network engineer
Resume:
Rajpal Reddy
aczshf@r.postjobfree.com
SUMMARY:
Around 8 years of experience in Network Implementation, Configuration, Trouble Shooting and
Maintenance of complex Network and Security devices.
Excellent working knowledge of TCP/IP protocol suite and OSI layers.
Expertise in IP Subnetting and worked on various designing and allocation various classes of IP address
to the domain.
Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches.
Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access,
Distribution, and Core layers.
Experience with implementing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-
channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VTP, HSRP &
GLBP.
Excellent skills to implement VLANS, private VLANS, Port security, STP and RSTP (802.1W),
standard and extended access lists (ACL's) for managing access based security, creating root views for
administrative privileges.
Excellent experience in command line interface configuration of switches includes VLANs, Inter-
VLANs, STP, and VTP.
Strong hands on experience in Installing, Configuring and troubleshooting of Cisco 6500, 4500, 3750,
2950 and 3500XL series switches, Cisco 1800, 2500, 2600, 2800, 3600, 3800, 7200 and 7600 series
Routers.
Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches are
including 5548, 7010 and CISCO NEXUS Fabric Extender (223, 2248).
Hands of experience in Juniper switches like EX-4200/EX-8200, and Juniper routers such as MX 40,
80, and 104.
Experience in implementing TCP/IP addressing scheme, LAN/WAN Protocols, MPLS and IP Services to
meet network requirements in Enterprise and Data Center Network Experience with Troubleshooting
tools for example protocol analyzers, load generators & network traces.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems. Vast experience in
implementing various networking services including SNMP, SNMP Traps and Syslog.
Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review and
evaluate current and future design issues as required, maintaining network integrity and efficient data
flow.
Experience in implementing site-to-site and remote access VPN Technologies using GRE, IPSEC &
MPLS. Demonstrate excellent implementation of PPP and Frame Relay.
Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ &
RADIUS).
Outstanding implementation of router security by using ACLs. Good conceptual base of NAT, PAT and
DHCP for scalability of IPv4 addresses.
Maintain and administer firewalls: Palo Alto, Juniper, Cisco, and Check Point.
Understanding of JUNOS platform and worked with IOS upgrade of Juniper devices
Experience and Strong knowledge on Juniper SRX240, SRX220, SRX550 series firewalls and Juniper
Netscreen Firewalls like NS50, SSG 550M, SSG520M, ISG 1000, ISG 200.
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with both
Checkpoint and Cisco ASA VPN experience.
Configuring Site-Site VPN on Checkpoint firewall with R77 GAIA.
Implemented, designed and configured Checkpoint FW Interface, NAT and VLAN using R77 GAIA
Smart Dashboard and Advanced knowledge, design, installation, configuration, maintenance, migration
and administration of Checkpoint Firewall R55 up to R77.
Installation, configuration and maintenance of Cisco ASA 5500 and Cisco PIX Firewall 500 series.
Experience with convert PIX rules over to the Cisco ASA solution.
Established IPsec-VPN tunnels with Cisco ASA firewalls between branch offices and headquarters.
Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications
and their availability.
Hands on Experience configuring and testing F5 iRules using Browser (IE), HTTP watch.
Hands on experience with QKVIEW in F5 networking tools for analyzing the real-time traffic flow of
the packets, TCPDUMP, SOLARWINDS, SPLUNK for network monitoring and troubleshooting tools.
Knowledge of design, installation, configuration, maintenance and administration of Palo Alto Networks
Firewalls.
Configure all PaloAlto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized
management system (Panorama) to manage large scale firewall deployments.
Expertise in document creation with technical configurations, billing, security standards design and
network documentation using MS Visio and MS office.
Network Security Anomaly Detection in Attack Prevention System, Network and Host IPS/IDS,
Cisco PIX firewall, Vulnerability scanning, Penetration testing, Buffer Overflows, Cross Site Scripting.
Strong knowledge on configuration of Bluecoat Proxy servers.
Hands on experience in using various Network Monitoring and Packet Sniffing using tools like Wire-
shark.
Provided 24x7x365 availability and on-call support as required by the projects.
SKILLS:
Cisco Routers 1800, 2500, 2600, 2800, 3600, 3800, 3900, 7200, 7600,
ASR 100X, ASR 9000
Cisco L2 & L3 Switches 2900, 3560, 3750, 4500, 4900, 6500, Nexus
1K/2K/5K/7K/9K
Juniper Platforms SRX, MX, EX series Routers and Switches
Networking Concepts Access-lists, Routing, Switching,
Subnetting, Designing, CSU/DSU, IPSEC,
VLAN, VPN, MPLS.
LAN Technologies Ethernet, Fast Ethernet, and Gigabit
Ethernet, SMTP, VLAN, Inter-VLAN
Routing, VTP, STP, RSTP, Port-channels,
802.1Q.
WAN Technologies Frame Relay, ISDN, ATM, MPLS, leased lines, PPP,
HDLC, T1/T3&SONET.
Firewall NAT/PAT, Ingress & Egress Firewall design, IDS/IPS,
URL Filtering, SSL & IPSEC VPNs Configuration,
IKE, Cisco ASA, ACL, Checkpoint, Juniper, Palo
Alto
OS products/Services DNS, DHCP, Windows [] XP), Linux.
Networking Protocols RIP, OSPF, EIGRP, IS-IS, BGP, STP, RSTP, VLANs,
VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP,
TACACS+, Radius, AAA,
Route Filtering, Redistribution,
Summarization, and Static Routing.
Various Features Services IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP,
DHCP, CDP, TFTP and FTP.
Network Management Tools Wireshark, Solar winds, SNMP, Cisco Works, HP Open
View
Load Balancers F5 Networks (Big-IP) LTM, Cisco ACE 4710.
Security Protocols IKE, IPSEC, SSL-VPN
Languages C, Perl, Python, Linux
Operating Systems Windows (XP, Server Windows 7), MAC OS X, Linux.
CERTIFICATIONS:
CCNA (Cisco Certified Network Associate)
CCNP (Cisco Certified Network Professional)
PROFESSIONAL EXPERIENCE:
Key Bank, Cleveland, OH Dec 2015- Present
Network Engineer
RESPONSIBILITIES:
Experience with Converting Campus WAN links from point to point to MPLS and to convert encryption
from IPsec/GRE to another data center.
Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices.
Experience with configuring Nexus 2000 and Nexus 5000 series routers. Troubleshooting and installing of
CRS, ISR, GSR, ASR9000 and Nexus devices.
Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MST related issues coming in
network environment.
Key contributions include configuring and troubleshooting of complex LAN/WAN infrastructure that
include routing protocols EIGRP, OSPF & BGP.
Design, and configuring of OSPF, BGP on Juniper Routers.
Configuration and extension of VLAN from one network segment to their segment between Different
vendor switches (Cisco, Juniper).
Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is
used for local routing only) which involves new wan links.
Implement and configured GLBP (on core switching and for VPN redundancy), HSRP on different
location of office on the switched network and managing the entire multilayer switched network
Engineering the configurations for the different branches, campus locations
Worked on the redistribution of connected routes on all OSPF devices so that all connected subnets are
advertised via OSPF
Used Kiwi-Cat tools to manage configurations from desktop for network devices, including routers,
switches and firewalls. Generate network device configuration reports, such as port, MAC, APR and
version details.
Worked on a migration project which involved the removal of all static routes from core devices
Responsible for the Global engineering and support of existing network technologies / services and the
integration of new network technologies / services
Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
Worked on Orion for analysis and monitoring purposes.
Also, prepared documentation for various VLANs and Voice subnetworks and worked on Visio for the
same.
Configuration and extension of VLAN from one network segment other segment between Different
vendor switches (Cisco, Juniper)
Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of
scaling
Replace branch hardware with new 2851 routers and 2960 switches.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports,
setting the user ports to non-trunking, deployed port security when possible for user ports.
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP,
disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention
where needed.
Performed basic security audit of perimeter routers, identifying missing ACL's, writing and applying
ACL's.
Designed and deployed Cisco ACS server solutions including TACACS+, High availability and
integrating active directory.
Configuring IPSEC VPN on Cisco ASA series firewalls. Involved in the redistribution into OSPF on the
core ASA firewall.
Experience with convert PIX rules over to the Cisco ASA solution. Responsible for Cisco ASA firewall
administration across our global networks.
Implementation, configuration and troubleshooting of Checkpoint Firewall R77.30. Worked on auditing
and reviewing the rule sets on checkpoint R77.30 Gaia firewalls.
Implemented Zone Based Firewalling and Security Rules on the PaloAlto Firewall. Configured and
maintained IPSEC and SSL VPN's on PaloAlto Firewalls.
Involved in creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like
cookie persistency, redirection of the URL on F5 BIG-IP LTM load balancer.
Environment: Nexus 7K/5K, 2248/3560/5020/6509, Cisco ASA5510, Cisco 3640/12000/7200/
3845/3600/2800 routers, Juniper routers J2350, M10, ACS, Cisco 3750/3550/3500/2960 switches,
Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), F5 BIG-IP
LTM, Cisco ACS server, PaloAlto, and Checkpoint R77.30 firewall.
BB&T Bank, Wilson, NC Sep 2014 Nov 2015
Network Engineer
RESPONSIBILITIES:
Perform network engineering, design, configuration (WAN & LAN), & implementation.
Configuring Layer 2 and Layer 3 in the third-party zone including VLAN creating, spanning tree tuning,
HSRP configuration, SVI (Switch VLAN Interface on 6500 Switch).
Configured QoS on LAN/WAN. Strong knowledge of various routing protocols including RIPV2,
EIGRP, OSPF and BGP4.
Installed & configured OSPF on Frame-Relay with multi-area design in core routers (7200, 7204, and
7206).
Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and
SNMP.
Support routing protocols including BGP and OSPF routing, HSRP, load balancing/failover
configurations. Build Failovers (Active - standby) as well as ensure statefull replication of traffic.
Configuration of IPsec based VPN tunnels for site to site communication. Build Site to Site IPsec based
VPN Tunnels between various client and business partner sites.
Experience with MP-BGP and MPLS LDP protocols.
Perform Advanced NAT Operation including Static NAT, Identity NAT, Policy based NAT etc. for third
party connections.
Access Policy provisioning and working with various application teams to identify firewall ports.
IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
Network based IDS/IPS event management and Signature Updates and making sure the false positives are
filtered and investigate the critical alerts based on Source, Destination and Service.
Configure AAA using TACACS and Remote User Authentication using an RSA Secure ID (Two Factor
Authentication). Extranet changes to Cisco 6513, 6509 and 7204 series devices including FWSM firewall
changes, routing switching changes.
Firewall Policy Provisioning and troubleshooting of Checkpoint Firewalls using Smart center based
applications (smart dashboard, SmartView tracker, SmartView monitor etc.)
Installation, Configuration and Troubleshooting of Checkpoint firewall and Cisco ASA firewalls in the
DMZ, Third-party etc.
Day to Day work involves managing and administering Cisco ASA and Checkpoint Firewalls at various
zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
Cisco ASA Firewall OS upgrades to 8.x and Troubleshooting, IOS Security Configurations, IPsec VPN
Implementation and Troubleshooting.
Configure and administer Cisco ASA Firewalls (5585, 5550, 5540) and use command line CLI, Cisco
CSM, ASDM for day to day administration.
Installation of PaloAlto (Application and URL filtering, Threat Prevention, Data Filtering). Successfully
installed PaloAlto PA-3060 firewalls to protects Data Center.
Firewall zoning including DMZ and other secure zones for application and database as well as internal
traffic.
Creating object, groups, updating access-lists on CheckPoint Firewall, apply static, hide NAT using
smart dashboard.
Checkpoint Firewall policy provisioning in a Provider-1 NGX platform with multiple CMA's.
Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log
viewer for Juniper Firewalls.
Installation configuration and upgrade of Juniper SRX firewalls for third party connectivity.
Troubleshoot connectivity issues and Monitor health of the firewall resources as well as work on
individual firewall for advanced troubleshooting.
Work with various Windows and Unix Platforms behind the firewall and implement security policies
accordingly.
Worked on ACE load balancers. Experience with F5 load balancers LTM series like 6400, 6800, 8800
for the corporate applications and their availability.
Support Data Center Migration Project involving physical re-locations.
Schedule and participate in weekly meetings with various teams involved in the project to discuss the
bottlenecks if any and contribute to design a solution framework. Maintain Configuration,
Documentation (Visio's) and Records Management.
Follow ITIL based Service Delivery and Management Process. Use HP Service Manager for change and
incident management.
CSM Event Viewer as well as Packet Tracing and CLI based debug level logging.
Documented all the work done by using Visio, Excel and MS word.
Environment: Cisco 3640/12000/7200/3845/3600/2800 routers, Cisco 3750/ 3550/3500/2960 switches,
Routing Protocols (EIGRP, OSPF, BGP), Switching related (VTP, STP, GLBP, HSRP), F5 BIG-IP LTM
load balancer, Cisco ASA, Juniper, PaloAlto and Checkpoint R77.30 Gaia firewall.
Orange Business Solutions, NJ Dec 2012 Aug 2014
Network Engineer
RESPONSIBILITIES:
Configured, maintained, and troubleshot routers and switches ranging from the 1720 series through the
7200 series routers and the 2900 series through the 6500 series switches in a highly redundant dual-
homed environment.
Hands on experience installing Sup720 for Cisco 6509-E series and its Gigabit Ethernet port deployment
in the core network
Experience in implementation of 6500 and 5500 series routers and switches to support the core trading
system.
Configured and troubleshoot VLAN, VTP, STP and Trunks.
Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and
backup paths for the packet prioritization and EIGRP tuning.
Installed and configured the Cisco routers 2800 in two different customer locations. Also, configuration
includes frame relay, BGP and VPN tunnel on GRE.
Configured OSPF redistribution and authentication with type3 LSA filtering and to prevent LSA
flooding.
Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
Experienced Implementing traffic engineering on top of an existing Multiprotocol Label Switching
(MPLS) network using OSPF and BGP.
Providing daily network support for national wide area network consisting of MPLS, VPN and point-to
point site.
Experience in Design and implementation of MPLS VPN, QoS for the architecture.
Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer
stackable switch like 6500 series and 2800 series router.
Experience configuring Virtual Device Context in Nexus 7010. Supported on Cisco Nexus 5000 and
Nexus 7000 Series Switch fabric links.
Designed QoS policies for critical applications based on business requirements and traffic patterns.
Responsibilities also include technical documentation of all upgrades done. Attending meetings and
technical discussions related to current project.
Upgrading WAN link using PPP Multilink and by implementing Cisco WAAS.
Design, deployment and maintenance of enterprise networks and datacenters.
Involved in designing data communications and networks utilizing that utilize a mixture of frame relay,
point to point T1, T3 & OC3 lines.
Experience working with configuring virtual servers, nodes, creating pools in F5 BIG-IP LTM load
balancer.
Designed and deployed Cisco ACS server solutions including TACACS+, High availability and
integrating active directory.
Worked extensively in configuring, Monitoring and Troubleshooting Juniper SRX firewall appliance,
Checkpoint R77 firewalls, Failover DMZ zoning & configuring VLANs/routing/NATing with the
firewalls as per the design.
Configuring and Implementation of VPN-Sites to Site and Remote access using Juniper SRX firewall
and Checkpoint firewall.
Configuring rules and Maintaining PaloAlto Firewalls & Analysis of firewall logs. PaloAlto SSL
decryption installation and configuration on PA 3060 and 5060.
Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800.
Environment: Nexus 7000,7010 series, Cisco 3640/12000/7200/3845/3600/ 2800 routers, Cisco
3750/3550/3500/2960 switches, Routing Protocols (EIGRP, OSPF, BGP), Switching related (VTP, STP),
Site to Site VPN, Remote Access VPN, Cisco VPN 3000 Concentrator, F5 load balancer, Cisco ACS 4.x,
PaloAlto, Juniper SRX and Checkpoint R77.30 Gaia firewall.
AniTech Sol Pvt Ltd, Hyderabad, India Dec 2010 Nov 2012
Network Engineer
RESPONSIBILITIES:
Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security.
Key contributions include troubleshooting of complex LAN/WAN infrastructure.
Worked on Cisco routers 7200, 3800, 2800 series and Cisco switches 4900, 2900 series.
Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network
administrator during any major changes and implementation.
Routers are configured with the routing protocols (OSPF, EIGRP and RIP).
WAN Infrastructure running OSPF & BGP as core routing protocol.
Worked on Cisco Layer 2 switches (spanning tree, VLAN, VTP, trunking using dot1q).
Port-fast, Uplink-fast and Backbone-fast are used to enable STP Enhancements to speed up the
network convergence.
Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping
& IP source guard.
Implementation of name resolution using DNS in TCP/IP environment. Involved in troubleshooting of
DNS, DHCP and other IP conflict problems. Configured FTP server for inside/outside users & vendors.
Configuration of AAA security on routers and network access servers using TACACS+.
Other responsibilities included documentation using Visio, MS excel, MS word and change control.
Used various scanning and sniffing tools like Wire-shark.
Spearheaded meetings & discussions with team members regarding network optimization and regarding
BGP issues.
Hands on Experience working with security issue like applying ACLs, configuring NAT and VPN.
Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware
& software client and PIX firewall.
Responsible for Configuring SITE_TO_SITE VPN on Cisco Routers between Head Quarters and Branch
locations.
Implemented the security architecture for highly complex transport and application architectures
addressing well known vulnerabilities and using access control lists that would serve as their primary
security on their core & failover firewalls.
Configured Firewall logging, DMZs, related security policies &monitoring.
Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on
Cisco ASA 5500 series.
Documenting and Log analyzing the Cisco ASA 5500 series firewall.
Environment: Cisco ASA5510 firewall, Cisco 4900/2900/7200/3800/3600/ 2800 routers, Cisco
3750/3550/3500/2960 switches, Routing Protocols (EIGRP, RIP, OSPF, BGP), and Switching protocols
(VTP, STP, HSRP, VLAN, Dot1q).
Eclature Technologies, Hyderabad, India May 2009 Nov 2010
Network Engineer
RESPONSIBILITIES:
Involved in Local Area Network (LAN) design, troubleshooting, and maintenance as per companys
requirements and Providing LAN support.
Maintaining Network Integrity on LAN and WAN Networks.
Configured Cisco Routers 7200,3800,2800,2600 series using RIP, OSPF, and EIGRP and configured
Cisco Switches 4900,2900.
Involved in implementation of trunking using Dot1Q, and ISL on Cisco Catalyst Switches.
Enabled STP Enhancements to speed up the network convergence that include Port-fast, Uplink-fast and
Backbone-fast.
Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications
and servers throughout the company.
Troubleshoot issues related to VLAN, VTP, HSRP failovers, related issues.
Configured VLANS to isolate different departments.
Responsible for configuring HSRP between multilayered switch networks.
Designing and implementation of routing policy for customers Internet route with optimal Link utilization.
Troubleshooting and diagnosis of network problems using IP tools like Ping, Trace route.
Configured BGP for CE to PE route advertisement inside the lab environment.
Troubleshooting WAN problems along with the carrier.
Prompt support for Remote Access Users.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems. Implementation of name
resolution using WINS&DNS in TCP/IP environment.
Worked with snipping tools like Ethereal to analyze the network problems.
Used TFTP server to backup Cisco configuration files.
Involved in SNMP Network management. Worked on various scanning and Sniffing tools like Wire-
shark.
Configured network access servers and routers for AAA Security (RADIUS/ TACACS+).
Configured IPSEC VPN on Juniper SRX series firewall. Troubleshoot and Worked with Security issues
related to Juniper SRX and IDS/IPS.
Performed scheduled Virus Checks & Updates on all Servers & Desktops.
Provided technical support for expansion of the existing network architecture to incorporate users.
Environment: Cisco 7200,3800,2800,2600 series routers, Cisco 4900,2900 series switches, Routing
Protocols (EIGRP, RIP, OSPF, BGP), Switching protocols (VTP, STP, HSRP) and Juniper SRX firewall.
Education:
B. Tech in Electronics and Communication Engineering
Contact this candidate