TARA THAPA
*********@*******.***
Professional Summary
Cisco and Juniper Certified Network Engineer with over 9+ years of experience in the IT industry, which includes expertise in the areas of Routing, Switching, Security and Data Center.
CISCO Certifications & Certification ID: CSCO11131474
CCNP R&S (Cisco Certified Network Professional in R&S)
CCNA SECURITY (Cisco Certified Network Associate in Security)
CCNA R&S (Cisco Certified Network Associate in R&S)
JUNIPER Certifications & Certification ID: JPR00248072
JNCIA-Junos (Juniper Networks Certified Associate)
JNCIS-Sec (Juniper Networks Certified Specialist-Security)
JNCIS-ENT (Juniper Networks Certified Specialist-Enterprise R&S)
TECHNICAL SKILLS:
Protocols
EIGRP, OSPF, HSRP, VRRP, GLBP, LACP, PAGP, LDP/TDP, MPLS,BGP
LAN technologies
VLAN, Trunking, VTP, STP, RSTP, MST, PVST+, PVLAN, SPAN, RSPAN, Port Mirroring, Ether channel (PAGP & LACP, load balancing), Optimizing STP (Port fast, Uplink fast, Backbone fast, Root Guard, BPDU Guard),
Network Products
Cisco Router Platforms: 2901, 2921, 2951, 4331, 7204, 7500
Cisco Switch Platforms:3750, 4507, 4510, 6506, 6807.
Cisco Nexus Platforms:Nexus 2k, Nexus 5k, Nexus 7k & Nexus 9k
Firewalls
Cisco ASA 5510, 5520,5525, 5585, IDS/IPS (4200).
Security &Authentication
AAA, ASA, L2 and L3 Security, RADIUS, TACACS+, Route map, Access list, Digital Certificate, IPSec VPN, SSL VPN, Remote VPN, MPLS VPN, GRE, NAT/PAT
Monitoring Tools
Wire shark, SNMP, Solarwind Netflow, 3Com Network Analyzer, Network Monitor.
Servers
Domain Servers, DNS Servers, Mail Servers, Proxy servers, Print Servers, Application Servers, FTP Servers
Remote Access
IP Sec VPN, VPN, Remote/Secure client, Site to site VPN, GRE tunneling
Other Tools
Putty, Solarwinds, Cisco NAC, Cisco ISE, Cisco Wireless Prime
Career Highlights
DGN Technologies Inc. (Client : Intuitive Surgical Inc.) Aug 2017 to Till Now
Sr. Network Engineer
Responsibilities:
•Responsible for implementation and upgrade new IOS in Campus/Enterprise network and Security infrastructure.
•Experience working with BGP Community Strings to Manipulate Routing on Level 3 VPN.
•Working extensively in Configuring, testing Cisco's Nexus 7K & 5K vPC,VDC, FCoE, FC, Zoning, Hypervisor for Intuitive Surgical Data Center & Server.
• Configured Firewall change request for Campus SAP Team.
•Other responsibilities included Cisco Prime Infrastructure, NetBrain 6.2, SolarWinds Orion, Fluke-True View, Ixia Net Tool Optimizer 5288, RiverBed SteelCentral Controller v9.2, Cisco Secure ACS v5, Visio diagram, documentation and supporting other teams.
Dell Inc Services. (Client: Stanford Children’s Hospital) June 2016 to July 2017
Sr. Network Engineer Design Advisor
Responsibilities:
•Responsible for designing and implementation of customer’s Stanford Children’s Hospital Enterprise network and Security infrastructure.
•Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre configuration of network equipment, testing, and maintenance) in both Main Campus and Branch Clinics networks
•Worked Experience on Cisco Nexus 9K series switches, Data Center Spine-and- Leaf Architecture (Nexus 9508 Spine and Nexus 9396 Leaf), Cisco Application Centric Infrastructure(ACI) operating mode with 3 components Spine, Leaf and Cisco Application Policy Infrastructure Controller (APIC) and creating and managing vPC, VDC, FCoE, FC etc on Nexus 7010, 5020 devices in the Stanford Hospital data center environment.
•Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5525X security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
•Involved in Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing and LAN security.
•Use and maintain routing protocols EIGRP and BGP on the Routers in the network & also worked on BGP Route Reflectors, Confederations
•Deployed a large-scale VRRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
•Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4507, 3850, 3750 switches.
•Implemented VRRP on the Cisco ISR 4331 Router for failover and EIGRP, OSPF on 2 Cisco 2921 routers, the Layer 3 switch, Cisco 3850XL Switches for load balancing and failover.
•Cisco 6807 VSS ISSU upgrade, hot swapping 40Gig line cards.
•Configured DHCP scope in Windows Server 2012.
•Other responsibilities included Rackwise DCIM, visio diagram, documentation and supporting other teams.
Tech Mahindra America’s Inc Dec 2014 to May 2016
Network Manager
Project- MegaPath Network Decoupling and Migration
Responsibilities:
Responsible for designing, implementation and supporting of customer’s network and Security infrastructure in their on-premise, hybrid and cloud environments.
Prepare Technical Solution Documents(TSD), installation and deployment document.
Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre configuration of network equipment, testing, and maintenance) in both Campus and Branch networks
Experience with converting Migration (Cisco IOS to Juniper Junos) in the data center environment.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
Experience working with BGP attributes such as Weight, Local-Preference, MED and AS-PATH to influence inbound and out bound traffic
Involved in Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, InterVlan routing and LAN security.
Use and maintain routing protocols OSPF and BGP on the Routers in the network & also worked on BGP Route Reflectors, Confederations
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
Configuring IPSEC VPN on SRX series firewalls
Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
Closely work with Network Implementation/Migration Management team to deploy the network devices in production environment.
Perform sanity testing across entire network once the device /application is deployed on production environment.
Perform Field Operational Testing and connectivity testing post production
Monitor devices/circuits in production environments and provide real time support for analyzing and troubleshooting issuesincluded documentation and supporting other teams.
USAA, San Antonio, TX Nov 2012 to Nov 2014
Sr. Network Engineer
Responsibilities:
Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
Router/ Microsoft VPN Server in order to access certain limited network resources from customer locations
Involved in the redistribution into OSPF on the core ASA firewall.
Experience on HSRP for load balancing.
Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
Installed and configured four PIX 525 and two ASA 5505 in customer locations. In addition to that, two PIX firewall configured for the Guest access
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
Configured policy based routing for BGP for complex network systems.
Citizens Bank, Quincy, MA Dec 2011 – Oct 2012
Network Support Engineer
Responsibilities:
Configure, maintain and deployed Cisco ASR 1K, 4300, 2900, 2800 routers as end WAN routers and implemented BGP with VRF and EIGRP instances running parallel.
Worked on WAN custom QoS/class maps & policy maps for a unified network with data, voice and video.
Directly worked with WAN carriers (AT&T, Level3 and Comcast) to resolve WAN connectivity issues and designed redistribution from Static routes/EIGRP to BGP for AT & T ASE/AT & T Opt-E-MAN/ Comcast IP Sec VPN Static routes to Level 3 MPLS redistribution.
Manage, support and provision LAN/WAN equipment for a new network IDF deployment pertaining to Cisco 6500 (Sup 720), 4500 (SUP 6) & 3780, 3750 switches for network access.
Extensively worked on Cisco catalyst 6509 VSS along with VDC and VPC on Nexus 5505, 7010 switches.
Experience with Cisco Application Centric Infrastructure (ACI) fabric: APIC cluster, Leaf and Spine switches. Knowledge of basic configurations of Tenants, BDs, EPGs, VMM Networking and OOB Management configurations of Leaf and Spine Switches.
Adherence to ServiceNow Change Management processes, create and deliver presentations to peers and leaders for define network business requirements and implements effective global network strategies as well as worked with senior network engineers on complex design solutions.
Performed monitoring, analyzing, diagnose network events/alerts using Solarwinds Orion, Entutity and Voyence. Troubleshoot network issues using tools like Cisco Prime Infrastructure (Wireless), Cisco NAC (Network Access Control) and Cisco ISE (Identity Service Engine).
Designed secure network solutions that maximize the sharing of applications, information, and resources across the company. Conduct feasibility studies on strategic and tactical plans, design and evaluation of network services/technology for current and future network development.
HANNAFORD, SOUTH PORTLAND, ME March 2009 - Nov 2011
Sr. Network Consultant
Responsibilities:
Experience on configuring Cisco routers such as 7200, 3900, 2900, 2800, 2600 series and switches 5500, 5000, 4500, 3800, 3600, 3500, 2900 series.
Configured Cisco 2600, 2800 and 3600 series routers with routing protocols BGP, OSPF, EIGRP and RIPv2.
Configured Cisco Catalyst 3500, 3800 series for implementing VLANs segmentation improve security, port-security, VTP, Rapid PVST+, Vlan trunking as dot1q in inter-Vlan routing.
Configured and extended VLANs from one network segment to another segment between Different vendor switches like Cisco/Juniper.
Configured route redistribution between OSPF and EIGRP in a multi-area OSPF network plus route update manipulation using route-maps; distribute lists and AD manipulation and link negotiation.
Configured HSRP on Cisco 2900, 2800 routers to obtain default gateway redundancy and high availability.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500, PIX security appliance, Failover DMZ zoning & configuring VLANs, routing protocols, NAT with the firewalls as per the design. Configured remote access IPSEC VPN on Cisco ASA 5500 series.
Designed and implemented DMZ for Web, Mail & FTP Servers using Cisco ASA5500 Firewalls
Involved in migration from EIGRP to OSPF routing, upgrading legacy 6509 core switches to 4510.
Implemented network redesign of enterprise security infrastructure, including firewalls, VPN solutions (trusted site to site, DMVPN, multiple factor authentication remote access systems, log consolidation and monitoring).
Configured AAA Security (RADIUS and TACACS+) for network access servers and routers.
Working knowledge of upgrade the devices of Cisco Nexus 7000, 5000, 2000, Catalyst 6500, 4500.
Administered the Network traffic using Wireshark and maintained the efficiency of the network by applying different switching and routing techniques. Implemented and verified WAN links.
Installed and maintained VMware ESXi Servers on server machines.
StudyLink Pvt. Ltd, Kathmandu, Nepal Dec 2007 – Feb 2009
POSITION: NETWORK SUPPORT ENGINEER
Responsibilities:
Extensive experience on deploying and configuring Cisco routers such as 3900, 3800, 3600, 2600, series and switches 6500, 5500, 4500, 3800, 3500, 2900 series.
Removed Cisco 3600, 2600 series routers; replaced with Cisco 3745 for configuring BGP, OSPF, RIPv2, EIGRP, Static and default route also worked on HSRP and GLBP for first hop redundancy and load balancing.
Migrated from Cisco 2900 series switches from the current infrastructure and replaced them with the Cisco 6509 and 3560 L2/L3 switches. Configured RSTP, MST and used VTP with 802.1q trunk encapsulation, Ether channels using PAgP and LACP on Cisco 6509 and 3560.
Configured, Monitored and Troubleshoot Cisco’s PIX firewall, ASA 5500 security appliance Firewall, integrated firewalls with Gateway Anti-Virus and web filtering applications.
Designed ACLs, VLANs, troubleshooting IP addressing issues on switches and routers.
Netco Technology Pvt. Ltd, Kathmandu, Nepal Dec 2006 – Nov 2007
POSITION: NETWORK/SYSTEM ENGINEER
Responsibilities:
Installed and configured Active Directory for in Dell 1950 PowerEdge server.
Installed and configured the Operating systems of Win 7, 8, Windows Server 2008.
Assisted Lead Network Engineer in the configuration, implementation and operation of Cisco 2811, 2611XM, 2514 routers as well as Cisco 5000, 3550, 2950 switches.
Configured VLANs, VTP, and RSTP in Cisco Catalyst 3800.
Assisted in configuration of Cisco Routers for OSPF, RIPv2 and EIGRP.
Configured the DNS, DHCP on Windows server 2008 R2.
Provided extensive Desktop/Laptop support on software and hardware.
Build and setup servers; desktops and laptop for new user.
Upgrade laptops and Desktops Operating System.
Prepared, updated, and maintained technical and logistical network documentation.
Monitored core network services including data sharing, anti-virus and back up.
Configured Laser printers to be shared across the network.
Provided testing for network connectivity before and after install or upgrades.
College Of Software Engineering, Kathmandu, Nepal SEP 2005 – Nov 2006
POSITION: SOFTWARE FACULTY
ROLES/RESPONSIBILITIES:
Database Programming – MS-Access 2000, MS-SQL Server, MS-VB 6.0, Oracle 9i, Developer, PLSQL.
Webpage Designing-HTML, VBScript, JavaScript, ASP, PHP, MySQL.
System Programming-C, C++, Core Java etc
EDUCATION:
PGDSE from College Of Software Engineering, Kathmandu Nepal
B.Sc. from Trichandra College, Kathmandu Nepal
Visa Status:
Green Card