1,9 backbone infrastructure.
Providing Security Technical support and deliver of Security services including: Security vulnerability assessments, penetration studies (ethical hacking), Security policy development,Security gap remediation assistance, DMZ structural hardening, PKI, SSO and system security design
Designed and Implemented Cisco UCS pods in Nexus 7000 and Cisco 6500 Platform
Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT’ing, sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
Providing technical security proposals, detailed RFP responses, security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.
Implementing firewall policies, NAT’s on the firewall based on tickets issued.
Experience Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Work with Carrier to test and turn-up circuits.
Installing configuring and maintaining DHCP, TACACS+, DNS and solar winds network monitoring tools
Experience with moving Data Center from one location to another location, from 6500 based Data Center to Nexus based Data Center.
Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ.
Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
Managing security log reporting using EMS (Elementary management system)
Applied security policies and Troubleshoot on checkpoint firewall to secure VoIP protocols SIP, H.323, MGCP and SCCP.
Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Checkpoint NGX firewall and Cisco 3800 series routers
Installed, configured and administered Palo Alto firewalls.
Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 and PA5000 series as well as a centralized management system (Panorama) to manage large scale firewall deployments.
Created VSYS Builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone.
Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
Monitoring and configuring Cisco 7600 routers at data center.
Configure and Troubleshoot Juniper Router (J2320) with IOS (JUNOS 9.3).
Working on Cisco ASA 5580 (8.2(1) and ASDM version 6.2(1), Cisco PIX 535, Juniper NS5400, Juniper SRX550
Actively involved in switching technology Administration including creating and managing VLANS, Port security – 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.
Network Securities with Juniper SRX firewalls.
Worked on Infoblox for creating the DNS entries, A records and CNAMEs
Replaced old 6500 and WAN routers from DR testing site and Installed Nexus 7K and ASR 9, 1k routers.
Configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
Provided proactive threat defense with ASA that stops attacks before they spread through the network.
Coordinate and perform VPN Lan2Lan as well as Remote VPN and Firewall security policies as well as NAT Configurations.
Built DMVPN tunnels between HQ Data center and branches to enable connectivity or redundancy.
Implemented various Switch Port Security features as per the company’s policy
Maintaining and troubleshooting SAN backup networks.
Support customer with the configuration and maintenance of Checkpoint and ASA firewall systems
Maintain Operational guidelines, diagrams and documentation for all network/security devices and infrastructures.
Configurations of vdc, vrf on Nexus 7k & 5k devices.
Remote access and site-to-site VPN administration using Cisco ASA/ASR 9 and Palo Alto
Documenting workflow process, managing and implementing standard policy and procedures.
IMS Health, Plymouth Meeting, PA Oct’13 - Dec’14
Network Engineer
Responsibilities:
Engaged in Clinic moves, helped in identifying network requirements of new building, installed new networking hardware, and coordinated with vendors for cabling/wiring
Extensive experience on layer 4 protocols like TCP /UDP
Configuring Wireless utility for all employees.
Analyzing and resolving a high percentage of initial customer contact in the areas of PC/LAN.
Implemented Site-to-Site VPNs between ASA Firewall and Router
Escalating customer problems to management and support groups utilizing standard escalation model.
Implemented new ultra secure networks in multiple data centers that included Cisco 6500 s, Juniper security devices, and F5 Big IPs.
Configured Juniper Network and Security Manager (NSM).
Supported on Cisco Nexus 5000 and Nexus 7000 Series Switch fabric links.
Maintain and Provide support for LAN/WAN infrastructure as needed. This includes working on specific hardware such as switches, routers, PIX, ASA firewalls, wireless APs, VPN Concentrators, frame relay, IPsec VPN and other entities.
Responsible for Planning and configuring the entire IP addressing plan for the clients' network.
Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
Correlates call issues with WAN performance for advanced troubleshooting
Configuring SIP issues and wall jack issues while troubleshooting IP addressing problems.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring
Experience working with High performance data center switch like nexus 7000 series
Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices
Migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
Configured IPSEC VPN on SRX series firewalls
Responsible for Data Center Migrations and its operations
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Cisco device programming and troubleshooting including CatOS, Nx-OS, ACE, CSS, GSS, VPN.
Trouble-shooting end-user reported problems, thoroughly and accurately documenting problem in trouble management tool.
Planning and upgrading Checkpoint infrastructure including Smart Centers and enforcement points.
Implemented Cisco Wireless access points using LEAP and Cisco Radiusfor authentication, greatly increasing Wireless security.
Worked on Cisco DataCenter Switches such as Nexus 6500, 7000.
Implement changes to the firewall rule base, network routing tables and ACL to allow only authorized users to access the servers.
Check for DNS issues by pinging the server’s name. Experience with Wireshark, TestTCP& OPNET
Created security policy according to user’s requirement in Cisco ASA-5580, Juniper-SRX-5800 and ISG-1000 Fire-wall using CLI & GUI.
Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a data center access architecture
Installed Juniper firewalls to replace existing Firewalls which increased network uptime.
Experience in Layer 3 Routing protocol configurations: EIGRP, OSPF, BGP, & MPLS.
Experience in Layer 2 Routing protocol configurations: ATM/FRAME RELAY, IP services such as QoS and VPN technologies: IPSec& SSL.
Provided installation and initial user configuration of NEXUS 7K switches at the Data Center and providing IP addressing and different user session priorities on the switch.
Configuring, maintaining and troubleshooting routing protocols such as SDP, RTP, EIGRP and BGP.
Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, Token ring, ATM, bridges, routers, hubs and Switches
Designed and deploy various network security & High Availability products like Cisco ASA other security products
Configuration and edit policies on F5 network access control.
Coordinate and perform VPN Lan2Lan as well as Remote VPN and Firewall security policies as well as NAT Configurations.
Implemented Security policy by Configuring PIX firewalls.
Implemented TCP/IP,TFTP and related services like DHCP/DNS/WINS
Deploying Cisco routers and switched such as 7200, 3800, 3600 and 3500, 4500, 5500.
Management tools, SNMP, Syslog and Wireshark.
Extensive knowledge of network design, implementation & infrastructure
Semantic Space, India Mar’11 - Aug’13
Network Engineer
Responsibilities:
Develop and implement strategies to support the current and future needs of the company.
Configured Cisco Routers 2600 series using RIP, OSPF, and EIGRP.
Configured Cisco Switches 2900.
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
Troubleshot Cisco hardware: Inspected devices, Read device LEDs, loose connections, interior IOS upgrade, switch port configuration, port monitoring, watch over Flooding Control/Network port.
Installed and configured DHCP, DNS Server.
Developed and tested Engineering Design Document(EDD) to deploy a VDC on the Nexus 7000 series of switches to address high level architecture of new VDCs
Identifying technical problems and debugged hardware and software related to LANs/ WANs.
Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
Installed and configured of inter-networking technology on multiple platforms including Cisco Catalyst (IOS), Cisco Nexus (NX-OS), F5, and Palo Alto Networks
Implemented redundancy in BigIP F5 loads balancers to provide uninterrupted services to clients.
Switching related tasks included implementing VLANS, VTP and configuring ISL trunk on Fast - Ethernet channel between switches.
Strategies include operating systems, virus protection, mail systems and Internet services.
Updated the anti-virus, spam blockers, and other security software so that the systems are always secured
Physically deployed new Cisco Nexus devices, Catalyst and Nexus replacement blades, FWSMs, Cisco ASAs, Citrix NetScaler MPX and SDX chassis
Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured all the network Infrastructure devices including Network Printers and Registers
Configured and implemented Nexus 5K and 2K in lab environment
Resolved all computer related problems, monitored and maintained system functionality and reliability by identifying ways to prevent system failures.
Value Labs, INDIA SEP’09 – Mar’11
Support Engineer
Responsibilities:
Perform responsibilities of supporting the daily operations of the network, telecom and troubleshooting network issues.
Responsible for updating the IOS and configuring the new Router and Catalyst Switches.
Designed and installed small Windows XP based LANs for business clients
Troubleshot and resolved many user issues Performed network testing and base lining
Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
Cisco ASA 5540 firewall experience creating access rules for various DMZ containers for both inbound and outbound traffic.
Provided testing for network connectivity before and after install/upgrade
Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external.
Responsible for creating and maintaining diagrams and documentation of network systems