2016 Recap

A lot has happened this year, including a employer change, new family addition, and new certifications. The employer I work for now has a huge Juniper presense which allowed me to grow my CLI skills with a different vendor besides just Cisco. In order to take full advantage of this change, I went ahead and knocked out a few of Juniper's lower level certifications. I took and passed both the JNCIA and JNCIS-ENT this past summer to help vet my new learned skillset.

Book I used for the JNCIA and JNCIS-ENT Exam:

Along with Juniper we're also rolling out our own NGFW's that rivals many competitors such as Palo Alto. Not only have I had an opportunity to get more hands on experience with our firewalls, I have the chance to administer Juniper SRX's and Palo Alto's which has been very challenging but engaging.

In my past roles I never had much of a chance to deal with network load balancers which always bugged me. While I played around with Cisco ACE's (now extinct) I didn't find them very intuitive with a weird learning curve. This year I've had the chance to deploy and implement virtual F5's using their LTM and GSLB modules. I only touched the GSLB (DNS Load Balancing) very lightly but I did get some great experience with LTM (De-facto Server Load Balancing).

To end the year off, our first little one arrived, which meant that I didn't want to dig to deep into the certification world right now. Instead I'm now diving into Python so that I can script some of the repeatable stuff I do on a daily, weekly, or monthly basis. I'm very noobish but with a help of a fellow colleague, we're starting to make some useful stuff.

Check out my github link to the right ---> I'll be keeping this updated as time goes on and my skill level increases. Hope everyone has a happy holidays, I'm excited for what the next year will bring!

Digging into IP Packets

For the next 6 to 12 months I'm going to take a departure from focusing solely on certifications. I want to gain a better understanding of the underlying protocols that encompass my career daily. This will mean deep diving into the TCP/IP protocol suite. Not only do I want to understand what a general IPv4/IPv6 looks like, I want to learn how to correlate trends based on the IP packets that traverse my network.

Alcantel-lucent Ocean Fiber Cable Run

This will help immensely in troubleshooting security and general network connectivity issues. Not only that, but it can be used to stop certain teams from automatically blaming particular incidents on the network. Through the use of packet capture tools that show exactly what's happening between two hosts. There can be no if, and, or buts about whose fault it is for a particular problem using concrete logs.

Not that a packet capture will be used for every incident but it's good to have "big guns" that you can pull out of your arsenal every now and again. With that said, pulling out a "big gun" is no use if you have no clue on how to operate the weapon. Hence why I've been culling over multiple WireShark and huge TCP/IP books to help get me started. Having a strong foundation is important for just about any goal in life. We all know fundamental learning can become boring and repetitive quickly because typically it's not the cool bleeding edge stuff but it's VERY important. Mastery comes from making tasks second nature which requires constant repetition.

Just like a race car driver has to learn how to drive a fast car slow first, the same can be said with networking. We must learn how to configure and design small elements of a particular portion of a network first before moving on to deploying networks that can properly scale along with become resilient.

My Packet Capture read list:

Practical Packet Analysis

Wireshark Network Analysis (Second Edition)

Routing TCP/IP, Volume 1 (2nd Edition)

Cisco CCDA Passed!

I just left the test center with a passing score for the Cisco CCDA exam. Overall the exam was a lot more fair than what was described on the many internet forums I attend. There were a handful of questions that def. wasn't mentioned in the FLG\OCG.

I think part of the reason is that the FLG\OCG books are a little long in the tooth. For example Cisco NAC is mentioned all over the CCDA books, but nothing is mentioned about Cisco ISE. The same thing for the Cisco SONA framework, good stuff to know; at least at a high-level.

I'm taking a break from certs for a while. I want to do some independent research on the TCP/IP stack and deep dive into packet inspection. After that I'll most likely read through some CCIE material for a refresher on all of those routing protocols.

CCDA 200-310 Official Cert Guide