Archive for the ‘Battle Scars & Rants’ Category

Sigh. You know, these past 5 or so years, I’ve been meandering around so many different aspects of IT…such a huge array of infrastructure technologies, all in order to meet the demands placed on me out in the battlefield. Either being the primary infrastructure architect, designing & operating a data center, and now finally as director of IT at my current job, I’ve needed to be highly competent in multiple disciplines in order to keep my head afloat in the tirade of shit-storms that incessantly barrage every network I’ve managed.

And let me tell you, it has NOT been easy. My list of certs is just ridiculous, but honestly these came out of an effort to simply understand…TRULY understand…all these various, complex technologies.

I was never fortunate enough to have guidance. While I certainly had colleagues in the field, they were in the same position I was– lacking a deep enough, master-level of understanding.

I desperately wanted a mentor, but after numerous failed attempts from IRC and 2600, my impatience finally won out. So throwing my arms up in frustration, I simply resigned myself to the DIY state of mind; left the world of ATI vs Nvidia T&L anisotropy Direct 3D super-mega online PC gaming behind…and took the first real step of my IT career to find those answers on my own.

I certified myself in various disciplines from active directory to information security to service provider networks to virtualization, and yes, it certainly paid off. If I had to, I could run a company’s entire IT department myself (assuming they kept me pumped full of intravenous amphetamines, since nothing interferes with productivity quite like “biology”). I was adaptable enough to work in multiple spaces from collocated data centers, service providers, and of course good old fashioned enterprise.

“Jack of all trades.” Master of some.

And by the way, by “ridiculous” list of certs, I mean freaking RIDICULOUS:

  • TippingPoint Certified Security Expert #2370
  • Information Systems Security (INFOSEC) Professional, NSTISSI 4011
  • VMware Certified Professional vSphere 5
  • Cisco Certified Network Associate (CCNA)
  • Cisco Certified Network Associate: Voice (CCNA: VOICE)
  • Cisco Certified Network Associate: Security (CCNA: SECURITY)
  • Cisco Certified Network Professional (CCNP)
  • Cisco SMB Engineer
  • Cisco SMB Account Manager
  • Microsoft Certified Systems Administrator 2000
  • Microsoft Certified Systems Administrator 2003 / Security
  • Microsoft Certified Technology Specialist: Windows Server 2008 R2, Server Virtualization
  • CompTIA A+ Certification
  • CompTIA Network+ Certification
  • CompTIA iNet+ Certification
  • CompTIA Security+ Certification

Again, all because I was sick and tired of being blind; no experience and certainly no one around who could offer any guidance:

“Hey is a Pentium Pro or Pentium MMX better?” No one knew, so thus came the A+

“Hey how do you control Active Directory replication between forests?” No one new, so thus came the MCSA

“Hey, whats the difference between SRR and WRR queuing on the 3550’s vs the 3560’s?” No one knew, thus came 75% of my CCIP, which I would have completed if the butt-faces @ Cisco Learning hadn’t decommissioned the cert when I was 3/4 of the way through!

End.rant()

You get the idea. But now the time has come to stop spreading myself so wide, and to focus now on my core competency: networking.

The time has come for this jedi to step up and fight for his CCIE.

No more netapp, no more juniper, no more Microsoft: the path I have chosen is the only one that is right for me. I’m sorry Brocade; I’m sorry ISC2. EMC, you’ll just have to wait in line with all your friends.

I want that CCIE and those who oppose me will be cut down into bite-size pieces and fed to my mutant, ill-tempered sea bass.

So, now that I’ve made my decision, how do I proceed? I’ve decided to fork out $500 for a starter study package. It is a lot of money, but it won’t kill me. I was going to do all of this 100% on my own; download PDFs from Cisco, buy a bunch of books off Amazon. But no, that path is too unfocused. I’ve attempted that before, and you end up burning half your energy searching through multiple sources of documentation, and even at times finding the information self-conflicting, if not confusing.

This time, I am going to seek the guidance I’ve been denied in the past; its finally available and certainly within reach. If I am to do this most monstrous of achievements, its time to change old habits and old ways of thinking.

Now then, the first step is the reality check: where am I at in respect to the CCIE requirements?

  • Layer 2 technologies. I’m fairly strong here; certainly in Ethernet, but I also have had a good amount of experience with PPP. I’ve optimized data center cores, so I’ve setup MST a few times, usually though RPVST has been sufficient in the field. Frame Relay on the other hand, not so recent. Last time I configured a frame relay circuit was probably 2006. I’ll give myself 7/10.
  • Implement IPv4. Not too bad here either. Of course I’m sure there is a ridiculous amount of minutia surrounding OSPF and EIGRP, but I’m solid on the fundamentals. Same with BGP; I’ve worked in service provider environments, so I have had practical experience in the real-world. In fact I also took & passed the former CCIP’s BGP exam, so focus on the minutia and more exotic configs. PFR on the other hand, completely ignorant. In fact I had never even heard of this until today. I’ll give myself 8/10.
  • Implement IPv6. Oh god this is the most ANNOYING one. Certainly studied it for my CCNP, but never used in real-world setting, and extremely rusty. Not to mention I personally don’t buy into this “we’re all switching to IPv6 because the world is ending” drama. Maybe if you’re Verizon or AT&T, but I seriously doubt any enterprises or data centers making use of RFC1918 addresses will have a need. Sigh, probably 2/10.
  • Implement MPLS Layer 3 VPN. Did study a little bit of the theory for CCNP, and I can’t speak reasonably intelligently about LDP, LFIB, etc. but unfortunately this was the 1/4 that I didn’t take for the CCIP. I have done a single implementation of this at a data center core to separate customer networks, but I’m sure I have a long way to go in terms of practical implementation. Here I’m a 3/10.
  • Implement IP Multicast. Again, some theory from CCNP, and about 3 real-world implementations for VoIP music on hold & paging. However when I look at a show mroute, I feel the neural synapses in my brain being sucked up into space as I stare dumbfounded at terminal outputs. Because I know the basic steps to setup sparse mode and dense mode, I’d day 5/10.
  • Implement IOS Security. Here I’m ready to rock. I got my CCNA-Security and just loved learning about all the inherent security features on routers & switches. Only because I’m unfamiliar with the new v5 of IOS IPS signatures (back in my day we just had 128MB.SDF and 256MB.SDF) and because I’ve never implemented 802.1x at the switch level, I’m giving myself a 8/10.
  • Implement Network Services. Another strong section. I’ve setup SNMP, NTP, DHCP, and HSRP many times. WCCP not so much, so we’ll go with another 8/10.
  • Implement QoS. I did take the QoS exam, and I have implemented this many times for VoIP implementations. So configuring the policies and working with NBAR, I’m pretty solid. However, the queuing specifics of catalyst switches is something I’m rusty on. Let’s be honest, on 10/100 switches QoS isn’t a life or death thing (certainly not like it is on the WAN side) and usually autoqos voip trust is sufficient. Plus QoS for Frame Relay is a topic here, so I’ll give myself 6/10.
  • Troubleshoot a Network. Oh god. How can I even guess? I’ve certainly been doing this for a while, but this is the CCIE exam. God knows what crazy bullshit they’ll throw in front of me. Plus, when I’m troubleshooting a network, I have the luxury of dual 21” monitors, with all my templates at my disposal on the desktop, as well as all my favorite tools (nmap, tcpdump, etc.) I’ll stay on the conservative side and give myself a 6/10 here.
  • Optimize a Network. I think this section should be renamed to “monitor” a network. Well, I’ve worked with SNMP, FTP/TFTP, HTTP/HTTPS, NetFlow, and syslogging. I’ve setup my share of SPAN/RSPANs for IPS devices. Never really used RMON, and no clue what EEM is. And again, I have dual 21” monitors and historical reports on my solarwinds server to really study & monitor traffic patterns. In the CCIE I’ll have what…90 seconds maybe, to quickly read through several pages of text/CLI outputs on a 15” monitor. I think I’ll give myself another 6/10

So there it is. Now how shall I conquer this mountain?

STAGE 1: “ROUTING” AND “SWITCHING”

My tentative battle plan is to focus on Layer 2 and IPv4 routing first, advancing my skills on these as much as possible; after all it is CCIE “Routing & Switching.” After than I’m going to skip over IPv6, which I plan on saving for last, since I feel that is by far my weakest topic, and move onto Multicast. Since Multicast is dependent on existing routing & switching to function, this seems like a natural progression, esp since I’ll need to understand it better in the context of Ethernet and IPv4. Because these topics define the foundation of “Routing & Switching” I will probably focus on these 3 areas exclusively until I can comfortably perform any of their respective “foundation-level” labs.

The concern here is getting “rusty” on these topics if I migrate away to ancillary topics too soon. I’m sure this will happen to a certain extent, but to minimize it as much as possible, I want to reach a state of total comprehension, so any refreshing is just that…refreshing not relearning

STAGE 2: SERVICE-PROVIDER CROSSOVER

Next I will focus on MPLS and QoS. These orbit a little closer than the remain topics, and given their importance to the sister track “Service Provider” I would say this is good focal point for stage 2 of my CCIE journey

STAGE 3: TROUBLESHOOTING PART 1

Between everything so far, its time to focus on troubleshooting these core milestones, not only as unique technologies, but how they interoperate with each other. And even at this stage, the focus is enormous: OSPF, EIGRP, BGP, Route-Maps, Redistribution, Frame-Relay, Spanning-Tree, PIM-DM, PIM-SM, MPLS, WRED, NBAR, Queuing, Policing, IGMPv2/v3, and THEN troubleshooting the interop between them. This is the core of the CCIE exam. If we were building a person, this is the heart, mind, muscle, and bone of that body

STAGE 4: ANCILLARY SERVICES

Services, Security & Optimization. In terms of the test, I see these as tasks that will complicate or interfere with a properly working network. So now that I have the intermediate fundamentals down, I can now explore making it work in a more efficient and secure manner

STAGE 5: TROUBLESHOOTING PART 2

Adding in a single NAT statement, much less IPSec, DAI, DHCP Snooping and ZBFW can bring that happy network to its knees. Clearly troubleshooting complexity increases exponentially. Being able to identify the culprit as a misconfiguration; or is it instead the normal operation of a security mechanism? Understanding the behavior of these competing technologies will be the next major undertaking.

STAGE 6: IPv6 & TROUBLESHOOTING PART 3

This is where I’ll probably want to drive my car off the freeway and end the misery. Honestly I hate IPv6. Did you have to build it using 128 bit hex addresses IEEE? Really? Did you really have to do that?

“Hey Glen, can you ping the router for me?”

“Sure, what’s the IP?”

“fe80::1198:fdcd:381f:25c9”

“….what?”

I mean really. Why not build off of IPX/SPX? Simply a DECIMAL network number to the card’s MAC address? How much freakin easier would it be?

Sigh.

Well, that is the battle plan for now. Will it change? Maybe…probably. I’m sure I’ll need to adapt. And god forbid Cisco update’s the exam AGAIN while I’m in the middle of studying for it!

Anyway, I’ll keep you updated and document my progress here. Time is a bit tight, but I’m aiming for 1, possibly 2 posts a month.

Til then my padawans, give my best to your wife…and my kid

😉

The Rockstar Within

Posted: February 19, 2013 in Battle Scars & Rants

There are two types of leaders in this world, be it finance or football, cyberpunk or cyber war.

1) Those that are motivated by fear, that move at a cautious pace whose number one goal is not to interrupt the status quo.

2) And the second type, visionaries; those that are driven by opportunity & change.

The failure I see in most organizations is too much of one and not enough of the other. Too much blind idealism and you end up with a dozen half-completed projects, with poor or non-existent interop, constantly crashing and frustrating both their user base, as well as their support staff. Too much fear, and you’re running your enterprise on a couple hundred power hungry 4U Windows NT Power Edge 6800’s, all using local storage. (Don’t laugh, they still exist!)

As IT leaders, you are rock stars. Period. And your user base = your fan base.

Play out of key, miss a gig, get arrested for a dead hooker in the trunk of your car, and suddenly –that- is what you’re known for. Not the 5 albums that went triple platinum. Not the singles still being played on the radio. Not all the charities and functions you’ve donated your money, and even more valuable, your TIME to.

You are now just your latest failure

Unfair? Duh! Just be glad you’re not a stock broker. An entire mass psychology machine that makes & breaks hundreds of millions quite literally overnight

Our job as IT is now evolving beyond just connecting laptops and iPads; beyond email servers & firewall filters. We are the ones companies go to when they can’t figure something out.

Something, anything. When did IT become responsible for power & airflow? But go ahead, tell your boss “Uh, sorry my MCSE and Bachelors in Business Administration, yeah they didn’t cover that.”

We exist because, whatever it is, from big data and private clouds to smartphones on steroids…we figure it out. We ingest technology, deconstruct complex systems, untangle the abstract, and make it real, and usable, and ultimately, profitable. (Although many arguments to be had on if flexible, feature-rich, business intelligence directly correlates to strategic profitability or if it’s just a commodity we can take for granted…to which I say “Shut up foo! And don’t quote me no damn ‘IT Doesn’t Matter’ bullsh!t”)

IT matters and it matters most. I don’t care if you sell socks or send satellites to the moon, IT is your right hand. We’re the armor a soldier wears into battle. We’re the tools your sales team needs to close that deal. We’re bouncers protecting your night club. We’re the gas in your car and the condoms in bedroom drawer.

It’s quarter end, and you need to run a report showing gross sales, hardware depreciation, operation hours, support hours, manufacturing & distribution resources, power used & consumed in the manufacturing process, cardboard used in the packaging, ink used to make it pretty…

25 years ago, what would you do? You’d call up Agnus and Betty, have them pull your file cabinet down, get every scrap of paper, and over the course of 2-4 weeks, you’d have your report

Business leaders now have that in real time.

Take a step back and ponder with the jedi, REAL TIME.

Would ANY of that be possible without IT? Would you be able to pull out your iPhone, VPN to your corporate LAN, pull up your doc portal, download your latest accounting spreadsheet and have it in your hot little hands all before the plane taxis for take off?

Of course not.

Duh again.

But your CFO isn’t thinking about this. He’s thinking he’s paying $200/sq foot for your 10Gb core switch and your cisco UCS, but in the end, wasn’t VDI his boss’s idea?

Ok, so what do we do about this. How do we get money for our projects and show we have value. That we’re not just some necessary evil to shove into the basement and reach out to when email is down?

More to the point, how do we advertise our potential to be strategic for the business?

YOU! Get off your butt, out of your chair, abandon the cube, evacuate the data center, exodus the IT bubble and create your market.

Learn your business. Learn the names of managers and directors that head the various departments. Ask about their pain points, listen to their ambitions, understand their problems and help to fix them.  In smaller companies, you may have a direct line of communication to C-level execs. If so great, but not essential. Start with middle management. Advocate not only yourself, but your department…your profession.

And let me tell you, these problems will not be easy or simple. The solutions will not be apparent. They will absolutely involve skills you don’t yet have, technologies you’re unfamiliar with, and parts of the business itself that you were previously unexposed to.

It will take hundreds of hours of research and analysis.

But now you’re more than the guy they call when they want a new laptop. You’re now ingratiating yourself into your environment, showing value and literally creating your own demand.

You’re converting a user base into a fan base.

Let me tell you, do this 2 or 3 times…if you didn’t know your CFO before, you will now.

And for the record, you don’t need to be a CIO or VP to be an IT leader. Your mental prowess, your ability to understand the business and architect relevant, applicable solutions, and to communicate this to the departments around you…THAT is what makes you an IT leader.

Literally creating your own position

FINAL THOUGHTS

I’m not known for my subtlety or euphemistic explanations. So, what if you go through with this exercise several times, expand your horizons, improve the business processes of 2 or more departments, and at the end of 2 years, find yourself getting no notice or appreciation? Well first give yourself a minute to vent (kick the wall, punch a server), and after a couple deep breaths, take it for the learning experience it was. What you’ve learned, what you’ve accomplished…no one can take that away from you. So go update your resume (maybe grab a cert or 2 in the process), and put yourself back on the market.

It’s time to move on. Your skills and intelligence are being wasted in your current position; so step out into the unknown and find a place that will fully utilize your potential.

You’ll have a dozen calls in the first 3 weeks.

– Jedi….out

Welcome Padawans

Posted: April 8, 2010 in Battle Scars & Rants

…to the Cisco Jedi’s blog.

On this most glorious of Internet diatribes, shall you be privy to the rants, ravings, incessant monologues, and other such technological-focuced editorials where I choose to expound on everything from authentication to VoIP to wireless to QoS . Moments of the jedi’s most embarassing blunders and flawless victories of absolute brilliance.

And yes, I usually refer to myself in the 3rd person. My ego demands it’s own identity 🙂 …but who in IT is any different? We all know that it is truly us, the benevolent wireless warriors and network ninjas, that keep the world running.

Introductions

*Bows cordially*

I am the CTO/President of Katana InfoTech, a So Cal based technology solutions consulting firm, focused on small & medium businesses. 

I have been in the IT industry since 1999, where I first worked for a recording studio in Hollywood. I setup a real-time mp3 encoder for voice actor’s lines to be transmitted over an ISDN connection to branch studios in NY, Canada, or any other 3rd party with an internet connection and an mp3 converter. I networked their Macintosh Pro Tools systems together, setup an audio file server, and organized their backup. Tragically, not what I went to college for; my bachelors is in audio engineering. However, the demands of that industry called for someone to recognize the lack of efficiency, aggressively research technology solutions, and be adaptable enough to change roles as the job needed.

I was 22 years old at the time and I drastically increased their efficiency.

  • Since then I’ve worked in numerous capacities in IT ranging from phone support, to system administration, to network engineering, to information security
  • I’ve taught classes for Geek Squad techs, Merchant Marines, and AT&T employees
  • I’ve brought several startups from an abstract concept of what they ~think~ they want, to fully functioning, highly available information infrastructures
  • I’ve written corporate security policies, as well as organized incident responses to security breaches & handled all system forensics for said incidents.

The forces of darkness do not stand a chance on my network

-Jeremy NeeDLE – Administrator, Jedi, Diabolical Genius