Senior Network Engineer
Resume:
Siva Chanikya
Sr. Network Engineer
C: 989-***-**** E: ******************@*****.***
Professional Summary:
A dedicated Professional with around 7+ years of expertise in Implementation, Administration, Operations and Troubleshooting of enterprise data networks as a Network Engineer.
Extensive work experiences on Cisco Switches, Cisco Routers, Load Balancers & Cisco Firewalls
Proficient experience in the configuration of Cisco Catalyst 2900,2960, 3560, 3750, 3650, 4500, 4900, Legacy Cat 6500 series, Nexus 7010, 5548 and 2248 switches and deep understanding of architecture.
Experience working with 2600, 2900, 3600, 3900, 4300, 4400, 7200, 7600,1000 series Cisco Routers
Experience working on changes, demands, tasks and tickets.
Experience with Firewalls - Fortinet/FortiGate, & Palo Alto and/or other next generation firewall solutions
Expertise in group management, presentations, and SLA management.
Expertise in Cisco IWAN, DMVPN, Site to Site VPN design, deployment, and troubleshooting
Expertise in Cisco Meraki, WAPs management, SolarWinds, PRTG Network Monitors, Cradle points
Specific Technologies handled include but not limited to Cisco Routers, Cisco Catalyst/Nexus Switches, Cisco ASAs, Juniper, F5 Big IP, Cisco Unified Communications Manager, Cisco Unity, Cisco Wireless LAN Controller, Cisco Aironet Access Point, Palo Alto Firewall, Nagios, Solar Winds Orion, Cacti, Wireshark.
Expertise in Site-to-Site VPNS using Checkpoint, Cisco ASAs, Palo Alto, DMVPN tunnels and GRE tunnels.
Experience in setting up Cisco ASA firewalls Cisco ASA 5510, Cisco ASA 5512 & Cisco ASA 5505 with restricted security policies, NAT implantation, configured DMZ interfaces to restrict traffic flow.
Experience working on Cisco Catalyst Series 9200,9300,3750, 3500, 4500, 4900, 6500, 2950; Nexus 2K, 5K, 7K and 9K series switches.
Experience with Network design, deployment and establishing a site with full-fletched network access.
Hands on experience in troubleshooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
Expertise in the implementation of Layer 2 technologies including VLAN’s, VTP, STP, RSTP, Trunking and Port-security, expertise in working with Ether channel technologies (LACP, PAGP).
Expertise in configuration and deployment of routing protocols like OSPF, EIGRP, BGP, Policy-based routing over Cisco Routers, configuration and troubleshooting of route redistribution.
Experience in risk analysis, security policy, rules creation and modification of Checkpoint, Cisco ASA, Palo Alto Firewall.
Managed enterprise grade server/application load balancing using F5 LTM/GTM.
Expertise in monitoring all network hardware inventory by the use of SSH, Syslog, SNMP and NTP.
Experience with Active Directory, Disaster Recovery, Print Server, DHCP, DNS, Remote Desktop and Terminal Services.
Certifications:
Cisco Certified Network Associate (CCNA)
Education:
Technical Skills:
Routers
Cisco 7600, 7200, 4321, 4331, 4431, 3800, 3900, 3600, 2900, 2800
Routing
OSPF, EIGRP, BGP, RIP v1/v2, PBR, DMVPN, Route Filtering, Redistribution, Summarization and Static Routing
Switches
Nexus 2K/5K/7K,9k Catalyst 9200,9300,6500, 4500, 3850, 3650, 3560, 3750, 2960
Switching
LAN, VTP, STP, PVST+, RPVST+, Ether Channels, L3 Switches
Network Security
Cisco ASA, Checkpoint, SonicWall, Sophos, FortiGate, Palo Alto, Cisco FMC, FTD
Load Balancer
F5 Networks (Big-IP) LTM 8950
LAN
Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet
WAN
PPP, HDLC, Channelized links(T1/T3), Fiber Optics, Frame Relay, MPLS
Gateway Redundancy
HSRP and GLBP
Features & Services
IOS and Features, SNMP, SYSLOG, DHCP, CDP, TFTP, FTP
Network Management
SolarWinds, PRTG, Wireshark, Netflow Analyzer, Cisco Prime, Cisco Works, HPNA, IBM Remedy, OpenNms.
Others
Cisco Meraki WAPs, Cradle points ECM, ACM, ACS, Callrex, Cisco UCS
Programming Skills
Python
Professional Experience:
MGM Grand, Detroit, MI Nov 2022 – Till Date
Senior Network Engineer
Responsibilities:
Providing level-3 network administration including Installation, configuration and troubleshooting of network devices (Routers, Switches, and Firewalls).
Configuration of VPC, VDC on Nexus 2k/3k/5k/7k,9k.
Experience with replacing the existing Cisco 6500 switches with Cisco Nexus 9K in the data center environment.
Maintenance and management of Nexus 7010 core switches and installation of new Nexus 5548UP and 2248 as Fabric extender for server access.
Configuring and overseeing around 500+ Network gadgets that incorporate Juniper SRX Firewalls, F5 BigIP Load balancers and Nexus Devices.
Configured 7010’s with multiple VDC’s running EIGRP for route propagation between them. Installed dual router/dual MPLS.
Experience working with MPLS Layer 3 VPN on ASR 1006 with IOS-XR
Maintenance and upgrades on Cisco 9200,9300,6500, 4500 and 3700 series switches to provide redundant network.
Installation and upgrading of network infrastructure that reached End of Life
Site to Site VPN, DMVPN configurations in coordination with ISP AT&T and Sprint.
Implementation of IOS & Bandwidth upgrades.
Designing and implementing new server silos in DMZ for Web servers, Mail servers & FTP Servers and configuration of security policies using Cisco ASA 5500 Firewalls.
Deployment and administration of Fortinet FortiGate 3000, 1500D, 200D Firewalls
Deployment, Administration with Of Firewalls with tools such as Forti Analyzer, Forti Manager.
Migration of sites from frame relay to EIGRP routing.
Implementing F5 load balancer using Cisco UCS director.
Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual server.
Maintain the day to day activates on APIC for Cisco ACI fabric.
Worked on configuring EPG, application profile, BD, leaf switch interface profile, VPC policy on Cisco ACI.
Implementation of OSPF with BGP during migrations and new connectivity.
CSU/DSU loop testing in examining WAN link issues by implementing hardware and software loops.
Knowledge on configuration of iApps (BIG-IP) application service in implementing F5 load balancer.
Performing Incident Management responsibilities which includes troubleshooting and restoration of services by joining in SRT and working with vendors and documenting troubleshoot steps and RFO.
Working and opening trouble tickets (TAC) and Smartnet with Cisco for new product orders, device diagnostics and hardware/insurance.
Cisco proactive device diagnostics with Smartnet service.
Working with ISPs like AT&T, Sprint, Ignisis for new circuit installations and provisioning and outages.
Proficiently provisioned APs/RAPs and demonstrated expertise in troubleshooting and resolving wireless connectivity issues, 802.1x authentication-related problems, and Guest WiFi challenges in Cisco ISE.
Managed successful delivery of massive security response portfolio including Cisco ISE.
Network security involves web filtering on internet sites (User's restriction) using Palo Alto and checkpoint Firewalls.
Configured and deployed the NGFW Firewall Features in Palo Alto like SSL Decryption, User ID, Proxy, and DNS, IPS/IDS.
Implemented IPSEC Site-to-Site in Palo Alto Firewall.
Performed code upgrades to the Palo Alto Firewall from Panorama.
Configure access control policies, network discovery policies, network analysis policies, intrusion policies, file policies on Cisco FMC and applying them on the devices based on various groups.
Writing exceptions on Cisco FMC in some cases to avoid the downtime.
Analyzing traffic behaviors using Wireshark and Solar winds.
Diagnosing layer-2 and layer-3 loop back tests in coordination with SP's and filed technician.
Implementing routing, ACLs with ISP using OSPF and BGP.
Performing migrations and implemented many projects which gave Best Technical expert certificate.
Using F5 load balancer for traffic filtering and network optimization.
Documenting F5 logs and sending weekly reports to management.
Implementation of Network and Devices for Network SDWAN environment.
Configuration of MAC address, VLAN’s on switches and registers as per client’s request.
Configuring Cisco WLC for the sake of customer mobility.
Checking the WAN performance and utilization in SOLAR WINDS and packet path using wire shark.
Participating in network migrations with change management teams.
Monitoring of all client’s N/w Infrastructure using tool SMARTS.
Participating in daily service review (DSR) and Root cause analysis (RCA) calls to resolve the n/w outages.
Advising clients to improve their network performance.
Designing and maintenance of client’s network architecture using VISIO and in asset center data management.
Credit one Bank, Vegas, NV Feb 2021 – Nov 2022
Network Security Engineer
Responsibilities:
Primary responsibilities include performing changes to network, security following standard ITIL ticketing process, design and implementation, troubleshooting of networks.
Responsible for Management and documentation of Checkpoint, Fortinet and Cisco ASA Firewalls
Configuring, Monitoring and Troubleshooting Cisco's PIX firewall, ASA 5500 security appliance and Checkpoint NG Firewall. Designing and Implementation experience in building DMZ, and integration of firewalls with Gateway Anti-Virus and web Filtering applications from TrendMicro and Websense
Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view, Implemented Changes on Existing configurations for the applications on F5 load balancer.
Configured different load balancing methods on F5 LTM & GTM and worked on one-connect profiles and HTTP compression and several persistence profiles Experience with Network Automation using Python and Rest API.
Configure all Fortinet Networks Firewall models (100E, 200E, 600D, 900D, 1500D, 3980E, 5001E etc.) as well as a Forti Manager to manage large scale firewall deployments and Forti Analyzer to collect logs from all FortiGate firewalls.
Responsible for configuration & troubleshooting of protocols like OSPF, BGP, EIGRP, DMVPN, IWAN, MPLS, QoS.
Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE).
Experience with creating profiles for end devices such as printers, cameras, phones etc.in ISE NAC deployment.
Worked on Checkpoint Firewalls to monitor traffic drops, implemented NAT rules and monitored logs for traffic.
Worked on configuring failover to secondary firewalls, troubleshooted various bugs and obtained fixes.
Taken care of the Logging issues of the F5 load balancer and how it works with the syslog servers, making sure the communications through the switches and routers.
Built Site-to-Site VPN tunnels between Cisco ASAs at spokes and hubs at datacenters, routers and firewalls.
Server load-balancing utilizing F5 LTM-Big IP, including APM, ASM and viprion device modules.
Worked on ASA Firewall rule management as part of network operations to take care of Firewall ACL requests.
Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
Deployed mobile setups called warehouse in the box with a Cradle point, an ASA and a Meraki AP to provide internet access and Wi-Fi over secure VPN. Worked with Cradle point models AER2100, IBR650, MBR1400 etc.
Implemented Cisco IWAN at 35 sites until date. Worked on provisioning of MPLS & Internet circuits, Circuit Activations, DMVPN over MPLS & DMVPN over Internet.
Experience with F5 load balancers (6400, 6800, and 8800) and Cisco load balancers (CSM, ACE and GSS), also migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
Worked with Verizon, ATT and other ISPs on MPLS and Internet Circuit activations, BGP, MPLS
Built, deployed & maintained Cisco Meraki WAPs. Created Networks, Implemented Firewall Policies for various SSIDs, Access Lists, maintained all devices on Meraki Cloud in separate networks
Configuration, deployment of cloud services like AWS, monitoring, metrics, and logging systems on AWS
Involved in switching such as creation & management of VLANS, Port security, trunking, RPVST+, LAN security
Port aggregation, link negotiation using LACP & PAGP, Port-security, Private-VLANS to be secure and loop-free.
Built, configured PRTG Network monitoring probes. Deployed probes with VMWARE-ESXi OS & established communications with main PRTG servers at Datacenters. Uploaded sensors to monitor traffic utilization
Managed devices using Cisco Prime, Cisco Works, ServiceNow, HPNA, IBM Remedy, SolarWinds, PRTG
Built network from scratch, cabling for User desks, MPOE to MDF & IDF, POTS lines for security alarms, fire, fax
Worked on Full Stack reconfigurations, Core, Down-level Switch Upgrades and Migrations, AP migrations.
DFW airport, Dallas, TX May 2020 – Feb 2021
Sr. Network Implementation Engineer
Responsibilities:
Involved in migration from Cisco Catalyst 6513 switches with Sup 720 to Nexus 7009 with Nexus 7000 Supervisor 2E, F&M line cards in data center with features like VPC and VDC’s.
Installed and Configured Cisco Routers ASR, ISR, (3600, 2600, 2500), Catalyst Switches (6500, 5500, 3550, and 2900series) and Nexus switches (7K, 5K and 2K series).
Performed Nexus In-Line Service upgrades and deployed advanced nexus features VPC and VDC.
Deployed Nexus 2248 Fabric Extenders, 5596 series Fabric Interconnect and 7010 with f3 modules, with features like VPC, VDC, and Fabric Path for high availability and redundant server farm environment.
Configured F5 GTM Wide IP, Pool Load Balancing methods and involved in migration of pools and authorized F5 devices for web acceleration & caching.
Successfully deployed VMware NSX SD-WAN, leveraging its capabilities to optimize Wide Area Network (WAN) performance, ensuring efficient and secure connectivity across distributed environments.
Configured, management of and monitored Silver Peak SD-WAN product.
Experience in risk analysis, security policy, rules creation and modification of Checkpoint, Cisco ASA, Palo Alto Firewall.
Worked on frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATING, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP.
Set up VSS cluster, ether channel, VTP and inter – VLAN routing on Catalyst 6509 and 6513 switches.
Created ACL policies for Cisco 5580 ASA firewall with access control to NAT & object grouping functions.
Worked extensively on Cisco Firewalls, SANS SIFT, Cisco (506E/515E/525/) & ASA 5500(5510/5540) Series.
Focused on working with Cisco Channel partners to build practices around Cisco ACI.
Deployment ACI fabric to ensure each tenant is secured and has separation from other tenants. Use L3/L2 outs via common tenant.
Worked in an Cisco ACI environment with Border leaf, Spine and Leaf architecture.
Configured IPSEC Site-to-Site VPNs to provide secure remote access using SPA modules on Cisco 6500
Performed Route Filtering, Manipulation using distribute-lists, route-maps, AD and offset-lists.
Built the Datacenter right from scratch until turning up devices and getting into Production.
Worked with both the Catalyst switches like 6800 and Nexus Switches like 7710, 5596 and 56128.
Designed, constructed, implemented, tested and launched various network nodes featuring BGP, OSPF, MPLS and VLANS using RSTP, gateway redundancy protocols HSRP, GLBP and VRRP
Deployed new data centers with Cisco 6506’s, F5 load balancers.
Experience in working with F5 BIG-IP LTM and Cisco CSM load balancing technologies.
Performed load balancing and application-level redundancy by deploying F5 BIG-IP LTM, GTM series like 3900, 6900, 8900 and cisco CSM
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools Editing and Changing Palo Alto Polices and Monitoring threats on firewalls.
Worked on commissioning WAN links and troubleshooting WAN outages.
Designed WAN structure to prevent single point of failure in case of link failure.
Configured STP, RSTP in the Access Layer Switches (2950, 2960, 3750 and 3550) as a loop prevention mechanism. Configured Port-security, Private-VLANS for maintaining loop free and secure environment.
Expertise in deploying BGP multi-homed network using AS-Path, MED, etc.
IBM, Hyderabad, India Jan 2018 – April 2020
Network Engineer
Responsibilities:
Design branch network and implementing Traffic shaping, QOS, Bandwidth Limits and policies for application traffic, security for LAN and WAN.
Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
Dealt with the escalation problems from Level1, Level 2 & Level 3 for routing, switching and WAN connectivity issues using ticketing system Remedy.
Managed end to end delivery of services for clients.
Establishing VPN Tunnels using IPsec encryption standards, configuring and implementing site-to-site VPN, Remote VPN.
Worked on configuring, deploying and deployment of Cisco Security Manager (CSM) for management of ASA Firewall series.
Troubleshooting latency and throughput issues on MPLS and Dedicated Internet Access circuits.
Configuring the Access-List rules, network object –service group based on well-known port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL).
Troubleshooting issues and outages on Trunks and Router interfaces extensively.
Coordinated and managed events and trouble tickets related to network failures and thus followed by technical support which included problem determination.
Technical assistance for LAN/WAN management and complex customer issues.
Planning and Implementation of IP Sub netting, VLSM to conserve IP addresses.
Performed route redistribution & manipulated route updates using distribute lists, route-maps & administrative distance.
Dealt with Cisco Router and switch hardware and software upgrades.
Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
Upgraded layer 3 device versions using TFTP server, Flash drive and USB.
Configured object grouping, protocol handling and code upgradation on ASA firewalls.
Maintenance and troubleshooting of connectivity problems using Ping, Trace route.
Involved in Troubleshooting and implementing NAT and DHCP related issues.
Implementing and Maintaining Network Management tools (Fluke Network, Nortel ENMS, JFFNMS, SNMP, MRTG, and NMIS).
Intent Infotech Pvt. Ltd, Hyderabad, India July 2016 – May 2018
Network Administrator
Responsibilities:
Configuration and troubleshooting of RIP and EIGRP on 2600, 2900 and 3600series Cisco routers
Configured and troubleshooted various CSU/DSU devices
Configuration and troubleshooting of OSPF, BGP and EIGRP. Tested authentication in OSPF and BGP. Tested BGP features such as override, local preference, EBGP load balancing.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems
Performed Route Filtering, Manipulation using distribute-lists, route-maps, administrative distance, offset-lists
Configured WAN Infrastructure running OSPF as a core routing protocol.
Streamlined OSPF costs in the network to account for network delay.
Implemented VTP, trunking protocols (802.1q, ISL) on 3560, 3750 and 4500series Cisco Catalyst switches
Implemented Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls
Configured & maintained IPSEC &SSL VPN's on Palo Alto, configured Palo Alto Wildfire, URL filtering PAN DB
Configured Standard, Extended, and Named Access Lists to allow users all over the company to access different applications and blocking others
Planned and implemented Subnetting, VLSM to conserve IP addresses
Configuration of STP for loop prevention and VTP for Inter-VLAN Routing
Provided Technical support for improvement, upgradation, and expansion of the existing network architecture
Troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment
Contact this candidate