Preparing for Attempt 2
Well, its late March 2024 and I have a little under 2 months left to prepare for my attempt #2 at the CCIE Security Lab exam.
I dont have much confidence yet, but I do hope I have improved in certain areas of the exam.
Therein lies the difficulty
Happy February - 2024 everybody.
I wanted to take a moment to express my thoughts on why I have such a difficulty with the CCIE Security program as compared to the other certifications I have taken.
First and foremost, it deals with a lot of different technologies within the security realm.
Happy New Year 2024
Happy New Year - 2024 everyone!!
Its a new year, which means a new beginning.
For the last couple of years I have been very incognito and focused on some personal areas of my life. This meant that I have not been active in the networking community as much as I would have liked and not attended as many things either.
Upgraded the Home Lab
I am currently deep diving into the whole TrustSec architecture. It has quickly become apparent to me, that i need to lab alot of this out in detail. That means upgrading my homelab with a 3650 switch as well as a refurbished laptop for acting as the supplicant for Dot1x operations.
Dropped Lab Date
Today I made the decision to drop my next lab date for the CCIE Security V6 lab exam.
Why?
Im simply not ready for another attempt yet and im not sure im going to be ready for the V6 before they transition to V7.
Invest in Yourself
Hi Folks,
I wanted to take a few moments to share an idea I learned way back. Its very simple, because its the simple of act of “investing in yourself”.
What I mean by that is, that you should set aside some amount of $$$ each year and use that to further educate yourself in a suitable area.
Cisco Preparation Labs coming
So a couple of days ago I was going through the CCIE Security training videos on Cisco Learning Network and I noticed a golden nugget.
It was mentioned that Cisco was on track, to release some learning labs for practice use for the CCIE Security lab exam!
Update on CCIE Security V6
Its been almost a year since my last post. Wow, do I feel bad about that! :(
Anyways, ive been studying on and off for the last year and I was scheduled to have my first lab attempt this coming thursday.
My CCIE Security V6 Home Lab Overview
So I have had some time to put everything together in my small CCIE Security V6 lab.
I want to spend a few moments explaining how everything is put together so others can benefit from it.
At the core of the whole thing is my new server, which is running great!
Lab Gear Ordered - Part 1
It was a scary experience, but a few moments ago I pressed the “Buy” button on a new (refurbished) server that is going to be the backbone and workhorse of my lab preparation.
Basically its a 1U HPE server (DL360 Generation 9) with 2x Xeon E5-2690v3 processors (12 Cores/2.
SCOR Exam Passed
So a couple of days ago, I passed the Cisco 350-701 SCOR (Secure Core) Exam. I passed on my 2nd attempt.
I spent quite a bit of time preparing for this exam, as alot of security technologies are new to me.
Forward Networks - The Sequel
This is the sequel to what was my first introduction to Forward Networks a year ago at Cisco Live Barcelona 2019. No surprise that, since I put their presentation among the highest rated during that time, that I was really looking forward to an update on their technology.
Attending Networking Field Day #22
I am very happy to announce, that I have been invited to attend “Networking Field Day #22”.
As you might know, the Tech Field Day events are all about getting a bunch of people together to figure out what the presenting companies are all about, with the products they bring to the table.
SVTI's Explained
The Concept: In legacy site to site (S2S) VPN’s we are used to defining crypto maps and applying them to a physical interface. However, since these does not utilize GRE, you have no way of supporting multicast and routing protocols.
Thoughts on Hard Work
I am catching up on my RSS feeds and fell upon Ivan’s post on “Hard Work”. The article references Seth Godins post Hard Work, which examines 3 types of work being carried out.
In summary we have the following types:
ASA Lessons: Failover
In this post I will go through an example of setting up redundancy between a pair of ASA’s using one of the two methods of accomplishing this. The 2 methods are:
Failover Clustering This post is exclusively about the failover option.
New Goal
So I have further evidence that I might be crazy:
I have decided to abandon any and all CCIE DC studies. Why you might ask? Simple: I dont have access to the required equipment continually so I can practice and reinforce any knowledge.
Enterprise Networking PVT
This week, I am attending Cisco’s EMEAR Enterprise Networking PVT in Amsterdam and I wanted to highlight some key takeaways.
Cisco is really doubling down on getting its software strategy in place. Everything, and I mean everything gets a mention in regards to what sort of software is enabling it (DNA Center/SD-Access/SD-WAN etc.
ASA Lessons: Static PAT
I decided a while back I would spend a bit of time learning about the Cisco ASA firewall. This is the first post surrounding some technologies I have explored during that time.
For some of you it might be easy stuff, but for others, including myself, might find it interesting for reference.
Leadership Matters
Im currently listening to an awesome book called Extreme Ownership. I wish to share some thoughts on its teachings as I think they are very valuable in any industry and particularly the IT industry.
First off, this is the book (im using the Audible service for audio-books):
Updated Learning Path
I am modifying my learning path for the year. Basically I will be focusing on automation, Python and Network API’s.
These are the courses/goals I will be trying to attain:
Course: PRNE (Completed) Course: NPDESI (Completed) Course: NPDEV (Completed) Book: Network Programmability and Automation (100% Done) With those 3 courses completed, I will have re-certified my CCIE’s and CCDE using the Continuing Education Program.
Site Migrated
Just a quick update on the site migration process. Everything should be in working order now, including certificates and the image repository. As always, give me a shout if you find something broken.
The old VPS server is about to be taken down, which will be the final test for something cross-function that might be left behind.
Site Maintenance Update
A quick update on the site maintenance progress.
I have chosen to move away from Wordpress and instead using a CI/CD workflow using Hugo+Netlify+Github. Im still learning the ropes, so expect some mistakes here and there. Its a work in progress like anything else.
Links
About the Author
My name is Kim Pedersen. I work as a senior network engineer/architect at a VAR in Denmark.
For most of my life I have been very interested in a variety of technology areas. I started out my professional career as a software developer.
About the site
This site is my outlet for all the things on my mind. It contains alot of technical information, which I hope you will find useful.
If you find any errors or mistakes I have made, please reach out to me so I can get it fixed and/or sorted out.
Site Maintenance
I am performing some site maintenance in conjunction with a move to a new VPS server. (Thank you Hetzner (some irony may be involved)).
Hopefully everything should be reachable, but some minor UI tweaks may occur.
Thanks for understanding.
/Kim
TFDx – Forward Networks
Forward Networks was one of the top presenters at TFDx at Cisco Live 2019 in Barcelona in my opinion. I really didn’t know much about what they were all about before we had the presentation. One thing I did notice was that they were really organized, even handing out agendas before beginning the presentation.
Time to say goodbye to Barcelona
As im sitting here in the hotel, waiting to leave for the airport, the only thing on my mind is: Wow.. what an amazing week this has been.
I have met so many old friends and made a bunch of new ones.
Thoughts before CLEUR 2019
In just 3 days time I will be leaving for Cisco Live 2019 in Barcelona. Im thinking about what sort of event it will be and what to expect in term of announcements.
Especially one thought keeps reappearing and thats the thought of the transformation of Cisco.
Tech Field Day @ CiscoLive Europe 2019
I am honoured to have been selected as a delegate for Tech Field Day during Cisco Live Europe 2019 in Barcelona!
Cisco Live Europe will take place from the 27th of January until Friday 1st.
I am really looking forward to this opportunity.
Cisco Champion 2019
Small update.
I was fortunate enough to be selected as a Cisco Champion for 2019. Looking forward to alot of good information and cooperation from the program! 🙂
Practical OTV
Practical OTV
————-
This post is all about OTV (Overlay Transport Virtualization) on the CSR1000v.
I wanted to create the post because there are alot of acronyms and terminology involved.
A secondary objective was to have a “real” multicast network in the middle, as the examples I have seen around the web, have used a direct P2P network for the DCI.
Useful links for Observium + Rancid
I recently decided that i would like to utilize Observium as well as rancid for configuration backups on my home network. To that effect, the following links really helped me out getting it all setup correctly:
https://docs.observium.org/rancid/
http://packetsandpings.blogspot.com/2013/05/installing-and-configuring-rancid.html
https://layer77.net/2016/08/10/upgrading-from-rancid-2-3-8-to-3-4-1/
Let me know if you run into anything i might help out with.
A quote from an Ex-Googler
I really like this paragraph, because almost everyone wants to imitate google. Why? well, the answer to that questions seems to be what everyone is missing!
Google’s solutions were built for scale that basically doesn’t exist outside of a maybe a handful of companies with a trillion dollar valuation.
Complicated Vs. Complexity
I am currently reading Team of Teams, an excellent book!
In it, it highlights an interesting fact that I think is very relevant for the networking world and that is the difference between something that is complicated versus something that is complex.
JNCIA-Junos
I recently completed the entry level Juniper certification. I thought it would be a good idea to study for something other than the mighty Cisco, so Juniper’s JNCIA-Junos seemed like a good choice.
It was a very fair exam I can highly recommend.
VxLAN on the CSR1Kv
By now, VxLAN is becoming the standard way of tunneling in the Datacenter.
Using VxLAN, i will show how to use the CSR1Kv to extend your Datacenter L2 reach between sites as well.
First off, what is VxLAN?
It stands for Virtual Extensible LAN.
ISIS Authentication types (packet captures)
In this post i would like to highlight a couple of “features” of ISIS.
More specifically the authentication mechanism used and how it looks in the data plane.
I will do this by configuring a couple of routers and configure the 2 authentication types available.
Progress update – 10/07-2017
Hello folks,
Im currently going through the INE DC videos and learning a lot about fabrics and how they work along with a fair bit of UCS information on top of that!
Im spending an average of 2.5 hours on weekdays for study and a bit more in the weekends when time permits.