Senior Network and Security Engineer
Network Bulls Technologies
Total years of experience :10 years, 6 Months
ROUTING-
•Having very good knowledge of routing protocols like OSPF, EIGRP, BGP with IPV4 and IPV6
•Very good understanding of routing protocol deployment in lan and wan environment and path Selection using metric, route-maps, summarization and routing protocol behavior in redistribution Scenarios and troubleshooting
•Very good understanding of BGP and bgp deployment for all address-families (ipv4, vrf, ipv6, vpnv4) and troubleshooting.
•Good knowledge of MPLS and MPLS applications like MPLS l3vpns, l2vpns, vpls and
•Inter-AS mpls with Type A, B and C NNI, CSC, RSVP, TE
•Good understanding of Multicast-routing and multicast routing protocols like PIM and multicast deployment with dense and sparse mode
LAN SWITCHING-
•Having very good understanding of deployment of lan switches in enterprise network at access and distribution layer
•Having very good knowledge in Cisco LAN switching, VLAN, Trunking and protocols Like VTP, Spanning-tree(PVST, RPVST, MSTP), Ether-channel protocols like PAGP and LACP
•Having very good understanding of Layer 2 security features like port-security, spanning-tree security, DHCP snooping, IP arp inspection, IP source-guard, Vlan acls, Private-vlans and Dot1x authentication with radius server ISE
•Good understanding of first hop redundancy protocols like HSRP, VRRP and GLBP.
SECURITY
FIREWALL-
•Hands-on experience on cisco ASA
•Very good understanding of traffic flow through a firewall and state information maintained by the firewall.
•Very good understanding of tcp and udp flows through the firewall and their state full behavior.
•Very good understanding of NATING on a firewall with different zones on cisco ASA.
•Very good knowledge of Active-standby and active-active deployment of ASA with behavior.
•Having very good understanding of cisco ASA deployment in a cluster.
•Having good knowledge of layer7 inspection on Cisco ASA
VPN-
•Having very good knowledge of IPSEC vpn with IKEV1 and IKEV2.
•Having very good understanding of IKEV1 IPSEC site to site and remote-access VPN on Cisco routers and Cisco ASA
•Having very good understanding of IKEV2 IPSEC site to site and remote-access VPN on cisco routers and Cisco ASA with Any connect VPN client
•Very good understanding of DMVPN phase 1, 2, 3, 4 with IPsec ikev1 and ikev2..
•Very good understanding of clientless and with client SSL VPN deployment on Cisco platform.
AAA -
•Having good knowledge of AAA deployment on Cisco switches, routers and firewalls.
•Having good understanding of AAA deployment for network access using DOT1X
•Having hands on experience on Cisco ISE 1.2 and ISE 2.1 for dot1x and mab authentication and network authorization with advanced options.
•Having good understanding ISE deployments for Central web authentication, guest access, Security group tags for traffic filtering, Profiling and AD-server integration with ISE.
SERVICES-
•Having good understanding of services like NAT on cisco routers and ASA
•Having good understanding of DHCP and DNS functionality
•Having good understanding of NTP.
OTHER SKILLS-
•Having good knowledge of VMware ESXi
•Having good knowledge of Cisco wireless LAN controller
,
,amritsar.
,