Cisco Network Engineer
Resume:
Pranay Kumar
adflbq@r.postjobfree.com Phone: +1-240-***-****
Professional Summary:
CCNA, CCNP, Aruba ACMA Certified professional; with expertise 8+ years of experience with networking installations, Configurations testing, troubleshooting, implementing, optimizing, maintaining enterprise data network and service provider systems.
Expert level hands on with Cisco ACS, Aruba ClearPass servers.
Very good Hands-on experience is working with Aruba products like Mobility Master, Airwave, Net Insight, Aruba Central.
Hands-on experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
Strong experience with routing protocols (RIPv1/2, IGRP, EIGRP, OSPF, BGP), IEEE 802.11, switching (VLANS, VTP Domains, STP and Trunking),
Extensively worked with Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox).
Design and configuring of OSPF, BGP ON Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550)
Implemented and configured Palo Alto Networks Firewall models, Cisco PIX (506E/515E/525), ASA Firewall (5505/5510), Juniper SSG series Firewalls, Checkpoint R75, 76 Firewalls, Security Device Manager (SDM) and centralized management system to manage large scale firewall deployments.
Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP, ISIS, STP, RSTP and MPLS.
Troubleshooting of complex network systems including high-end routers: CISCO GSR, ASR1K, ASR9K, 2600, 2800, 3600, 7200, 12000 Series Routers, and Catalyst 4500, 6500, and 7600 switches.
Proficient in Configuring Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trucking using 802.1Q.
Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general trouble shooting of the F5 load balancers.
Worked extensively on Data Center Palo Alto firewalls and F5 BIG-IP LTM.
Worked on F5 LTM, GTM series like 6400, 8800 for the corporate applications and their availability.
Experience with Cisco ASA/Checkpoint/Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network.
Managerial experience for Build Domain Controllers, Member Servers, Disaster recovery, networking protocols, including TCP/IP, HTTP, NTP, DNS, MLLP and NDM to support Enterprise Solutions.
Good working experience with Aruba controller configuration.
Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.
Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
Using Knowledge of OSI Models to troubleshoot network issues.
WebSphere Application Server applications to handle communication between multiple external applications utilizing the Enterprise Service Bus (ESB).
Good command on Cloud platforms like Azure.
Technical Skills:
Cisco router platforms
1900, 2500, 2600,2800, 2900, 3600, 3700, 3800, 3900, 7200, 7600, 7609, Cisco L2 & L3, Juniper routers (M7i, M10i, M320)
Cisco Switch platforms
2900XL, 2950, 2960, 3560, 3750, 3850, 4500, 4900, 6500), Nexus (2248, 5548 &7010)
Firewalls & Load Balancers
Cisco ASA 5585, 5550, 5540, Juniper SRX5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Palo Alto PA-2000/3000/4000/5000, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810
WAN Technologies
FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems
LAN Technologies
Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI, 802.1x, Cisco Secure Access Control Server (ACS) for TACACS+/Radius
Routing Protocols
RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static Routing
Switching Protocols
VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP
Network management
SNMP, Cisco Works LMS, HP OpenView, Solar winds, Ethereal, NAC, Science Logic.
Software
Microsoft Office Suite, MS SQL Server 2008, HTML
Language
UNIX, Turbo C / C++, basics in Perl and Shell scripting
Professional Experience:
Kellogg’s – Battle Creek, MI July 2019 – Till Date
Network Engineer
Single-Handedly finished the Project for “Migration of Radius/TACACS+ Authentication” from Cisco ACS to Aruba ClearPass – across USA.
Configured the whole ClearPass server for the USA region by deploying and Designing the services, enforcement policies, etc.,
ACMA certified and have Pretty Good Hands on experience with all Aruba Products like ClearPass, Mobility Master, Airwave, Net Insight
Daily hands on experience with Aruba ClearPass server, troubleshooting issues related to the wireless authentication.
Monitoring and Troubleshooting the LAN/WAN networks.
Remotely Troubleshooting the networks Over Cisco and Aruba Environments, such as Cisco WLCs and Aruba Mobility Master, Airwave and ClearPass server.
Scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
Maintaining Client’s Site-to-Site VPN and its Documentation.
Preparing the Project related SOP documents that are used for sustainment.
Daily technical hands on experience in the configuration, troubleshooting of Cisco 3k, 5k Switches, Aruba 2930, 3810, 8310 switches, Cisco and Aruba Access points, their connectivity issues, as well as experience working directly with customer in a service/support environment.
Preparing the Site Access Point MAPs by conducting the site surveys for the Plants and warehouses as per Client’s requirements.
Maintenance and Troubleshooting of Wireless Environment over Cisco WLCs, Cisco Prime Management.
Have planned and performed the IOS upgrade cycles for all Cisco/Aruba Switches and Wireless controllers.
IOS upgrades on the Cisco WLCs, have dealt with Mostly all Models of WLCs.
Configuring and deploying the Cisco and Aruba switches.
Management of all the vendors involved in the project.
Maintaining the SLA of the tickets and coordinating with the team to meet the deadlines.
Environments: Implementation, configuration and troubleshooting of network using Switching technology like VLANs, inter-VLAN routing. WLAN. Cisco WLC’s, Cisco Prime Management. Aruba ClearPass, Mobility Master, Cisco ASA firewall.
Wells Fargo, Charlotte, NC Jun 2018 – July 2019
Sr Network Engineer
Responsibilities:
Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
Implemented configuration back-ups using WinSCP, cyberfusion to automate the back-up systems with the help of public and private keys.
Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
Demonstrated understanding of network security concepts and systems including F5, WSA, Palo Alto, ASA
Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
Provided L3 support for routers/switches/firewalls.
Managing & administering Cisco WSA.
Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
Project entailed migrating VoIP network from Avaya to Cisco 10.5.
Assisted in maintaining the network documentation log for VoIP phones.
Performed troubleshooting with VoIP network issues.
Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
Deep understanding of IDS/IPS such as Sourcefire and Foresight.
Implementing Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
Juniper Firewall Policy management using NSM and Screen OS CLI.
Working on the network team to re-route BGP routes during maintenance and FW upgrades.
Running vulnerability scan reports using Nessus tool.
Cisco ASA security appliances including Sourcefire, Fire POWER services and Fire Sight Management Console.
Managed and built both virtual and physical systems in global clustered environment. Also managed IronPort reporting systems to message tracking and reporting.
AD/Messaging teams lead for disaster recovery planning and design.
Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including crypto map, encryption domain, PSK etc.
Provided administration and support on Bluecoat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
Operation of Microsoft Office, various web tools, advanced features of the Windows 7/8/8.1/10, Linux, and Ubuntu Operating Systems, various products offered on the Azure cloud platform.
Creates and implements internal documentation for the Azure Performance vertical; utilizes documentation to facilitate training on driving effective solutions for the customer.
Environment: Cisco ASA5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco Sourcefire, Splunk, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.
American Express, Phoenix, AZ Feb 2017 – Jun 2018
Network Engineer
Responsibilities:
Implementing security Solutions using PaloAlto PA-5000/3000, Cisco 5580/5540/5520, Checkpoint firewalls R70, R75, R77.20 Gaia and Provider-1/MDM.
Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
Deploy, configure, and support Aruba wireless controller and AP devices globally, also a direct escalation path for all wireless issues.
Enterprise and Public Safety Wireless LAN/WAN (802.11, Mesh).
Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall.
Exposure to wildfire feature of Palo Alto.
Exposure to design and implementation experience primarily on Cisco WSA proxy.
Configuration and Maintenance of Cisco ASA 5580-20, ASA 5540, ASA 5520, ASA 5510 series firewalls.
Configure Syslog server in the network for capturing and logs from firewalls.
Provided tier 3 support for CheckPoint and Cisco ASA Firewalls to support customers, Backup and restore of checkpoint and Cisco ASA Firewall policies.
Experience configuring and managing Cisco Web Security Appliance (WSA) in an enterprise environment
Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third party connectivity.
Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
Collect and review site survey information regarding VOIP systems, phone sets, network, and technologies across the client's footprint.
Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations.
Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
F5 BigIP iRules programming and troubleshooting.
Worked on F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
Worked with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET.
Configure and Monitor Cisco Sourcefire IPS for alerts.
Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
Worked on VPN configuration, routing, NAT, access-list, security contexts, and failover in ASA firewalls.
Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel
Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
Strong understanding of Cisco networking technologies: ASA, IPS, WSA, ACS, VPN.
Environment: Cisco ASA5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, IEEE 802.11Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco WSA, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.
WELLCARE, TAMPA, FL Oct 2015 – Jan 2017
Network Engineer
Responsibilities:
Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
Juniper Firewall Policy management using NSM and Screen OS CLI.
Daily technical hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
Deployed Next-Generation Firewall ASA-X, SonicWALL, Palo Alto and Fortinet.
Creating and provisioning Juniper SRX firewall policies.
Configure and administer Cisco ASA Firewalls (5585, 5550 and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
Experience on ASA firewall upgrades to 9.x.
Solved problems on case-by-case basis with deep understanding of networking/firewall concepts, particularly with Fortinet devices.
Assisted with migrations from CISCO to Fortinet Security platform.
Configuring/Managing Intrusion Prevention System (IPS): Cisco lPS / Fortinet & Checkpoint UTM.
Configured Panorama web-based management for multiple firewalls.
Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
Use Tools such as SKYBOX for Firewall Policy optimization and rule base Clean up.
Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
Configure and tweak the inspection policies on Firewall to allow legacy application traffic.
Understand different types of NAT on Cisco ASA firewalls and apply them.
Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
Involved in Upgrading bluecoat proxy servers from SG900-10s to SG 9000-20B.
Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
Performed Fortinet Firewall OS upgrades via Fortinet Manager.
Support Data Center Migration Project involving physical re-locations.
24 x7 on call support.
Environment: Juniper (SRX, JUNOS, ScreenOS, NetScreen SSG), Cisco (CheckPoint, ASA Firewalls), Palo Alto Firewalls, Big IP F5 LTM/GTM, TCP/IP, FortiGate.
CARNIVAL, MIAMI, FL Oct 2014 – Sep 2015
Network Engineer
Responsibilities:
Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
Worked on Check Point Security Gateways and Cisco ASA Firewall.
Firewall Clustering and High Availability Services using Cluster XL on Check Point.
Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, building Fortigate High Availability using Fortigate Clustering Protocol (FGCP).
Firewall Compliance and Rule remediation for compliance such as SAS 70 Audit.
LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
Deployed a Syslog server to allow proactive network monitoring.
Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
Configured Firewall logging, DMZs and related security policies and monitoring.
Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
Documentation and Project Management along with drawing network diagrams using MSVISIO.
Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.
Dell, India Sep 2013 – Sep 2014
Network Engineer
Responsibilities:
Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
Responsible for Firewall upgrades as well as Troubleshooting, Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.
Configured Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.
Install Windows Server 2003, configure IP addresses, network printers, and configure Client Access for PCs.
Work with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.
Troubleshooting and resolving access management and provisioning workflow errors
Perform Identity and access management activities.
Deployment technician installing, tapping, and registering VoIP phone swaps and new installs. Data entry and issues troubleshooter.
Manage access to network segments and resources in compliance with network access policies.
Administer and support Cisco based Routing and switching environment.
Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
Deployed a Syslog server to allow proactive network monitoring.
Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
Configured Firewall logging, DMZs and related security policies and monitoring.
Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
Environment: PIX, CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, NAC, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.
Sonata Software Solutions, India Jun 2011 – Aug 2013
Network Engineer
Responsibilities:
Troubleshoot problems on a day to day basis & provide solutions that would fix the problems within their Network.
Part of Network Operation Center NOC offshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
Schedule changes and work through maintenance requests over weekends.
Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
Hands on experience in Cisco Routers and Switches.
Configuration of CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches.
Creating groups, users and policies in Active Directory.
Troubleshoot and support Cisco Core, Distribution and Access layer routers and switches.
Built IPsec based Site-to-Site VPN tunnels between various client locations.
Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
Managed the IP address space using subnets and variable length subnet masks (VLSM).
Point-to-Point, Frame Relay, T3, ATM, WAN troubleshooting.
LAN cabling in compliance with CAT5 standards.
Troubleshooting Active Directory, DNS, and DHCP related issues.
Environment: Cisco 2600/2800 routers, Cisco ASA, TCP/IP, VLSM, AD, DNS, Switching/Routing.
Education:
Bachelors in Aeronautical Engineering from JNTU Hyderabad, India (GPA: 3.5/4.0)
Contact this candidate