Careers: Interviews
Guru, Cisco networking and certification
This
week, Stephen Ibaraki, I.S.P., has an exclusive interview with the
widely respected networking expert and author, David Hucaby, CCIE
No. 4594.
David
is a lead network engineer for a large medical environment where he
designs, implements, and maintains networks using Cisco products
such as Cisco multilayer switching and security products. Prior to
his current position, David was a senior network consultant, where
he provided design and implementation consulting, focusing on
Cisco-based VPN and IP telephony solutions.
Discussion:
Q:
David, we are fortunate to have you come in to do this
interview—thank you.
A: It’s
a great pleasure for me to be here. Thanks for inviting me!
Q: Can
you describe your current work, and as an independent consultant
focusing on Cisco-based solutions for the healthcare and banking
industry? What products and services are particular to these
industries?
A:
Sure. My current work involves maintaining the network
infrastructure for a university medical center. I get to recommend
design changes for the network of Cisco switches and routers, as
well as install and configure the actual devices. And of course,
when things go south, I get to be involved in the troubleshooting
work too.
Working
in a healthcare environment is a bit challenging, as the network
carries not only the usual user traffic (email, web browsing,
instant messaging, and so on)—it also carries mission critical
traffic like patient lab results, CT and MRI scans, and even
telephone conversations! When the network is down or slow, patients
might not receive the care they need.
As for
networking products that are particular to healthcare and banking,
the LAN switches and routers perform the same function as they do in
all businesses. However, these industries require a high level of
availability and performance, so the switches are usually large
chassis with many high-bandwidth links. These are usually arranged
so that any one box can fail completely and the network won’t be
affected.
As you
might imagine, security is very important too. I see the full
spectrum of security products in use—many firewalls, intrusion
detection systems, Virtual Private Network (VPN) gateways, and so
on. Hospitals and banks not only have to keep unauthorized people
out of their networks, they have to make sure the integrity of their
data is secure when it travels over a network.
Q: Do
you have some stories about very challenging situations and their
resolution?
A: Most
of my stories involve networks being down and crowds of people
gathering. I had one experience where a hospital network suddenly
had a condition called a “bridging loop”. Basically, this is where a
portion of a switched network forms a closed loop, usually from a
faulty piece of equipment or from someone inadvertently connecting
things up wrong. Normal user traffic that used to flow just once now
begins to circulate around and around the network, as fast as the
switches can pass it. The end result is that most every link in the
network becomes unusable very quickly.
In this
situation, the cause of the bridging loop is very hard to find. We
had several people working together at different locations for
several hours before we were able to find the one link that was
faulty. To compound the stress level, we kept hearing the hospital
staff announce that most of the areas were resorting to pencil and
paper methods from years past.
In
another experience, a hospital’s core or backbone switches had a
software bug that caused most of their servers to be unreachable.
Again, many of the patient care functions ground to a halt. Although
very stressful, I had a very good experience with Cisco’s Technical
Assistance Center (TAC). I was able to stay on the phone with them
for a couple of hours while they brought in more technical experts
to troubleshoot and offer advice. That problem was solved by loading
new software on the backbone switches—something that was complex,
especially in a crisis, but easily done thanks to very competent
people on the other end of the phone line.
Q: What
trends do you see in networking with regards to products and
services? Please make some predictions about the future, and future
technologies that businesses and IT professionals should be
considering?
A:
Well, those are difficult questions. The one major trend I see is
something Cisco calls “convergence” on the network. For many years,
networks have been used to pass data files and allow connections or
sessions from one machine to another. Recently, we’re seeing those
same networks carry new real-time traffic such as voice (telephone
calls) and video (teleconferencing and streaming video). You can
definitely do much more with your network connection now, and that
network has to perform well all of the time.
Wireless network access is also quickly developing. You can find
wireless LAN access in hotels, airports, cafes, and many businesses.
People can be productive in their jobs no matter where they are
located. Naturally, wireless is going through the same type of
evolution—your laptop can access all of the resources you need to do
your job, and voice and video applications are quickly following.
Add to that VPN access, where a user can securely connect from
anywhere to the corporate network and its resources, and the “mobile
office” is complete.
Q: Do
you have differing recommendations for small, medium and large
enterprise organizations?
A: I
think we’re to the point where organizations of any size must
consider the same basic things—network availability and security.
The actual network design will probably differ just because the
budgets and performance requirements differ. One nice thing about
today’s networking equipment is that it is fairly straightforward to
scale a small network up to meet new or increasing needs.
Q: Can
you provide your list of the five most important issues facing
corporations and IT professionals today? How can these issues be
resolved?
A: 1)
Security – proper staffing and training is just as important as
buying devices and appliances that perform security functions.
2)
Obtaining and retaining highly skilled IT staff.
3)
Keeping up with technology – Technical training is necessary to
advance skills and embrace new developments.
4)
Budgeting for new technology.
5)
Proper evaluation of new “miracle” technologies – Often, new
products sound much better than they turn out to be. The ROI may be
great, but do you really need it and does it really work in your
environment?
Q: With
regards to security, please provide your detailed recommendations in
this area?
A:
Businesses rely heavily on their networks, so they must take every
precaution to protect themselves from unauthorized or malicious
people. It’s easy to throw security-related equipment at this
problem, as I’ve often seen. But I think it takes much more than
that to be effective. Security-related equipment generates large
volumes of activity or error logs, and somebody needs to review all
of that information regularly. I think many organizations either
fail to realize the need for full-time staff dedicated to this task
or they underestimate the number of people needed.
I also
think it is very important for an organization to develop detailed
security policies and stick to them. It’s very common for businesses
to decide to put in firewalls at the edges of their networks, but
they have no idea what the firewalls should be configured to do. It
sounds silly, but the most difficult task of implementing a firewall
is getting an organization to identify what types of applications
and traffic they have and what resources they want to protect.
Q: How
did you get into computing and specifically into Cisco?
A:
Oddly enough, electrical engineering seems to run in my family. My
father instilled an interest in electronics and computing in me for
as long as I can remember. I’ve always enjoyed building digital
circuits, and also enjoyed programming for several years after
college. However, I found that I wasn’t an elegant programmer at
all. A job change exposed me to a few Cisco routers back when I
hardly knew what a subnet mask was.
What
struck me about working with the routers and networks was the design
and troubleshooting—I was finally blessed with work that meshed very
nicely with my engineering talents.
I’ve
always managed to work in places that are Cisco shops, so I’ve been
exposed to more and more Cisco equipment. One nice thing about Cisco
is that they are a (the) market leader with a wide range of products
and functionality. They are also very open with technical
information about their equipment and also about the underlying
technologies. There is really no end of new things to learn!
Q: What
is your recommended path into Cisco certification and what are the
benefits of each? Can you share your study tips and important issues
and challenges around the certification process?
A:
Cisco offers several levels of certification: “associate”,
“professional”, and “expert”. These correspond to the Cisco
Certified Network Associate (CCNA), Cisco Certified Network
Professional (CCNP), and the Cisco Certified Internetworking Expert
(CCIE). You can start with the CCNA and work your way up to the CCIE
through a series of many exams. Or, you can jump right into working
on the CCIE directly.
Cisco
offers many training courses through third-party training partners.
These are all instructor-led and have hands-on lab exercises too.
Taking a course is a great way to learn about a technology and get
to see and touch equipment you might not otherwise see. Most courses
are four or five days in length, so you get a lot of material in a
relatively short time.
Cisco
Press offers a wide range of books that can help you learn or study
for certifications. There are books that correspond to the
instructor-led courses, so you can read and study the same material
at your own pace. Other books are targeted at a particular Cisco
certification, and cover the complete subject matter while giving
practice exam questions and scenarios.
The
CCIE is the only certification that requires a two-fold process: a
written qualification exam and an intense one-day lab exam. If you
can achieve the CCIE, you have both technical knowledge and
practical skills. The idea is that a CCIE can be dropped into most
any situation and find a resolution in a short amount of time.
Naturally, this is a very grueling process, requiring plenty of
study and plenty of hands-on practice on a variety of equipment.
Most people don’t pass the CCIE lab exam the first time. Or the
second time...
I know
many people who have benefited from online study groups for any of
the Cisco certifications. It’s nice to read and participate in
discussions with other folks working toward the same certification.
In short, the Cisco certifications are so popular and the
technologies are so open that it is quite easy to find enough
material and enough help to study and pass the exams.
Q: You
have done quite a bit of writing:
Articles
VLANs and Trunking
Books
CCNP BCMSN Exam Certification Guide (CCNP Self-Study, 642-811)
Cisco CCNP Certification Library (CCNP Self-Study)
Cisco Field Manual: Catalyst Switch Configuration
Cisco Field Manual: Router Configuration
CCNP Switching Exam Certification Guide
What
are the major themes in each and specific tips you can provide?
A: My
first book with Cisco Press was the CCNP BCMSN Exam Certification
Guide, which is wholly devoted to LAN switching. One of the CCNP
exams focuses on switches in a campus environment, and this book
teaches and prepares the reader for the exam. Cisco certifications
also change over time, to follow developing technologies. This exam
and the LAN switching subject matter have been updated, so this book
was completely rewritten and released as the last one on your list,
“CCNP Switching Exam Certification Guide.” That exam is very new,
and the book was just released at the end of September.
I’ve
also written two books with a CCIE friend—the two “Cisco Field
Manuals”. These books are a very different format, as they break
networking down into various functions and present a step-by-step
sequence of Cisco commands needed. There are so many different Cisco
devices, so many commands, and so many different protocols and
technologies, I just can’t remember them all! These books are really
meant to be quick references that you can carry in your laptop bag
(if you’re a traveling consultant) or within reach at your desk.
Q: How
can a novice get into writing, what important lessons have you
learned, and do you have shortcuts to speed up the process?
A:
First, I think you have to have a real interest in technical
writing. It might be good to start out by writing short “tech notes”
or white papers for your own organization or for an online or
printed magazine. The more you write, the easier it becomes.
To
write a book, a novice author will first need to submit a book
proposal and a sample initial chapter to the publisher. The proposal
gives a detailed description of the book, its subject matter, and
intended audience. The sample chapter gives an idea of the author’s
abilities to write about technical subjects. Usually, this proposal
is circulated within the publishing company, as well as to outside
experts on the subject. If everyone agrees that the book sounds
unique and marketable, then a contract can be drawn up between the
publisher and author.
Writing
whole technical books is amazing to me. By this I mean that I can’t
ever remember writing anything over 20 or 25 pages in college. Just
one Cisco Press book can average anywhere from 500 to 800 pages!
Obviously, detailed outlines are a critical piece of a large book.
Once you know the subject material very well and have developed an
accurate outline of topics to cover, you can write the big book one
small section at a time.
I must
also say that Cisco Press has been an excellent publisher to work
with. They have provided very talented editors, project managers,
graphic artists, and so on—each of them very helpful.
Q: You
must have both interesting and funny stories to tell from your many
rich experiences—please share a few.
A: I’ve
had a legacy of ruining laptop computers at work and while writing
books. After just a short time in my current job, I left my laptop
on my desk too close to the window overnight. Needless to say, it
was gone the next morning, extracted through a small hole in the
window made by a brick. After the laptop was replaced, I took it
into a communications closet. I had it nicely placed on top of an
old ethernet hub while I worked. I went around to the other side of
the equipment rack and began to unscrew a device I was replacing,
not realizing that device held up the laptop. When the last screw
came out, I heard a sliding noise and a crash. That laptop met the
cold, hard concrete...
Q:
Which ten resources do you find the most useful?
A: 1)
Cisco.com – The all-encompassing information source for all things
Cisco and network-related.
2)
Cisco Press (www.ciscopress.com)
– many, many good books on every networking subject.
3)
Cisco Networkers conferences plus the RFC Sourcebook from Network
Sorcery (http://www.networksorcery.com/enp/default0504.htm)
– Very handy reference for RFCs and networking protocols.
4)
Incidents.org – The Internet Storm Center and the SANS InfoSec
reading room.
5) SANS
Institute (www.sans.org)
for security information and training.
6) The
CERT Coordination Center (www.cert.org)
for anything security-related.
7)
Groupstudy.com – Cisco certification discussion groups.
8) eBay
– The source for cheap, used Cisco equipment; studying for
certifications requires hands-on experience, which requires lab
equipment.
9) The
Internet Assigned Numbers Authority (www.iana.org)
– The official protocol and port number registration source.
10)
Dilbert (www.dilbert.com)
– Maintaining a sense of humor about the workplace is vital.
Q: If
you were doing this interview, what three questions would you ask of
someone in your position and what would be your answers?
A: 1)
Are your certifications worthwhile after all? As for me, I have a
CCIE, and I would say ‘yes, it certainly is’. Not only has it helped
me move ahead with my career, but it has helped me be much more
competent in my work.
2) Do
you see the need for networking skills diminishing in the future?
No, I don’t believe so. Networking is constantly expanding and
constantly developing. The skills required to support corporate
networks seem to always be on the increase too.
3) What
do you do in your spare time? Because I work a full-time job and
have been writing Cisco books for the past couple of years, spare
time might seem hard to come by. Fortunately, I’m able to write
every night while the rest of my family sleeps, leaving time for
family fun. As for non-technical hobbies, I collect and use antique
woodworking handtools.
Q: Do
you have any more comments to add?
A: None
at all.
Q: It
was a pleasure interviewing you. Thank you for sharing your wealth
of knowledge with our audience.
A: This
was a fun experience for me. Thanks for allowing me to be here.
|