Profiles search

Nik Patel

Information / Network Security Engineer
Dallas, TX, United States

Details

Experience: 2014 : 2015

Catholic Health Initiatives

Sr. Network Engineer

• Working with Cisco Routers 2800, 2900, 3745 , 3825, 3845.• Working with Cisco Switch 2960, 3560, 3750, 6500,N5K and N7k.• Current working experience with ASA 5500 and PIX 515 and 525 series firewall.• Securing the network with Access lists (ACL) applied on router interfaces and firewalls.• Current experience with Configuration and modification of ACL rules ( extended ACL ) in firewall and router.• Configuration with NAT and PAT in firewall and router as per ACL requirement. • Working with Cisco ASA 5500 series firewall and manage with CSM and ASDM.• Change and manage Access List and NAT rules in ASA 5510 Firewalls with CSM.• Filtering traffic base on IP address, port and packet in firewall.• Create new site to site Ipsec VPN and troubleshoot and modify existing VPN.• Administering & designing LANs, WANs internet/intranet, and voice networks.• Configure Cisco routers with protocols, such as OSPF, EIGRP, and BGP4• Working with VLAN, VPN, VTP and STP technologies.• Configuring Vlan’s, VTP’s, enabling trunks between switches.• Working with Cisco Nexus 7000 , 5000 series installation and configuration, implementation with Port channel.• Also technical Support of Cisco Nexus Switch and Cisco router using different Troubleshooting protocol. Manage Cisco routers and switches, including performing installations, upgrades, configurations and management.• Configured Site-to-Site and Remote Site VPNs using Cisco routers to Cisco routers, Pix Firewall to Pix Firewall, Cisco router to Pix Firewall, Cisco Router to ASA Firewall.• Verify all Nexus 7k C7010 connection with other devices and make report.• Configure and Manage Cisco IPS for security purpose.• Create signature and rules in IPS 4240.• Troubleshoot the client VPN client issues on Network Connectivity.• Upgrade F5 load balancer Certificate for National data Center and other region devices.• Working Experience with Network Data center.

2012 : 2015

Catholic Health Initiatives

Network Engineer

• Experienced with Cisco Routers 2900, 3400, 3600, 7200..• Configuration and maintenance of Cisco 2900 , 3400 series routers with OSPF, BGP protocols.• Configuration and maintenance of Cisco 2900, 3750 series switches including VLANS and Trunking protocols. • Installed, configured, & maintained SMTP, DNS and DHCP on Windows 2000 Server and also configured a FTP server, including installing certain applications on the server.• Planning and Implementation of Subnetting, VLSM in the company network to conserve IP addresses.• Design and implement layer 3 switched LAN/global IP/IPX WAN architecture.• Design and implement complex LAN/WAN topologies, high availability server solutions.• Providing technical support for the VoIP phones installed in the network and updating their extensions.• Worked with senior engineers to design and document the design of local area networks for the company. • Perform replacements of failed hardware and software up gradations.

2009 : 2010

Aster Networks Pvt. Ltd.

Network Engineer

 Configured and administered Cisco ASA Firewalls (5585x and 5540) using Cisco CSM, ASDM as well as Command line. Configured and troubleshot Firewall connectivity issues including policy, NAT, ACL, Routing.  Firewall Policy Provisioning and working with issues including policy, access list and NAT. Troubleshot connectivity issues including VPN with business partners using command line utilities. Access Policy provisioning and working with various application teams to identify firewall ports. Documented and Visio Diagrams for the network topology both physical and logical. Configured and supported different types of NAT and ACL on ASA devices.  Firewall Policy Provisioning and working with Change Management system. Created object, groups, updating access-lists on ASA Firewalls, apply NAT and ACL. Monitored health of the firewall resources using Smart Skyebox and firemon.  Configure Cisco IPsec VPN clients to have enterprise VPN connectivity.  Designed & Deployed Cisco ISE 1.2/1.3 for Enterprise RADIUS Authentication with Active Directory, RSA SecureID, Proxy Radius Services. Good understanding and working knowledge of Protocols like IEEE 802.1x, EAP, PEAP, LEAP, EAP-FAST & EAP-TLS.  Configuring user's roles and policies for authentication using Cisco NAC/ Cisco AnyConnect and monitoring the status of logged users in network using Cisco ISE.  Provide ISE basic detail to PCI team for audit and showed security policy and enforcement.  Configured Cisco ASA 5510 for VPN Network Access Control integration with Cisco ISE (Inline PEPs).  Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access.  Support and remote manage customers worldwide with all flavors of ASA, ISE, ACS, Cisco AnyConnect.

2015 :

American Airlines

Information Security Engineer

• Expertise in installing, configuring, and troubleshooting of Cisco ASA 5500 series, Check point and Palo Alto networks. • Skillful knowledge of network devices like Switches, Routers, Cisco ASA and PIX firewall and various WAN devices. Involved in migration, implementation from different platforms, maintenance and troubleshooting of different devices.• Strong hands on experience on ACL, Cluster Firewall, and Experience in VLAN Tunnel optimization. • Installed and configured Cisco ASA firewalls and troubleshoot ASA 5580 site-to-site(IPsec) VPN and user VPN connectivity problems.• Working experience of layer 2, layer 3 and layer 4 and 7.• Expertise in Cisco ACS and Cisco ISE Authentication, Authorization and Accounting Protocols. • Expert Hands on Experience in Cisco ACS & Cisco ISE for 802.1x, Radius Configurations. • Working experience on Cisco ISE ( Identity Service engine) v1.4 and v2.0.x Patch 4,5,6. • Upgrade Cisco ISE code 1.4 to 2.0.x and 2.1.x and upgrade patch level on production network. • Install and configure Cisco ISE 2.0.x on corporate network and Airlines network. • Integration of External Identity store with Cisco ISE.• Created different policy for Employee, Contractors and Guest user. • Enable posture and enforcement of AV on corporate networks. • Implement Cisco AnyConnect 4.2.x and NAM,VPN, System security.• Working with PCI team for PCI audit every 6 months.• Configuring rules and Maintaining Cisco ASA Firewalls & Analysis of firewall logs using SecureCRT, ASDM, CSM, QRadar, firemon and skybox. • Upgrading firewall versions to the latest versions / IOS & applying Hot-fixes.• Taking Regular backups & testing the backups by restoring in test lab frequently.

2015 :

American Airlines

Network Security Engineer
Company: American Airlines

About

• Experience in IT industry as Network Data and Information security engineer which includes expertise in the areas of PCI data, Routing, Switching, Firewalls management, VPN management, identity service engine. • In-depth expertise in the implementation, analysis, optimization, troubleshooting and documentation of LAN/WAN network systems and work experience on layer 2, 3, 4 and layer 7• Expertise in installing, configuring, and maintaining Network Switches, Router, Firewall, Solarwinds, Cisco ISE, Qradar, fluke network.• Working experience on Cisco ISE ( Identity Service engine) v1.4 and v2.0.x Patch 4,5,6. • Upgrade Cisco ISE code 1.4 to 2.0.x and 2.1.x and upgrade patch level on production network. • Experience on working with Cisco Nexus Switches and Virtual Port Channel (VPC) and VDC configuration. • Expertise in analysis of PCI/PII secure data at enterprise level. TECHNICAL SKILLS:• Routers : Cisco routers ISR and ASR ( 1000 series 2600,2800,2900, 3200, 3400,3600, 3700, 3800, 3900, 4000, 7200,7600)• Switches : Cisco switches: - Layer 2 (2900 , 2950 series), Layer 3 (3500, 3650, 3750,4500,5000, 6500),Cisco Nexus 2000, 5000, 7000 Series . • Firewalls :CISCO (ASA 5505, 5510, 5500 series PIX – 515 , 525. 500 series ), Checkpoint (NG, NGX), • Cisco ISE v 1.2,1.4.x, 2.0.x with patch 2,4,6.• Networking Concepts: Access-lists, Routing, Switching, Sub-netting, Designing, IPSec, VLAN, VPN, MPLS, VoIP• Protocols/ Services : Routing protocol(OSPF, IGRP, EIGRP, BGP, RIP(v1 & v2)), TCP/IP, FTP, ARP, STP, RSTP, 802.1Q, VTP, , Telnet, SNMP, DNS, DHCP, POP3, IMAP, SMTP, IS-IS, SCCP,SS7,SAN.• WAN Technologies: Frame-Relay, ATM, MPLS, PPP, HDLC, ISDN. • LAN Technologies : Ethernet, Token Ring.• Voice technologies - MGCP, H323,MPLS, SIP, VOIP, CUCM, CUC, WCS • Network Management Tools: IDS & IPS, ACL, Net flow Analyzer, Smoke-ping, Wire Shark, • Load balance: F5 load balancer. • Monitoring Tools: Solarwinds, Fluke Networks,