CCIE# 12680
Tahir H Awan
Summary:
· 14+ years of Network Architect Experience for Enterprise Networks
· 10+ years of CCIE experience
· 6+ years of Team leadership experience.
· CCIE # 12680 (Routing and Switching).
· CCIE (Service Provider written)
· CCIE (Voice written)
· CCIE (Data Center written)
· CCNP, Cisco Certified Network Professional.
· CCNA, Cisco Certified Network Associate.
· Cisco Data Center Support Specialist
· Cisco Data Center Design Specialist
· Cisco Call Manager 4.x (642-444)
· Unified Communications Architecture and Design
· Data Center Unified Computing Implementation
· Implementing Cisco Quality of Service
· Implementing Cisco Identity Services Engine Secure Solutions Exam (ISE)
· Cisco IP Telephony Design Specialist
· WAAS SE - Wide Area Application Services for System Engineers
· Routing and Switching for Systems Engineers
· Cisco IP Communication Certification. Designing and Implementing of Unified
Communications with Unity (642-071)
· NETAPP ASAP certified engineer
· B.Sc. engineering in electronics with minor in wireless/satellite
communications and Digital Image Processing.
· Executive MBA from NYU Stern School of Business, in progress
Core Skills:
· IT leadership role, leading teams on various projects. Starting from
budgeting, ROI, TCO for the customers to design and implementation of
projects.
· Extensive Datacenter design experience using Nexus 7K, 5k and 2K switches
with Fabric interconnects FI 6100 and 5108 blade server using B series
servers.
· Cisco Fabric Path with Nexus 7000 and Nexus 5000
· Cisco VPC with Nexus 7000 and Nexus 5000
· Extensive Storage (NetApp) integration experience in datacenter
environment.
· Experience with Cisco UCS infrastructure.
· Extensive VMWARE ESXi experience.
· Extensive experience with Cisco Wireless infrastructure.
· Sound practical and theoretical knowledge of LAN/WAN technologies.
Sound theoretical knowledge of, and ample work experience with,
SONET/SDH, and the associated physical media (OC-N, T1, T2, T3, etc.)
· Profound knowledge of Cisco IOS software (12.0, 12.1,12.2, 12.3, 12.4 and
NX-OS).Ability to configure and troubleshoot WAN technologies like FrameRelay,
ISDN, ATM (LANE), POS, etc.
· Familiarity with all basic and most advanced features of Cisco IOS software.
(NAT, VoIP, Compression, Encryption, QOS, Router Management, etc.)
· Ability to configure and troubleshoot different bridging technologies on Cisco
routers (IRB, CRB, SRB, SRTB).
· Awareness of all the issues pertaining to MSTP, RSTP and STP (Spanning
Tree Protocol) configuration and its behavior in complex Layer 2 / Layer 3
internet works.
· Expertise in Routing Protocol configuration. Protocols include RIP, EIGRP,
OSPF, IGRP and BGP.
· Strong IOS understanding allows quick adaptation to new hardware
platforms.
· Experience with nearly the entire Cisco product line.
Well acquainted with the Cisco Catalyst Switch series including catalyst 2900,
2960, 3500 XL, 3560X, 3750X, 3760, 4500, 6500, 3920,
· Exposure to network management using SNMP. Also familiar with Cisco
Network Management software and MRTG.
· Strong problem analysis and resolution skills.
· Experience with Multicast Routing protocols like DVMRP, MBGP, MOSPF, PIM
sparse and dense protocols. Well versed in shared and distributed multicast
protocols.
· Well versed with and experienced with layer 2 and layer 3 based QOS
features, COS, Precedence, DSCP.
· Experienced and well versed in voice protocols, MGCP, SGCP H.323 with VOIP
and VoATM implementation.
· Extensive experience with MPLS backbone deployment for Private Networks
(VPN).
· Metasolv OSS, Visio, Matlab, Cisco WAN Manager, OpenView software.
· Extensive experience with IPSEC deployment across the network using
dynamic ipsec and static ipsec tunnels
· Extensive Wireless LAN deployment experience working on Aironet 1200,
platforms and BR 1300 and BR 1400 using centralized LW Controllers with
location appliance for Rogue Detection and suppression.
· CSS 15000 load balancer experience.
· Extensive Cisco IPS 4200 series datacenter deployment experience for
Intrusion detection and prevention. Global signature portal creation and
signature deployment experience.
· Extensive CSM experience to manage Cisco IPS 4200 series devices for policy
enforcement and signature write-ups.
· Comfortable with MS NT 4.0, Win 2000 and UNIX.
Hardware:
· ASR 1002, ASR 1006
· Nexus 7000, 5000, 4000. 3000 and 2000
· FI-6100, 5108, B 200M2, B230M2, C200 M2
· Adaptive Security Appliances. ASA 5540. 5510
· WAAS, WAE 600, 500 and 7300
· Cisco routers (12008GSRs, 10000ESRs 7600, 7500, 7200-VXR, 4500, 4000,
3600, 3700, 3800, 3900, 2900, 2600, 2500, 1700 & 1600 series)
· Cisco Catalyst switches (1900, 2900, 3500, 3920, 4000, 4500, 5500, 6500
series)
· Cisco Access servers (AS 5300, Cisco 5800).
· Cisco Secure PIX Firewall (515, 520, 525).
· Cisco ATM switches BPX 8600 and MGX 8850.
· CISCO IADS 3800 and 2400.
· ONS 15454 and DWDM 15800
· Cisco Call Manager 4.x and CME
· Aironet 1200,1310 and 1400, 1500, 3500i
· Wireless controllers 4404, 5500
· Location appliance. WCS 7.0
· FWSM 1.x
· CSS 15008 load balancer
· IPS 4200
· NETAPP 2240-2 Storage device
· F5 load balancers 6800 series.
Network Operating Systems:
· Windows XP, Vista, NT Server, Windows 2000, Windows 2003 server,
Windows 2008 Server, Windows 7. Linux Fedora, Ubuntu, Redhat.
Routed Protocols and Others:
· TCP/IP Protocol Suite, NetBIOS/NetBEUI, Novell's IPX/SPX, SNA,DHCP,
WINS, DNS protocols in multi-vendor enterprise setups.
· Extensive experience in configuring OSPF, RIP, RIP 2, BGP, IS-IS, EIGRP, IGRP,
PIM, DVMRP, MOSPF, MPLS and MBGP.
Network Management Systems:
· Cisco Works for Windows, MRTG, VMware vCenter, NetApp System Manager,
NetApp operational Manager. UCS USM. ASA ASDM, CSM4.0. Putty, Teraterm.
Network Security:
· Architecture and deployment experience of Cisco ASA 5500 & PIX 5xx.
· Cisco IOS Firewall Feature set
· IPS 4200 architecture and deployment experience using CSM 4.0
Storage:
· Extensive Storage Experience using NETAPP technologies
· FAS 2240-2
· De-duplication, Snapshots, Cloning
· Volumes, LUNs, Aggregates,
· ISCSI, CIFS, NFS, FCP and FCOE Protocols.
· Operational Manager
· System Manager
· NetAPP VCenter plugin
· Snap drive
· High Availability storage setup.
· Zoning creation on FC switches,
· Nexus 5k storage NPIV and NPV setup.
Experience:
US Census Bureau 6/ 2012 – Present
Team Lead/Senior Network Architect
Summary:
Leading a team of engineers at US Census Bureau. The network consists of 8000+
users and it consists of Nexus 7Ks, 5Ks, 4Ks, and 3Ks, 6500, 3750 in datacenter
environment. The wireless network consists of AP 1242N, WLCs 5508s, WCS 7.1.
Major responsibilities include architecture and designs, budgeting, putting plans in
place for network migrations and operations. Role also includes working with
Security, voice, desktop and server leads to strategize new projects.
· Managerial role leading a team of engineers.
· Leading the team in case of crises to mitigate network issues.
· Mentoring Tier 3, Tier 2 and Tier 1 engineers for architecture and
operational roles.
· Involved in day-to-day operational support of US Census Network.
· Creation of Remote IPSEC sites for regional sites.
· Datacenter architecture and design using Nexus 5k and Nexus 7K setup using
Fabric path
· Datacenter server migration project
· Wireless support issues.
· Writing network proposals
· IPv6 deployment project
· Managing team of 4 engineers for day to day operation support and their
scheduling.
· Architecture of Census Datacenters and office environment
· WAN architecture for HQs and Regional offices (RO) and RDC sites.
· Working with Cisco AM, SE and AS teams to mitigate and network related
issues.
· Design, architecture and support role for The Census Bureau Multicast
network, using PIM spare mode.
· Trouble shooting any network escalated issues.
· Helping Government organization with PNL (profit and loss)
· Putting network proposals and architecture.
· Testing new equipment for technology and its integration in US Census
Bureau.
· Working with PMO group for project deadlines setup and project updates.
· Upgrading network to bring them to Federal Government compliancy level.
· WAAS deployment for regional offices
· ISE wireless integration in conjunction with Security Team.
NFF, Inc. 5/ 2011 – Present
Lead Solution Architect
· UCS infrastructure deployment Project. Architected, tested and configured
UCS datacenter environment using Nexus 5K with 10Gig Ethernet links to
Fabric interconnects 6120s. These redundant Fabrics interconnect were inturn
connected to Cisco Blade Chassis 5108 containing Cisco B 200 M2
servers. Datacenter environment was designed with SAN redundancy as well
as Network redundancy with storage network and network environment
respectively. All servers were setup to boot from storage network.
· Architected, tested and configured SAN solution using NETAPP FAS 2240-2
in datacenter environment. SAN storage solution consisted of two SAN
controllers (filers) each with two 8Gig FC links to Fabric interconnects 6120
using Direct Storage connections (default zoning). SAN solution consisted to
24Gig of RAW disks consisting of 2TB 7.2K RPM and 600GB 10K RPM drives.
The solution was architected using thin provisioning with de-duplication of
data enabled for the storage network. Both filers were setup in High
Availability pair sharing LUN, volumes and aggregate information. High
speed FC connection in this storage environment was complimented with
high speed ISCSI 1 Gig connectivity. All Bootable LUNs for B series storage
were setup as part of storage environment. Any data stores for VM
environment were either shared using ISCSI or FC based protocols.
· Architected, tested and deployed Virtual Machines and applications in data
center environment. VMware ESXI 4.1 was the choice of virtualized host for B
200 M2 servers. All B200 M2 servers consisted of 120GB of RAM, NETAPP
thin provisioned storage, and dual, E5650 quad-core processors. VM hosts
were designed to be a part of VCENTER for management purposes.
· Architected, designed and deployed Unified Communication WEBEX meeting
place application in datacenter environment. This new WEBEX Meeting Place
8.5.2 was deployed using WEBEX on premise integration using two meeting
directors and one MCS WEBEX node for communications with WEBEX
network in the cloud. The two meeting directors were also configured as
conferencing units to mix WEBEX calls.
· Designed wireless, switching and Unified Communication environment for
Kingsbury High School. Wireless network consisted of Cisco WLC 5108 with
25 AP licenses. The switches consisted of POE catalyst 2960 series and
Catalyst 3560X. All switches were connected using 10Gig interface on MMF
category OMB type3. Wireless survey was conducted for the customer based
on customer requirements and signal and throughput heat maps were
generated for providing 802.11n services. Customer was proposed to use
WPA2 with pre-shared keys.
· Designed UCS environment for American Association of Museums using Cisco
UCS FI-6148s, 5108 with B200 M2s, running virtualized host VMWARE 4.1.
Customer was proposed direct storage access to connect to their FAS2240-2
with 10TB of data.
· Designed Wireless network for John Carroll School using WLC 5108 with 50
AP licenses. Site survey was conducted and heat maps were generated for AP
1140N across the school. This wireless upgrades required POE switch
upgrade as well with 1GIG uplinks to main datacenter.
· Designed FSBPT wireless network using 12 1140 controller based APs. Heat
maps were generated based on customer concentration points and through
put requirements. Along with wireless solution, a POE based switching
infrastructure was proposed.
· Designed, configured and deployed autonomous APs for Shady grove fertility
center in Washington DC using WPA2 AES-CCM and pre-shared keys.
Multiple SSIDs were setup for the customer using both 2.5 GHz and 5 GHz
antennas.
Cisco Systems, Inc. Oct 2007 – May 2011
Network Consulting Engineer, Cisco Advanced Services.
· MPLS backbone course instructor for General Motors, AT&T and HP.
Instructing classes with lab once a month.
· Architected, designed and deployed large scale IPS deployment for GMAC
datacenters. The project involved Cisco IPS 4200 series integrated with VSS
paired Cat 6500. GMAC requirement was to provide IPS inspection between 8
to 10 Gigabit of throughput within their datacenters. In order to deploy such
high bandwidth, catalyst 6500 using VSS along with multiple IPS devices
were used, splitting the traffic between different Vlans and cascading devices
to reach high bandwidth using LACP protocol on multiple links. Cisco
Security Manager (CSM) was incorporated to monitor and deploy IPS policies
and customized signatures within customer environment.
· Architecting GMAC Datacenters using Catalyst 6509s with VSS in RTP US and
UK. Architecture includes 6500s at Collapsed core/distribution and access
layers.
· Tested, architected and deployed WAAS solution of GM global network.
Device included WAE 600, WAE 500 and WAE 7300 for General Motor
deployments for 20 different sites, from Warren in Michigan to sites in India
and Singapore. WAAS appliances were deployed to optimize bandwidth WAN
connections between Singapore and India. Test results reduced the ftp
transfers till 99% using WAAS features like TFO, DRE and LZ compression.
Eventually the project was expanded to include email, CIFS and NFS file
structures.
· Architecting ALLY’s RESCAP division with Nexus 7K, 5ks and 2Ks. Setting up
a Customer lab setup in RTP Cisco labs for more thorough understanding for
customer architects
· Architecting 802.1x Customer Port Authorization Project. This project
includes authentication of corporate clients before giving them access to
corporate resources using EAPoL. Active Directory and LDAP credentials are
used for user authentication. Policies are enforced by ACS 5.1 radius server
using Dynamic ACLs. Network Guest Server along with NAC profiler and
collector are used to profile non 802.1x clients. This project covers whole for
Ally bank (GMAC) global network.
· Designed UC on UCS lab for customer in Cisco RTP labs to show them a
migration plan from CUCM 5.1 version all the way to CUCM8.5 using UCS
platform. The project also included migrating existing customer CUCM data
which is currently being deployed in Europe.
· Tandberg TMS deployment along with MOVI client, ESX90 and C20 video
office solution. Project included deploying 8 ESX90s and 20 C20 along with
40 MOVI clients.
· Redesigning GMAC Cisco 5850 based fax solution. Moving customer away
from On ramp, off ramp T.37 protocol to T.38 protocol to avoid high CPU
utilization.
· Architecting and Designing Small Site Architecture (SSA) for roughly 900 GM
sites globally using DMVPN to main GM Hubs of Warren MI and Milford MI.
Along with that designing and testing Wireless Local LAN controller at Small
Sites and Cisco Call Manager Express using centralized architecture. Using
Cisco 2900 series and Cisco 3900 series routers for this project.
· Designing GM datacenters in Germany with GM integrators, using Nexus
7000s at core and mix of 6500 and nexus 5k and N2Ks at the access level.
This new low design is in process of completion to be implemented
eventually by august of 2010.
· Intrusion Detection System IDS, a complete suite for Cisco intrusion
detection architecture for General Motors. Currently, in process of
developing network Security architecture for GM using IPS 4270, MARS,
Cisco Security Manager and SDM
· Tested Cisco Nexus 7k, 5k for GM datacenters in China, Detroit and Germany
by replacing catalyst 6500s. Project included testing, and using Nexus in
Datacenter environment.
· Cisco Advanced Services instructor, teaching classes to cisco global partners
like HP, EDS and GM. Instructed basic MPLS and advanced MPLS VPN classes
to cisco customers
· Lead engineer for testing ASA firewalls for GM environment. This threemonth
project was there to test different ASA firewall features so existing PIX
and FWSM firewalls in GM environment can be replaced with these new
firewalls.
· Lead engineer for New Datacenter for ONSTAR/GM in Shanghai China.
Successfully, designed, architected and tested new Datacenter design for
China. Hardware included were catalyst 6500 with 10G uplinks along with
Cisco CSS 1500 load balancers for web service load balancing, all server
required were accomplished for the customer server environment. Catalyst
6500 FWSM firewalls were used in this project. Transparent Firewall
technology was used with multiple firewall contexts (virtual firewalls) for
each server environment. Implementation is under progress.
· Lead Engineer for IP Telephony (IPT) assessment, design and deployment
project. Currently, working on evaluating and upgrading 180+ General
Motors (GM) sites for IP telephony deployment.
· Architecting UDLD and BPDU deployment for Global General Motors (GM)
Enterprise Network. This project involves more than 2000 switches for
different types around 5 different continents. Works involves design and
testing of deployment plan and then supervising the deployment phase of the
project across the network.
· Overseeing day to day high level troubleshooting problems within the
network around the GM Enterprise network.
District Govt of Washington DC . 07/2004- 09/ 2007
Sr. Network Engineer/Enterprise Architect Analyst
· Lead Design and implementation engineer of Cisco based network for
Metropolitan Police Department (MPD) in Washington DC. MPD has more
than 2500 users on MPD’s network and numerous external agencies like
Capitol Police, FBI and US Secret Service connecting to them.
· Principle engineer of Cisco based network for Fire Emergency Medical
Service (FEMS) in Washington DC. FEMS has more than 2000 users on their
network and a 40+ Fire engine Stations which are connected to main
headquarter.
· Principle engineer for PSCC, 911 Call Center which handles all 911 call traffic
and dispatcher units for Washington District of Columbia.
· Design and implemented of Cisco based network for Department of Health
(DOH) for District of Columbia. DOH network has more than 1000+ users on
their network. DOH network was modernized using HIPPA standards to
enable AES 256bits encryption on their network. This encryption was run on
new cisco technology called Dynamic Multipoint Virtual Private network
(DMVPN). This technology enables dynamic VPN on demand between DOH
locations. This technology was running on top of frame relay DOH network.
This project also included migrating DOH legacy network onto Governments
own core network.
· Design and implementation of Cisco based network for Department of
Human Services (DHS) for District of Columbia. DHS network consists of
more than 2000 users scattered over 17 different branches and one main
location. Customer network consists of T1 frame relay which were found to
be over utilized. New network redesign incorporated moving the customer
from frame technology over to SONET based technology with increased
bandwidth.
· Principle Engineer with Child and Family Services (CFSA) which has more
than 3000 users. Customer located in 5 buildings with their HQ exceeding
1000 users.
· Architect/Principle engineer of District of Columbia Extranet network where
all federal agencies and Commercial agencies connecting onto the District’s
network.
· Principle engineer for Centralized WLAN solution design and deployment of
ng WLC 4404 as well as autonomous APs for DC Govt, included office
environment and HOTSPOTS.
CTC Communications Corp. 02/2001- 06/2004
Sr. Network Engineer
· Responsible for design oversight and project management aspects of major
professional service and integration projects for CTC Communications Corp..
Project management, design, engineering, assessment, and planning on CTC
client projects. Implement CTC project management methodologies with
visible milestones that produce measurable results on time and with given
budget.
· Designed and engineered CTC ATM backbone using Cisco ATM switches over
Cisco powered CERENT fiber carrier switches. Devices used in the
implementation consisted of ONS 15454 CERENT, MGX 8850 and BPX 8650
· Designed and Engineered CTC Co-location business using highly powerful
ASIC based QOS features of catalyst 6500 (w /MSFC).
· Designed and Engineered CTC Corporate network integrating over 70+ POP
locations and 20+ branches with Cisco powered routers, firewalls
incorporating fiber and ATM Switches.
· Implemented portions of CTC ISP at Core, Distribution, as well as Access
Layers. Cisco devices used in the implementation consisted of 12008 GSR
Routers, Catalyst 6509 (/w MSFC) switches, Catalyst 6506 (/w PFC)
switches, Catalyst 3548 switches, 7507 Series Routers, 7513 Series Routers,
3640 Series Routers., Catalyst 5500 switches, and Cisco 7000 Series Routers.
· Provided project architect services for producing quality architecture
documents for different client projects.
· Provided customer support for CTC 5000+ customers for their data, internet
and voice over CTC ATM backbone.
· Provided design suggestions for CTC customers and their support as well.
South Asian Media Wise Inc. 07/1999 – 02/2001
Network Engineer
· Involved in Design, Installation, Configuration, Operations and
Administration of Internetworks.
Projects
· Designed and implemented complete DOTCOM networks.
· Extensively configured routing protocols (EIGRP, OSPF, RIP & BGP). Quite
comfortable with all the advanced features of OSPF and BGP.
· Managed intermediate and Large scale corporate customers with multi
homed to two different providers with numerous T1 and T3s.
· Designed and implemented secure internetworks based on Cisco Secure PIX
firewall for numerous clients.
· Provided VPN based secure solutions for numerous clients. Setup involved
the use of Cisco firewall and VPN capable routers.
· Setup a Virtual Lab based on Cisco routers and switches for a university in
Pakistan.
· Lead the team that provided free online technical support for the customers.
Have a natural aptitude towards problem resolution.