Sai Ram
Email Id: ******@*************.***
contact: 732-***-****
Professional Summary
Cisco certified Network Engineer with 8+ years of experience in Network designing, Troubleshooting, implementation, Deployment and supported production environment.
Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR-1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco Nexus 2k/5k/7k/9k and Juniper: M320, MX80, MX480, MX960 and EX4200, EX8200 switches.
Expert Level Knowledge about TCP/IP and OSI models
Experience in Physical cabling, IP addressing, configuring and supporting TCP/IP.
Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
Working on Juniper, Extreme, CISCO, and HP networks in an enterprise environment.
Good understanding of networking concepts such as routing protocols, VLANs, IP address management, and network security.
In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
Efficient designing of IP Addressing Scenario using VLSM and Sub-netting
Configured and supported F5 and NetScaler load balancer to support corporate internal applications.
Managed the F5 BIGIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
Understanding of JUNOS platform and worked with IOS upgrade of Juniper devices.
Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Router and Cisco 2900, 2960 3500, 3560, 3750-x, 3850, 4500, 5500, 6500 series switches.
Experienced in design, installation, configuration, administration and troubleshooting of LAN/WAN infrastructure and security using Cisco routers/Switches/firewalls.
Hands On experience Cisco IOS/IOS-XR/NX-OS, Juniper JUNOS for configuration and troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS
Experience in installing and configuring DNS, DHCP server.
Experience in configuring Site-to-site and remote access VPN solutions.
Enterprise Routing experience using protocols RIP v1 & 2, EIGRP, OSPF and BGP.
Configure and setup Cisco Router, Switches and VPN Concentrators and Security appliances for access to vital business applications.
Performed deep packet analysis to troubleshoot application issues using tools like Wire-shark.
Maintain a thorough understanding of the basics behind the Internet and its workings (Security, IP Routing, HTTP, VPN, Email Routing etc.)
Supervising the administration of systems and servers related network to ensure availability of services to authorized users.
Thorough understanding of VPN technologies like IPsec, GRE tunneling, MPLS for remote access security.
Performed security operations on ASA firewalls.
Worked on Citrix NetScaler Access Gateway configurations.
Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists
Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
Enterprise Switching with VLANs, Trunks, Spanning Tree, Port Spanning etc.
Expertise in maintenance of layer2 switching tasks which advocate VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
Experience in configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
Design, configuration, and support of Cisco Nexus Platforms (Nexus7K, 5K, 2K).
Worked on Extensively on Cisco Firewall & ASA 5500(5510/5540) Series.
Configuring, Administering and troubleshooting the Checkpoint and ASA firewall.
Experienced working on network monitoring and analysis tools like, SOLAR WINDS, and Wireshark.
Experience in managing, administration and designing of IP Backbone Network and spearheaded the strengthening IP Backbone Network Security.
Experience working with different wan transports MPLS, VPN, Metro Ethernet
Working knowledge of DNS as required when deploying load balancing configurations and also monitored packet flow in load balancers.
IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
Implemented firewalls using Cisco ASA, Cisco PIX, Checkpoint Provider-1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms.
Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall Smart Domain Manager command line & GUI, Cisco ASA
Involved in designing L2VPN services and encryption system and other VPN with IPSEC based services.
Implemented and Configured Palo Alto Networks Firewall models and centralized
management system to manage large scale firewall deployments.
Implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
Adding websites to blocked list on the bluecoat proxies based upon business requirements.
Seasoned professional in Checkpoint firewall policy administration and support between various zones
Worked on migration from legacy PIX to new Cisco ASA appliances
Proficient in configuration of routing protocols like RIP, IGRP, EIGRP, OSPF multiple areas and BGP.
Hands on Experience with blocking of IP's on Checkpoint which are suspicious
Experience in Checkpoint IP Appliances R65, R70, R75, R77 & Cisco ASA Firewalls
Migration with both Checkpoint and Cisco ASA VPN (Checkpoint R75.30 to Gaia R77.30 GA version)
Good knowledge and experience in Installation, Configuration and Administration of Windows, HTTP, FTP, DNS, NTP, DHCP servers under various LAN and WAN environments
TECHNICAL SKILLS
Operating Systems Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR Networking Technologies LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT,
PAT, STP, RSTP, PVST, MSTP
Networking Hardware Cisco Switches, Cisco Routers, ASA/Pix firewalls, VMware, Iron port
Routers CISCO 2600, […] Juniper M & T Series, Cisco CRS-1, CRS -3, GSR
Routing Protocols OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting
Switches CISCO 2900, […] Nexus 7k,5k,2k
Technologies PAP, CHAP, Cisco PIX, Blue Coat
Network Monitoring Cisco Works 2000, Wire Shark, HRping, SolarWinds
Simulation Tools Quall net Developer, OPNET IT GURU, OPNET Modeler, Cadence
Firewalls Juniper net screen […] Juniper SRX […] Pix […] ASA […] Checkpoint,
Palo Alto, McAfee Web Gateway
AAA Architecture TACACS+, RADIUS, Cisco ACS
Features & Services IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG,
NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR's, HLD and LLD documents, Dell equal logics
CERTIFICATIONS:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
PROFESSIONAL EXPERIENCE
Taco bell /Yum Brands, Irvine, CA Jul 2016 to till Date
Sr. Network Engineer
Responsibilities:
Hands-on expertise with routers 2600, 2900, 3600, 3900, 7200, 7600, ASR-901, ASR-903, ASR 5500, ASR-9010
Experience working with Juniper Routers (MX960, MX480, M320) and Switches (EX2400, QFX Virtual Chassis Switches) with BGP, OSPF, VSTP, MST layer 2 and layer 3 Technologies
Worked on Nexus platform 7010, 5K series and FEX (2248, and 2232) and deployed VPC, VDC and OTV, Fabric Path and successfully implemented VSS on the Cisco catalyst switches (6500, 6509,6800).
Design Next generation data centers with Nexus, ACI, OpenStack, DCI, EPGs/bridge domains, OTV, and VXLAN.
Configured redundant WAN links with Internet circuit and MPLS with BGP/SLA tracking for failover on Cisco ASR 1001.
Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
Implemented Site-site IPSEC VPN at our new integration to allow connectivity to our resources until we could deploy MPLS.
Configured policy statements, and routing instances and support on MPLS-VPN, VRF.
Expertise in maintenance of layer2 switching tasks - VLAN, VTP, RSTP, configuration of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
Troubleshooting the Network Routing protocols (BGP, EIGRP, ISIS and RIP) during the Migrations and new client connections.
Configuration of routing protocols EIGRP and BGP for small to medium sized branches based on company branch standards, including redistribution and route maps.
Implement and troubleshoot Static NAT, Dynamic NAT, PAT, Spanning Tree Protocols (STP), MSTP, RSTP.
Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
Experience with designing and configuring secure Virtual Private Cloud (VPC) through private and public networks in AWS by creating various subnets, routing table, Network ACL, NAT gateways.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution and migrating with Cisco ASA VPN experience.
Developed redundant load-balancing design based on four Juniper MX 960 and two SRX 5600 using route leaking and policy routing.
Performed Network Security Assessment and implemented security features such as network filtering, SSH, AAA, SNMP access lists, VTY access lists and HSRP authentication.
Experience in VPN, Checkpoint IDS-IPS and McAfee Antivirus Endpoint Protection Solution.
Worked with Palo Alto firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
Proactively monitored and managed all productions network systems to maximize system availability in Citrix NetScaler.
Configured device security using Cisco IOS AAA with TACACS+ and RADIUS, AAA with TACACS+ and RADIUS, Local privilege authorization fallback.
Worked with monitoring tools like SolarWinds, Cisco prime, Net Flow, Netscout and network packet capture tools like Wire-shark.
Maintain and assign IP addresses and DNS entries for high visibility projects using Solarwinds IP manager. (IPAM).
Configured DHCP scope into Infoblox for new sites which includes subnets for wireless, voice, security and data centers.
Implementation of Site-to-Site VPNs and DMVPN over the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.
Provided full visibility and notification of authorized and unauthorized network access with integration of CISCO ASA/FWSM and Network Access Control (NAC) solution.
Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, and 8800
Configuring VMware and managing and maintenance of VMs (virtual server) and Server Virtualization using VMware vSphere, Microsoft Hyper-V.
Setup user and group policies using Active Directory and implemented system and data security using Windows Firewall.
Worked on Bluecoat proxy server, Tipping Point Intrusion Protection System (IPS) management
Involved in designing of LAN (Ethernet) and WAN infrastructure for the new Data Centre Using MS Visio.
Configured Cisco 1231 Access points with 5959 and 4941 antennas (802.11/a/g).
Set up and troubleshoot secured wireless access points (WAP) and wireless LAN controller (WLC) for broadband internet.
Planning, deploying LANs/WANs voice interconnection using protocols VoIP, H.323, SIP, ISDN, L1-L3.
Environment:
Cisco 2948/3560/4500/3560/3750/3550/3500/2960/6500 switches and Cisco 3640/12000/7200/ 3845 /3600 / 2800 routers, Cisco Nexus 7K/5K, Cisco ASA 500, F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, ASM, APM.
UNICC, NYC Mar 2015 – Jun 2016
Network Engineer Consultant
Responsibilities:
Installation and Configuration of Composite Network models consists of Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
Experience in layer-3 Routing with, ASR 9K, Nexus 7k,5k,3k,2k Cisco 7600, 7200, 3925 series
Deployed Juniper (JunOS) switches EX4500 and EX4200, routers MX960, MX480.
Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a flexible Access Solution for Data Center access architecture.
Migrated existing devices from Cisco Catalyst 6500 series to Nexus 7k, 5k, 2k in Data Center.
Consolidated multi-tiered environment into a pair of Nexus 7000 switches using VPC and VRF.
Experience with designing, implementing and troubleshooting Cisco routers and switches using different routing protocols like OSPF, EIGRP, BGP, ISIS and MPLS L3 VPN, VRF.
Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
Performing troubleshooting on slow network connectivity issues, routing issues involves OSPF, BGP and identifying the root cause of the issues.
Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP Sec VPN tunnels.
Virtual Switching System (VSS) implementation on 6509s (VS-S2T-10G SUP).
Performed switching technology administration including VLANs, inter-VLAN routing, Trucking, STP, RSTP, IGMP, port aggregation and link negotiation.
Implementation of HSRP, IPsec, Static Route, IPSEC over GRE, Dynamic routing, DHCP, DNS, FTP, TFTP.
Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
Establishing Multicast management on ipv6 networks for communication between hosts and routers using IGMP protocol.
Implemented GRE tunneling, Site-to Site VPN and multipoint DMVPN using IPSEC.
Design solutions using Cisco DMVPN/IWAN features. Involved in the troubleshooting aspects of complex network infrastructure using the routing protocols like EIGRP, OSPF & BGP.
Configured and troubleshot BIG-IP F5 load balancer LTM creating virtual servers, nodes, pools, and I Rules in LTM module.
Provided application level redundancy and availability by deploying F5 load balancers LTM, APM.
Performed F5 appliance (LTM, GTM, APM, and ASM) maintenance and system upgrades including hot fixes and security configurations.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution and migrating with Cisco ASA VPN experience.
Experience in Palo Alto (PA 2000, PA 3000) design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
Worked on Multi-vendor platform with Checkpoint, Fortinet and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents as required.
Performing network monitoring of LAN/WAN and providing analysis using various tools like Wireshark, Solar winds, SNMP and NetFlow.
Redesign current security network and implement Cisco IDS/IPS and Network Access Control (NAC) to insure the maximum security.
Monitor Performance & capacity of the WAN links using SolarWinds and NetQos report analyzer.
Utilize BMC remedy ticketing system to monitor, troubleshoot and resolve alarms on sites.
Troubleshooting Aruba Wireless issues like slow performance, intermittent connectivity, authentication failure, low signal strength, Replacing AP's and controllers.
Installed, configured, and maintained a VMware ESX 5.5 virtual server/desktop environment.
Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network
Create, Run, and Debug Python scripts and apply that knowledge to handling common networking tasks.
Environment:
Cisco Catalyst 2960/3750/4500/6500 Series Switches, Cisco 2800/2900/3000 Series ISR's and Cisco 3640/12000 /7200/3845/3600/2800 routers, Cisco Nexus 7K, Cisco ASA 5500, Checkpoint, windows server 2003/2008, F5 BIGIP LTM/GTM, ACL, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP
VISA, Denver, CO Jan 2014 – Feb 2015
Network Security Engineer
Responsibilities:
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
Lead the installation and configuration of corporate wide rollout of the Cisco Catalyst 3550, 3750, 4500, and 6509 switches.
Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
Included network services such as DNS, email, web, Servers, VPN and Firewall.
Replaced Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
Experience in migration of VLANS.
Expertise in implementing L2 technologies including VLAN's, VTP, STP, RSTP.
Configuring and Troubleshooting Route Redistribution between static, RIP, EIGRP OSPF & BGP protocols.
Responding to outages, and working closely with other Network Operations Centers and Service providers and Customers to debug and diagnose network and circuit problems
Upgrade Cisco Routers IOS using TFTP
Working on HSRP protocol, GLBP protocol and VRRP protocol
Configuration of SNMP protocol for monitoring of CISCO 6506 L3 devices
Interacting with Internet customer for Non-service affecting fault such as Troubleshooting on Internet traffic related fault (High latency/Drops\, Forward/Reverse traffic manipulation, RADB entry of IP address on internet)
Working on Linux nodes and monitoring
Configuring DHCP, checking scopes and Troubleshoot DHCP problems
Maintaining IM Master Tool
Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
Support all aspects of layers 2-4 including L2/3 VLAN/SVIs
Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
Configuring IPsec VPN on Cisco Firewall.
Maintained, upgraded, configured, and installed Cisco ASA 5510, 5520, & 5505 Firewalls from the CLI and ASDM.
Managed network IP access via Dynamic Host Configuration Protocol (DHCP).
Managed network security processes using ASA firewalls.
Prepared technical documentation of configurations, processes, procedures, systems and locations.
Solved issues with browsing the internet via VPN. Migrated all Regional loss prevention Managers and District Managers.
Successfully Migrated the call-center department to Cisco 3750X from Cisco 4750.
Redistribution of routing protocols and Frame-Relay configuration.
Researched and implemented upgrade process to support Cisco VPN solution.
Researched, designed, tested and implemented Cisco's VPN solution for remote clients.
Responsible for designing and implementation for customer network infrastructure.
Upgrade Cisco Routers and Switches IOS using TFTP.
Environment:
Cisco 7200/3845/3600/2800 routers, Cisco 3750/3550/3500/2950 switches, Cisco ASA 5500, windows server 2003/2008, Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, Ether Channels, HSRP, SONET and POS controllers,
Sahithi Systems Pvt Ltd, Hyderabad, India Sep 2011 – Dec 2013
Network Administrator
Responsibilities:
Configured User VLANs on Cisco 6513 and Cisco Nexus 7000 and changed user ports from unsecured VLANs to Secured VLANs after approval from security personnel to meet security policies.
Involved in configuration and management of different Layer 2 switching tasks which includes address learning, efficient switching etc.
Created and Managed Cisco VPN user Account Authentication on Windows Server 2008 RSA server.
Installed and Managed Several VPN Cisco AnyConnect Connection profiles the firewall using ASDM to speed up configuration time and I achieved this with no help.
Experience MPLS connectivity using VRF id and have broad knowledge on multi-protocol label switching for (MPLS-VPN) and traffic engineering (MPLS-TE)
Testing and migrating locations from hub and spoke topology to MPLS.
Configured Access Lists on the Firewall (Cisco FWSM) to allow Network object access to specific resources with little help. Solved several connectivity problems with the Remote VPN.
Migrated Users from Microsoft VPN to Cisco VPN using the RSA Security Console this helped to improve security and access to resources.
Used Perl scripts to automate configuration of remote VPN profiles with help from the Network Engineer.
Migrated Layer 3 from Cisco 6513 to Nexus 7000 to improve bandwidth for server applications and the network.
Developed network standards for Enterprise network
Configured and Supported WAN and LAN infrastructure.
Configured and administered Cisco Nexus 7000 and 5000 series switches
Configured and administered juniper NetScreen appliance.
Configured and managed juniper router and switches.
Configured QOS and COS on head router and core switches to separate Voice data and credit-card data from every other data.
Installed and configured CISCO ISE and 802.1X to secure and authenticate wireless devices at the stores and the HQ to improve security.
Designed and implemented firewall high availability for the firewall infrastructure.
Configured Cisco IP phones for call Center.
Wireless network Implementing, maintaining and troubleshooting
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-Trunking, deployed port security when possible for user ports
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
Performed basic security audit of perimeter routers, identifying missing ACL's, writing and applying ACL's
Environment:
Cisco 2600 / 2800 / 3600 Cisco 2950 / 2960 series switches, Cisco Routers 7000, 5300, 4000, 2500, 3000, 2600, NAT, PAT, DHCP, DNS, OSPF, EIGRP, ACL, TCP/IP, LAN, WAN.
Tribro Softech Pvt. Ltd, Hyderabad, India Jun 2009 – Aug 2011
Jr. Network Engineer
Responsibilities:
Monitored the network performance regularly to improve performance and functionality.
Implementation, Configuration & Troubleshooting of the Ethernet /Data Network/MPLS Cloud (LAN/WAN) comprising of large number of Cisco Layer2 Switches & Layer3 Switches across the country
All over India technical support for resolution of Critical/ Major Faults & escalated faults from various Customers
Fault Management as well as the maintenance of the Routers all over India
Hands on experience on Cisco Routers for data services with the knowledge of routing protocols like OSPF and EIGRP
IP planning by using NSN IP PLAN TOOL
Installed and Configured routers and switches for various projects
Configured and managed Cisco 1900, 3825, 7206 and 7609 series Routers and Cisco Switches in the series of 2950, 2960 and 3603
Configuring and Troubleshooting in routing protocols such as EIGRP, OSPF and BGP
Configuring VLAN connectivity points on Cisco 2950, 2960 and 3603 switches
Diagnose and solve routers connectivity problems
Experience in installing and configuring DNS, DHCP server
Involved in configuration and management of different Layer 2 switching tasks which includes address learning, efficient switching etc.
Monitored network/software security – Controlled access to the IT network and updated security programs as a part of the security procedure.
Build and maintain a computer network with capabilities of sharing information or keeping it confidential for all employees throughout the building
Working knowledge of Terminal server and the configurations
Installation of L3 Switching Engine Policy Feature Card & Distributed Forwarding Card DFC3C
Data center migration was involved in Access, Distribution and Core layers.
Working knowledge with 10 gigabit Supervisor Engine 720 on 6500 catalyst switches
Implementing 3750 Rack/Stack switches using Cisco Stack Wise Technology Attend to all employee needs and concerns regarding the network
Train employees in network operations to avoid miscommunication
Troubleshoot issues with the network to make it run more efficiently and to avoid future problems
Perform beneficial network updates whenever available
Work with other Cisco Network Engineers to create a network and intranet capable of handling all company need
Drafted monthly reports of network efficiency to determine if changes were needed
Performed research on new network features and functions that could be of use to the company
Environment:
Cisco 2500 / 2600 / 2800 / 3500 routers, Cisco 2950 switches, BGP, TCP/IP, OSPF, EIGRP, RIP, RIP V2, Static Routes, Wireless Access points, HSRP, VTP and VLANs