Cisco Network Engineer
Resume:
Krishna A
adal7z@r.postjobfree.com
Summary:
•Cisco Certified Network Engineer with 7 years of experience in Routing, Switching, Design, Implementation, Support, Security, Firewall Technologies, and Troubleshooting of complex network systems.
•Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
•Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, ATM, bridges, routers, hubs and switches. Infrastructure Specializing in LAN, WAN and Data Center networks.
•Hands on experience in installing, configuring and administration of Firewalls including Cisco ASA, Checkpoint, Palo Alto, Matrix switches for Monitoring and Load Balancers like Big-IP F5 (LTM and GTM).
•Extensive knowledge with VLAN's, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL's, QoS, Traffic Policing, EIGRP, OSPF, NAT, PAT, VPN's, DHCP etc.
•Security policy configuration including NAT, PAT, VPN, SSL-VPN, Route-maps and Access Control Lists.
•Worked with Juno OS and Juniper M&T series switches and expertise in installing, configuring and troubleshooting Juniper Routers (M and T-series).
•Worked extensively on ACI deployment.
•Comprehensive understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP).
•Experience working with Juniper Switches like EX-2200, EX-4200, EX-4500, M Series Routers MX5, MX10, MX40 and MX80, Juniper Firewalls SRX100, SRX110, SRX220, SRX320, SRX650.
•Strong hands on experience on ASA (5500, 5505, 5510, 5520, 5525-X, 5530, 5540, Etc.,)
•Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, DMVPN, IPS/IDS, AAA (TACACS+ & RADIUS).
•Riverbed Steelhead 550H WAN optimization installation and configuration.
•Experience in installing and configuring DNS, DHCP server, IPAM- IPv4, IPv6.
•Responsible for all WAN circuit installations with VPN/GRE tunnels, AT&T, Level 3 and maintain the WAN.
•Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series).
•Expertise in installing, configuring, and maintaining Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700).
•Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
•Working Knowledge of Cisco IOS, & Experience working with Nexus 7K, 5K and 2K.
•Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000. Working knowledge of Firewall, LDAP, AAA, TACACS/RADIUS, and IPSEC.
•Expert level knowledge on configuring Aruba Mobility controller, Airwave, Aruba Clear pass, Cisco Prime Infrastructure, WCS (Wireless Control System)/NCS, ISE (Identity Services Engine) & MSE (Mobility Services Engine).
•Deep knowledge of AWS cloud computing platform such as VPC (Virtual private cloud), EC2 and load balancing with ELB using ECB.
•Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
•Worked with customers, Tier 2&3 support, System, Network & Security Engineering teams.
•In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, IPAM, Firewalls. Knowledge on Cisco ASA, Palo Alto Firewalls Environment.
•Expert Level Knowledge about TCP/IP and OSI models. Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
•Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
•Troubleshooting & implementation of VLAN, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
•In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts. Proficiency in handling Network Monitoring tools and Packet capture tools.
•Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCP dump and Linux operating system servers.
•Strong experience in creating firewall policies as per the requirements on Checkpoint, Palo Alto, Juniper, Cisco ASA, and Fortinet firewalls.
Technical Skills:
Routing Protocols: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, Route Filtering, Redistribution, Summarization, and Static Routing.
Switching Protocols: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer
Switch, Ether channels, Transparent Bridging.
Routers: Cisco routers (7600, 7200, 4500, 3900, 3600, 2800, 2600, 2500, 1800 series), Nexus 7K, 5K, 2K & 1K, Juniper routers (M7i, M10i, M320).
Switches: Cisco switches (6500, 4900, 4500, 3750 &3560), Nexus (2248, 5548 &7010).
Antivirus & Endpoint protection: Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.
Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, Checkpoint, AIP SSM, CSC, SSM, FWSM, FortiGate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, and Juniper Netscreen firewall, Windows Patch Management (WSUS).
LAN Technology: Workgroup, Domain, RSTP, VLAN, STP, VTP, Ethernet, Fast Ethernet, Gigabit Ethernet&10 Gigabit Ethernet, 802.1q
WAN Infrastructure: Leased Line, ISDN/Dial-Up, and Frame Relay circuits, Metro Ethernet.
WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPSec-VPN.
Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240
Operating Systems & Tools: Cisco IOS, Windows NT 4.0 (Desktop/Server), FortiOS, Junos OS, PAN-OS, Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, VM Ware ESX/ESXi server, Virtual Box, Hyper-V, LINUX, Solaris, Active Directory, Apache Server
Network Security: ACL, IPSec, VPN, Port-security, AAA, Zone-Based Firewalls, IOS based router security firewalls, IDS/IPS, Palo Alto firewalls.
Servers: AD/DC, DHCP, DNS, VPN, NAP, WSUS, Email Server, Software Deployment Server, BHS, GC Server, Windows Deployment Service, Proxy Servers, Print Servers, Application servers, FTP Servers.
Network Technologies: MANET, SONET, TDMA, FDMA, CDMA. DSL, POP3.
Certifications:
CCNA: Cisco Certified Network Associate.
CCNP: Cisco Certified Network Professional.
Education:
Bachelors in Electrical and Electronics Engineering (EEE), from JNTUH – April 2012.
Masters in Electrical Engineering (MSEE), from Northwestern Polytechnic University, Fremont, California – August 2016.
Professional Experience:
Deutsche Bank, Piscataway, New Jersey
Network Deployment Engineer May 2018 to Present
Responsibilities:
Building extranet silos in new data center, migrating Services from old data center to new data center.
Configuring and troubleshooting the terminal Servers used for remote connectivity of the devices running at multiple client Locations. Designed, validated and implemented LAN, WLAN & WAN solution to suite client's needs.
Deployed Network Video Recorder (NVR) in the Data center and Development LAB.
Planning, Designing, Implementation of small, medium organizations including LAN, VLAN, WLAN and WAN on wired and wireless networks.
Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing. Day to day management of Cisco Devices, Traffic management and monitoring.
Extensive knowledge working with Service Now ticketing system for Request, incident and change management.
Deploying and decommission of VLANs on core ASR 9K, Nexus 9k, 7K, 5K and its downstream devices.
Performing addition/modification in network devices without effecting existing setups.
Mid level experience in bash shell scripting & Python for automate services on switches & routers.
Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS, and Cisco Prime. Performed Migration from Cisco ACE Load Balancers to F5 LTM.
Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77, Secure Platform Installation, and VPN.
Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP, and ping concepts.
Configured Site to Site IPSec, VPN tunnels to peer with different clients and each of the client having different specifications of Phase 1 and Phase 2 policies using Checkpoint firewalls.
Cisco 7200 and 7600 routers are being used as a provider edge (PE) routers where we configured BGP to connect with MPLS service provider.
Installation/decommission of hardware devices in the data center to include racks, servers, routers, switches, appliances and cabling.
In the MPLS connectivity ASR 1k and 9K devices are used as Customer Edge (CE) routers and deployed VRF.
Configuration of ACLs in Checkpoint 77.30 firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management
Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN.
Experience with design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7K.
Configuring the F5 Load Balancer as per the Client requirement. Creating the LTM & GTM modules configuration to meet the client Standards.
Worked on Load Balancer to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancer. VIP Pool/Profile/SSL/iRule/ASM Configurations in BIG IP.
Configured, troubleshoot and administered various technologies: RIP v2, BGP v4, OSPF, MPLS, LDP, DMVPN, VDC, VPC, STP, IPv4, IPv6, unicast/multicast.
Used multiple network monitoring tools like Solar Winds, Cisco Prime for supporting the existing core network environment and Network edge devices.
Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000. Configured datacenter technologies like VPC, VDC on Nexus 7706 Core Switches.
Good knowledge on DMZ, IPSec, Intrusion detection, proxy, tunnels, Site to Site VPN, Multicasting, MPLS, SSL, PAP/CHAP, AAA (TACACS+ and Radius).
Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application, and provided uninterrupted service to customers.
Documented customer connections through SharePoint, Excel patch panel tracker and uploaded to iServer.
Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960 6500 switches and Cisco 3640 /12000 /7200/ 3845/3600/2800/4500x routers, Cisco Nexus 7K/5K/2K, Cisco ASA, Checkpoint, Extranet Silos, SSF,RDH, DOD, IP Phones, FTP, F5 Load Balancer, Wireshark, Solar Winds, Service now, ACL, LAN, WAN, RIP, OSPF, BGP, IPV4,IPV6, TCP, UDP, NAT, DHCP, SNMP, HTTP, SSH.
Gogo LLC, Chicago, Illinois March 2017 to April 2018
Network Engineer II
Responsibilities:
Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
Implemented routing protocols RIP, OSPF, and BGP. Strong knowledge of Cisco software IOS and hardware.
Responsible for service request tickets generated by the other teams in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
Experience with configuring Virtual Server and Configuring Load balancing methods in F5 12.0 LTM.
Experience in F5, Cisco ACE 4710 Load balancers, Aruba wireless access points and controllers.
Experience on dealing with Aruba Wireless products including Access Points, Mobility Access Switches and Outdoor mesh routers.
Knowledge of network security protocols such as IPSEC tunnels, GRE tunnels, NAT/ PAT, ACLs and VPN- MP-BGP.
Generated RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
Configuring and implementing VPN Tunnels using IPSec encryption standards.
Cisco 7200 and 7600 routers are being used as Provider Edge (PE) routers where we configured BGP to connect with MPLS service provider.
Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on customer's site.
In the MPLS connectivity ASR 1k and 9K devices are used as Customer Edge (CE) routers and deployed VRF.
Experienced provisioning SD-WAN service as automated failover solution for MPLS VPN by Cisco Meraki MX 80 Firewall.
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLan routing, LAN security. Configured PBR and access-lists for Stage Networks.
Worked on moving 2KU8 LRU to PTS3 in production environment for policy test.
Statically Added and Removed most of the IP Address from VLANs on DHCP Server.
Worked with team on assignment of Lab BBU IP Address assigning, connection inconsistent problems in LAB and Data Center. Attended meetings and gained knowledge on Production PTS tail (Flight) move.
Established WAP and ACPU network connection between one LAB Networks to other LAB Network for Testing.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking. Pointing Data-groups to different Prod Servers on users request for testing purpose.
Hands on experience in Aruba S2500 switches, Aruba 7200, 3600 series wireless controllers, Aruba IAP 105, Airwave Products and clear pass Servers.
Hands-on experience with modifying Python scripts to automate a lot of network tests.
Configured new Meraki MX400 to the existing network. Changed the DNS configuration for JAL2 simulator.
Troubleshoot various security issues related to Cisco ASA firewalls.
Experience configuring Virtual Device Context in Nexus C7706.Configured L2 & L3 interfaces and port channels on Nexus Devices. Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
Installed and Managed F5 Big-IP LTM/GTM for providing high availability and configured virtual IP(VIP), Pools, nodes, irules for load balancing and Packet filters for security.
Participate in planning, implementation, and growth of our customer's Amazon Web Services (AWS) foundational footprint. Installed, configured and troubleshot Cisco wireless network, Wireless LAN controllers.
Setup of Central Panorama console to manage Palo Alto firewalls 3020, 3050, 5020 & VM-200 models.
Created and wrote documentation for vACPU network setup in the LAB.
Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers.
Acquired strong skills in working with cloud based wireless technologies like 802.11a/n/g, Cisco Meraki and Aruba wireless. Did password recovery on Routers and switches in the Production and testing environment.
Supported customer with the configuration and maintenance ASA 5550 firewall systems. Configured object groups on ASA 5550 firewalls. Installed, configured and set security policies on Cisco ASA firewalls.
Supported Infoblox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4).
Worked on Blue Coat Proxy SG to safeguard web applications (Black listing and White listing of web URL) in extremely un-trusted environments such as guest Wi-Fi zones.
Environment: Cisco Switches 2948/3560/4500/3560/3750/3550/3500/2960/6500, Cisco routers 3640/1200/7200/3845/3600/2800, Access Points, SevOne, Solar Winds, MS Visio, Meraki MX64, MX84, MX100, MX400, Cisco Nexus 7K/5K/2K, Cisco ASA 5545, windows server 2003/2008,2010, AWS, F5 BIGIP LTM, RIP, OSPF, BGP, LAN, WAN, VPN, HSRP, Juniper Switches EX-2200,Routers MX10, MX40, Firewalls SRX110, SRX210, Palo Alto firewall PA500, PA850, PA3060, PA3250, PA5060, PA5260, PA7050.
PG&E Corporation, Concord, California September 2015 to Feb 2017
IT Network Consultant
Responsibilities:
Responsible for installation, troubleshooting of firewalls (Cisco firewalls, Checkpoint firewalls and Juniper firewalls,) and related software, and LAN/WAN protocols.
Configured redundant interfaces, DHCP server, DHCP relay, ntp settings, and sub interfaces on firewalls.
Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
Experience in configuration of Palo Alto firewalls like PA2020, PA3050, and PA5050.
Scripting and coding using pearl as well as python to some extent.
Configured OSPF on ASR 1002/9001 Cisco routers at various back offices across US.
Configured ACLs in Juniper SRX 3400 and Palo Alto PA-5050 firewalls for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.
Implemented redundancy for Routers, Switches and Firewalls, Maintenance of ITIL standard practices, maintained the agreed SLA/KPI.
Performed upgrading of load balancers from Citrix to F5 Big IP load balancer to improved functionality, reliability and scalability in the system.
Responsible in troubleshooting on Cisco ISE added new devices on network based policies on ISE. Configuring ACL on ISE for making policies.
Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP).
Cisco Meraki Appliance MX (400, 80, 60) and Meraki wireless Access points (MR66, MR18), Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud.
Configuring RIP, OSPF and Static routing on Juniper M 120 series router and MX 10, MX 40 series Routers.
Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
Working experience on Check Point Firewalls, ASA Firewalls. Implemented Security Policies using ACL traffic filters, IPSec, SSL, VPN, DMVPN, AAA (TACACS+ & RADIUS).
Implemented GRE tunneling, Site-to Site VPN& multipoint DMVPN using IPSEC.
Managed the F5 Big IP GTM/LTM appliances which include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDS, IPAM, OpenStack, virtualization, NFV Hardware.
Performed advanced troubleshooting using Packet tracer and tcpdump on network devices.
Configuring VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches.
Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210.
Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer’s instructions and troubleshooting any related issues.
Experience with setting up IPSEC VPN on Juniper SRX 3600 Firewalls towards the multiple Customer sites as backup path to the datacenter.
Involved in configuring and implementing of composite Network models consists of Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960 6500 switches and Cisco 3640 /12000 /7200/ 3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA 500, Juniper Switches EX-2200, EX-4200, EX-4500, Routers MX10, MX40, MX480, Firewalls SRX110, SRX210, SRX240, SRX340, F5 BIGIP LTM, GTM, ACL-Access Control List, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP, AWS, Palo Alto PA-500, PA850, PA-3020, PA-3060, PA-3220, PA-3250, PA-3260, PA-5020, PA-5060, PA-5250, PA-5280.
Pioneer eLabs Ltd, Hyderabad, India July 2014 to April 2015
Network Engineer
Responsibilities:
Design, implementation and operational support of routing/switching protocols in complex environments including, BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
Configuring GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.
Configured and resolved various OSPF issues in an OSPF multi area environment.
Experience with installing and configuring Spanning Tree Protocol, Trunking (dot1q and ISL) and Ether channel on Campus Network Design Architecture.
Configuring and troubleshooting port-channels (LACP, PAgP), HSRP, SVI inter-vlan routing and DHCP relay on distribution switches.
Experience with Firewall Administration, Rule Analysis, Rule Modification.
Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
Conversant in LAN, WAN, Wi-Fi, DNS, DHCP, TCP/IP, Fiber, Firewalls/IPS/IDS, IPAM, OpenStack, and virtualization.
Performed advanced troubleshooting using Packet tracer and tcpdump on firewalls.
Configured and resolved various OSPF issues in multi area environment.
Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
Solving web related problem including HTTP, HTTPS, DNS, SMTP.
Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO.
Environment: Cisco 6509/ 3750/3550/3500/2950 switches, Cisco 7200/3845/3600/2800 routers, NAT, PAT, Checkpoint firewalls(SPLAT), Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Fluke and Sniffer.
Kensium Solutions Pvt Ltd, Hyderabad, India June 2012 to June 2014
Network Administrator
Responsibilities:
Troubleshooting complex networks layer 1, 2(frame relay, ATM, Point to Point, ISDN) to layer 3 (routing with BGP, EIGRP, OSPF and RIP protocols) technical issues.
Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
Implemented and Configured IP Routing Protocols: OSPF, EIGRP, and RIPv2.
Implemented and configured LAN Protocols: Ethernet, VLANs, VTP and STP.
Worked on Routers Cisco 2620, 3750 and 2950 Switches & Link sys wireless access points.
TCP/IP network planning, Implementation and Management with subnets.
Configured BGP for CE to PE route advertisement inside the lab environment.
Hands on Experience working with security issue like applying ACL's, configuring NAT and VPN.
Troubleshooting complex networks layer 1, 2(frame relay, ATM, Point to Point, ISDN) to layer 3 (routing with BGP, EIGRP, OSPF and RIP protocols) technical issues.
Managed the IP address space using subnets and variable length subnet masks (VLSM).
Working on creating new load balancing policies by employing BGP attributes including Local Preference, AS-Path, and Community, MED.
Assisted in racking and stacking, other responsibilities also included documentation and reporting.
Worked with Remedy Ticketing tool in maintaining and keep a track of logs/monitor.
Created network diagram for employees using the Microsoft Visio.
Environment: LAN, WAN, Cisco routers and switches, Subnetting, VLAN, VTP, VPN, NAT, PAT, RIP, OSPF, BGP, EIGRP, TCP/IP, VISIO.
Contact this candidate