Technical Summary

Operating Systems: DOS, Windows 3.1, Windows 95, Windows 98, NT Workstation, NT Server, Windows 2000 Professional and Server, Windows XP, UNIX - Linux, HP-UX, Solaris, AIX, DG-UX, SCO, Cisco IOS, BlueCoat SGOS, Lucent/Livingston ComOS, Nokia IPSO 3.6

Languages: Perl, Javascript, HTML, Shell scripting, Regular expressions

Protocols: IEEE802.3 Ethernet, 802.5 Token Ring, 802.11a/b/g Wi-Fi, 802.1Q VLAN Tagging, 802.1P, 802.3af Power over Ethernet, TCP/IP, IPX, NetBeui, DECNet, Spanning Tree (PVST/MST), 802.1W Rapid Spanning-tree Protocol, VLAN Trunking, DTP, PAgP, Voice VLANs, Etherchannel, PPP, HDLC, Frame Relay, X.25, ATM, DLSw, NTP, SNMP, SMTP, POP, IMAP, FTP, HTTP, SSL, PPTP, IPSEC, GRE, NNTP, RIP, OSPF, EIGRP, IS-IS, BGP, ODR, CDP, IGMP, PIM, HSRP, VRRP, RADIUS, TACACS, SecurID, WCCP, H.323, SIP, RSVP

Hardware: Cisco Routers Series 700, 800, 1000, 1600/1700 series, 2500 series, 4000/4500/4700 series, 2600/2600XM series, 3600/3700 series, 7100 series, 7200 VXR Routers with NPE-150 to NPE-G1, 7500, Catalyst 2900, 3500XL, 3550, 3560, 4000, 5500 and 6500 switches with SUP1 & 2 and MSFC1 & 2 routers, Content Service Switches (CSS11154), and PIX Firewall, F5 BigIP 5000, 3400, 6400, F5 3DNS, Nokia IP650 & 380 firewalls, Blue Coat SG8000, 6000, 800, and 400 proxy servers, Director 2 & 3, ProxyAV Spyware and Anti-Virus content solution, and SA-725 server accelerator, Redline Networks EX3250 & EX3650, Nortel Conntivity, 3Com Corebuilder 3500, 5000 and 6000 switches, stackable switches, hubs, network cards and transceivers, Lucent Portmaster 2 & 3, Ascend/Lucent Pipeline 50 and 75, 10base2, 10base5, 10baseT, and 100baseT cabling, Category 3, 5, 5e, 6 and Anixter Level 7 wiring, twisted pair color coding, Category 3 and 5, 66, 110, or RJ-45 patch panels, Multimode and Singlemode fiber optics with SC and ST connectors, Fluke One-Touch Network Assistant, Network Associate's NetXray, Network General Sniffmaster, Compaq ProLiant Servers, Compaq RAID controllers, Compaq DeskPro and Prolinea Desktops, Epson and Mustek Scanners, Iomega Jaz and Zip drives, Seagate DAT drives, 16/32 and 35/70 DLT Tape drives, Compaq Netelligent switches, hubs, and network cards

Software: Cisco IOS 11.0-12.3(13), CatOS and Native IOS, Blue Coat SGOS2 - 3.2.3.3, Checkpoint Firewall-1, Concord Network Health, Systems Management Server, What's Up Gold, MRTG, Exchange Server, RightFAX, Microsoft Resource Kit, MS Proxy, IIS 4.0, Seagate Backup Exec, PCAnywhere, sh, bash, ssh, PGP, IRC, NFS, Apache Webserver, Sendmail, X-Windows, DNS & Bind, CMU-SNMP, XNTP, Acrobat, Photoshop, Internet Explorer, Netscape Navigator, Eudora, Pine, Microsoft Office, Outlook, Lotus Notes, Remedy, Tivoli Problem Management

Telecommunications: 56K v.90, Multilink PPP, Multi-chassis Multilink PPP, Analog/Digital modem pools with hunt groups, Switched or dedicated 56K, ISDN BRI and PRI, NFAS, Fractional, Channelized, and Clearchannel DS-1's, DS-3, and GigaMAN circuits, AMI and B8ZS encoding with Extended Super Frame, channel banking, Frame Relay, ATM, SONET OC-3 - OC-48, Dense Wave Division and Time Division Multiplexing (DWDM/TDM), Adtran SmartShelfs and stand alone DSU's, AT&T Paradyne, Larscom, and DigitalLink CSU/DSU's

Senior Network Design Engineer
Network Design & Engineering

Perform product evaluations and assessments for technology use within the bank's network. Design network solutions for fully redundant Internet hosting architectures, transparent server side caching, internal content distribution, global corporate network infrastructure, and customer/extranet network services. Transition design projects into operational deployment, provide extensive support documentation, and handoff administration to operations team. Provide 3rd level support to network operations team.

Designed and installed a web hosting infrastructure utilizing firewall load balancing, layer4/5 content switching for load balancing web content with complete hardware failover redundancy.

Deployed a fully redundant transparent server side caching environment using the BlueCoat SA-725. Configured inline SSL termination for encryption acceleration to offload processing from the webservers.

Evaluated Internet network service provider offerings to enhance or replace the current dual DS-3 facilities, in order to provide more scalable and reliable Internet bandwidth for application hosting.

Migrated all hosting environments to provider independent IP address space that we owned and registered within RADB. This allowed for us to not be subject to each individual providers transit routing policies for a small block of space that we may have been assigned out of a much larger block and also eliminated issues with gaining true route and path diversity when peering with more than one provider at a location.

Rearchitected default routing architecture for the North American network to point towards a single "External Services" Autonomous System, so as to eliminate the redistribution of hundreds of external client routes into the core environment. This centralized all external connectivity to the bank into one routing domain, allowing for a much more simplified routing policy, within all additional Autonomous Systems, and the cleanup of several hundred unnecessary routes existing in all the core routers.

Expedited the connection of a newly acquired company to the corporate Extranet via Frame-Relay PVC. Coordinated application requirements with the security team to effectively build firewall policies to enable certain client access.

Designed and implemented a redundant BGP architecture at 2 geographically diverse Extranet POPs to provide dynamic failover capabilities for over 50 external customer and partner connections.

Created a standardized implementation process for managed extranet installations and Visio documentation template for support turnover.

Designed and implemented redundant external connectivity to Citigroup via extranet connections from Chicago and New York using BGP to support the divestiture of a subsidiary retail bank in New York.

Designed and installed a centralized environment for Extranet encryption termination, utilizing dual 7140 VPN routers, multihomed with encryption accelerators, using HSRP and tracking of both outside and inside interfaces to force faster IPSEC SA failover.

Designed and implemented a geographically diverse, high availabilty proxy server environment using Blue Coat SG6046's and F5 Big IP 5000's and 3DNS. Rearchitected proxy autoconfiguration (PAC) file syntax for more efficiency. Implemented a topology load balanced delivery solution utilizing 3DNS for global load distribution of PAC file delivery.

Deployed 410 Blue Coat SG400 proxies into remote retail locations utilizing WCCP as well as transparent pass-thru to improve bandwidth performance for internal web portal and training applications. Created a standardized design template for new deployments. Developed a day to day management process using the BlueCoat Director platform for policy updates and configuration changes

Siemens Building Technologies, Inc. - Buffalo Grove, IL
March 1999 to December 2000 - Permanent

Senior Network Administrator
IS Operations

Maintain Frame-Relay network supporting 87 branch locations across the U.S. Perform technical support to isolate issues causing outages or degradation of performance for branch office. Maintain and configure two Cisco 7206 routers that support the frame-relay infrastructure for the Wide Area Network. Maintain and configure Cisco 2500, 2610,2620,3610,3620, and 4000 series routers in the corporate office and at branch offices. Performed Y2K firmware and software audit on all network hardware for reporting to Siemens Corporate audit team. Upgraded non-compliant hardware, firmware and software for Branch Cisco routers and CSU/DSU's, corporate office routers and LAN switches.

Installed and configured 3Com Corebuilder 3500 and Superstack 3900 as the core Layer 3 switch in the environment to replace the old Corebuilder 6000 switch. Redefined VLAN configuration and physical topology to allow DECnet protocol to operate between different segments.

Planned and implemented network redesign to support dual Gigabit etherchannel connections to each network closet with 10/100 switching to the desktop using Cisco Catalyst 6509's. Configured dual MSFC routing cards and supervisor's in the core Layer3 switch using Hot Swap routing Protocol for instant routing failover. Also planned and designed future core redundancy for Data Center ethernet distribution. Researched designs of multicast implementations to support future multicast applications being designed by engineers on the corporate network and implemented Protocol Independent Multicast (PIM) using sparse-mode across the WAN and dense-mode across the LAN with a single Rendezvous Point at the core for the remote office routers to synchronize with.

Consulted with an internal engineering project team seeking UL listings for ethernet network designs for small to large campuses integrating their automated building control systems with their Fire Safety control units. Helped design standard configurations and hardware choices, as well as security/firewall configurations for connectivity to corporate production networks.

Beta tested Cisco 11Mbps Wireless LAN Access Points for conference room laptop network connectivity and ability for Senior Management to be more mobile for meetings.

Consulted with the Dallas Branch Office on a project at the DFW Airport to resolve possible network configuration issues causing intermittent outages with Security Access field panels. Used the NetXray sniffer software and a Fluke One-Touch Network Assistant to gather performance statistics. Helped to calm down a very hostile situation with a customer by isolating the various issues causing the problems and making recommendations for them to eliminate these problems.

Assisted the Cerberus Division in troubleshooting network slowness issues causing name service outages rendering the network useless. Mapped out Ethernet LAN design and made recommendations to reconfigure the topology, replace bad patch cables, and re-certify the cabling infrastructure to guarantee cable performance.

Installed and configured infra-red laser cannons as a temporary solution to connect the network to a new building across the road at 100Mbps.

Reconfigured routing protocols at the core of the network to allow for route summarization to reduce routing table size and reduce external route flapping. Replaced RIP with EIGRP and OSPF to increase route stability at the core.

Installed and configured MRTG software and PERL on an NT server to use SNMP to monitor the bandwidth utilization of all frame-relay PVC's and circuits connecting to our branch locations,router CPU usage, as well as LAN connections, including Gigabit and 10/100 switched ethernet ports. Also implemented a Perl CGI script to perform remote commands to Cisco routers in order to view current routing tables or configurations through a web interface without having to log into a router.

Project leader for developing and implementing an enterprise solution for performance measurement and reporting on systems availability of all network components, servers, and applications.

Assisted with fiber optic installation and burial project from the Data Center to a new building across the road. Helped in vendor selection and wrote the standards and requirements documentation for design of wiring closets and cable tray assemblies.

Designed an Intranet website for the Network Operations group in order to make information about the corporate network, such as maintenance, upgrades, or outages, as well as networking in general more readily available to other support teams and employees.

Implemented a choke router using Cisco Access-lists to allow or deny traffic to or from our network from the Siemens Corporate Network based on management policies and guidelines, as well as standard security filtering practices. Also implemented access-lists on the Internet gateway router to perform as a firewall to prevent illegal entry into our internal network and protect critical services from attack.

Implemented a Network Time Protocol hierarchy using core WAN routers synchronizing with a Stratum 2 timeserver on MCI's network in order to more accurately synchronize critical financial server's system clocks for logging purposes and to maintain more narrow windows between automated job scheduling.

Product tested several vendors hardware WAN sniffers and analyzers for use on our Frame-Relay network, in order to ease troubleshooting application issues within the WAN.

Attended a training seminar on network analyzing using sniffers and decoding to uncover and resolve a wide variety of problems.

Attended a training workshop at Networld+Interop covering the implementation of OSPF and BGP routing protocols.

Achieved my CCNA, MCP, MCP + Internet, and MCSE certifications through self-study.

Partially completed self-study towards the CCNP certification. Completed the CCIE Routing & Switching Written Exam and currently studying for the Lab Exam.

The Metron Group, Inc. - Plano, TX
December 1997 to February 1999 - Permanent

Network Consultant

Maintained Internet network services and hardware for clients. Maintained internal Unix, NT, and Novell servers and network connectivity. Configured and Installed new hardware for both clients and internal use, as well as troubleshot. Worked with clients to provide options for network expansion and migration. Designed web sites for clients and for internet and consulting services.

Designed office network migration for Internet services utilizing a Cisco 2501 router, Adtran TSU, Lucent Portmaster3, Compaq Netelligent hub, 2 Linux servers and Microsoft Proxy Server for LAN gateway. Arranged for installation of two T-1 circuits. One circuit was a High capacity link connecting directly to backbone service provider using Adtran TSU connected to Cisco router and the other T-1 utilized PRI service directly connected to Portmaster3 to offer dial-up 56K and ISDN service to customers. Configured Cisco router to use PPP over High Cap T-1 link to negotiate packet transfer to backbone provider's Ascend GRF4000 router.

Obtained Class C network from backbone provider; configured local subnet of 64 addresses, leaving rest of space available for customer subnets. Configured OSPF routing protocol to perform local network route propagation between Portmaster3 and Cisco 2501, allowing support of Variable Length Subnet Masking to offer different size subnets for each customer.

Remote user authentication was performed using Radius. Installed and configured Radius on both Linux servers for failover purposes. Duplicate of primary server's password file was kept on secondary server. Configured each Linux server with Bind to support primary and secondary DNS services; Each server ran Sendmail 8.8.8 SMTP server providing email services locally and acting as a redundant mail queueing point for remote customers in case of WAN link failure. Primary server ran the Qpopper program enabling POP email services for client download of email. Installed Apache webserver to perform virtual webhosting services for customers. Installed primary Linux server with CMU-SNMP package, GD to build GIF images on the fly, and set of Perl scripts, called MRTG, to enable bandwidth and port monitoring on Cisco router and Portmaster3. MRTG scripts scheduled to run every 5 minutes from cron, generating web pages with graph images showing the maximal, average and current bandwidth in use on each port; also enables monitoring dial-up lines in use to gauge traffic volume and plan for growth in a timely fashion. Installed PGP public key encryption software for email privacy. Installed ssh to enable secure, encrypted telnet sessions from offsite for root administration.

Enabled network time protocol on Cisco router to synchronize with Stratum1 timeserver, Installed XNTP on Linux servers to synchronize with Cisco router. Allowed system clocks to maintain exact time, consequently sytemlog time stamps are close as possible to exact time.

Installed and configured Ascend Pipeline 50 and Cisco 762 customer routers for Internet access. Troubleshot ISDN BRI problems with telephone company.

Designed company's websites for consulting and internet services using text editor for html including javascript, Photoshop for graphic design and Epson Scanner for importing images, running on top of Apache Webserver and IIS, utilizing Perl scripts and C++ programs for CGI functionality.

Maintained local Exchange server for company email, and Proxy server for Internet access. Helped install and configure Outlook email clients for exchange server. Maintained internal DHCP services on Novell 4.11 server. Installed and configured new Novell workstation client software on office PC's for enhanced capabilities. Installed and configured GFI Faxmaker software to perform incoming and outgoing fax serving integrated into company Exchange server. Installed and configured a refurbished Synoptics LattisNet 3000 to expand office LAN. Troubleshot local NT Workstations and Windows 95/98 client PC's with various problems. Upgraded internal SCO server operating system from 3.2 to 5.0.4 Enterprise.

Performed remote administration of customer servers and networks using PCAnywhere.

Installed and troubleshot CAT3 and CAT5 wiring, 10base2, 10base5, 10baseT and 10baseFL cabling locally and at a variety of customer sites.

Installed and configured Cisco 4700 series router to handle IPX and TCP/IP traffic over LAN and WAN using Frame Relay services. Set up EIGRP routing protocol to maintained routing tables for all of the remote site connections through the Frame Relay links. Configured router to use the HDLC protocol for communication to remote Cisco 2509 routers over Frame Relay to reduce the packet overhead. Installed and configured a Cisco PIX firewall to secure internal network from the Internet.

Performed a processor upgrade from a C4 to a C6 on an IBM RS/6000 server. Additionally, performed multiple AIX operating system upgrades for Y2K compliance.

Responded to a network down emergency involving Data General hardware. Determined source of hardware failure based upon log files on DG-UX operating system and arranged for replacement of failed card through Data General. Installed replacement card following morning and brought server back up to full operating condition.

Troubleshot intermittent connectivity over 10base5 Thicknet after direct lightning strike to building. Used ohmmeter to track down cable failure. Discovered destroyed transceiver and replaced to restore network connectivity.

Installed and configured numerous DAT drives and DLT tape drives using Seagate Backup Exec software to perform server and network wide backups. Troubleshot backup failures.

Additional responsibilities included working with a wide range of clients to install, configure, and troubleshoot their hardware and software onsite. This included: Compaq Desktops and clone computers, ProLiant 800, 1600, 3000, 5500, 6500 and 7000 servers, hot-plug Wide-Ultra SCSI hard drives, Compaq RAID controllers, Compaq 5226 switches, Compaq Netflex 3 controllers; Cisco 700, 1600, 2500, 4700, and 7200 series routers; Ascend Pipeline 50 routers; 3Com LinkSwitch 1000's.

Attended Compaq training seminar to obtain Authorized Compaq Technician status. Followed a self-study program to earn Microsoft Certified Professional status in Networking Essentials, Windows95, TCP/IP and NT Workstation in four months.

Oberlander Communications, Inc. - Peoria, IL
May 1996 to December 1997 - Permanent

Systems Administrator/Webmaster - (May, 1996 - December, 1996)

Managed technical support help desk and answered technical support questions involving Microsoft Dial-up Networking, PPP, Windows3.1/95/NT, Modem hardware, 56K connectivity, Netscape Navigator, Internet Explorer and Eudora.

Initiated/wrote the "acceptable use" policy for internet service.

Maintained Linux Internet servers, including DNS, Radius, Sendmail, Apache Webserver, NNTP Usenet News server. Installed and configured the X-windows system for easier graphical management of Unix servers from the console. Maintained backbone, offsite, and customer Cisco routers, Portmaster2 and 3 dial-up terminal servers, and Adtran CSU/DSU's.

Internet Services Manager ( with this promotion, I still maintained previous duties) - (January, 1997 - December, 1997)

Arranged for installation of high capacity circuits for additional dial-up facilities and for Internet bandwidth. Instigated trouble tickets and circuit repair in the event of failure.

Sold network hardware such as Livingston ISDN routers and Cisco 2500 series. Sold dedicated and dial-up Internet services, such as 56K dial-up, 56K leased circuits, dial-up and persistent ISDN BRI service and lease line T-1 connectivity.