Engineer Technical Support
Resume:
Ashish
ac2x7o@r.postjobfree.com
PROFESSIONAL SUMMARY:
Cisco Certified Network Engineer with 8+ years of experience in the industry, which includes expertise in the areas of Routing, Switching and Firewall.
Hands on experience on Cisco Catalyst (2900, 3500, 4500, 6500) series switches, VSS technology, Cisco Routers (2500, 2600, 2800, 3600, 3800, 7200) series, Cisco ASR (1k,9k), Cisco PIX Firewall (506, 515, 525, 535)/ ASA (5505/5510), Palo Alto Firewalls (200,500 and 3000), Checkpoint GAiA (R76, R77), Cisco ISE (Identity Service Engineer), Load Balancers using Cisco ACE, F5, Security Device Manager (SDM).
Worked with Data center management to analyze data center sites for cabling requirements of various network equipment.
Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks Firewall models (PA-2k, PA-3k, and PA-5 k).
Worked in Configuration and extension of VLAN from one network segment to other segment between different vendor switches (Cisco, Juniper).
Managed rules on Cisco and Checkpoint NGX firewall.
Expertise in implementation and troubleshooting of network layer routing protocols such as RIPV2, OSPF, EIGRP, BGP, IS-IS & MP-iBGP.
Good Knowledge about TCP/IP and OSI models.
Configured, updated and maintained Cisco Nexus 7k, 5k, 2k, ASA 5500, Juniper ISX2000, Solarwinds, DNS, and Infoblox.
Excessive work experience in configuring and troubleshooting LAN Routing Protocols (HSRP, VRRP, GLBP, Layer 2 Protocols) along with Cisco ISE configurations.
Worked on Cisco Channel partners to build practices around Cisco ACI.
Extensive working knowledge of F5 network appliances to include LTM, GTM and IRules
Knowledgeable in the configuring and use of various network services such as DNS, DHCP, and various NAT implementations with Cisco devices.
Configuring security policies and procedures using Access Control List (ACL), Route Maps, Offset lists, Prefix lists.
Install and configure Palo alto Migration tool for ASA to Palo Alto conversion
Cisco and Meraki routers, switches and firewalls. Provide designing, deploying and supporting of WLAN & LAN's using BGP, OSPF, EGIRP, RIP
In depth understanding of IPV4 and implementation of Subnetting, also have knowledge of IPv6.
Experience in WAN technologies like T1/T3, DS3, STM1 and STM4 circuit types.
Proficiency in configuration of VLAN setup on various CISCO Routers and Switches.
Substantial knowledge, including the configuration, of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+).
Worked on assigned tickets to determine the point of failure and resolve problems remotely using available tools and other Operation Center resources.
Daily maintenance of Cisco router and firewalls.
Maintaining enterprise wide network engineering standards. Bluecoat IPAM (IP address management) and Riverbed technical support.
Hands-on configuration and experience in setting up Cisco Routers to perform at the Access, Distribution and Core layers.
Expertise in the analysis, implementation and troubleshooting of LAN/WAN architecture and good experience on IP services.
Extensive knowledge of implementing and troubleshooting VLAN Trunks, VTP Ether channel.
Expertise in IP subnetting and worked on various designing and allocating various classes of IP address to the domain.
Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, WireShark, TCP dump and Linux operating system servers.
Sound knowledge of Routing and Switching concepts and MPLS design.
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 Sonet POS OCX / GigE circuits, Firewalls.
Configured and deployed QOS and defined class of service (COS) WRED and WFQ for bandwidth management.
Primary responsibility is to design and deploy various network security & High Availability products lick Cisco ASA other security products.
Technical Skills:
Cisco router platforms : 2500, 2600, 2800, 3600, 3700, 3800, 7200, 7609.
Cisco Switch platforms : 2900XL, 2950, 2960, 3560, 3750, 4500, and 6500.
Routers : Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200,
7600), Cisco L2 & L3, Juniper routers (M7i, M10i, M320)
Switches : Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248,
5548 &7010)
Load Balancers : F5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800.
Routing : RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution,
Summarization, Static routing
WAN Technologies : FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines,
DSL modems.
LAN Technologies : Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI.
Cisco
Secure Access Control Server : (ACS) for TACACS+/Radius.
VOIP Devices : Cisco IP phones, Avaya.
Routing Protocols : RIP, OSPF, EIGRP, and BGP.
Switching Protocols : VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.
Network management : SNMP, Cisco Works LMS, HP Openview, Solar winds, Ethereal.
Layer 3 Switching : CEF, Multi-Layer Switching, Ether Channel.
Carrier Technologies : MPLS, MPLS-VPN.
Redundancy protocols : HSRP, VRRP, GLBP.
Security Protocols : IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.
Software : Microsoft Office Suite, MS SQL Server 2008, HTML.
Language : Unix, Turbo C / C++, basics in Perl and Shell scripting.
EDUCATION:
Bachelor in Computer Science Engineering
Jawaharlal Nehru Technology University, India
Certification:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
PROFESSIONAL EXPERIENCE:
BB&T bank, Wilson, NC Jan 2016 - Present
Sr. Network Security Engineer
Responsibilities:
Hands on experience of the configuration and implementation of various Cisco Routers & L2/L3 switches
Developed deployment solutions for network technologies including Optical VoIP, VPN, SAN, switching and routing.
Formulated daily status reports on completed tasks and current issues.
Strong experience in designing, implementing and supporting Cisco VOIP technologies.
Configured Nexus 7010 switches and 5020, 2248 as access layer switches.
Configured VPCs on Nexus 7010 switches of SUP 1 with multiple VDCs and VPCs, CFS
Extensive experience in configuring and implementing OSPF and BGP
Supported core network consisting of Cisco 7200 series routers running multi area OSPF
Configuration of EIGRP and OSPF as interior gateway protocol with route filtering and route redistribution, installed and maintained Cisco 3600, 2600 and 7200 backbone routes with HSRP
Implemented stub/Totally stub areas. Implemented various OSPF features like route-summarization and SPF throttling.
Experience with CSM, F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic
Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair
Configured 802.1d Spanning Tree Protocol (STP) for loop prevention and VTP for Inter-VLAN Routing
Perform setup of test scenarios, both hardware and software components, and perform troubleshooting.
Experience working in Datacenters environment, configuration changes as per the needs of company.
Configuring, implementing and troubleshooting VLAN’s, VTP, STP, Trunking, Ether channels.
Designing, implementing LAN/WAN configurations on Cisco 5K, catalyst 6500 switches.
Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
Setting up and managing Local and Wide Area Networks (LAN, WAN) to maintain maximum network uptime
Handling Networking and Database Administration with technical expertise in the implementation, operations and support functions using IT as tool.
Monitoring network maintenance activities and ensuring prompt troubleshooting of network problems to achieve maximum network uptime
Managing IP allocation & ensuring minimal downtime of machines, configuring servers to fault tolerance with User Security and Disk Space Management to optimize the server utilization
Configured and managed Cisco access layer routers and switches & carried out route redistribution & manipulated route updates using distributes lists, route-maps & administrative distance and offset-lists.
Worked on Multicast to use the bandwidth more effectively while reducing the load on the sender
Installed checkpoint and F5 load balancers in VMware workstation and VSphere.
Handled tickets using service now.
Experience configuring VLAN’s, WLAN’s (SSID), WLC’s and WAP’s.
Expertise in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering. Maintained and updated Active Directory for authentication purposes.
Troubleshooting of protocol based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
Work with the Cisco Meraki Sales team and on strategic sales initiatives like customer outreach and channel training to grow business in targeted regions
Implemented various EX, SRX & J series Juniper devices
Upgraded Westchester data center network from legacy infrastructure (Cisco, HP, Brocade, Extreme) to Juniper gear - 10Gbps. (MX, SRX, EX Series).
Performed hardware installation, troubleshooting, and maintenance of network related equipment/circuits within gateway facility and customer sites.
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
Actively managed IP Communications, audio/video conferencing, mobility, presence.
Configure HSRP to provide router and or switch failover & redundancy with a greater objective of achieving near 100% Network uptime.
Hands on experience installing and configuring Cisco ISE 1.4.
Responsibility is to design and deploy various Network Security & High Availability products like Check Point R 77.XX and other Security Products.
Experience with configuring Virtual Server and Configuring Load balancing methods in 12.0 LTM.
Network security involves web filtering on internet sites (User's restriction) using checkpoint Firewalls.
Dealing with intra wireless n/w system like ACL’s and access points.
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
Installed checkpoint and F5 load balancers in VMware workstation and VSphere.
Environment: Cisco ASA, Checkpoint, Palo Alto, Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco 7200/3845/3600/2800 routers, Infoblox, TACACS, EIGRP, Riverbed, Infoblox, RIP and Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN's and SSL.
Barclays, Wilmington, DE Oct 2014 – Dec 2015
Sr. Network Support Engineer
Responsibilities:
Provided help-desk technical support for installation, integration, and maintenance on the Digital Broadband Delivery System
Upgraded Westchester data center network from legacy infrastructure (Cisco, HP, Brocade, Extreme) to Juniper gear - 10Gbps. (MX, SRX, EX Series).
Supported Cisco routers, switches, LAN to internal and external customers
Established networking environment by designing system configuration; directing system installation; defining, documenting, and enforcing system standards.
VOIP and Meraki Wireless LAN product. Supported remote clients by setting up VPN ipsec during site-to-site vpns using Juniper and Cisco products
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
Troubleshoot and resolved many VOIP related issues.
Bluecoat IPAM (IP address management) and Riverbed technical support.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
Designed and implemented LAN connectivity with the use of HSRP, ACLs, NAT, and STP
Maximizes network performance by monitoring performance; troubleshooting network problems and outages; scheduling upgrades; collaborating with network architects on network optimization.
Secures network system by establishing and enforcing policies; defining and monitoring access.
Provided end-to-end computer and networking equipment installation, maintenance, and troubleshooting.
Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
Accomplishes information systems and organization mission by completing related results as needed.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
Security policy review and configuration in Palo Alto and Juniper SRX Firewall in US offices and Datacenter.
Troubleshooting of CISCO routers with ping, trace route and basic issues
Troubleshooting of protocol based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
Reporting network operational status by gathering, prioritizing information; managing projects.
Implement and maintain all network, security, and computer systems to meet the organization's current and future requirements
Experience handling tickets with less or no supervision in troubleshooting checkpoint 77.30
Daily administration and oversight of the network and computer systems. This includes the creation, deletion, and maintenance of user accounts, mailboxes, distribution lists, groups and all associated security parameters.
Responsible for the management, maintenance and architecture of the companies Storage Area Network (SAN).
Researched, designed and replaced aging firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
Worked with Juniper Net Screen 500/5200 and also juniper SRX 650/3600
Assigned, utilized and modified user login scripts; managed network access and security.
Consistently managed backup/restore and disaster recovery procedures in windows
Deployed organizational policies and procedures for hardware and software acquisition and usage.
Extensive knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 75 firewalls.
Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
Configuring VLANs/routing/NATing with the firewalls as per the network design
Experience in establishing NIC bonding/teaming, IP aliasing.
Worked on Transformation project
Worked on Multi-vendor platform with Check Point, Sonic Wall and Palo Alto firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents
Traced OSI layers and extracting the packet information at each and every layer. Worked on Wireshark, TCP/IP and OSI Layers for packet tracing and Drafted & finalized progress reports, final report. Technologies: Java, JSP, Servlets, Wireshark, TCP/IP.
Deploying and decommission of VLANs on core ASA 9k, Nexus 9k, 7k, 5k and its downstream devices and also configure 2k, 3k, 7k series Routers.
Design and Implementation
Worked on Multi-vendor platform with Check Point, Fortinet and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents
Configuring and resolving various OSPF issues in an OSPF multi area environment.
Implemented, configured BGP Wan routing, converting OSPF routes to BGP (OSPF in local routing).
Installed and maintained Cisco and F5 Load Balancer and documentation
Configured VTP on Core and several access layer switches, implemented Layer2 Ether Channel between various switches and hosts.
Environment: STP, RSTP, Cisco IOS-XR, ASA, VTP, VOIP, DMZ, HSRP, Palo Alto, Port-Channel, BGP, OSPF, EIGRP, PPP, HDLC, SNMP, DNS, DHCP
Epicor, Irvine CA Dec 2013 – Sep 2014
Network Security engineer
Worked extensively on Data Center Palo Alto firewalls and F5 BIG-IP LTM.
Configured Site-Site VPN on Palo Alto Firewall on one side and Fortinet on the other side
Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal
Configuring and implementing F5 BIG-IP, LTM, GTM load balancers to maintain global and local traffic.
Act as subject matter expert in cloud managed Cisco Meraki networking solutions for a nation-wide enterprise account.
Deployed and implemented Communication Manager 10.5 and Unity messaging systems.
Configured access layer switches in the ISE lab for implementation testing.
Experience in Cisco switches and routers: IP addressing, WAN configurations.
LAN cabling in compliance with CAT6 standards; Installing new hardware and swap out hardware physically.
Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Palo Alto Next-Generation Firewall platforms.
Very good understanding of fiber-optic technology including cables, connectors, patch panels, and optical transport technologies such as DWDM and SONET.
Managed rules on Cisco checkpoint NGX firewall
Implemented many number of security policy rules and NAT policy rules on Palo Alto, created Zones, Implemented Palo Alto Firewall interface, Palo Alto IDS and VLAN
Configured and provisioned Cisco Communication Manager, Unity Messaging Systems
Managed VPN, IPsec, Endpoint-Security, status policy, Application control, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls
Maintenance and configuration of Cisco ASR1000 series and 7200VXR routers at data center and deployment of 3900, 3800, 2951 and 2821 for branch connectivity
Performed Migration from Cisco ACE Load Balancers to F5 LTM.
Deployed Riverbed WAN optimizers and F5 load balancers.
Monitored performance and analyzed network irregularities using Riverbed
Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds and OpNet.
Escalation of procedures and customer notifications.
Configured, implemented, and troubleshot layer 2 switching: Trunking, RSTP+, Ether Channel, Inter-Vlan, and HSRP
Configured DNS and DHCP for servers using InfoBlox.
Handled various trouble tickets, firewall rule changes, assisting other teams to bring the device to production, making DNS changes in InfoBlox and routing changes.
Responsible for expanding Cisco Meraki market share in Latin America and the Caribbean achieving a YoY growth of over 42%
Managed and maintained analog lines, voicemails, auto attendant scripts and IP phone templates.
Worked on Physical site; latency and slowness issues in transmitting results within internal quest network.
Worked with Palo Alto firewalls PA5050 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall
Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre-configuration of network equipment, testing, and maintenance) in both Campus and Branch networks.
Strong knowledge of Linux.
Strong knowledge of TCP/IP Layers.
Responsibilities:
Environment: Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls(SPLAT)
Info systems, India Aug 2011 – Nov 2013
Network engineer
Responsibilities:
Studied and analyzed client requirements to provide solutions for network design, configuration and administration
Maintained redundancy on Cisco 2600, 2800 and 3600 Router with HSRP
Created a backup and recovery policy for software application and verified peripherals are working properly.
Replaced outdated Cisco Switches and Routers in existing data centers and installed new Cisco.
Experience deploying & managing high availability CUCM/Unity environments, SRST, voice
Established the networking environment by designing system configuration, directing system installation, defining, documenting and enforcing system standards.
Support and administration of firewall environments in line with IT security policy.
IP, VLAN, and BGP community allocations, visualizing switch-fabric topology, and visualizing BGP route-reflector topology
Performed RIP & OSPF routing protocol administration. Interacted with support services to reduce the downtime on leased lines.
Daily responsibilities included monitoring remote site using network management tools, assisted in design guidance for infrastructure upgrade & help LAN administrator with backbone connection and connectivity issues
Environment: PIX, CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT
Zensar Technologies, India Jun 2008 – July 2011
Network Engineer
Responsibilities:
Responsible for the configuration, implementation and operation of Cisco 3745 routers, Cisco 6509 and 3560 L2/L3 switches
Removed Cisco 3600 and 2600 series routers and Cisco 2900 series switches for the current infrastructure and replaced them with Cisco 6509.
Configured RSTP, MST and used VTP with 802.1q trunk encapsulation
Configured ether channels using PAGP and LACP
Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
Configuring VLANs/routing with the firewalls as per the network design.
Configuring and resolving various OSPF issues in an OSPF multi area environment
Implemented, configured BGP WAN routing, converting OSPF routes to BGP
Environment: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3925, 7200, 7201, 7600, 7613) and Cisco switches (6500, 3500, 4500, 2900), Nexus Switches 5K/7K, RIP, OSPF, BGP, EIGRP, VLAN, MPLS, Load Balancer 6400, STP, LAN, WAN and HSRP, CISCO ASA 5505 and checkpoint.
Contact this candidate