Sudheer M
Sr. Network Engineer
********@*********.***
SUMMARY
CCNP Certified with almost 8 Years of experience working as a Network Engineer in planning, implementation, configuration, network designing, troubleshooting, maintenance and management involving LAN and WAN wireless Technologies.
In-depth experience/ knowledge in implementation, administration, and support of Cisco/Juniper devices for both networking and security.
Expertise in network protocols, Firewalls and Communication Network design.
Designing, implementing and troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches and also high performance data center switch like Nexus 5k and 7k.
Experience with design and implementation of Virtual Switching System (VSS) on 6500 Switches.
Implementing 3750 Stackable switches using Cisco StackWise technology.
Configured and troubleshoot issues in Cisco Nexus and Catalyst switches, Cisco UCS.
Optimized Nexus and core 6509 switches to use jumbo frames for 10% throughput gain.
Configuration, upgrading and/or patching installation of Cisco Nexus (5k, 7k).
Designing, implementing and troubleshooting Cisco routers (800, 1814, 2800, 2600, 3800, 7206, 7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Cisco PIX & ASA devices.
Experience working with Nexus 7010, 5000 and 2000, 6500, 4700 Series.
Provide customer with tier II technical support including Internet connectivity, routing issues such as BGP, IGP, EIGRP, OSPF, MPLS, HSRP .QOS Cisco and Juniper routers.
Troubleshooting IP connectivity, firewall and application issues. Specialized in high availability connections. Cisco and Juniper routers.
Experience in Cisco security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
Configuring security policies including NAT, PAT, VPN’s and Access Control Lists.
Implementing security policies using ACL, PIX firewall, ASA and Routers.
Hands-on experience working with F5 LTM and GTM load balancing techniques.
Build Shell and TMSH tools to manage F5 devices as needed.
Configured and implemented multi-data center OTV for data replication and disaster recovery.
Worked with team to complete data center using OTV data connection between the two data centers.
Knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
Define and document new features to expand the features/ functionality of various testing products (Spirent Test Center Live Test and Diagnostic Spirent).
Developed layer 2, layer 3(routing) and layer 4-7 solutions using Spirent.
Strong understanding and experience of web-application security – Interested in web application vulnerabilities assessments, penetration testing.
Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system like Remedy Ticketing System.
Worked on various RTB tickets related to production issues for many states.
Working knowledge of frame relay, MPLS services, OSPF, BGP, IGP and EIGRP routing protocols, NAT’ing, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
Hands-on roll, which involves installation, management and support of globally developed extremely complex, highly available Palo Alto and Cisco ASA firewall infrastructure.
Responsible for supporting Palo Alto firewalls and Cisco VPN firewalls.
Strong understanding and experience of web-application security – Interested in web application vulnerabilities assessments, penetration testing.
Python scripting – create tables, register as versioned, describe and change database on MXD’s.
All GIS duties – data management, complex modeling, mapping and scripting.
Expertise in IP Addressing, Sub-netting, VLSM and CIDR.
Experience in configuration and troubleshooting of VLANS, Trunks, VTP, DNS and DHCP servers.
Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
In depth understanding of IPV4, implementation of Subletting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
Supporting the dial access, DSL and VOLP to the local and widearea switching networks.
Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco works to support Network Operation Center.
Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.
Excellent verbal, written communication skills and interpersonal skills with ability to work with large team as well as independently with minimum supervision & Team Player.
TECHNICAL SKILLS
Routing Protocols
RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, IGP, TCP/IP, Static And Dynamic Routing, IPv4, IPsec.
CISCO Routers
1700, 1800, 2500, 2600, 2800. CISCO High End Routers 3600, 3800, 7200, 12010, 12404.
CISCO Switches
1900, 2950, 2950, 2960G. CISCO Campus Switches 3550XL, 4948 Core Catalyst 4503, 4507 RE, Catalyst 6500/6503/6507, Nexus 3k, 5k, 7k series.
Antivirus & Endpoint protection
Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.
Security & VPN
PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC, SSM, FWSM, FortiGate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, and Juniper Netscreen firewall, Windows Patch Management (WSUS).
LAN Technology
Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.
WAN Infrastructure
Leased Line, ISDN/Dial-Up, and Frame Relay circuits, Metro Ethernet.
WAN Technologies
HDLC, PPP, ATM, SONET, MPLS, VPN, IPsec-VPN.
Juniper
EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
Wireless & Wi-Fi
Canopy Wireless Device (point to point/point to Multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.
Scripting Languages
Python, Perl, and Linux
Network Security
ACL, IPSec, VPN, Port-security, AAA, Zone-Based Firewalls, IOS based router security, firewall, IDS/IPS, and Palo Alto firewalls.
Network Technologies
MANET, SONET, TDMA, FDMA, CDMA. DSL, POP3
Operating Systems & Tools
Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server, MS Exchange server, Veritas Volume Manager.
PROFESSIONAL EXPERIENCE
Capital One, Chicago, IL April 2014 – Till Date
Sr. Network Engineer
Responsibilities:
Designed, validated and implemented LAN, WLAN & WAN solution to client’s needs.
Testing includes call processing, routing protocol testing, testing network handover, automated as well as manual testing and troubleshooting the issues.
Installed, reconfigured various Layer 3 routers (1800, 2500, 2600, 2800, 3800, 7200, 12010) and Layer 2 switches (2950, 2950, 4503, 4507, 6500, 6503, 6507).
Cisco ASA Firewall install/implementation and administration were also part of duties in this administrator role.
Racking of all network equipment, including Cisco 2960 access switches, Cisco 6880 distribution switches, Cisco 2951 Integrated Services router, Cisco 5508 wireless LAN controllers, Cisco ASA 5515 security appliances, Bluecoat ProxySG secure web gateways, and IBM X3530 M4 servers.
Have hands-on experience working with the port-channels, layer-2 migration methods, which involves the replacement of CISCO switches with the latest switches (Nexus 5k and 7k series).
Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center.
Design Layer 2/Layer 3 network for cloud hosting data centers and enterprise networks.
Install and setup Cisco Nexus 7K, 5K and 2K switches for the data center.
Experience working with Cisco Nexus 3000 for deploying the OOB network for the data center.
Rolled out existing flat structure of branch site with Cisco 3640, 3600, 3800, 7200 routers and used Cisco PIX510 to provide firewall security.
Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507.
Configured the Cisco Nexus 7018 routers, Cisco Catalyst 6509-E router and Cisco Nexus 5000 series switches.
Implement ATM/Frame Relay between data centers utilizing Cisco routers & switches.
Hosted weekly RTB status meeting with support technical teams to identify root cause of existing issues and determine resolution.
Prepared daily RTB completion reports of data analysis and tasks and also the RTB scorecard.
Create and maintain security and disaster prevention policies and procedures on Juniper M and E series routers.
Deployed unicast OTV and multicast OTV creating multiple overlays through an MPLS core.
Conducted design workshop unvolving Nexus 7706, 5k, 2k, 4500 with OTV, VPC protocol.
Have worked with hardware like Cisco OSR 7613, GSR 1216 and Cisco (5k and 6k series) and also, Juniper series (M320, and MX 960).
Conducted penetration testing for technologies and known security flaw concepts (XSS. Injection etc.).
Implemented Layer 2 security policies to mitigate attacks by hard coding access port, Port-security violation policies, configuring all unused port in Black hole VLAN.
Design OSPF and CRS routing for reliable Access Distribution and for Core IP Routing.
Solving ticketing issues, which rise during testing routing protocols like IGRP, EIGRP, OSPF, IGP, BGP, TCP/IP, Static And Dynamic Routing, IPv4 and IPv6.
Managed monitoring of product lines of Juniper routing (MX 960 and MX 320)/switching/security/security portfolio (MX, PTX, EX, SRX).
Troubleshooting and monitored routing protocols such RIP, OSPF, IGP, EIGRP & BGP.
Configuration rules and maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Troubleshooting of Palo Alto Firewalls.
Worked extensively in designing, Configuring, and Troubleshooting in connecting vendors to Morgan’s network, cisco's 2921,1841,395E with ACL, NAT, Prefix list, Community, Failovers.
Responsible for turning up, upgrading BGP peering and debugging BGP routing problems.
Worked with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP and also, performing troubleshooting in Frame-Mode MPLS in the core.
Coordinate scheduling and routing for traffic/transportation.
Performing on site and remote security consulting, which include penetration testing, web based application testing and web services testing.
Reviewing and approving method validation, transfer protocols, testing routing and switching protocol reports and data packages.
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
Tested the availability and uptime of Sprints network methods and tools like Wireshark, non- intrusive Loop testing, MW 24 hr block error test and Q-scope (Spirent test box).
Provided Load balancing towards access layer from core layer using F5 Network Load Balancers.
Upgraded load balancers from Radware to F5 BigIP v9, which improved functionality and scalability.
Managed the traffic using the F5 load balancing techniques.
Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
Daily operations of the RTP Global Client Service Center, to include reactive fault, ticket, change and outage management.
Write & review test plans for IEEE 802.11a/b/g, 802.11e, 802.11D+H, 802.11R, 802.11n etc. as well as proprietary features.
Segmented traffic into different classification using access control list (ACL).
Configured and troubleshooting of HSRP on routers to improve uptime of collocation customers.
Implemented TCP/IP and related services like DHCP/DNS/WINS.
Project involves testing of Wi-Fi Certification Features like WPA2, WMM and WMM-PS, Wi-Fi WPA2.
Experience of VMware ESXi and VMware Infrastructure and also, vSphere infrastructure.
Perform systems engineering and quality assurance role for support teams offering managed corporate IT infrastructure support for MS Windows server and VMware vSphere 5.x technologies.
Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
Upgrading IOS – Upgrading hardware and installing new devices, turning and make standardization.
Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (ASR, 6500, 3800, 2800) and Cisco switches (6500, 3700, 4500, 2900), Nexus(3k) Routing Protocols (RIP, OSPF, BGP, IGP), Switching protocols (VTP, STP, GLBP,HSRP), Juniper firewalls 5GT, 208, SSG 5, 140, 550, 550M, NSM, IDS/IPS.
NCH Corporation, Austin, TX Oct 2012 – Mar 2014
Network Engineer
Responsibilities:
Assisted the network team in maintaining the campus network.
Maintained a network lab with more than 30 routers (3k, 4k, 6k series), 50+ switches (2k, 3k series), firewall and other network devices like DHCP, DNS servers and VPN concentrators.
Supporting data center consist of Nexus 7k, 6500, 3750x, 3850x, Various Cisco router 39xx, 29xx, 28xx and 4431 equipment and install new products and debug network insures.
Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
Review plans and design for remote DR conversion from CISCO 6500 to Nexus product line.
Experience working with Cisco routers from 1600 to 12416 series, Juniper routers (M10, M20, M40).
Juniper MX960 product and services as required and testing on MX960 in SPIP environment.
Configured, installed, & managed DHCP, DNS, & WINS servers.
Integrated L2 networking in Datacenter infrastructure design using OTV between the datacenters interconnected by DWDM rings.
Provided senior network support for over 1500 ASA firewalls and F5 LTM support.
Provided support of F5 BigIP and F5 GTM’s load balancer network issues and changes.
Maintained the health of 40+ wireless devices throughout the campus.
Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
Responsible for managing and changing all RTB and CTB activities with the client.
Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
Successfully installed Palo Alto PA-3060 firewall to protect data centers.
Design and configuring Overlay Transport Virtualization on Cisco NX-OS devices like Nexus 7000.
Experience working with ASR 9000 series switches with IOS-XR.
Implemented Firewall and IDS/IPS solutions to mitigate client risks and analyzed security issues.
Solutions also took into security compliance standards like DoD STIGs, HIPPA and PCI standards.
Assisted in backing up, restoring and upgrading the Router and Switch IOS.
Upgrading IOS – Upgrading hardware and installing new devices, Tuning (Configuration), make standardization for the topology.
Helped the network team to install new switches and routers and configure the IOS according to the requirement which included VLAN, OSPF, Subnetting, EIGRP, IGP, BGP, VTP, PaGP, spanning–tree, IP Subnetting, wireless access points, T1 circuits and PIM-SM using auto RP.
Worked with LAN protocols like STP, RSTP, MST, VTP, VLAN, LACP and PAGP.
Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
Experience with convert PIX rules over to the Cisco ASA solution.
Responsible for Cisco ASA firewall administration across our global networks.
Assisted campus for VOIP network management and troubleshoot.
Worked on Data, VoIP, security as well as wireless installations and technologies.
Experience of VMware ESXi and VMware Infrastructure.
Desktop support for users including, MS Office, Windows 2000/XP, MAC, Linux, Operated and staffed help desk support for more than 500 users and 5 computer Laboratories.
Worked with new installations, upgrades, and maintenance of the LAN/WAN, Network Security, Internet, and set up and repair desktop PCs using Windows 2000/XP/MAC/Linux for 350 users.
Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, IGP, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505, 5510), FortiGate Firewall 80C, 100d, 1240b on Forti OS5.2.
Hughes, Germantown, MD May 2011 – Sep 2012
Network Engineer
Responsibilities:
Worked in Configuration and extension of VLAN from one network segment to other segment between different vendor switches (Cisco, Juniper).
Provided Technical support in terms of upgrading, improving and expanding the network.
Nexus 2000 and 5000 architecture support and configuration.
Migration customer from aging 3750 switches to Nexus environment including Nexus 7010 switch.
Providing technical security proposals, detailed RFP responses, and security presentation, installing and configuring ASA firewalls, VPN networks and redesigning security architectures.
Key contributions include troubleshooting of complex LAN/WAN infrastructure that includes routing protocols EIGRP, OSPF, IGP & BGP.
Configuration of ACL, NAT, OSPF, IGP, BGP, PPP, Frame Relay, Spanning-Tree, Truncking.
Advanced Knowledge on TCP/IP, Cisco IOS, VolP and OSI model.
Maintained physical topology and configuration for backward compatibility and security aspects.
Installation, monitoring and optimizing all security related to layer 2 and layer 3 segments.
Provides network design and implementation of LAN/WAN utilizing ASA 5500 and Juniper firewalls.
Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
Configured NAT, RIP, and EIGRP on 2901 and 3925 Cisco routers.
Managed DNS, DHCP, BIG IP F5 load balancers and VMware.
Experience on Cisco ASA, Juniper SRX, and F5 series of load balancers.
Involved in customer escalations and troubleshooting issues related to connectivity, STP, VLAN, Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network.
Configured RIP, OSPF and Static routing on Juniper M and MX series Routers.
Data center to new Juniper M120.
Configured VLANS to isolate different departments and implement LAN/WAN over 13 branches.
Worked in setting up inter-vlan routing, redistribution, access-lists and dynamic routing.
Configure switch VLANs and inter-switch communication. Build and setup network Laboratory.
Configured VLANS on multiple catalyst switches performed troubleshooting on TCP/IP network problems, Administered Frame-Relay and networks.
Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
Actively involved in troubleshooting on network problems with Wireshark, identifying and fixing problems.
Time to time upgrade network connectivity between branch and regional office with multiple link paths and routers running HSRP, EIGRP in unequal cost load balancing to build resilient network.
Desktop support for users including, MS Office, Windows 2000/XP, MAC, Linux.
Environment: Router series (2800, 3800, 7200) and switch series (3750, 3550, 4509E, 6509E), Cisco PIX (525, 535), ASA (5505, 5510) firewall, Routing Protocols (EIGRP, OSPF, BGP, IGP), Switching protocols (VTP, STP), Site to Site VPN, Remote Access VPN.
Vembu Technologies, Chennai, India Jan 2010 – April 2011
Network Engineer
Responsibilities:
Installation and Configuration of wide variety of Cisco Routers such as 3600 series and Layer 2 switches such as 1900, 2900
Configuration and Troubleshooting of Routing protocols like OSPF, IGP and BGP.
Configure and Troubleshooting FortiGate firewall Appliances to Restrict Inbound Traffic from Untrusted Sources as endpoint security.
Configure the access policies and VPN policies in checkpoint firewall.
Implementing and Troubleshooting VLANS, Trunks, VTP & STP.
Coordinating with Local (sify and Reliance) and Global ISPs (CNW and TATA) to trouble shoot routing issues.
Experience with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network.
Configured VLANS on multiple catalyst switches performed troubleshooting on TCP/IP network problems, Administered Frame-Relay and networks.
Configured ACL & NAT through CLI.
Installed, configured (through CLI & SDM) and managed CISCO routers and Catalyst switches.
Set up Internet, implementing Networking products like Servers, Proxy servers, Switches, Firewalls, Routers.
Taking configuration backups of all the Firewalls Routers and Switches on monthly basis. Coordination of Engineers at various located across the world.
Providing node up time reports to customer on monthly basis and provide 24x7 supports.
Environment: CISCO 2600, 2800 and 3200, 3600 series routers, CISCO 1900, 2900, 3300 and 2950 switches, Routing Protocols (Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET).
Scope eKnowledge, Inc, Chennai, India June 2008 – Dec 2009
Network Administrator
Responsibilities:
Network Administrator at Serco Global Services, which entailed applying encryption to other branch routers as well as core switches (6500s). Worked with CitiFinancial’s Network Support Group to coordinate branch migrations.
Implemented an IP telephone network with 100+ IP phones and 4 Alcatel 7000 L3 switch. Configured data network to support voice including VoIP VLAN, interVLAN routing and QoS tagging. Included 4 PCX systems, voice mail server, my teamwork server and a management server. This project included 7 Wireless AP and LAN bridging through a wireless link.
Created the foundation for the dynamic and automated data center with VMware ESX and ESXi.
Migration to MPLS from other protocols
Established and administered periodical testing of network backup and recovery procedures to protect corporate data and system assets.
Monitoring and updating trouble tickets on Clarify CRM tool in a timely manner based on Customer’s contractual SLAs and responding to incidents or service requests from system-generated sources.
Maintained documentation and database of customer’s environment as per security standards with monthly Excel reports. Good understanding of Designing network diagram solutions for clients using VISIO and PowerPoint.
EDUCATION
Bachelors in Electronics and Instrumentation Engineering at Anna University, INDIA.
CERTIFICATIONS:
Cisco Certified Network Professional (CCNP).
Cisco Certified Network Associate (CCNA).
REFERENCES
Available upon request
Willing to relocate.