NARESH
Email: **************@*****.*** PH: 609-***-****
Sr. Network Engineer
Professional Summary:
Network Engineer & Security Analyst with 8 years of working experience in Network Infrastructure, Security which includes designing, deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols, routing, switching, configuring, implementation, troubleshooting of complex networking system.
Working experiences with Routers, Switches, Load Balancers, Firewalls and Proxies.
Excellent hands on experience in configuring Cisco Nexus 2248T, 2224T, 5548P, 5596T, 6000, 7010, 7018, 7710 switches. Also, implemented VDC and VPC on the Nexus 5505, 7010, 7710 switches.
Hands on experience in performing various configurations on Access, Distribution and Core layer switches like Cisco Catalyst 2960, 3750, 4507, 4010, 6506, 6509 switches.
Experience in Cisco ISE’s, Cisco Prime, SNMP tools (HP – Intelligent management center, Solar winds, Wireshark).
Hands-on experience in implementing and troubleshooting Switch technologies such as STP, VTP, 802.1q, VLAN and MPLS.
Experienced in configuring, deploying, maintaining, and troubleshooting of routing protocols like RIP, OSPF, EIGRP and BGP on Cisco 1800, 2600, 3600, 7200 and 7600 routers. And also performed Policy based routing.
Proficient in configuring and troubleshooting route Re-distribution between Static, EIGRP, OSPF, and BGP protocols and in Route Manipulation.
Implemented and upgraded Networks using OSPF and BGP based routing protocols and prepared flow charts and utilization monitoring reports.
Configured Frame-Relay, ISDN, ATM, load balancing switches and configured IPX/SPX, HDLC, PPP, BGP, EIGRP, OSPF and VRRP on various sites
Expert level knowledge on IP Addressing, Subnetting, VLSM, OSI model, TCP/IP model.
Using IP Address Manager (IPAM) provides a centralized management of the IP address space, including IPv4 and IPv6 Address Management.
Proficient in implementing first hop redundancy protocols like HSRP, VRRP, and GLBP.
Hands-on experience in creating security zones and security policies on branch Juniper SRX 240 and SRX 100 firewalls.
Proficient in implementing Security policies like NAT, PAT & Access lists.
Hands-on experience in deploying Frame-relay, GRE tunnels, Remote Access VPN and
Site-to-Site VPN.
Expert in configuring and implementing proxy servers and Authorization, Authentication & Accounting (RADIUS, TACACS+).
Experience in design, Deploying & Troubleshooting F5 Load Balancer Includes BIGIP Series 5050V, 10000V, 8900, 6900, and 3900.
Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM, GTM, ASM, APM.
Experiences in Deploying & Troubleshooting policy management on Web Proxies.
Experiences dealing with OS upgrading/Patching for various vendors like F5 (TMOS), CISCO (IOS, NX-OS), PANOS, JUNOS, Web sense, Bluecoat.
Experience in design, installation, configuration, maintenance, migration and administration of Check Point Firewall R55 up to R77.
Experience in Policy based filtering using Palo Alto Firewalls.
Experience working with Palo Alto GUI Panorama.
Experience in migrating Check point to the Cisco ASA Devices. Also migrating from Cisco to Palo Alto.
Extensively used the packet capture tools like TCP dump, Wireshark and snoop on the devices to identify the potential network issues.
Proficient in using Network Management Application layer software's like SNMP, Solar winds, NTP and Syslog.
Proficient in using MS Visio for documentation purposes.
Hands on experience in configuring VoIP phones using asterisk.
Certification:
CCNA – Cisco Certified Network Associate.
CCNP – Cisco Certified Network Professional (Routing and Switching).
TECHNICAL SKILLS:
Cisco Platforms
Nexus 7K, 5K, 2K & 1K, Cisco routers (7200, 3800, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900series), Cisco ISE and Cisco Prime.
Routers
Cisco 2600, 2900, 3600, 3900, 7200 and 7600 series
Infrastructure services
DHCP, DNS, SMTP, FTP, TFTP
LAN technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- Channel, VLANS, VTP, STP, RSTP, 802.1Q, SVI
Routing Protocols
IGRP, EIGRP, OSPF, BGP, HSRP, VRRP, & GLBP.
WAN technologies
Frame Relay, ATM, MPLS, leased lines & exposure to PPP, T1 /T3 & SONET.
Firewall Technologies
Cisco ASA 5580 series, PANOOS 2020, Juniper SRX, Palo Alto, Checkpoint.
Network Security
NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, Load Balancing, IDS/IPS, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS)
Network Management
SNMP & knowledge on Cisco Works, Ethereal.
Platforms
Cisco IOS (11.x, 12.x), LINUX, Nexus OS, Windows XP.
Documentation
MS Office, MS Visio
Load-Balancer Technologies
F5 BIG-IP LTM.
PROFESSIONAL EXPERIENCE
Global Aerospace, Parsippany, NJ Jan' 2017 to Present
Sr. Network Engineer
Responsibilities:
Hands on experience with Catalyst L3 switches and Cisco Nexus switches: 2232, 2248, 5548, 6001 and 7018(Sup 2E).
Operated in Administration of L2 technologies like VLANs, VTP, Trunking, RPVST, Inter-VLAN routing, Ether channeling, and Switch port Security on Access Layer switches.
Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, network devices
WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP address
Configured and maintained OSPF, EIGRP, RIP and BGP on Cisco routers.
Creating BGP multi-homed network using BGP attributes like AS-PATH, MED and local-preference as per the environment.
Aided in redundancy mechanisms for multi homed Border Gateway Protocol (BGP) network by tuning AS-path for various network segments.
Possess experience as an architect in deploying and managing security solutions like Cisco ISE and ACS.
Maintained TACACS+/RADIUS Servers for AAA authentication and User authentication.
Provided VPN services to site-to-site and, Remote access VPNs using IPSec tunneling.
Documented migration of data center from legacy switches to nexus switches.
Provided hands-on support for environment including on-call support for switches, routers and servers. Used Solar winds, DHCP, DNS to troubleshoot issues.
Experience with Firewall Administration, Rule Analysis, Rule Modification
Worked on, groups, and updating access-lists and responsible on Check Point Firewall, apply static, hide NAT using smart dashboard.
Troubleshoot and resolve firewall software and hardware issues including VPNs, connectivity issues, logging, cluster configurations, hardware installations
Setting up MPLS Layer 3 VPN cloud in data center.
Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs.
Configuring policies on ASM using manual policy enforcement and auto policy enforcement with F5 ASM, LTM, and APM.
Knowledge in implementing and configuring F5 Big-IP LTM load balancers.
Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers
Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.
Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.
Cigna, Hartford, CT Jan' 2016 to Dec' 2016
Sr. Network Engineer
Responsibilities:
Performing troubleshooting on slow network connectivity issues, and Performance on F5 and Cisco ASA Firewalls.
Deploying and decommissioning Cisco switches/Firewalls and their respective software upgrades.
Improved troubleshooting skills while working with many network devices such as Cisco, Arista switches, Routers and Check Point, Cisco ASA firewalls technologies, system design, implementation and troubleshooting of complex network systems. Troubleshooting of network related issues including routing, switching, and security
Worked with other team in solving VPN and FTP connection issues from customer side to access Imprivata resources. Worked on troubleshooting and routing issues related to Arista Switches, Cisco Core Nexus 3k and 5k switches.
Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000.
Configuring failover for redundancy purposes for the security devices. Implemented the stateful & serial failover for PIX/ASA firewalls, Clustering and load balancing features. Using Smart Update, User Management and Authentication in Checkpoint Firewall.
Monitoring Traffic and Connections in Palo Alto and ASA Firewall. Backup and restore of Palo Alto and Cisco ASA Firewall policies. Installed, configured and set security policies on Cisco and Palo Alto firewalls, VPN.
Implemented zone-based firewalling and security rules on the Palo Alto Firewall. Experience with convert Palo Alto VPN rules over to the Cisco ASA solution. Migration with both Palo Alto and Cisco ASA VPN experience.
Configuring, administering and troubleshooting the Check Point, Palo Alto and ASA Firewall. Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
Worked extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco2960s series switches and Cisco 3560/3750s switches.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
Implementation of advanced routing configuration using BGP, EIGRP, and OSPF protocols as well as static routing, policy-based routing, VRFs, access lists, prefix lists, route maps, redistribution, and quality of service.
Configuration of Cisco 3750 and 6509 multilayer switches for secure network access using tools such as VLANs and port security
Design and configuration of Cisco 5505, 5510 and 5520 ASA devices for firewall and VPN services, design and configuration of Cisco integrated services routers for LAN extension to remote sites.
Trek Bicycles, Waterloo, WI Jul ‘2014 to Nov ‘2015
Sr. Network Engineer
Responsibilities:
Configured Cisco ASA Firewall to use multiple security levels and interfaces
Implemented numerous Firewalls polices on Cisco Firewall.
Implementation and configuration of ASA 5520 in failover along with the CSC module as per the customer requirement.
Implemented clientless SSL VPN on ASA 5500-x platforms.
Preformed Firewall configuration primarily through the command line interface.
Experience working with the Cisco IPS module which allows IDS or IPS inspection of all traffic passing through the firewall
Configuring RADIUS and TACACS+ authentication on Cisco ASA firewalls.
Worked on ASA routed mode and transparent mode.
Worked on ASA 5500-x platform configuring the ACLS, NAT policies and Any Connect VPN's
Upgraded the Cisco ASA firewalls from version 8.6 to 9
Negotiate VPN tunnels using IPSec encryption standards and, also configured and implemented Site to Site VPN and remote VPN.
Performing the ACL requests change for various clients by collecting source and destination information from them
Work with application team and Information security for ACL renewals and ACLS aging.
Hands on Experience on IPAM tool used for periodical scans a subnet and provides the availability status of IP addresses in that subnet.
Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the IP addresses from Subnet.
Upgrades and backups of Cisco router configuration files to a TFTP server
Design, WAN link using PPP Multilink and by implementing Cisco WAAS.
Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices
Team player in a data analytics environment, maintaining network capacity, integrity, and performance of client connectivity and data centers leveraging Devices, Solar winds as the primary toolset and VPLS as the key technology.
GE Energy, Atlanta, GA January 2012 to May’ 2014
Sr. Network Engineer
Responsibilities:
Worked on Catalyst 4506E, 4507, and 6503E, 6506E series switches along with Nexus 5020 switches in change of configurations and maintenance.
VSS on 6506E switches maintenance to provide dual homing for the consumers as well redundancy.
Route redistribution between OSPF and EIGRP & also in required routers, between IGP and BGP.
Created stub areas and configured summarization for effective routing. Manipulated route updates using distribute lists, route maps & administrative distance, offset lists.
Implemented Port Aggregation using LACP and PAgP protocols.
Configured and maintained PVST+ for L2 loop prevention on Catalyst switches.
Scheduled maintenance of Nexus 2248, Nexus 5548, and Nexus 7010 switches so that there are no Orphan ports in the network.
Security issues handled related to VPN, IPSEC, NAT, and Configuring Standard, Extended and Named Access lists.
Client VPN technologies including Cisco's VPN client via IPSEC configured.
Possess experience as an architect in deploying and managing security solutions like Cisco ISE and ACS.
Used Cisco ASA 5540 firewall for Enterprise security, configured ACL's for Internet requests to Server Farm in LAN and DMZ.
Worked with F5 Big-IP Product LTM in Load Balancing.
Hands on experience with Checkpoint firewall on NGX 65 SPLAT on 65 product using CLI and web UI as well.
Configured and maintained Cisco ACS server for AAA Authentication (RADIUS)
Involved in configuring switch for 802.1x port based authentication.
3K Technologies, Hyderabad, India Jun’ 2009 to Dec’2011
Network Engineer
Responsibilities:
Responsibilities included taking care of the IP Addressing in the organization which included designing new subnets based on the requirements.
Involved in implementing & Designing the switched network. Configured STP, VTP and dot.1q in switching network.
Created VLAN& Inter-VLAN Routing with Multilayer Switching.
Configured and Maintained TACACS for AAA.
LAN Cabling in compliance of CAT5 standards.
Assisted in Troubleshooting LAN connectivity and hardware issues in the network of 100+ hosts.
Maintained Redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
Performed RIP, OSPF, EIGRP routing protocol administration.
Learned and tested various BGP parameters like Local Preference, MED, Weight, and replicated customer issues in the Lab environment.
Involved in monitoring the performance of the network, thereby identifying the bottlenecks in the network, troubleshooting the connectivity problems using Ping, Trace route, and Telnet.
Involved in troubleshooting IP addressing issues and Upgrading IOS images using TFTP.
Daily responsibilities included monitoring network connectivity, administration of the remote location.
Analyzed and studied Client requirements to provide solutions for network design, configuration, administration and security.
Education:
Bachelor of Technology; Electronics and Communication Engineering, -Hyderabad, India.