PROFESSIONAL SUMMARY:

• Around * years of professional experience in Network engineering with CCNP and PA-ACE Certifications and having worked in multiple client environments on various technologies that include switching, routing, Firewalls, Network security using Proxy servers, Application Delivery Controllers, Wireless and VOIP.

• Strong knowledge in Cisco Routing, Switching and Security with Cisco hardware/software (heavy Cisco shop)

experience.

• Experience working on Cisco Catalyst Series3750, 3850, 4500, 6500, CAT 9K; Nexus 2K, 3K, 5K, 7K and 9K

series switches.

• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models 9K, 7K, 5K, 2Kseries, Cisco router models 7200, 2600, ASR 1K, 9K series and Cisco catalyst 6500, 4500, 3750, 3850, 2900 series switches

• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.

Expertise in routing protocols that include OSPF, EIGRP, BGP and IS-IS. Worked on complex topologies for routing that includes ISP connections, WAN, Data Center Core and Edge routing.

Experience with MPLS circuits configuration and troubleshooting. Experience and exposure to MP-BGP.

Experience with Spine Leaf Architecture, VXLAN, EVPN. Configuration and operational experience with Cisco ACI.

• Responsible for Check Point, Palo Alto, Juniper SRX, Fortinet and Cisco ASA firewall, Firepower administration across global networks. Worked on Installations, migrations and operations with Firewalls.

Designed and Implemented Palo Alto firewalls in Perimeter. Migration from ASA to PA 5K series. Worked on URL filtering, SSL Forward Proxy, SSL decryption, SSL VPN, Site to site VPN, Threat ID, APP ID on PA series. Expereince with Panorama.

Migration experience from Cisco ASA to Palo Alto and Fortinet Firewalls.

• Experience in working with Cisco Nexus family on VDC, VPC, FEX in Distribution, Core and access layers in Data center environment.

• Worked on F5 LTM, GTM, APM and ASM modules for application delivery and security. Worked on SSL VPN

in F5 APM. Worked on Migration from ACE to F5, Netscalers to F5 in large environments with internal and external applications. (Proprietary and Vendor based apps)

Experience with migration from Iron Port Proxy Servers to Zscaler Cloud solution for Internet Security. Worked on Local and Cloud Proxies, whitelist and Black list policies, SSL inspection, WCCM, Logging, DLP, end point security.

• Strong knowledge of TACACS+, RADIUS implementation in Wireless and Wired Networks. Working experience on Cisco ISE, Aruba ClearPass. Expertise with 802.1X.

In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits.

Experience with Wireless Network Engineering, WLAN controllers, Access Point policies and Profiles, Configuration of SSID, RF Parameters, Authentication roles, Integration with RADIUS servers, Anchor controllers, Instant AP, Meraki Platform, Worked on Cisco and Aruba Wireless LAN Controllers.

Worked on Monitoring tools that include Solarwinds, Netbrain, Whatsup Gold. Expereicne on SNMP V2 and V3. API calls for device parameters and status of various processes.

Experience with SDN and SD-WAN. Worked on Cisco Viptella and Versa for WAN connectivity, Application based templates, Polices, Automatic failovers using SD-WAN solution.

Experience with Network Automation using Python and Ansible scripting for automatic configuration templates. Worked on Ansible Tower.

Thorough understanding of workflow processes in IT, Experience with BOM, SOP procedures, Documentation, project Cycles, ticketing too.

EDUCATION:

• Bachelor of Technology in Electronics and Communication Engineering. GPA – 3.4/4.0

Joginpally Bhaskar Institute Of Engineering And Technology, India

CERTIFICATIONS:

• Cisco Certified Network Associate (CCNA)

• Cisco Certified Network Professional (CCNP)

• Palo Alto Accredited Configuration Engineer (PA-ACE)

TECHNICAL SKILLS:

Cisco Platforms

Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, ASR1k, 9K )& Cisco Catalyst switches (6500,4500, 3750, 3850 2900, CAT 9K series)

Juniper Platforms

SRX, MX, QFX EX Series

Networking Concepts

Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU,

IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, 802.11,802.1X

Firewall /Security

ASA Firewall (5505/5510), Checkpoint, Cisco ASA, Palo Alto, SRX, Iron Port, Zscaler Proxies

Network Tools

Solar Winds, SNMP, Cisco Works, Wireshark, Netbrain, WhatsupGold, Visio

Load Balancers

Cisco ACE, F5 Networks (Big-IP), Viprion, Citrix Netscalers, A10

WAN technologies

MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET, SD-WAN

LAN technologies

Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit

Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q, 802.1X, VPC, VDC

Security Protocols

IKE, IPSEC, SSL-VPN

Networking Protocols

RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Languages

C, C++, Python

Operating Systems

Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

SD-WAN

Cisco Viptella and Versa

PROFESSIONAL EXPERIENCE:

Client: World Bank March 2018 - Present

Location: Washington DC

Role: Sr. Client Network Engineer

Responsibilities:

•Experience providing support for clients on new equipment brought and professional service to clients and site for installations.

•Working with professional services on installation and design of vendor equipment in data center.

•Worked on protocol testing on cisco high end routers like CSR series, Nexus 9K. Worked on protocols like

EVPN, MP-BGP, BGP, OSPF, MST etc., on cisco devices using the Spirent simulation devices.

•Troubleshooting and configuration of multiple routing and switching protocols on Cisco Routers and

Switches.

•Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).

•Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter VLAN routing, LAN security etc.

•Implemented with Cisco Layer 3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, HSRP, ISL trunk, ether channel.

•Worked on Cisco ACI. Configured Spine and Leaf switches, VXLAN, VNI, VTEPS, Birdge domains etc., in ACI.

•Worked on setting up SD-WAN Cisco Viptella to connect remote sites. Worked on application template policies.

•Worked on F5 LTM, GTM and APM modules. Worked on BIGIQ. Worked on setting up F5 Viprion chassis from scratch, configured VCMP, Network parameters, Virtual servers, SSL, iRules on F5.

•Worked on F5 GTM for global load balancing. Configured WideIP, listener IP, DNS Sec, Zones, prober pools on GTM.

•Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place in Palo Alto Firewalls. Worked on Security Zones, Policies, URL Filtering, App ID, Threat ID, Panorama, SSL forward Proxy on perimeter firewalls. Upgraded IOS couple of times.

•Installing and configuring new Cisco equipment catalyst including Cisco switches 6500, Nexus 93128TX,

9296PX, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company.

•Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480).

Configured security policies, user authentication, IDS, attack detection and prevention, user authentication on SRX firewalls.

•Configuring & managing around 500+ Network &Security Devices that includes Juniper (NetScreen) Firewalls, F5 Big IP Load balancers and 3DNS, Blue Coat Proxies and Plug Proxies in the Data Center.

•Experience with Firewall Administration, Rule Analysis, Rule Modification on PA, ASA and SRX firewalls.

•Modified internal infrastructure by adding switches to support server farms and added servers to existing

DMZ environments to support new and existing application platforms.

•Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.

•Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.

•Setup simplified and traditional VPN communities, and Cisco Any connect.

•Experience with F5 load balancers and migration from Cisco load balancers (CSM, ACE and GSS).

•Cisco ACI is used to automate the network and to meet service level agreements (SLA).

•Performed automation operations using VMware NSX and Python scripting.

•Experience with VMWARE NSX, vSphere, vCenter, Configuration of switch ports for ESXi hosts. Worked with storage team on various projects.

•Configured VXLAN transport parameters and prepared Host clusters for NSX. Assigned segment ID pool and Multicast Address range.

•Created, merged and maintained Firewall rule section in a cross-vCenter NSX environment.

•Using the VMware API created distributed firewalls.

•Implementing IPsec and GRE tunnels in VPN technology.

•Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol

OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.

•Designed, configured, implemented site-site VPN on cisco ASA 5500 firewall.

Environment: Cisco switches (3550, 3750, 4500, 6500), Nexus 2K, 5548, 7010, 93128TX, 9296PX switches, F5 BigIP Load Balancer, Cisco CSM, ACE, GSS Load Balancers, Cisco ASA 5500 firewall, Juniper Netscreen firewall, Netscreen Manager.

Client: HCA Healthcare April 2016 – Feb 2018

Location: Chattanooga,

TN Role: Sr. Network Engineer

Responsibilities:

Working in high availability Nexus Environment and provide Level 3 Network Support.

Configuring, upgrading and verifying the NX-OS operation system.

Converting PIX rules over to the Cisco ASA solution.

Basic and advance F5 load balancer and Cisco ACE configurations, general troubleshooting of the F5 load balancers.

Modified internal infrastructure by adding switches to support server farms and added servers to existing

DMZ environments to support new and existing application platforms.

Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits.

Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both

Checkpoint and Cisco ASA VPN experience

Worked on migration project from cisco ACS to ISE for Wireless and Wired environment for all 802.1X

authentications in the environment. Worked on BYOD polices, Cert based Authentication, Integration with Cisco WLAN controllers, Profiling.

Installation of Nexus 2K and 5K in FEX mode in Access Layer. Nexus 7K in distribution and Core layers using VDC and VPC.

Experience with preparing quotes and budget discussions for new implementations relating the design.

Working with professional services on installation and design of vendor equipment in data center.

Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation.

Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco

3640 to Cisco 2811 ISR routers and switches at access level to 2960, 3850.

Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco

GSR 12416,21418(with PRP and RPR processors).

Working with BGP, OSPF protocols in MPLS Cloud.

Providing daily network support for national wide area network consisting of MPLS, VPN and point-to- point site.

Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480).

Installed and configured policies from scratch on SRX Firewalls (SRX240, SRX550, SRX5600).

Configured security policies, user authentication, IDS, attack detection and prevention, user authentication on SRX firewalls.

Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.

Configuring GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.

Experience with VMWARE NSX, vSphere, vCenter, Configuration of switch ports for ESXi hosts. Worked with storage team on various projects.

Configured VXLAN transport parameters and prepared Host clusters for NSX. Assigned segment ID pool and Multicast Address range.

Created, merged and maintained Firewall rule section in a cross-vCenter NSX environment.

Using the VMware API created distributed firewalls.

Configuring BGP, MPLS in Cisco ASR and Juniper MX series routers. Designed OSPF and configured BGP

attributes for traffic path manipulation.

Configuring VDC and VPC on Nexus 7010. Used Nexus 7K as Distribution and Core. Configured OTV on

Nexus to extend the layer 2 connectivity between Data centers.

•Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the

B2Bnetwork connectivity.

•To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA

firewalls, and related network security measures.

•Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500

Firewalls.

Environment: Cisco ASA 5500 firewall, Cisco GSR 12416,21418, 3640, 2811, 3845 routers, Cisco 2950, 3550, 7609,

7613, 6500 series switches, F5 Big-Ip Load Balancer, NX-OS, Nexus 93128TX, 9296PX, 7010 Switch.

Client: Santander Bank Nov2014 – Feb 2016

Location: Boston, MA Role: Network Engineer

Responsibilities:

•Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.

•Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.

•Configuration 7609, 7606 with catalyst 6505, 4500, 3550 switches with various VLAN.

•Worked on Cisco Layer 2 switches (spanning tree, VLAN).

•Worked on migrating Virtual servers and GSLB from Cisco ACE and GSS to F5 LTM and GTM modules respectively. Configured Virtual Servers, SSL Profiles, offloading, SNAT, Profiles, iRules.

•Configuration of Access list polices, NAT policies, IPSEC VPN tunnels, GRE tunnels, Global security policies, Zones on ASA firewalls.

•WAN Infrastructure running OSPF & BGP as core routing protocol.

•Experienced in facing the Bluecoat proxies for perimeter internet security. Worked on Whitelist and blaclist policies, Proxy enforcement on end points, WCCM, Proxy Bypass etc.

•Worked on ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, ACS (TACACS+ & RADIUS).

•Involved in configuring IP Quality of service (QoS). Configuration of QOS policies for VOIP traffic on Access, Distribution and Core switches. Marking DSCP code points, traffic policing, prioritization etc.

•Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500 Series routers.

•Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.

•Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.

•Experience preparing Request for Information (RFI) from the vendors.

•Experience preparing Request for Proposal (RFP) for the required hardware for the project.

•Experience with preparing quotes and budget discussions for new implementations relating the design.

•Supported nationwide LAN infrastructure consisting of Cisco 4510 and catalyst 6513. Configuration of VSS on 6500

•Understanding of JUNOS platform and worked with IOS upgrade of Juniper devices.

•Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and

MPLS switching for stable VPNs.

•Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.

•Worked on Solarwinds for monitoring network devices. Worked on SNMP V2C. Worked on alerts, message policies etc.

•Planning and configuring the entire IP addressing plan for the clients' network.

•WAN Infrastructure running OSPF as a core routing protocol.

•Follow process & procedures for change & configuration management.

•Implementing & Troubleshooting of T1 and CSU/DSU and data circuits.

•Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

Client: Team Health

Location: Knoxville, TN June 2013 – Oct 2014

Role: Sr. Network Engineer

Responsibilities:

•Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.

•Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols

(BGP/OSPF), and IP addressing.

•Creating and provisioning Juniper SRX firewall policies.

•Configuring IPSEC VPN on SRX series firewalls.

•Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, CHECKPOINT AI, NGX, Nokia IP 740/530/340 Appliances on IPSO platform.

•Monitor and troubleshoot BGP, EIGRP, TI circuits, and cellular backup circuits via ICMP and SNMP

ticketing systems.

•Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.

•Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210.

•Deploying a multisided IP Telephony Network with Cisco Unified Communications Manager (CUCM 8.6.2,

10.5.2).

•Troubleshooting VOIP and network problems with Wireshark.

•Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.

•Identify, design and implement flexible, responsive, and secure technology services.

•Experience with Firewall Administration, Rule Analysis, Rule modification.

•Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.

•Configured and resolved various OSPF issues in an OSPF multi area environment.

•Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.

•Worked on Unix, Linux, Windows Platforms and involved in capacity planning of Network maintenance.

•Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.

•Created and delivered internal trainings for BGP.

•Configured egress and ingress queues for ISP facing routers using CBWF.

•Deployed Site to Site and Client to Site VPNs utilizing.

•Experienced in working with Session Initiation Protocol (SIP) trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet.

Environment: Cisco Catalyst 2960/3750/4500/6500 Series Switches, Linux, Cisco 2800/2900/3000 Series ISR's and Cisco 3640/12000/3845/3600/2800 routers, Cisco ASA 5500, Active Directory, Juniper SRX series routers, ACL, SIP, RIP, OSPF, MPLS, BGP, EIGRP, Wi-Fi, LAN, WAN, WAP, VPN, HSRP.

Client: Ericson Nov 2010 - May 2013

Location: Bangalore, IND

Role: Jr. Network Design Engineer

Responsibilities:

•Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.

•Installation and Configuration of various types of Personal Computers and Printers. Installation of different operating systems on Intel based PC's.

•Troubleshooting of personal computers. Online Support to customers concerning their computer problems.

•Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).

•Worked on Cabling, IDF/MDF Architecture, Fiber and copper cabling, Campus to Data Center ISP leased Line issues.

•Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels.

•Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst Switches.

•Replace branch hardware with new 7200 routers.

•Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.

•Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.

•Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.

•Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.

•Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.

•Configuring VLANs, VTP’s, enabling trunks between switches.

Environment: Cisco 7200,6500,4500,1700,2600,3500 series routers, Cisco 3550, 6500 switches, CAT 5, 5A, 1Gig and 10 Gig fiber.

Contact this candidate