Data Center Network Engineer
Resume:
Name: Abdul Rahman
Email Id: ************@*****.***
Phone: 464-***-****
SUMMARY:
Over 8+ years of experience with expertise in managing networking protocols; deploying, administering and migrating firewalls, also troubleshooting and supporting enterprise level networks and Data Centers.
Experience working in complex environments which includes Layer 2 Switching, L3 routing, Network with perimeter and VPN firewalls, Load balancing and Access policies management in F5/NetScaler. Experience with Aruba Wireless LAN Controllers.
Experience in installing, configuring, and maintaining Cisco Switches (2960, 3500, 3750, 3850, 4500, and 6500) in enterprise Environment and Nexus 2k, 3k, 5k, 7k and 9k in Data Center Environment.
Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800, ASR 9k).
Expertise in installing, configuring and troubleshooting Juniper Routers (E, J, M, and T-series).
Experience with cisco ACI and Arista Cloud Vision on a POC. Knowledge on Spine leaf Architecture in Data center. Worked on EVPN, VXLAN, VTEPS, Bridge Domains, MP-BGP etc.
Advanced knowledge in Cisco ASA 5500 series and PIX installation, configuration and maintenance, configuration and installation of IOS security features and IPS, security risk analysis, attack mitigation & penetration tests based on LPT methodology
Experience in configuring, implementing and troubleshooting F5 and Citrix Load Balancer in a large environment with sensitive applications.
Configured F5 LTM, series 5000 series for the corporate applications and high availability. Implemented LTM and GTM in DMZ and Internal network. Worked on software versions up to 12.1.2. Proficient and high-level expertise using the F5 based profiles, monitors, VIP’s, pools, SNAT, SSL offload, iRules, virtual Servers, iAPPs. Migration experience from ACE to F5/ old F5 to New F5.
Good experience, working with a team in designing LAN/WAN/WLAN architecture.
Knowledge of Juniper environment including SRX/Junos Space.
Experience in installing, administrating managing Windows server operating system 2000, 2003, 2003 R2, 2008,2008 R2,2012 and their standard, Enterprise Datacentre Edition
Excellent Verbal, written communication skills and Interpersonal skills with ability to work with large teams as well as independently with minimum supervision Team Player
Experience with Project documentation tools implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO
Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner by making use of various IT tools such as service-now and other networking monitoring tools.
configure and troubleshoot issues related to Active directory credential agent and user-id agent.
Troubleshoot issues related to LDAP authentication and Kerberos authentication.
Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools
Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments.
Experience design, installation, and administrating of enterprise Network and Wireless systems.
In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS and Firewalls.
Specialized in configuring and maintaining all UCCE and IP Telephony, while mainly focusing on UCCE, ICM scripts/configuration, outbound option, reporting, and Customer Voice Portal and Cisco Unified Collaboration solution.
Proficiency in Cisco ASAs, ISRs, Catalyst/Nexus, HP Switches, Cisco Meraki, Aruba, EIGRP, OSPF, BGP.
Maintaining and updating inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP. Implementation of HA-JSRP in JUNOS devices, SRX Series Router/Firewall in both A/A and A/P mod.
Effective inter-personal skills, adaptive to any environment, keep abreast with the latest technologies and delivering solutions as an individual and as part of a team.
Excellent Hands-on experience with Cisco ISE and the Migration of Wireless and TACACs to ISE
Set up Microsoft Azure virtual appliances to meet security requirements over software-based functions like firewalls.
Experience in Configuring and implementing VLAN, VTP domains, LAN switching and STP/RSTP, QOS on multicast VPN and Wide area application services
Experience with WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPSec tunnels, ISP circuits, Customer Edge configurations. Experience with SD-WAN solutions that include Viptella and Versa.
Technical Skills:
Networking Technologies:
LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP
Networking Hardware:
Cisco Switches, Cisco Routers, ASA/Pix/Palo Alto/Checkpoint/Juniper firewalls.
Security Technologies:
PAP, CHAP, Cisco PIX, Blue Coat, Palo Alto, ASA, Fortinet, Checkpoint
Network Monitoring:
Wireshark, QRadar, Splunk, Tenable Nessus, TCPReplay, Wildfire
Operating Systems:
Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS-XE, NX-OS
Routers:
1800, 2611, 2800, 3600, 3845, 3900,4300, 4400, 4500, ASR 1000X, 7206VXR, Juniper M & T Series.
Load Balancers:
F5 Networks (BIG-IP), NetScaler (Citrix)
Firewalls:
Palo Alto firewalls, Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580), Checkpoint,
Wireless:
Cisco Meraki wireless Access points (MR66, MR74, MR84), Aruba Access points 200, 207,300,320, Wireless controllers 7280, 7240, Cisco Wireless controller 5508 and Cisco Aironet 3700 series.
Features & Services:
IOS and Features, HSRP, GLBP, VRRP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR s, HLD and LLD documents, Dell equal logics
PROFESSIONAL EXPERIENCE:
Client: Verizon, Dallas, TX May 2021 – Till Date
Role: Sr. Network Engineer
Responsibilities:
Experience with configuring Cisco 6500, 6800, 4500 VSS in Distribution layer of the Data center network.
Created Server-less Architecture for on-premise Application Migration to AWS cloud.
Configuring and managing F5 LTM (Local Traffic manager) in large scale environment.
Configure and troubleshoot Juniper EX/SRX series switches.
Worked and configured NetFlow Integrator tool which converts processed data to Syslog from edge routers, switches, firewalls then send to Splunk.
Implemented Cisco and Aruba Wireless Controllers, Aruba Wireless Access Points at corporate site as a part of WLAN Infrastructure.
Deployed Fortinet firewall managed wireless for large campus.
short- and long-term planning, implementation, project management and operations support as required.
Recognized for performance excellence and contributions to success in network design projects. Strength in Cisco ISE and DNAC backed by extensive training in routing/switching.
Network security including NAT/PAT, ACL, and ASA/SRX/Palo Alto/Fortinet Firewalls.
Good knowledge with the technologies Site to Site VPN, DMVPN, SSL VPN, WLAN and Multicast.
Well Experienced in configuring protocols HSRP, GLBP, PPP, PAP, CHAP, and SNMP.
Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big IP LTM load balancers.
Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
Install, manage and monitored large scale Palo Alto Firewalls through Panorama.
Experience with communicating with different customers, IT teams in gathering the details for the project
Experience in installing and configuring DNS, DHCP servers.
Convert WAN links from TDM circuits to MPLS and to convert encryption from IP Sec/GRE to Get VPN.
Performing network monitoring, analysis using various tools like Wireshark, & QRadar with Wildfire tool helped for tracking root cause problems.
Deployed a highly available Cisco infrastructure based on Cisco DNAC, Cisco ISE, switches, routers, and access points.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security, when possible, for user ports.
Used Extra hop for the detection of any abnormalities in the network, tracking file access in databases and storage for data security, and locate bottlenecks over the network
Strong hands-on experience on, ASA Firewalls, Palo Alto Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
Designing advanced networking solutions including Quality of Service QoS, Virtual Routing and Forwarding VRF and route redistribution.
Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls.
Configuring the VIPs, pools, irules and profiles on F5 LTM 10.x and 11.x version.
Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security, when possible, for user ports
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
Implement and configured GLBP (on core switching and also for VPN redundancy), HSRP on different location of office on the switched network and managing the entire multilayer switched network
Used Kiwi-Cat tools to manage configurations from desktop for network devices, including routers, switches and firewalls.
Enabled continuous Layer 2 monitoring with Solar Winds, so that each site can run independently until connectivity is restored
Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS
Installation, Configuration and troubleshooting Cisco switches and Firewall on multi-mode context-based environments
Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
Experience in configuring VPC, VDC and ISSU software upgrade in Nexus 7010.
Serve as part of a team of network engineers responsible for base wide network upgrade from Cisco Layer 3 Catalyst switches to Juniper Layer 3 EX4200 & EX3200 switches.
Actively involved in Switching Technology Administration including creating and managing VLANS, Port security- 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009.
Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment.
Configure BGP features such as as-override, Local pre, EBGP load sharing on client connections
Configured and resolved various OSPF issues in an OSPF multi area environment between multiple branch routers.
Working with Fortinet Firewall to create policy, HA and monitor malicious traffic.
Client: Centene, Naperville, IL Jul 2019 – Apr 2021
Role: Sr. Network Engineer
Responsibilities:
Troubleshooting the wireless data core networks, protocols, interfaces and wireless operator's end-end network.
Working on deployment/configuration of LWAPs, WLC, WDS and 802.11 wireless devices.
Involved in Design and troubleshooting of LTE, UMTS and GPRS.
Working on Aruba Wireless LAN Implementation for 11n Infrastructure across the Corporate Network.
Involved in the configuration troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
Configuration and troubleshooting various OSPF issues in an OSPF multi area environment.
Configuration various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Configuration of Bluecoat SG9000 WAN acceleration appliances including WCCP, CIFS and creating/updating overlays.
Created design and implementation of Cisco DNAC managed networks utilizing industry best practices and Cisco hardware, overseeing new and existing equipment as well as hardware and software upgrades.
Implemented IDS/IPS on dedicated IDS/IPS 4260, software based IOS based IPS on Cisco 1921.
Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
Replacement of old 6500 and WAN routers from DR testing site and Installed Nexus 7K and ASR 1006 routers.
Implemented new POPs using Juniper MX240 PE MX480 aggregation supporting MPLS VRF with iBGP, ISIS iBGP route reflectors.
Checkpoint and Cisco ASA firewall administration across global networks.
Supported the team for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
Maintenance of Cisco ASA 5500 firewall for DCA site, adding new rules or changing existing access lists if necessary.
Implementation of switching protocols like Spanning Tree Protocol STP in the network, VTP, VLANs, and configured Fast-Ethernet channel between switches.
Configured Nexus 7010's and ASR9010's for BMI Byte Mobile Index /WIFI testing to simulate LTE call flow in Sprint's production environment with traffic flowing from a WIFI Access Point to ASR9k-N7k-BMI Server-F5 Load Balancer-N7k-ASR9k OIR outbound Internet Router VRF- Firewall-Internet.
Successful execution of Fabric Path testing on N7k 6.0 2 code having a full mesh connectivity with 7600 running RPVST protocol /ASR9K Routers running MST protocol in different VDCs Virtual Device Contexts with end-to-end reachability of hosts in the different VDCs.
Performed evaluation and analysis of the environment for NSX deployment, including NSX manager, Distributed Firewall, Distributed Logical Router.
Configured and tested Verizon ARC BA850 Cradle Point as the turnkey networking solution for 4G/LTE failover.
Addressed technical issues and questions regarding Cisco ISE including troubleshooting and feature changes and modifications.
Implementation of Cradle point with 3G/4G LTE as Backup Solution for Clients WAN. Connections and using Enterprise Cloud Manager for Monitoring.
Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN.
Client: SWIFT, Manassas, VA Mar 2017 – Jun 2019
Role: Network Engineer
Responsibilities:
Configuration of VLANs on cisco switches 3850, 3650 and troubleshooting IP addressing issues, updating IOS images and other hardware installations.
Implemented traffic filters using Standard and Extended Access-lists, Distribute-Lists, and Route-Maps.
Installing and configuring VPNs for the clients (site to site) and installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
Gained strong experience and knowledge in investigating incidents related to firewall and VPN.
Manage installations, configuration and administration of Cisco equipment in IT architecture of organization.
Gained advanced knowledge on multiple security technologies Anti-virus, malware, Firewalls, VPN, proxies, vulnerability, DLP.
Maintaining OSPF, EIGRP and static routing protocol on CISCO routers and catalyst switches
Worked on assessment and the finalization of the detailed designs and provided a design document for the Implementation of Cisco ISE and the Migration of Wireless and TACACs to ISE.
Review and analysis of emerging threats and vulnerabilities, risks and business requirements for detection and remediation measures.
Strong experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure with concerned teams.
Worked on manual Penetration testing of client systems, web sites and discovered network vulnerabilities.
Built Cisco Device Profiles using CUCM. This includes being part of the team whom rolled out Cisco VOIP phones when transitioning over from Avaya. We deployed 1500+ phones throughout the campus.
Implemented 8x8 VOIP solutions on site and run network diagnostics test and network assessment test.
Configured network services equipment Riverbed accelerators in compliance with security policy.
Worked on security policies of juniper SRX and Palo Alto and policy clean-up of firewalls.
Designed and configured LAN networks with Access layer switches such as Cisco 4510, distribution layer switches such as 6513 and a routed core.
Worked on Citrix NetScaler Access Gateway and F5 load balancers for creating SSL Client-Server
Setup TFTP server to maintain CISCO router configurations and CISCO images. Worked on network hardware and software upgrades
Configured HSRP, Spanning tree Root guard, BPDU guard, and STP/RSTP features.
Administration of network devices holding various servers of Windows, Linux/Unix platforms (physical & virtual servers).
Supported major access to all firewalls and protocols through AAA by using Cisco Secure Access Control Server (ACS). Design, Configuring and troubleshoot F5 LTM load balancing.
Configured & managed Security Devices that includes Juniper (Net screen) Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Plug Proxies. Used pulse secure VPN secure login & single sign in across the production environment.
Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
Involved in configuring and implementing of Composite Network models consists of Cisco 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
Implemented various Switch Port Security features as per the company’s policy
Client: Comcast, Moorestown, NJ Jan 2015 – Feb 2017
Role: Network Engineer
Responsibilities:
Implementing new/changing existing data networks for various projects as per the requirement.
Configuring ACL to allow only authorized users to access the servers.
Participated in on call support in troubleshooting the configuration and installation issues.
Configure and install switches, create network IP ranges, VLANs and network security.
Implemented VLANS between different departments and connected them using trunk by keeping one VLAN under server mode and rest falling under client modes.
LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems).
Firewall Clustering and High Availability Services using Cluster XL on Check Point.
Designed and built a prototype system to perform lightweight, real-time mapping of Internet paths between data centers and client hosts, using probabilistic databases and information theory.
Performed network troubleshooting, second level technical support, and tape backup operations.
Manage the day-to-day log collection activities of source devices that send log data to ESEM SIEM RSA Envision.
Performing troubleshooting for IOS related bugs by analysing history and related notes.
Carrying out documentation for tracking network issue symptoms and large-scale technical escalations.
Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.
Installed and maintained routers and switches in various network configurations supported VLANs, Qos, VoIP, and advanced access-lists.
Responsible for the implementation, documentation, and day-to-day support of the Imperva Database Firewall.
Up-gradation of Proventil IBM IPS firmware and Palo Alto firewalls.
Exposure to wild fire advance malware detection using IPS feature of Palo Alto.
Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
Experience with Websense filtering service for selectively filtering unwanted internet requests traffic
Worked on checkpoint firewall SMART Event Intro module for generating monthly IPS reports
Worked on Data Center fabric migration process from legacy Catalyst 6513 switches to Nexus 7010 switches
Worked on Catalyst 3850, 3650, 3750, 4500, 6500, Nexus 5000 & 7000 series switches.
Maintenance of all server’s network equipment with current stable firmware, IOS images access control lists.
Responsible to help team for troubleshoot, configure and resolve the issues regarding F5.
Support ongoing efforts in defining best practice policies for Juniper product applications used by Customer.
Proactively perform corrective maintenance for IP/MPLS network.
Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company
Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
Educational Details:
Bachelors in Computer Science from Deccan College of Engineering and Technology
Contact this candidate