Ajay
Sr. Network Engineer (F* Engineer)
******************@*****.***
817-***-**** ext 567
Professional Summary:
* **** ***** ** ********** in the area of Networking, Security, System Engineering and Wireless Communications.
Hands-on experience in providing network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
Professional experience in Network engineering, performing Network analysis, design, Implementing, capacity planning with focus on performance tuning and support of large Networks
Strong Knowledge in WAN technologies including T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay
Hands on Experience configuring and testing F5 iRules using Browser(IE), HTTP watch
Support customer with the configuration and maintenance of PIXand ASA 5585-X firewall systems and Checkpoint firewalls.
Experience configuring Virtual Device Context in Nexus 7010.
Worked QIP appliance (QIP 500, QIP 700, QIP 1200, QIP 1200-RAID, QIP 5000) regardless of task.
Experience in configuring and troubleshooting BIG-IP F5 load balancer LTM creating virtual servers, nodes, pools and iRules on BIG-IP F5 in LTM module.
Good understanding of F5 products and technology (LTM, SSL offloading, GTM). Strong knowledge and understanding with IPSec, Juniper SA Remote Access VPN, and Source Fire intrusion prevention systems
IP address management (IPAM) applications for planning, tracking, and managing the Internet Protocol address space used in a network.
Good understanding of F5 products and technology (LTM, SSL offloading, GTM).
Strong hands on experience onCisco Routing, Switching and Security with Cisco hardware/software Cisco Catalyst 6500, 4500, 2900, 3500, 3750 XL series switches, Cisco 1800, 2500, 2600, 2800, 3600, 3800, 7200 series routers.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIXsecurity appliance, Failover DMZ zoning andconfiguring VLANs/routing/NATing with the firewalls as per the design
Experience with converting PIX and Checkpoint firewalls over to the Cisco ASA solution
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
Experience setting up IPSEC VPN between ASA Firewall and Router 3800
Strong work experience with the following technologies MPLS, QoS, L2VPN, Multicast, and IPv6.
Experience in implementation, support and trouble shooting of VLAN’s including operational knowledge of spanning tree protocol (STP), VLAN trunking, inter VLAN routing and ISL/802.1q.
Experience working with Nexus 7010, 5020, 2148, 2248 devices
Configuring RIP, OSPF and Static routing on Juniper EX/ MX/ SRX series Routers.
Extensive knowledge and troubleshooting in data communication protocols and standards including IEEE802.3, Token Ring, TCP/IP, Cable Modem, ADSL, PPPOE, Multilayer Switching, DoD Standards, Voice & Data Integration techniques & standards such as SIP andIP Routing Protocols RIP, OSPF, EIGRP and BGP.
Experience working with troubleshooting WAN circuits like, T1, DS3, OC3, OC-12, OC 192 Circuits.
Experience in monitoring and analyzing the load balancing of network traffic using KIWI Solar Winds
Certifications:
Cisco Certified Network Professional (CCNP)
Cisco Certified Network Associate (CCNA)
Technical Skills
LAN Technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, LWAPs, IEEE 802.11, Token Ring, Workgroup, Domain, HSRP, DNS, Static, VLAN, STP,
VTP, Ether Channel, Trunks.
WAN Technologies
HDLC, PPP, Channelized links (E1/T1/E2/T2), Leased Line, ISDN/Dial-Up, Frame Relay circuits, Metro Ethernet, ATM, SONET, MPLS, VPN, IPsec-VPN.
Routing Protocols
OSPF, EIGRP, BGP, RIP v1/v2, Route redistribution, Route filtering, Summarization, Static route, OSPF, BGPv4, MP-BGP.
Routers dealt with
Cisco 7606, 7609, 3845, 3660, 2921, 2691, 1812, Juniper MX series and T series routers
Switching Technologies
VLANs, Inter VLAN routing and Port Channels, VTP, Spanning Tree Protocols like PVST+, RSTP+, Multi-Layer Switching, Port security, VSS, CEF and DCEF
Switches dealt with
Nexus 5548, 5596, 56128P, 6000, 7009, 7018; Cisco Catalyst: 6506, 6509, 4928, 4948, 4507, 4510, 3750G, 3750X, 3560, and 2960
Network Security Technologies
ASA 5550/5540 Firewalls, Juniper SRX Firewall, PaloAlto firewall PA 200, 3000, Check points, Access Control Lists, IPsec, IDS, and IPS
Firewalls
Cisco ASA 55XX series, Juniper SSG140, Checkpoint R75, R76
Network Management
Wireshark, SNMP, Netflow, Solarwinds, VMware, Secure CRT
Load Balancers
F5 Network (Big-IP) LTM 8900 and 6400
Redundancy Protocols
HSRP, GLBP, VRRP
NEXUS Features
VDC, VPC, VRF, FEX, Fabric Path, F & M Series line cards
VPN Technologies
GRE Tunneling, Remote Access VPN, Site-to-Site VPN, ASA 5505 Firewall, AIP SSM, CSC SSM, FWSM, Fortigate, ACL-
Access Control List, IPS/IDS, NAT, PAT, SYSLOG, NTP, DHCP, CDP,
TFTP, FTP Cisco ACS, Juniper Net Screen firewall, Palo Alto Firewalls, Windows Patch Management (WSUS).
AAA Architecture
TACACS+, RADIUS, Cisco ACS
Operating Systems
Windows (98, ME, 2000, XP, Vista, Windows 7, 8.1), Linux
Microsoft tools
Microsoft Visio, Microsoft office
Professional Experience
United Health Group (Optum), MN Aug 2016 – Till date
F5 Engineer
Responsibilities:
Experience in Configuring, upgrading the F5 LTM device as per corporate applications request.
Worked on ITG request and release service, ESD ticketing tool for quick over look on the issues relating to Network Services Datacenter (NSDC) Load balancing environment.
Enterprise level experience on implementing the production changes as per client requirement and intensive changing control policies were processed using service now ticket tool.
Have expertise level of knowledge on using ATM tool lookup for checking and quick config review of F5 LTM devices.
Configured F5 Big IPs with VIPs, Pool, iRules and SSL certificates to ensure traffic was load balanced.
High level experience on creating and implementing custom design iRules, Health monitor and SSL profile as per the System engineer request.
Design and deployed F5 LTM and GTM load balancer infrastructure per business needs from the ground up approach
Provided Tier3 support for off shore team on F5.
High level of experience on troubleshooting and resolving F5 related issue On shore and Off shore environment.
Experience on working with change management team regarding critical level production issues.
Have expert level of experience working on day to day F5 related stage and test device tickets for creating, upgrading and modification on the virtual servers, pool members and custom related health monitors to satisfy client and application team.
Working knowledge of leveraging F5 BigIp to provide Load Balancing for server across multiple data centers
Worked on GTM tickets for upgrading the servers as per request.
Configuration, migrations, upgrades of F5 BigIP LTM 3400, 6400, 8900 running v4.x to 10.2.x, Active/Standby devices.
Good understanding of F5 products and technology (LTM, SSL offloading, GTM).
Configuring F5 LTM VIPs, pools, monitors and assign the SSL cert using Venafi certification application.
Experience in configuring and troubleshooting BIG-IP F5 load balancer LTM creating virtual servers, nodes, pools and iRules in LTM module.
Design and deployed F5 LTM and GTM load balancer infrastructure per business needs from the ground up approach.
Configured F5 GTM solutions, which includes WideIP, Pool Load Balancing Methods, probers and monitors
Provide Knowledge transfer on F5 to off shore team as per training and development process.
Noridian Mutual, Fargo, ND Sep 2014 – Jul 2016
Sr. Network Engineer
Responsibilities:
Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K, 2k and its downstream devices.
Experience in Configuring, upgrading and verifying the NX-OS operation system and converting 6500 to Cisco Nexus in the data center environment.
Converting CatOS to Cisco IOS Config Conversion on Access, distribution & Core layer switches
Experience working with Nexus 7010, 5020, 2148, 2248 devices
Configuration of Cisco 6500 (Sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access. Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
Detailed knowledge of critical routing and switching features such as Class of Service/Quality of Service, Traffic and Performance Engineering, High Availability, and IP Services such as FTP, NAT/PAT, and NTP
Good knowledge on Intrusion Detection and Intrusion Prevention System.
Configured F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
Worked on migrating the F5 LTM 5100 version 9.2 to 5100 LTM version 9.4 and F5 GTM configurations.
Installing & configuring standalone and HA pair Load-Balancers - BIGIP-LTM/GTM’s on 1600, 3600, 3900, 8900, 6900/6900S, 8900/8950S, 2000S, 2200S, 5200S, 7000S, Cisco CSS, Cisco ACE.
Worked on updating pools, members and nodes using the GUI interface for the local traffic managers
Design, Implement & troubleshooting of Juniper switches, routers and Firewalls EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240, SRX 3600/650.
Used Bluecoat Proxy Reporter, AV and Director Involved in iRule management like loading rules, writing iRule syntax using TCL language and iRule extension to TCL.
Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM.
Plan and execute complex migrations on F5 platform - code upgrades from 9.x to 10.x, 10.x to 11.x version, platform upgrades and hotfix upgrades as needed.
Configuring RIP, Static routing, BGP, OSPF on Juniper M and MX series routers.
Experience in Cisco security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
Configuring, administering and troubleshooting the Check Point, Palo Alto and ASA Firewalls.
Understand the JUNOS platform and worked with IOS upgrade of Juniper SRX devices.
Configuration & troubleshooting of routing protocols: BGP, OSPF, EIGRP, RIP, BGP v4.
Implemented DHCP, DNS configuration on the servers to allocate, resolute the IP addresses from subnet.
Dealt with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency and redirection of URL and F5 ASM cookies issues and configures ASM policies
Experience working with Juniper Routers (MX960, MX480, M320) and Switches (EX2400, QFX Virtual Chassis Switches) with BGP, OSPF, VSTP, MST layer 2 and layer 3Technologies
Environment: Cisco 6500 (Sup 720), 4500 (SUP 6) & 3750, 6500 switches and Nexus 7010, 5020, 2148, 2248, Cisco Nexus 7K/5K, Cisco ASA5510, Checkpoint windows server 2008/2012: F5 BIGIP LTM.
DTCC Global Financial Services, Jersey City, NJ Oct 2013 – Aug 2014
Network Engineer
Responsibilities:
Expert working knowledge including the ability to setup, configure, upgrade, manage and troubleshoot Cisco routers, switches, VPN concentrators, firewalls, 802.11 wireless access points and load balancers.
IP Address Management (IPAM) in Windows Server® 2012 is an integrated suite of tools to enable end-to-end planning, deploying, managing and monitoring of your IP address infrastructure
Strong working knowledge on wireless 802.11 a/b/g/n, Wireless management.
Managing intrusion detection system (IDS) and intrusion prevention system such as NSM, Tipping point.
Performed event log analysis and network event correlation using IPS and IDS.
Network Security ACL, IPsec, VPN, Port-security, AAA, Zone-Based Firewalls, IOS based router security firewalls, IDS/IPS, Palo Alto firewalls.
Strong hands on experience on PIX (506, 515, 525, 535), ASA Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
Implement and manage based on load balancing using F5 GTM load balancers. Provide consulting services to customers recommending best practices for their security posture and their environments.
Worked on Citrix NetScaler Access Gateway configurations.
Configuring F5 load balancers with SSL certificate off-loading the traffic on to web servers by creating SSL Client-Server profiles including intermediate iRules.
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
Co-ordinated with global Security Management teams and support teams as required and completed Palo Alto and Checkpoint Firewall rule add, modification, and delete.
Configuring rules and Maintaining Palo Alto security firewall & Analysis of security firewall logs.
Provided on call supports 24/7 and worked in NOC (Network operations center).
Environment: Cisco routers 3900, 7200 and 7500; Cisco cat 6500, Nexus 5K, Nexus 7K, Cisco ASA 5540 firewall.
Direct Energy, Montebello, NY Jul 2012 – Sep 2013
Network Engineer
Responsibilities:
Performed basic security audit of perimeter routers, identifying missing ACL’s, writing and applying ACL’s.
Writing iRules defining criteria for selection of pool-members containing servers performing protocol support, content transformations.
Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
Worked on Citrix NetScaler Access Gateway and Configuring F5 load balancers to web servers by creating SSL Client-Server.
Configured & maintained LAN, WAN, VPN, WLAN, and Firewalls on Cisco Routers for end users.
Configuring MPLS, VPN (IPSEC, GRE) in VPN concentrators and QOS in integrated networks (Data, Voice, and Video).
Installed and configured of Juniper J-Series (J2350),Juniper SRX series and M-Series (M10) routers.
Installed and configured the ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
Configuring IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Networks.
Worked on Nexus 5548, 56128P, 6000, 7009 and have resolved live traffic issues.
Load Balancing with hands-on experience on Citrix NetScaler as well as F5 load balancer working with of engineers for document and support load balancing solutions unique to the application requirements.
Configuration and support of Juniper Netscreen Firewall and Palo Alto firewalls security.
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
Done Load Balancing using Citrix NetScaler and F5 Load Balancing platform and have integration, configuration and administration experience, and possess a solid Network background including an understanding of switch, network routing, and firewall concepts.
Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
Configured, installed, & managed DHCP, DNS, & WINS servers.
Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, Checkpoint.
Polaris, India Jan 2011 – Jul 2012
Network Engineer
Responsibilities:
Responsible for Design, integration, configuration, maintenance, performance monitoring and security of network infrastructure including local area networks (LAN), wide area networks (WAN), firewalls, DHCP, DNS
Installing the Network devices in datacenter environment and clearly articulate complex network designs and drawings through documentation (Visio) as well as verbal training sessions
Experience in Configuring Site-to-Site and Remote Site VPNs, NAT/PAT policies
Managing Cisco Secure ACS for TACACS+, RADIUS authentications.
Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering)
Successfully installed Palo Alto PA 3060 Firewall to protects Data Center
Implemented Positive Enforcement Model with the help of Palo Alto Networks.
Experience on designing and troubleshooting of EIGRP routing issues
Supporting and performing projects for the client WAN environment at a global level
Providing Teir-3 technical support for LAN/WAN issues and on-call for technical escalation on a rotational basis (Remedy Ticketing system). Well experienced in troubleshooting bug related issues with help of Cisco TAC service
Providing networking services coordinate tasks and ensure their execution and documentation in accordance with established corporate standards.
Environment: Cisco 6500, 3560, 3750, 2950, 4500 series switches; 3800, 2600, 2800, 1800 routers, CiscoWorks.
Sify Technologies, India Jun 2008 – Dec 2010
Network administrator
Responsibilities:
Managed the LAN Switching Environment including creating and maintaining VLANs, STP, Trunking, Port Security, Vlan Security etc.
Assisted in migrating existing server and network infrastructure from HQ to a data center for optimal functionality and management.
Involved with the Systems team to Install, configure, & maintain DNS, DHCP on Windows 2000/2003 Server, also configured a FTP server; Installed configured & maintained MS Exchange Server.
Install LAN/WAN & wireless infrastructure and also Deploying and decommissioning of Cisco Routers, Cisco switches and their respective software upgrades.
Involved in configuration of WAN connection using a 3600 series Router and Frame relay method.
Implementation of NAT with a pool of 2 public IP addresses.
Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation.
Designed and implemented an IP addressing scheme with subnets for different departments.
Support a video conferencing network of distributed video units across U.S. and optimize the network infrastructure over which they run.
Install and maintain voice, video and data communication infrastructure system and cabling.
Used various Network sniffers like Ethereal, TCP dump etc.
SNMP network management using MRTG and Cisco works. Participate in 24 x 7 incident & problem support