Rajan Vashishat
El Dorado Hills,CA
Summary
Experienced Administrator with over 16 years of experience in network design, deployment, and operations of Cisco Networks, Firewall Management, IP Address Management, Security, and Security Implementation. Capable of applying technical expertise and diagnostic abilities toward solving problems and maintaining usability and performance.
Overview
16
16
years of professional experience
1
1
Certification
Work History
Network Administrator
Nexidia
07.2020 - Current
- Working as Network Security Administrator in planning and designing Clients global network for Network Access Solution
- Designed, Implemented, and Maintenance of IDENTITY SERVICE ENGINE NAC Solutions across Wireless, SSL-VPN, and Wired Networks on Cisco ASA and FTD firewalls.
- Secure wireless LAN access and Ethernet wire access using 802.1x and MAB with Cisco Identity Service Engine (ISE)
- Upgraded Cisco ISE consisting of 15 ISE servers North America-wide from legacy version 2.8 to 3.0 and 3.2 without affecting business operation
- Implemented TACACS+/ RADIUS authentication/authorization on Cisco ISE for central management of all network devices across US
- Integrating Cisco ISE with Load balancer to manage traffic between multiple ISE PSN nodes in order to provide AAA services
- Supported the entire IT enterprise, including two Tier 4 Private Cloud Datacenter Environments, Corporate Headquarters, Distribution Centers, and Production environments.
- Maintained Information Security, PCI Compliance DSS 3.2, SOC2, HIPPA, ISO27001, and provided oversight OF production environments.
- Planned and Worked on design with Network team to re-architect F5 load-balancers to load-balance traffic anywhere in company network and DNS, DHCP technologies
- Overhauled Client Wireless infrastructure to more updated state of art system utilizing 802.1x cert based authentication utilizing Cisco WLC 5520's/3800 Series Access Points and Cisco ISE
- Assist in deploying and troubleshooting PKI/Certificate based authentications
- Issued Digital certificates through PKI system to secure connect for both public web pages and private systems
- Experience with Public Key Infrastructure(PKI) system to authenticate identify of users, devices, or services
- Troubleshot and deploy Wired or Wireless 802.1x authentication, MAB, CWA and VPN authentications
- Working extensively on policy design and implementation for NAC solution and integrated NAC with various Network Infrastructure for successful deployment
- Troubleshot issues with AD/LDAP integration with ISE server for authentication
- Worked extensively on policy design and implementation for NAC solution and integrated NAC with various Network infrastructures for successful deployment of NAC solution
- Worked on ISE policies for auto-remediation of non-compliant devices, classification of devices, etc.,
- Managed and configured Cisco Identity Service Engine (ISE) with 802.1X for corporate users including Wireless BYOD, wired network users, IP phones and printers (requiring Mac Address Bypass (MAB)
- Configuring probes in Cisco ISE to collect device information connected on to company's switches and external Routers
- Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE
- Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access
- Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, Applying downloadable ACLs through Cisco ISE, and Configuring Standard and Extended ACLs locally and on upstream switch's for Cisco NAC
- Worked and participated alongside with Design architects for NAC Solution design for Guest Network and Mobile Access Network for ISE NAC Solution
- Involved in finalizing design for Guest Network and Mobile Access Network for NAC Solution, comprising of Anchor Wireless LAN Controller solution in DMZs/Internet Gateways with ISE NAC Appliances for NAC
- Performed LAN operations and troubleshooting which involves working on VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation
- Improving network performance by redesigning trouting and switching for Europe and Asia, based on BGP, EIGRP and OSPF routing protocols and route redistribution
- Designing and deploying high performance, highly secure, centrally managed, digital certificate based wifi network for Europe and Asia
- Based on 802.11n, and Cisco Wireless LAN controllers
- Engaging across other GIS infrastructure domains to address level 2/3 ISE support issues (e.g
- PKI Server, Load Balancer, WAN, Web Acceleration, Security, Any Connect)
- Experience in creating multiple policies and pushing them in to Cisco Firewall (Gateways) and hands-on experience in managing Checkpoint Management Server
- Monitoring and alert management of all components related to ISE solution (VNOC)
- Provide level 2/3 support for ISE-related issues, including off-shift and weekend support functions
- Effectively managed networks, reducing customer downtime while consistently meeting monthly SLAs
- Escalating and Engaging with L4 vendor support teams
- Documentation of configurations and change
Network Administrator
SecureAuth
03.2017 - 06.2020
- Managed and implemented Cisco ACS solution to centralize authentication of all networking devices for 802.X authentication on LAN and authentication for WLAN SSIDs
- Planned, designed and Configured various Policy Configurations, Profile Authorizations,End device Profiling, User Identities, Cisco ACS and AD mapping with various attributes and levels of authorizations and Network Access
- Configured and supported process for wireless and VPN connectivity, network addressing, infrastructure design, session management, and RADIUS authentication
- Designed & Deployed Cisco ACS for Enterprise RADIUS Authentication with Active Directory
- Deployed Cisco 3500 Access Points using Cisco Wireless controllers 5500 and 2500 and WCS System
- Experience with routing/switching methodologies and utilizing alerting and management tools such as Cisco Prime
- Improved and enhanced performance of Wi-Fi coverage using heat-maps and signal strength parameters on Cisco WLC and Cisco Prime
- Configured and performed software upgrades on Cisco Wireless LAN Controllers 5520&9800 for Wireless Network Access Control integration with Cisco ACS
- Solid experience in designing Large scale enterprise Wireless networks with Air Magnet
- Performed 802.11a/g/n Wireless Site Survey and Design using Air magnet suite of tools that included Wireless Survey Pro and Spectrum Analysis
- Designed plant and office WLAN utilizing various AP models including 1260s, 3700s and 1500s in Local, Flex connect and Bridge mode
- Coordinated with Data Network and Security team and come up with possible solutions
- Used internal network monitoring tools such as Solar Winds to ensure network connectivity and Protocol analysis tools to assess network issues causing service disruption
- Monitored network capacity and performance, as well as diagnosed and resolved complex network problems
Cisco Network Engineer
Time Warner Cable
10.2014 - 10.2017
- Configured and deployed various switches that involve creating and managing VLANS's, Port security, Trunking, STP, LAN security
- Troubleshoot and maintained all networking devices and infrastructure across enterprise including switches, routers, Wireless Controllers and Radius servers
- Downloaded and upgraded IOS versions on Cisco devices
- Involved in LAN development which includes IP distribution scheme, installation, configuration, testing, and maintenance
- Assigned ports and created Vlans to network to support clients with their needs
- Performed network administration; created user groups and user accounts, reset passwords and monitored their network devices and Servers
- Configured Mac-filtering on corporate wireless networks and configured dynamic ARP inspection on all user switch for security
- Worked on AAA server, authenticated users by using Tacacs, radius protocol
- Troubleshoot issues related to connectivity, STP, VLANs, Trunking, VTP, Layer 2/3switching, Ether Channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network
- Identified and resolved various infrastructures related technical issues of LAN/WAN/VPN, Security, and Antivirus end-point protection while performing root-cause analysis of various messaging related problems
- Communicated with Cisco TAC and Internet Service Provider over phone or via email to troubleshoot technical problems
Network Support Engineer
R Systems
06.2008 - 06.2014
- Diagnosed and executed resolution for network and server issues.
- Set up hardware and software in optimal configurations to meet network performance requirements.
- Designed and evaluated WAN and LAN connectivity technologies.
- Monitored network hardware operations to evaluate proper configuration.
- Provided faculty and staff with security software and network configuration support.
- Oversaw patch testing and deployment, script network software pushes and uninstalls.
- Managed and administered load balancing tasks for [Type] networks, routing and shaping traffic to reduce service interruptions and network strain.
- Supported users in setup and configuration of wireless bridge networks.
- Diagnosed network problems involving combination of hardware, software, power and communications issues.
- Improved network performance by troubleshooting and resolving hardware, software, and connectivity issues.
- Reduced downtime for clients by providing efficient technical support and timely issue resolution.
- Managed network upgrades, migrations, and expansions while minimizing disruptions to daily operations.
- Designed robust backup solutions to protect critical data from loss due to hardware failures or other unexpected events.
- Implemented monitoring tools for proactive identification of potential issues before they became critical problems.
Education
Bachelor of Technology - Information Technology
Punjab Technical University
05.2007
Skills
- Routers : Cisco 8300, 7600, 7500, 7200, 3800, 3600, 2800, 2600, 2500, 1800, 1700, 800 series
- Switches: Nexus 9K/5K/2K; Cisco Catalyst 6500, 4500, 3850, 3560, 3750, 2960
- IP Routing Protocols: BGP, OSPF, EIGRP
- AAA TACAS RADIUS: ACS 55/57/58, ISE30/32
- Firewalls: Cisco ASA 5500, Cisco FTD 3100
- Switching Technologies: VLAN, VTP, STP, RSTP, MPLS, IEEE 8021Q, VTP, Inter-VLAN routing, HSRP
- Wireless Technology: Cisco 5500, 9800 series controller, Cisco AP, LWAP, Access Points, WCS
- Operating Systems: Windows Server 10/8/7/Vista/XP, Linux, Unix (Mac OS)
- Microsoft Visio, Solar Winds, Kiwi Tools, Splunk, and MS Office applications
- Microsoft Tools: Office, Visio, Excel, PowerPoint, Word
- Active Directory, DNS, Access, Policies, Upgrade
- Cisco Routers, Inspection, Network Access Control, Spectrum Analyzer
- Clustering, Internet Service Provider, Network administration, SSL
- Network and systems, IP, Networking hardware, Switches
- Controller, LAN, Network security, Switch
- CPU, LDAP, Network and Security, Phones
- DHCP, Managing, Operating Systems, Unix
- Documentation, Messaging, OSPF, Upgrades
- Network security architecture
- IP address structure
- Security architecture and technologies
- Cisco switching expertise
- 8021x experience
- Root Cause Analysis
Accomplishments
- Up-gradation of various network devices to the latest and stable operating system along with stable firmware that are less prone to bugs in the client's network.
- Creating/removing entries in the DHCP Server and Network Policy Server for allocation of IP addresses and authentication/accounting purposes respectively.
- Configuration, testing and management of various network devices like Cisco Routers, Cisco Switches, Riverbed Steelhead, Cisco WLC and Cisco Access Points across Network infrastructure for various customers across the globe.
- Experience in implementation of Cisco ACS and ISE Servers & configuration of TACACS for authentication and accounting purposes.
- Configured and performed software upgrades on Cisco Wireless LAN Controllers 5520/9800 for Wireless Network Access Control integration with Cisco ISE.
- Perform troubleshooting at the Wireless Controllers for AP's associations and Wireless Client Association, using Debug commands and Wireshark.
- Configuring and managing AP's, WLC using Cisco Prime Infrastructure.
- Used Cisco Prime in the network for the management and predictability purpose.
- Implemented Splunk to drive reporting and search for data collected from Cisco ISE.
- Successfully sustained trouble calls tracked via Remedy System v4.05 (ticketing software).
- Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tool's such as Solar winds,Wireshark, TCP Dump, Cisco Prime.
- Skills: Cisco ISE (6+ years) , Cisco ACS (7 YEARS), Cisco firewalls (12 years), Cisco routing/switcing (15 years), Solutions architectures (2 years), Network engineering (14+ years), Wireless network design (6 years), Network Security (8 years).
Certification
- Cisco Certified Network Associate (CCNA)
Timeline
Network Administrator
Nexidia
07.2020 - Current
Network Administrator
SecureAuth
03.2017 - 06.2020
Cisco Network Engineer
Time Warner Cable
10.2014 - 10.2017
Network Support Engineer
R Systems
06.2008 - 06.2014
Bachelor of Technology - Information Technology
Punjab Technical University
Similar Profiles
Johnny GalvanJohnny Galvan
Senior Support Specialist at NexidiaSenior Support Specialist at Nexidia
JOSE SIERRAJOSE SIERRA
Deployment Engineer at Sutherland Global Services - NICE NexidiaDeployment Engineer at Sutherland Global Services - NICE Nexidia
Ecrin OnursalEcrin Onursal
Restaurant Server (Part-Time) at Bawarchi Indian CuisineRestaurant Server (Part-Time) at Bawarchi Indian Cuisine
Jonah AlencastreJonah Alencastre
Medical Assistant at K-GLO AestheticsMedical Assistant at K-GLO Aesthetics
Samuel HaggardSamuel Haggard
Site Operations Administrator at John Adams AcademySite Operations Administrator at John Adams Academy