Ben Fang
Irving
Summary
Dynamic Senior Network Engineer with extensive experience at Wells Fargo, specializing in VxLAN-EVPN and data center management. Proven track record in designing and implementing robust network solutions, enhancing security with Palo Alto firewalls, and optimizing performance. Adept at collaborating with cross-functional teams to drive successful project outcomes.
Overview
27
27
years of professional experience
1
1
Certification
Work History
Senior Network Engineer
Wells Fargo
07.2024 - 03.2026
- Perform advanced Data Center Network design, implementation and troubleshooting (CLOS L3 Spine/Leaf, VxLAN BGP EVPN, MEC, MLAG, vPC)
- Perform advanced Cisco Nexus Route/Switch design, implementation and troubleshooting
- Perform advanced Arista Route/Switch design, implementation and troubleshooting
- Building new Vxlan-EVPN network with Cisco and Arista Devices, Spine/Leaf.
- Developed high-level design and diagrams aligning with business requirements
- Produced low-level design and traffic flow diagrams based on high-level design
- Formulated implementation plan (build/deploy plan), verification, and backout to execute low-level design
- Perform post implementation validation/verification and performance
Senior Network Engineer
Transplace
Frisco
10.2017 - 03.2024
- Migrate a datacenter to a spine and leaf architecture (with VxLAN)
- Designed, configured, tested, and managed Disaster Recovery Network to enhance system resilience and minimize downtime.
- Design, configure, test, deploy and manage SD-WAN with Cisco routers and Silver Peaks
- Managed two datacenters, overseeing routing, security, software upgrades, and hardware refreshes to ensure optimal performance and reliability.
- Managed Hub and Spoke architecture for Azure cloud network to optimize data flow.
- Design, configure, test ExpressRoute to connect Azure to Datacenters
- Design, configure, test VNETS and VNET Peering
- Site-to-site IPSec VPN connections with Palo Alto firewalls
- Use Palo Alto Firewalls for Internet and internal security management
- Utilize ISE to implement security measures across diverse network elements.
- Design, configure, test external load balancer to connect to Internet
- Enterprise wireless network with Cisco WLCs and Meraki cloud
- Use F5 to load balance various applications
- Utilize Infoblox to manage IP, DHCP, and DNS services, ensuring efficient network resource allocation and streamlined operations.
Senior Network Engineer
Trinity Industries
Dallas
07.2017 - 10.2017
- Migrated data center from Cat 6500 to Nexus 9508, utilizing VPCs for switch connectivity
- Connect primary and backup DC with a site-to-site VPN
- Built remote offices leveraging MPLS and LTE for reliable connectivity
- Implemented BGP, OSPF, and VRF protocols to enhance network performance.
- Platforms: Nexus 9508, Catalyst 6500, ASA 5500
- Diagrammed and documented layer 2 and layer 3 networks for improved clarity and reference
Senior Network Engineer
Omnitracs
Dallas
10.2016 - 07.2017
- Built remote offices using MPLS for primary transport and DMVPN for backup, enhancing network reliability
- Configured route leaking between new and old data centers, facilitating seamless data flow
- Diagrams and documents layer 2 and layer 3 networks, providing clear visual representation for troubleshooting
- Implemented BGP, OSPF, and VRF protocols for network optimization
- Platform: Nexus 7k, 5K, ASR1000
Network Engineer III
Federal Reserve Bank
Dallas
04.2007 - 02.2015
- Designed and implemented network infrastructure solutions for secure communication.
- Upgraded IPSec GRE network over Sprint MPLS network, enhancing connectivity for 2700 routers
- Configured firewalls and routers to maintain security protocols.
- Monitored network performance to ensure optimal system functionality.
Senior Network Engineer
JPS Hospital (Tarrant County Health District)
Fort Worth
08.1999 - 03.2007
- Completed multimillion-dollar project upgrading flat ATM network to 10G routed infrastructure with Cat6500s
- Installed and configured Cisco PIX 515, ASA5510, and 3015 VPN concentrator for Site-to-Site IPSec connectivity for remote offices and partners
- Adjusted BGP settings on Cisco routers to enhance routing effectiveness.
- Migrated network infrastructure from IPv4 to IPv6 for improved connectivity.
- Implemented Cisco multicast protocol to enhance network efficiency.
- Established Cisco QoS configurations to ensure optimal bandwidth management.
- Executed advanced Cisco AQoS measures to improve service quality.
- Configured advanced Cisco campus switching for improved network performance.
- Constructed scalable Cisco internetworks to support growing business needs.
- Implemented security measures with PIX and ASA to protect network integrity.
- Configured security protocols for Cisco network devices to mitigate risks.
- Configured Cisco routers and switches to enhance network security.
- Configured Cisco VPNs to ensure secure communication over public networks.
- Implement Cisco VoIP solutions to enhance voice communication quality.
- Established foundational Cisco IPT systems to support voice services.
- Enhanced Cisco IPT systems to support advanced voice features.
- Implemented Cisco voice gateways and gatekeepers for efficient call management.
- Support network consisting of 5000 users, a Data Center with 250 servers, 16 campus closets, and 25 remote sites connected with T1, IPSec VPN, and Metro-Ethernet
- Install, configure, and support Cisco wireless network (WLSM/WLSE)
- Configure and administer the DHCP, DNS and WINS servers
- Configure Solarwinds and HP Openview to monitor the whole network
- Designed and implemented Win2K workstation upgrade plan, achieving $400,000 savings
- IPTT Cisco IP Telephony Troubleshooting
- Cisco ASR1000 Essentials
Education
MBA -
Baylor University
Waco, TX05-1994
Skills
- Network Architecture
- Disaster Recovery
- Network Segmentation
- Cloud Networking
- Microsoft Azure
- Azure ExpressRoute
- Cisco
- Juniper Networks
- SD-WAN
- MPLS
- MPLS Configuration
- IPSec VPN
- DMVPN
- IPSec Configuration
- Cisco firewall
- Next-Gen Firewall
- Demilitarized zone
- Perimeter Security
- Network Access Control
- Identity Management
- Wireless Networking
- Bandwidth Management
- Traffic Shaping
- Traffic Policing
- Infoblox
- IPAM
- DHCP
- DNS
- Application Delivery
- Traffic Distribution
- TCP/IP
- BGP
- OSPF
- EIGRP
- Multicast
- VSS
- Virtual private cloud
- VRF
- VLAN
- VXLAN
- Spine and Leaf
- NAT
- Cisco Nexus
- Switching Technologies
- Routing Protocols
- Routing Protocols
Certification
- CCDEW
- CCIE DATA CENTER (LAB)#49723
- CCVP
- CCNP
- CCDP
- CISSP
- ITIL3
- Microsoft MCSE
- MBA; Baylor University, 09/94
Training
- MPLS Implementing MPLS VPN Networks
- MPSLT Implementing Cisco MPLS Traffic Engineering and Other Features
- MULTICAST Implementing Cisco Multicast
- IPV6 IPv4 Migrating to IPv6
- BGP Configuring BGP on Cisco Routers
- QoS Implementing Cisco QoS
- AQoS Advanced Cisco Quality of Service
- ACCS Advanced Cisco Campus Switching
- BSCI Building Scalable Cisco Internetworks
- SNPA Securing Networks with PIX and ASA
- SND Securing Cisco Network Devices
- SNRS Securing Networks with Cisco Routers and Switches
- CSVPN Cisco Secure Virtual Private Networks
- CVOICE Cisco Voice over IP
- CIPT1 v4/v5 Cisco IP Telephony Part 1
- CIPT2 v4/v5 Cisco IP Telephony Part 2
- GWGK Implementing Cisco Voice Gateways and Gatekeepers
- IPTT Cisco IP Telephony Troubleshooting
- Cisco ASR1000 Essentials
Competences
Datacenter Management and Disaster Recovery, Vxlan-EVPN with Arista and Cisco, MPLS, SD-WAN, IPSec VPN, DMVPN, GETVPN, Cisco Wireless Controller and Meraki Cloud-based WiFi, Microsoft Azure and Azure ExpressRoute, Cisco and Palo Alto Firewall, Datacenter, DMZ and Perimeter. ISE, AAA, AC, TOS, COS, LLQ, CBWFQ, WFQ, Shaping, Policing, MPLS-VPN QoS, IPAM, DHCP, and DNS, F5 and Azure, TCP/IP, BGP, OSPF, EIGRP, Multicast, VSS, VPC, VRF, VLAN, VxLAN, Cisco Nexus:9K, 7K, 5K, 2K (10+ Years), Cisco Catalyst: 9500 (VSS), 9300, 6500, 5500 (ATM), 4500, 3600, 2900 (Stack), Cisco Router: 7500, 4400, 4300, 3800, 2900, 2500
Timeline
Senior Network Engineer
Wells Fargo
07.2024 - 03.2026
Senior Network Engineer
Transplace
10.2017 - 03.2024
Senior Network Engineer
Trinity Industries
07.2017 - 10.2017
Senior Network Engineer
Omnitracs
10.2016 - 07.2017
Network Engineer III
Federal Reserve Bank
04.2007 - 02.2015
Senior Network Engineer
JPS Hospital (Tarrant County Health District)
08.1999 - 03.2007
MBA -
Baylor University