Network Engineer Security
Resume:
Sai Sumanth
Sr. Network Engineer
acw9ie@r.postjobfree.com
Professional Summary:
Around 8 years of Experience with in designing, deploying and troubleshooting Network & Security infrastructure on routers, switches L2 firewalls of various vendor equipment.
Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
Experience in layer-3 Routing and layer-2 Switching. Deals with Nexus 7K, 5K, 2K series Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches
Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800)
Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550)
Expertise in configuration of routing protocols and deployment of OSPF, EIGRP, BGP and policy routing over Cisco routers.
Experience working on Palo alto Firewalls
Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLSQOS.
Experience in adding Rules and Monitoring Checkpoint Firewall traffic through Smart Dashboard and Smart View Tracker applications.
Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Performing onsite data center support including monitoring electrical power, switch alarms, network alerts and access logs.
Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480, and M Series, SRX210, SRX240.
provide support for Aruba Wireless devise
Worked on F5 BIG-IP LTM 8900, Citrix and Netscalar configured profiles, provided and ensured high availability.
Implement ITIL V3.0 through a phased approach - Service Desk, Change, Incident, Problem Management and Service Catalog
Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520 ver8.2
Configured ASA 5520 Firewall to support Cisco VPN Client on Windows 7/XP/Vista.
Installation, advanced configuration and troubleshooting of Cisco and F5's load balancing devices.
Experience with designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP
Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAGP) etc.
Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
Efficient designing of IP Addressing Scenario using VLSM and Subnetting.
Has done the Configuration on BIG IP (F5) Load balancers and monitored the Packet Flow in the load balancers.
Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
Extensive experience using Microsoft suite like Word, Visio, Excel, PowerPoint
Excellent technical and project management skills combined with strong communication skills.
Certification:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Technical skills:
Cisco Platforms
Nexus 7K, 5K, 2K & 1K
Juniper Platforms
SRX, MX, EX Series Routers and Switches
Networking Concepts
Access-lists, Routing, Switching, Subnetting, Designing, IPsec, VLAN, VPN, WEP, WAP, MPLS.
Firewall
PIX Firewall (506/515/525/535), ASA Firewall (5505/5510)
Network Tools
Solar Winds, SNMP, Cisco Works, Wire shark
WAN technologies
Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, T1 /T3 & SONET
LAN technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q
Security Protocols
IKE, IPSEC, SSL-VPN
Networking Protocols
RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA
Operating System
Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix
Professional Experience
Avaya, Thornton CO Jul’15 - Present
Sr. Network Engineer
Responsibilities:
Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices
Expertise in installing, configuring and troubleshooting Juniper EX switches (EX2200, EX2500, EX3200, EX4200, and EX4500 series).
Involved in upgrading switches from 6500 E to 4500-X.
Implementation of BGP to optimize WAN routing on the core and edge routers.
Mutual redistribution of OSPF and BGP routes using route maps.
Involved in upgrades to the WAN network from existing 7200vxr with ASR1004, ASR9000 and 3845/3945 routers.
Implementing security Solutions using Palo Alto PA-5000, Checkpoint Firewalls R75, R77.20 Gaia and Provider-1/MDM.
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Deployed Palo Alto Networks PAN-5050Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K
Responsible for Checkpoint firewall management and operations across our global networks.
Working with Checkpoint Support for resolving escalated issue.
Responsible for supporting the Citrix NetScaler F5 platform, configuring, implementing, and troubleshooting Citrix NetScaler VIP configuration with health check, policy configurations Access Gateway, and content switching configuration solutions.
Hands on Experience with blocking of IP's on Checkpoint, which are suspicious.
Configure and Manage site-to-site IPSEC VPN with different partners. Troubleshoot remote access services like Citrix Netscalar, Cisco VPN clients and for the users to access their enterprise network
Upgrading branch network connectivity with total refresh of the network infrastructure with new 3845 routers and 2960 switches.
Managed Checkpoint Firewalls from the command line using PuTTy sessions. (cpconfig and Sysconfig)
Implemented ADC F5 LTM and GTM hardware platforms design and deployment implementation guidelines, DMZ Network infrastructure policies, LTM Inbound SNAT configurations and outbound NAT server to IP mapping processes
Providing technical security proposals, detailed RFP responses, security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures
Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in network environment
Responsible for nightly maintenances including Big F5, ACS, all Cisco ASAs, Citrix Netscalar.
Handled Citrix Netscalar Load Balancing using F5 Networks
Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
Handled tickets within BMC Remedy and the ITIL environment
Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancer.
Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
Managed F5 BigIP LTM appliances to load balance server traffic in critical serval access silos.
Configuration of Virtual Servers, Nodes, and load balancing Pools
Upgraded load balancers from Radware to F5 BigIP v9, which improved functionality and scalability in the enterprise. Managed the F5 BigIP LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
Implemented load balancing in various environments using Netscalar also used NIC bonding
Configure and Manage site-to-site IPSEC VPN with different partners. Troubleshoot remote access services like Citrix Netscalar, Cisco VPN clients and for the users to access their enterprise network
Configuration and extension of VLAN from one network segment to their segment between Different vendor switches (Cisco, Juniper)
Design and troubleshoot corporate networks. Isolate issue on DMVPN, MPLS, EIGRP, BGP, Nexus, firewall etc. Migrate legacy network to new MPLS infrastructure.
Design Implement MPLS/BGP for customer
Configuring IPSEC VPN on SRX series firewalls
Convert Campus WAN links from point to point to MPLS and to convert encryption from IPsec/GRE to Get VPN.
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.
Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
Experience with configuring BGP in the data center and also using BGP as a WAN protocol and manipulating BGP attributes.
Implemented load balancing in various environments using Netscalar also used NIC bonding
Performed basic security audit of perimeter routers, identifying missing ACL’s, writing and applying ACL’s.
Engineering the configurations for the different branches, campus locations
Accountable for SAN migrations, LUN creations, and masking removal; Citrix XenApp, XenServer, and XenDesktop design and implementation; and Citrix NetScaler configurations and maintenance.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-Trunking, deployed port security when possible for user ports
Responsible for Cisco ASA firewall administration across our global networks
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
Involved in the redistribution into OSPF on the core ASA firewall.
Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
Involved in the modification and removal of BGP from the MPLS routers.
Worked on Orion for analysis and monitoring purposes
Also prepared documentation for various VLAN’s and Voice subnetworks and worked on Visio for the same.
Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling
Environment: Juniper EX2200, EX2500, EX3200, Nexus 2k,5k,7k, PIX Firewall, Palo Alto, Checkpoint, F5 Load Balancer 6400
Johnson Controls, Milwaukee, WI Oct’13-Jun’15
Sr. Network Engineer
Responsibilities:
Experience with configuring Cisco 6500 VSS in Distribution layer of the Data center network
Configuration and Administration of Cisco and Juniper Routers and Switches
Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256
Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance.
Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
Configure and troubleshoot Juniper EX series switches and routers
Experience configuring VPC, VDC and ISSU software upgrade in Nexus 701
Upgraded load balancers from Radware to F5 BigIP v9, which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers
Migrated Juniper EX series switches to Cisco 3500 series and 6500 series switches
Experience with moving data center from one location to another location, from 6500-based data center to Nexus based data center.
Maintenance and configuration of Cisco ASR series routers at data center and deployment of 3900, 3800, 2951 and 2821 for branch connectivity.
Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment.
Administration of ASA firewalls in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
Configured Client VPN Technologies such as Cisco’s VPN Client via IPSEC. Configured Cisco ASR, ISR 2800 & 3800 series routers with OSPF as an enterprise IG
Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices
Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9Kredundant pair.
Network security including NAT/PAT, ACL, and ASA Firewalls.
Responsible to build configurations for various connectivity types, which involves port configuration on Cisco ASR for MPLS circuit termination.
Good knowledge with the technologies VPN, WLAN and Multicast.
Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
Experience with communicating with different with different customers, IT teams in gathering the details for the project
Installed dual DS-3 SAN replication WAN with Riverbed Interceptors and 6050 Steelhead appliances to optimize the traffic
Switching tasks include VTP, ISL/ 802.1q, IPsec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools
Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
Experience in installing and configuring DNS, DHCP servers.
Replace branch hardware with new 3900 routers and 2960 switches.
Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GetVPN.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
Involved in configuring Juniper SSG-140 and Check point firewall
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
Environment: MPLS, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP, Cisco 6500/3500/3750/3550, Cisco ASA 500, Checkpoint, HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
Wolters Kluwer, Tampa FL Mar’11 – Oct’13
Sr. Network Engineer
Responsibilities:
Involved in conversion of PIX firewall to ASA firewall.
Experience in adding firewall rules, Network address Translation and in creating multiple security contexts (virtual firewalls).
Worked with F5 Balancers and their Implementation in various Networks
Involved in setting up IP sec VPN between ASA firewalls.
Experience with implementing Cisco 6500 VSS on the User distribution switches.
Upgraded IOS on the ASA 555*-****-**** firewalls
Working with MPLS Designs from the PE to CE and also configuring VRF on PE routers
Experience with designing and deployment of MPLS Traffic Engineering
Configuring RIP, OSPF, EIGRP BGP, MPLS, QOS, ATM and Frame Relay.
Design and deployment of MPLS QOS, MPLS Multicasting per company standards.
Implemented site to site VPN in Juniper SRX as per customer.
Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers
Implemented various EX, SRX & J series Juniper devices.
Installed controller and lightweight access point coordination with JTAC.
Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multilayer Switching.
Worked on different phases of testing such as Sanity Testing, Functionality Testing, Smoke Testing, System Testing, Installation Testing, Compatibility Testing, Regression Testing, Stress Testing and UAT Testing.
Writing Test cases & Test scripts for the application functionality
Testing routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
Dealt with monitoring tools like (Solar Winds, Cisco Works), network packet capture tools like Wire shark
Maintained a Network with more than 600 Network devices, some 25,000 end hosts, and the other Network devices like DHCP, DNS servers, Firewall servers.
Co-ordination with Hardware vendors, software vendors and service Providers.
Assisted in backup, restoring and upgrading the Router and switch IOS.
Attended Team meetings and provided comments on existing network and the recommendations to improve the current network Performance.
Maintaining the health of 250+ wireless Access points in two locations.
Environment: PIX, ASA, RIP, OSPF, EIGRP, MPLS, BGP, LAN, WAN, IP ROUTING, F5 Balancers, Juniper EX2200/EX2500.
Hexaware Technologies, India Jul’08 – Feb’11
Network Engineer
Responsibilities:
Used TFTP server to backup Cisco configuration files.
Provided technical support for expansion of the existing network architecture to incorporate new users.
Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company
Configured STP for loop prevention on Cisco Catalyst Switches
Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
Worked in setting up inter-vlan routing, redistribution, access-lists and dynamic routing.
Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
Implemented various Switch Port Security features as per the company’s policy
Configured OSPF, and EIGRP on 2901 and 3925 Cisco routers.
Configured VLANS to isolate different departments
Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
Configured IPSEC VPN on SRX series firewalls
Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches
Worked with snipping tools like Ethereal (Wireshark) to analyze the network problems.
Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
Performed replacements of failed hardware and upgraded software
Performed scheduled Virus Checks & Updates on all Servers & Desktops.
Implementing Routing and Switching using the following protocols; OSPF, BGP on Juniper M series routers.
Involved in Local Area Network (LAN) implementation, troubleshooting, and maintenance as per company’s requirements.
Environment: Cisco 3750/2620/1900 routers, Cisco 2950/3500, VLAN, HSRP, SRX, OSPF, BGP.
Contact this candidate