Sai
Ph.: 732-***-****
acx7x6@r.postjobfree.com
SUMMARY:
Network Engineer around 8years of IT experience with a focus on designing and developing network
solutions.
Strong knowledge based in the planning, design, and implementation of Information Systems and
Network Technologies.
Experienced in design, installation, configuration, administration and troubleshooting of LAN/WAN
infrastructure and security using Cisco routers/Switches/firewalls.
Enterprise Routing experience using protocols RIP v1 & 2, EIGRP, OSPF and BGP.
Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel,
Trucking, Port Security, STP and RSTP.
Network security including NAT/PAT, ACL, VPN Concentrator, IDS/IPS, and ASA/PIX Firewalls.
Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
Substantial knowledge, including the configuration of Spanning Tree Protocol ( STP), Per VLAN Spanning
Tree (PVST), Rapid STP (RSTP) and Rapid per VLAN Spanning Tree (PVST+).
Thorough experience in configuring Virtual Local Area Networks (VLAN) with IEEE 802.1Q, VLAN
Trunking protocol (VTP), shortest path bridging, Multiple VLAN Registration Protocol and VLAN Cross
Connect (CC).
Experience in Checkpoint Firewalls and VPN, Checkpoint IDS-IPS, McAfee Antivirus Endpoint
Protection Solution EPS.
Performing sustainment operations to support WLAN installations at various DHA Hospitals.
Perform SOVT testing of all equipment and site surveys if WLAN gear was installed.
In-depth knowledge and hands-on experience in Tier 2 ISP Routing Policies and Cisco Firewalls.
Experience in testing Cisco routers and switches in lab scenarios and deploy on site for production.
Good knowledge of IPv4 and IPv6 Addressing, Fixed Length and Variable Length Subnet Masking
(VLSM), OSI and TCP/IP models.
Experience in migration of IPv4 addresses to IPv6 addresses using mechanisms like Tunnel Broker,
Transport Relay Translation (TRT), NAT64, DS-Lite and DNS64.
Experience in installing and configuring NAT, DHCP server and DNS in large networks.
Responsible for Cisco ASA firewall administration across our global networks.
Design and configuring of OSPF, BGP on Juniper Routers (MX960) and SRX Firewalls (SRX240).
Strong hands on experience on PIX Firewalls, ASA Firewalls. Implemented Security Policies using ACL,
Firewall, IPSEC, SSL, and VPN.
Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
Managed the F5 BIG-IP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of
creating WIP and VIPs.
Wide experience in implementing and managing F5 BIG-IP load balancing, including GTM, APM, ASM,
and custom iRule development.
Planned and worked on design with Network team to re-architect F5 load-balancers to load-balance
traffic anywhere in the company network.
Constructed IPSEC VPN tunnels in Palo Alto Firewalls in different locations.
Primary responsibility is to design and deploy various network security & High Availability products like
Cisco ASA and other security products.
2
Strong written and verbal communication skills, self-motivated, self-managed, result oriented, practical,
always looking to learn and contribute.
Willing to relocate: Anywhere.
Experience with WLAN equipment including Cisco 5500 series controllers. Various Access Point models
in both lightweight and autonomous configurations.
TECHNICAL SKILLS
Routers ASR9K, GSR 12000, 7600, 7500, 7200 VXR, 3800, 3700,2800.
Cisco Switches Cisco Catalyst 2960, 3560, 3750, 4500.
Nexus Switches Nexus 5548, 5596, 6000, 7009, 7018, Cisco Catalyst:6506, 6509, 4928
IP Routing Protocol BGP, OSPF, EIGRP, IGRP, IS-IS MPLS, RIP v1 & v2, Routed Protocol TCP/IP,
Multicasting, LDP, MPLS L3.
Switching VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether
channels, Transparent Bridging
Management tools SNMP, Syslog, Sniffer, and Wireshark.
Load Balancing Cisco ACE 4700 series, F5 LTM
LAN Protocol VLAN, VTP, RAS, Inter-VLAN routing, ISL, dot1q, STP, RSTP, PVST, HSRP, GLBP,
Ethernet, Port security.
LAN Switching STP, IEEE 802.1A, VTP, VLAN & Inter-VLAN routing, Qos
WAN Technology Frame Relay, X.25, PBR, ATM, MPLS, VPNs, LDP, L3VPN, VRF and MPBGP.
HDLC, (E1/T1/E3T3), DS3, OC192.
WAN HDLC, PPP, IP-VPN, MPLS-VPN, ISDN, Frame-Relay, ATM
Optimization/core
Firewall Juniper (Net Screen/JUNOS), SonicWALL, WatchGuard, Cisco ASA, Checkpoint,
Palo Alto.
Juniper J series, MX960, M10i, T1600, T640. Juniper Networks- switches EX 4600, EX
6200, EX 8200, EX 9200, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, and
SUP720.
Management HP open view, Solar winds, PRTG Network Monitor and Putty.
Software
Network Security Knowledge of Firewall, ASA, IPS/IDS,
NAT/PAT, VPN, Filtering, IPSEC, ACL.
Ticketing Software Connect wise, Remedy system.
Optical Infrastructure SONET OC3-OC192, SDH, POS, PDH
IP Telephony SIP, H.323, RTP, Voice Gateways, CCM, QoS
Quality of Service CBWFQ, RED/WRED
Wireless Technology Cisco AP, LWAP, Access Points, WCS
IP SEC/VPN PIX to Router, Router to Router, PIX to VPN wildcard client, Router to VPN
Configuration
Application Protocols TFTP, FTP, SMTP, SSL, IPV6, IP, TCP, UDP, ICMP, NAT, DHCP, SNMP, IPSEC,
SSL, HTTP, SSH, DNS, PAT.
AAA Architecture TACACS+, RADIUS
Documentation Microsoft Office, Visio
Operating systems Windows server 2008, Linux, UNIX, Windows 7, 8, Nexus OS, Cico IOS-R.
2
DOCSIS DOCSIS 3.0 (Data Over Cable Service Interface Specification)
PROFESSIONAL EXPERIENCE:
DTE Energy, Detroit, MI Nov 2015 to Present
Sr. Network Engineer
Project Description: The project involved configuring, installing, monitoring and supporting Corporate and
Branch Office Networks.
Responsibilities:
Performed network implementation that includes configuration of routing protocols, leased lines, ISDN
lines, VLANs and IOS installations.
Troubleshot the network issues onsite and remotely, depending on the severity of the issues.
Assist in the design and implementation of security tools, Configure and troubleshoot security systems
including the SIEM, anti-virus, application whitelisting tools, firewalls and vulnerability scanners
Provides governance and overall administration of endpoint security controls.
Ensures proper configuration, health, and installation of endpoint security solutions and tuning of said
solutions to maintain a positive end-user experience while concurrently protecting the users systems.
Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in network
environment
Configuration and extension of VLAN from one network segment to their segment between Different
vendor switches (Cisco, Juniper)
Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is
used for local routing only) which involves new wan links.
Creating Change Management for Router IOS upgrades and downgrades
Configuring Firewall logging, DMZs & related security policies & monitoring
Configuring the Voice VLAN's (VOIP) and Prioritizing the voice traffic over the data traffic
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing
protocols EIGRP, OSPF & BGP
Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
Configuring VRRP & GLBP and VLAN Trunking 802.1Q, STP, Port Security on Catalyst 6500 switches.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA
VPN experience.
Configuring VPN both B2B and remote access SSL and centralized policy administration using Forti
Manager, building FortiGate High Availability using FortiGate Clustering Protocol (FGCP).
4
Responsible for PIX 7.x/8.x ASA 8.x Firewall migration and in place hardware upgrades and
Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ
Implementation and Troubleshooting.
Provide expertise for IT infrastructure, Active Directory infrastructure, solutions, and recommendations
and related services.
Configured ASA 5500-X Series firewalls to provide highly secure and high performance connectivity
between the site locations.
Performed Network Address Translation on Cisco ASA 8.2 and 8.3
Experience in white listing webpages and blocking webpages with Blue Coat Proxy SG and Blue Coat
reporter.
Experience with Juniper Net Screen 520M Firewall and Palo Alto network firewall.
Involved in the redistribution into OSPF on the core ASA firewall.
Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus 7010 and 7009 devices
Configuring, Monitoring and Troubleshooting Cisco's PIX firewall, ASA 5500
Responsible for Cisco ASA firewall administration across our global networks
Implementing Cisco Linux access points using LEAP and Cisco Radius for authentication, greatly
increasing Wireless security.
Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
Perform the installation and maintenance of VPN gateways, IDS/IPS, proxy servers, firewalls, and load
balancers.
Configuring network access servers for AAA Security Using Juniper IC (Intranet Controllers) MAG-
SM360, MAG-4610.
Exposure to wild fire feature of Palo Alto.
Configured Site-to- Site IPsec VPN tunnels to peer with different clients and each of client having
different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
VLANs, Private VLANs.
Conduct predictive wireless site surveys using Air Magnet Planner, Aruba Visual RF Planner.
Perform new additions (VIPs, Pools, Virtual Servers, and Monitors) to the F5 BigIP LTM load balancer.
Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Environment.
Monitoring and configuring Cisco 7600 routers at data center.
Worked on WLAN authentication methods like Extensible Authentication Protocol(EAP), Pre-Shared
Key(PSK).
4
Configuration of Fabric path and connectivity between Nexus 5K and Nexus 7k
Configuring Cisco iOS ACL and Firewall rules to restrict and allow access to data resources.
Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
Involved in the modification and removal of BGP from the MPLS routers.
Also prepared documentation for various VLANs and Voice subnetworks and worked on Visio for the
same.
Involved in configuring IP Quality of service (QoS).
Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
Implementing & maintaining tools like Snort (IDS), MRTG, Solar winds products, JFFNMS, Net flow
Analyzer, WhatsUP Gold, Smokeping, and NTOP.
Supporting the team for migration work of applications and websites from Cisco CSS Load Balancers to
the F5 BigIP Load Balancers.
Worked on Configuration and maintenance the access points through CISCO 4400 WLAN as controller.
Replace branch hardware with new 2851 routers and 2960 switches.
Performed basic security audit of perimeter routers, identifying missing ACL's, writing and applying ACL's
Manage a very large DNS environment using Lucent QIP and manual management of DNS for
DMZ/External servers.
Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center
including patching the cables in the Patch Panel. Design and implemented network infrastructure and
configured all the network Infrastructure devices including Network Printers and Registers.
Environment: Cisco Routers, Cisco Switches, Nexus 7k/5k/2k Routing protocols, F5, Load Balancer, HSRP,
VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS,
monitoring tools (PRTG, HP Open View), SIP, RTP, Catalyst 6500, Cisco ASA Firewall, Check Point.
Charter Communications St, Louis, MO, Sep 2014 Oct 2015
Sr. Network Engineer
Project description: Monitor Network Management System. Perform troubleshooting, upgradation and
notifications. Keep track of security policies and monitor the events.
Responsible for LAN and WAN maintenance and troubleshooting of the company network. Involved in the team of
data center level 2 and level3 support to perform duties like deployment and troubleshooting of cisco routers
switches, load balancer and firewall according to organization requirements.
Responsibilities:
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
6
Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and
MPLS switching for stable VPNs.
Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN
3000 Concentrator.
Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource
allocation to desired Virtual LANs of network.
Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and
Juniper Net Screen firewalls.
Implemented various OSPF scenarios on networks consisting of 7600 routers.
Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
Configured HSRP, VRRP, GLBP, and VLAN trucking 802.1Q on Catalyst 6500 switches.
Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet.
Configured Big IP F5 Local Traffic Manager (LTM) for application load balancing Advised application
teams on load balancing needs. Worked with Application teams to configure VIPs and tweak F5 settings
to meet application needs Optimized performance of the WAN Network consisting of Cisco
3550/4500/6500 switches by configuring VLANs.
Installation and Configuration of Cisco Catalyst switches 6509, 3750 & 3550 series and configured routing
protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document
and followed the change process as per IT policy. It also includes the configuration of port channel
between core switches and server distribution switches.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Palo Alto design and installation which includes Application and URL filtering, Threat Prevention and
Data Filtering.
Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for
routers/ switches/firewalls.
Support vendors with product and service requirements based on Charter business needs and internal
customer requests. My position requires technical skills and working knowledge of DOCSIS
Specifications including the following technologies; DOCSIS 1.0, DOCSIS 1.1, DOCSIS 2.0, DOCSIS3.0,
DOCSIS 3.1, Packet Cable 1.0, Packet Cable 1.5 and Packet Cable 2.0.
Knowledge about the wild fire feature of Palo Alto.
Installed and managed an enterprise wide WLAN using Symbol 5000 wireless controllers.
Install, configure and maintain Check Point NGX 77 on SPLAT/open-server and windows system
Identify and remove unwanted security policies to reduce checkpoint firewall policy lookup
Configure checkpoint firewall to authenticate users based on user identity, user group, session and client
PC Authentication
Environment: ACS, FTP, HTTP, DNS, DHCP, Cisco ASA/PIX, Checkpoint, Palo Alto, IDS/IPS and Juniper Net
screen firewalls, Routing Protocols (OSPF, BGP, RIP), Cisco Routers (Cisco7600,7200,3800 series), Cisco
Switches (Cisco3550,4500,6500,6509,3750 & 3550).
Key Bank, Cleveland, OH Apr 2013 to Aug 2014
Network Engineer
Responsibilities:
Configured routing protocol OSPF, EIGRP, BGP. Configuration of port channel between core switches and
server distribution switches was performed.
6
Worked on Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects
to a VPN 3000 Concentrator. Router/ Microsoft VPN Server in order to access certain limited network
resources from customer locations
Configuring, Installing and troubleshooting on Check Point Devices.
Involved in the redistribution into OSPF on the core ASA firewall.
Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
Experience on HSRP for load balancing.
Experience of Load Balancing using F5 Networks Big IP
Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
Good Knowledge on multiplex techniques such as DWDM.
Experience configuring Virtual Device Context in Nexus 7010.
Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM.
Realignment and modification of BGP from the MPLS routers.
Expertise on FTP, HTTP, DNS, and DHCP servers in windows server-client environment with resource
allocation to desired Virtual LANs of network.
Working experience on trouble shoot and network security related to Cisco ASA/PIX, Checkpoint, IDS/IPS
and Juniper Net screen firewalls.
Designed L2VPN services and VPN-IPSEC authentication & encryption system.
Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local
Preference.
Design and Implementation of LAN, VLANs, VTP, Spanning Tree (STP), Trunking and Ether channel.
Installed and configured four PIX 525 and two ASA 5505 in the remote access location away from the
central campus.
Configured 3 PIX firewall for the Guest access.
Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing
problems.
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing
protocols EIGRP, OSPF & BGP.
Experience with Synchronous Optical Networking (SONET) over optical fiber.
Expertise in document creation with technical configurations, billing, security standards design and
network documentation using MS Visio.
Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on
customer's site.
Challenging maintenance of day to day management of Cisco Devices, Traffic management and
monitoring.
Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates
using route-map, distribute list and administrative distance for on-demand Infrastructure.
Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the
customer's Site.
Environment: CISCO catalyst Switch 6509/ 3750/ 3550/ 3500, CISCO Router 7200/3845/3600, T1
Controllers, DS3 Lines (T3 Lines), Fiber and Ethernet cabling, Juniper firewalls SRX series, SSG series,
ISG series, Juniper networks- switches EX 4600, EX 6200, EX 8200, EX 9200, EIGRP, RIP, OSPF,
BGP, VPN, MPLS, CSM, SUP720.
Olympia soft, Hyderabad, India Jan 2011 Mar 2013
8
Network Security Engineer
Project Description: Support to plan and execute LAN (VLAN Management) and WAN management activity.
Responsibilities:
Responsible for implementing, engineering & level 2 support of existing network technologies / services &
integration of new network technologies / services.
Building large scale Network environment using routing protocols like OSPF, EIGRP, and BGP.
Configuring route redistribution between EIGRP and OSPF.
Involved in Network Designing, Routing, DNS, IP Sub netting, and TCP/IP protocol.
Performing Route Filtering and Route Manipulation by applying distribute-lists, route-maps & offset lists.
Diagnose MPLS protocol problems including VRF and COS issues to full resolution.
Providing Layer-3 redundancy by implementing HSRP in the network.
Hands-on experience in implementation and troubleshooting of BGP version 4, OSPF, IPV4 and Ethernet
Protocols.
Managing various VLANs, IP addressing for various subnets, VLAN Trunking between various access-
switches.
Used Load Balancers F5 Big-IP6900 and 3900between the servers inside the Network and in the Server
Farm.
Performance fine tuning and maintaining customer network devices to provide high availability for the
applications, proper bandwidth utilization and to avoid network congestion.
Configuring Standard and Extended Access Control Lists (ACLs) and Firewalls.
Designing and Implementing VPN and remote access support.
Pro-active Monitoring and Alerting of client's network for any alarms.
Testing and validating new solutions in lab before deploying them to customers.
Environment: Cisco 2600, 2800, 3640, 3745 series routers. Cisco Catalyst 2960, 3560, 3750, 4500 switches.
OSPF, BGP, VPN; F5 BIG-IP LTM 6500.
Vixos Technologies Private Limited, Hyderabad, India July 2008 Dec 2010
Network Technical Support
Responsibilities:
Upgrading the IOS on 1900, 2900, 3500 series Cisco Catalyst switches and 2500, 2600, 3600 series
Cisco routers using TFTP.
Performing network troubleshooting, provided technical support, and recording of backup operations.
Restricting access to network using ACL.
Monitoring performance and availability of the network on an ongoing basis.
Network Security Implementation & Support.
Interacting with the clients by creating tickets for the issue and dispatching to the correct queues for
resolution.
Interacting with second level support and providing them necessary details in order to resolve the issue
through e-mail.
Working on network-based IT systems such as racking, stacking and cabling.
Network cabling, dressing, labeling and troubleshooting network drops onsite.
Involved in the creation and closing of IMAC (Add, Move, Change Requests) tickets.
Planning, designing & configuring LAN/WAN ensuring max uptime.
Calling back the client to check if the issue has been resolved.
8
Environment: Cisco 3750/3550/3500/2960 switches and Cisco 2600, 2800, 3700, 3825, 7200 routers.
Education: Holds Bachelors degree from JNTUH
Certifications:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)