Get a CCIE, Don’t Be A CCIE

Getting a CCIE is considered to be the pinnacle of a person’s networking career.  It is the culmination of hundreds (if not thousands) of hours of study.  People pass the lab and celebrate with the relief that can only come from completing a milestone in life.  But it’s important for newly-minted CCIEs to realize that getting your number doesn’t mean you obtained hubris with it.

A great article that talks about something similar comes from Hunter Walk.  It’s Fine To Get an MBA, But Don’t Be An MBA shows many of the things I’m talking about.  With the MBA, it’s a bit different.  The MBA is a pure book learning environment with very little practical experience.  The CCIE is a totally practical exam that requires demonstration of knowledge.  However, both of these things share something in common.  People get very hung up on the knowledge from the certification and forget to keep an open mind about other ideas.  In essence, someone that is “Being a CCIE” is using their certification incorrectly.

Here are some points:

Get A CCIE to further your knowledge about networking and learn how system work. Don’t Be A CCIE and think that you’ve learned everything there is to know about networking.

Get A CCIE and work with your coworkers and peers to solve problems.  Don’t Be A CCIE and ignore everyone because you think you’re smarter than they are.

Get A CCIE and contribute to the community with knowledge and experience.  Don’t Be A CCIE and refuse to share because you can’t be bothered.

Get A CCIE and help your company to take on bigger and better networking projects.  Don’t Be A CCIE and assume you are indispensable.

Get A CCIE because you want to.  Don’t Be A CCIE and assume you’ve always been one.

A CCIE doesn’t change who you are.  It just serves to show people how dedicated you can be.  Don’t let five little numbers turn you into a bully or a know-it-all.  Realize you still have much to learn.  Understand that your position is now at the forefront of where networking is going, not where it has been.  When you know that being a CCIE is more than just a piece of paper, then you will have truly gotten your CCIE.

CCIE Version 5: Out With The Old

Cisco announced this week that they are upgrading the venerable CCIE certification to version five.  It’s been about three years since Cisco last refreshed the exam and several thousand people have gotten their digits.  However, technology marches on.  Cisco talked to several subject matter experts (SMEs) and decided that some changes were in order.  Here are a few of the ones that I found the most interesting.

CCIEv5 Lab Schedule

Time Is On My Side

The v5 lab exam has two pacing changes that reflect reality a bit better.  The first is the ability to take some extra time on the troubleshooting section.  One of my biggest peeves about the TS section was the hard 2-hour time limit.  One of my failing attempts had me right on the verge of solving an issue when the time limit slammed shut on me.  If I only had five more minutes, I could have solved that problem.  Now, I can take those five minutes.

The TS section has an available 30 minute overflow window that can be used to extend your time.  Be aware that time has to come from somewhere, since the overall exam is still eight hours.  You’re borrowing time from the configuration section.  Be sure you aren’t doing yourself a disservice at the beginning.  In many cases, the candidates know the lab config cold.  It’s the troubleshooting the need a little more time with.  This is a welcome change in my eyes.

Diagnostics

The biggest addition is the new 30-minute Diagnostic section.  Rather than focusing on problem solving, this section is more about problem determination.  There’s no CLI.  Only a set of artifacts from a system with a problem: emails, log files, etc.  The idea is that the CCIE candidate should be an expert at figuring out what is wrong, not just how to fix it.  This is more in line with the troubleshooting sections in the Voice and Security labs.  Parsing log files for errors is a much larger part of my time than implementing routing.  Teaching candidates what to look for will prevent problems in the future with newly minted CCIEs that can diagnose issues in front of customers.

Some are wondering if the Diagnostic section is going to be the new “weed out” addition, like the Open Ended Questions (OEQs) from v3 and early v4.  I see the Diagnostic section as an attempt to temper the CCIE with more real world needs.  While the exam has never been a test of ideal design, knowing how to fix a non-ideal design when problems occur is important.  Knowing how to find out what’s screwed up is the first step.  It’s high time people learned how to do that.

Be Careful What You Wish For

The CCIE v5 is seeing a lot of technology changes.  The written exam is getting a new section, Network Principles.  This serves to refocus candidates away from Cisco specific solutions and more toward making sure they are experts in networking.  There’s a lot of opportunity to reinforce networking here and not idle trivia about config minimums and maximums.  Let’s hope this pays off.

The content of the written is also being updated.  Cisco is going to make sure candidates know the difference between IOS and IOS XE.  Cisco Express Forwarding is going to get a focus, as is ISIS (again).  Given that ISIS is important in TRILL this could be an indication of where FabricPath development is headed.  The written is also getting more IPv6 topics.  I’ll cover IPv6 in just a bit.

The biggest change in content is the complete removal of frame relay.  It’s been banished to the same pile as ATM and ISDN.  No written, no lab.  In it’s place, we get Dynamic Multipoint VPN (DMVPN).  I’ve talked about why Frame Relay is on the lab before.  People still complained about it.  Now, you get your wish.  DMVPN with OSPF serves the same purpose as Frame Relay with OSPF.  It’s all about Stupid Router Tricks.  Using OSPF with DMVPN requires use of mGRE, which is a Non-Broadcast Multi-Access (NBMA) network.  Just like Frame Relay.  The fact that almost every guide today recommends you use EIGRP with DMVPN should tell you how hard it is to do.  And now you’re forced to use OSPF to simulate NBMA instead of Frame Relay.  Hope all you candidates are happy now.

vCCIE

The lab is also 100% virtual now.  No physical equipment in either the TS or lab config sections.  This is a big change.  Cisco wants to reduce the amount of equipment that needs to be physically present to build a lab.  They also want to be able to offer the lab in more places than San Jose and RTP.  Now, with everything being software, they could offer the lab at any secured PearsonVUE testing center.  They’ve tried in the past, but the access requirements caused some disaster.  Now, it’s all delivered in a browser window.  This will make remote labs possible.  I can see a huge expansion of the testing sites around the time of the launch.

This also means that hardware-specific questions are out.  Like layer 2 QoS on switches.  The last reason to have a physical switch (WRR and SRR queueing) is gone.  Now, all you are going to get quizzed on is software functionality.  Which probably means the loss of a few easy points.  With the removal of Frame Relay and L2 QoS, I bet that services section of the lab is going to be really fun now.

IPv6 Is Real

Now, for my favorite part.  The JNCIE has had a robust IPv6 section for years.  All routing protocols need to be configured for IPv4 and IPv6.  The CCIE has always had a separate IPv6 section.  Not any more.  Going forward in version 5, all routing tasks will be configured for v4 and v6.  Given that RIPng has been retired to the written exam only (finally), it’s a safe bet that you’re going to love working with OSPFv3 and EIGRP for IPv6.

I think it’s great that Cisco has finally caught up to the reality of the world.  If CCIEs are well versed in IPv6, we should start seeing adoption numbers rise significantly.  Ensuring that engineers know to configure v4 and v6 simultaneously means dual stack is going to be the preferred transition method.  The only IPv6-related thing that worries me is the inclusion of an item on the written exam: IPv6 Network Address Translation.  You all know I’m a huge fan of NAT.  Especially NAT66, which is what I’ve been told will be the tested knowledge.

Um, why?!? 

You’ve removed RIPng to the trivia section.  You collapsed multicast into the main routing portions.  You’re moving forward with IPv6 and making it a critical topic on the test.  And now you’re dredging up NAT?!? We don’t NAT IPv6.  Especially to another IPv6 address.  Unique Local Addresses (ULA) is about the only thing I could see using NAT66.  Ed Horley (@EHorley) thinks it’s a bad idea.  Ivan Pepelnjak (@IOSHints) doesn’t think fondly of it either, but admits it may have a use in SMBs.  And you want CCIEs and enterprise network engineers to understand it?  Why not use LISP instead?  Or maybe a better network design for enterprises that doesn’t need NAT66?  Next time you need an IPv6 SME to tell you how bad this idea is, call me.  I’ve got a list of people.


Tom’s Take

I’m glad to see the CCIE update.  Getting rid of Frame Relay and adding more IPv6 is a great thing.  I’m curious to see how the Diagnostic section will play out.  The flexible time for the TS section is way overdue.  The CCIE v5 looks to be pretty solid on paper.  People are going to start complaining about DMVPN.  Or the lack of SDN-related content.  Or the fact that EIGRP is still tested.  But overall, this update should carry the CCIE far enough into the future that we’ll see CCIE 60,000 before it’s refreshed again.

More CCIE v5 Coverage:

Bob McCouch (@BobMcCouch) – Some Thoughts on CCIE R&S v5

Anthony Burke (@Pandom_) – Cisco CCIE v5

Daniel Dib (@DanielDibSWE) – RS v5 – My Thoughts

INE – CCIE R&S Version 5 Updates Now Official

IPExpert – The CCIE Routing and Switching (R&S) 5.0 Lab Is FINALLY Here!

CPE Credits for CCIE Recertification

conted

Every year at Cisco Live the CCIE attendees who are also NetVets get a special reception with John Chambers where they can ask one question of him (time permitting).  I’ve had hit-or-miss success with this in the past so I wanted to think hard about a question that affected CCIEs the world over and could advance the program.  When I finally did ask my question, no only was it met with little acclaim but some folks actually argued against my proposal.  At that moment, I figured it was time to write a blog post about it.

I think the CCIE needs to adopt a Continuing Professional Education (CPE) route for recertification.

I can hear many of you out there now jeering me and saying that it’s a dumb idea.  Hear me out first before you totally dismiss the idea.

Many respected organizations that issue credentials have a program that records CPEs in lieu of retaking certification exams.  ISACA, (ISC)^2, and even the American Bar Assoication use continuing education programs as a way of recertifying their members.  If so many programs use them, what is the advantage?

CPEs ensure that certification holders are staying current with trends in technology.  It forces certified individuals to keep up with new advances and be on top of the game.  It rewards those that spend time researching and learning.  It provides a method of ensuring that a large percentage of the members are able to understand where technology is headed in the future.

There seems to be some hesitation on the part of CCIEs in this regard.  Many in the NetVet reception told me outright I was crazy for thinking such a thing.  They say that the only real measure of recertification is taking the written test.  CCIEs have a blueprint that they need to know and they is how we know what a CCIE is.  CCIEs need to know spanning tree and OSPF and QoS.

Let’s take that as a given.  CCIEs need to know certain things.  Does that mean I’m not a real CCIE because I don’t know ATM, ISDN, or X.25?  These were things that have appeared on previous written exams and labs in the past.  Why do we not learn them now?  What happened to those technologies to move them out of the limelight and relegate them to the same pile that we find token ring and ARCnet?  Technology advances every day.  Things that we used to run years ago are now as foreign to us as steam power and pyramid construction.

If the only true test of a CCIE is to recertify on things they already know, why not make them take the lab exam every two years to recertify?  Why draw the line at simple multiple choice guessing?  Make them show the world that they know what they’re doing.  We could drop the price of the lab for recertification.  We could offer recert labs in other locations via the remote CCIE lab technology to ensure that people don’t need to travel across the globe to retake a test.  Let’s put some teeth in the CCIE by making it a “real” practical exam.

Of course, the lab recert example is silly and a bit much.  Why do we say that multiple choice exams should count?  Probably because they are easy to administer and grade.  We are so focused on ensuring that CCIEs retrain on the same subjects over and over again that we are blind to the opportunity to make CCIEs the point of the spear when it comes to driving new technology adoption.

CCIE lab revamps don’t come along every six months.  They take years of examination and testing to ensure that the whole process integrates properly.  In the fourth version of the CCIE lab blueprint, MPLS appeared for the first time as a lab topic.  It took years of adoption in the wider enterprise community to show that MPLS was important to all networkers and not just service provider engineers.  The irony is that MPLS appears in the blueprint right alongside Frame Relay, a technology which MPLS is rapidly displacing.  We are still testing on a twenty-year-old technology because it represents so much of a networker’s life as it is ripped out and replaced with better protocols.

Where’s the CCIE SDN? Why are emerging technologies so underrepresented in the CCIE?  One could argue that new tech needs time to become adopted and tested before it can be a valid topic.  But who does that testing and adoption?  CCIEs?  CCNPs? Unwitting CCNAs who have this thrust upon them because the CIO saw a killer SDN presentation and decided that he needed it right now!  The truth is somewhere in the middle, I think.

Rather than making CCIEs stop what they are working over every 18 months to read up and remember how 802.1d spanning tree functions or how to configure an NBMA OSPF-over-frame-relay link, why not reward them for investigating and proofing new technology like TRILL or OpenFlow?  Let the research time count for something.  The fastest way to stagnate a certification program is to force it in upon itself and only test on the same things year after year.  I said as much in a previous CCIE post which in many ways was the genesis of my question (and this post).  If CCIEs know the only advantage of studying new technology is gaining a leg up with the CxO comes down to ask how network function virtualization is going to benefit the company then that’s not much of an advantage.

CPEs can be anything.  Reading an article.  Listening to a webcast.  Preparing a presentation.  Volunteering at a community college.  Even attending Cisco Live, which I have been informed was once a requirement of CCIE recertification.  CPEs don’t have to be hard.  They have to show that CCIEs are keeping up with what’s happening with modern networking.  That stands in contrast to reading the CCIE Certification Guide for the fourth or fifth time and perusing 3-digit RFCs for technology that was developed during the Reagan administration.

I’m not suggesting that the CPE program totally replace the test.  In fact, I think those tests could be complementary.  Let CPEs recertify just the CCIE exam.  The written test could still recertify all the existing CCNA/CCNP level certifications.  Let the written stand as an option for those that can’t amass the needed number of CPE credits in the recertification period.  (ISC)^2 does this as do many others.  I see no reason why it can’t work for the CCIE.

There’s also the call of fraud and abuse of the system.  In any honor system there will be fraud and abuse.  People will do whatever they can to take advantage of any perceived weakness to gain advantage.  Similarly to (ISC)^2, an audit system could be implemented to flag questionable submissions and random ones as well to ensure that the certified folks are on the up and up.  As of July 1, 2013 there are almost 90,000 CISSPs in the world.  Somehow (ISC)^2 can manage to audit all of those CPE submissions.  I’m sure that Cisco can find a way to do it as well.


Tom’s Take

People aren’t going to like my suggestion.  I’ve already heard as much.  I think that rewarding those that show initiative and learn all they can is a valuable option.  I want a legion of smart, capable individuals vetting new technology and keeping the networking world one step into the future.  If that means reworking the existing certification program a bit, so be it.  I’d rather the CCIE be on the cutting edge of things rather than be a laggard that is disrespected for having its head stuck in the sand.

If you disagree with me or have a better suggestion, I implore you leave a comment to that affect.  I want to really understand what the community thinks about this.

Poaching CCIEs

CCIEIce

During the CCIE Netvet Reception at Cisco Live 2013, a curious question came up during our Q&A session with CEO John Chambers. Paul Borghese asked if it was time for the partner restriction on CCIE tenure to be lifted in order to increase the value of a CCIE in the larger market. For those not familiar, when a CCIE is hired by a Cisco partner, they need to attach their number to the company in order for the company to receive the benefits of having hired a CCIE. Right now, that means counting toward the CCIE threshold for Silver and Gold status. When a CCIE leaves the the first company and moves to another partner their number stays associated with the original company for one year and cannot be counted with the new company until the expiration of that year.

There are a multitude of reasons why that might be the case. It encourages companies to pay for CCIE training and certification if the company knows that the newly-minted CCIE will be sticking around for at least a year past their departure. It also provides a lifeline to a Cisco partner in the event a CCIE decides to move on. By keeping the number attached to the company for a specific time period, the original company has the time necessary to hire or train new resources to take over for the departed CCIE’s job role. If the original partner is up for any contracts or RFPs that require a CCIE on staff, that grace period could be the difference between picking up or losing that contract.

As indicated above, Paul asked if maybe that policy needed to change. In his mind, the restriction of the CCIE number was causing CCIEs to stay at their current companies because their inability to move their number to the new company in a timely manner made them less valuable. I know now that the question came on behalf of Eman Conde, the CCIE Agent, who is very active in making sure the rights and privileges of CCIEs everywhere are well represented. I remember meeting Eman for the first time back at Cisco Live 2008 at an IPExpert party, long before I was a CCIE. In that time, Eman has worked very hard to make sure that CCIEs are well represented in the job market.  It is also in Eman’s best interests to ensure that CCIEs can move freely between companies without restriction.

My biggest fear is that removing the one-year association restriction for Cisco Partners will cause partners to stop funding CCIE development.  I was very fortunate to have my employer pay the entire cost of my CCIE from beginning to end.  In return, I agreed in principle to stay with them for a period of time and not seek employment from anyone else.  There was no agreement in place.  There was no contract.  Just a handshake.  Even after I left to go work with Gestalt IT, my number is locked to them for the next year.  This doesn’t really bother me.  It does make them feel better about moving to a competitor.  What would happen if I could move my number freely to the next business without penalty?

Could you imagine a world where CCIEs were being paid top dollar to work at a company not for their knowledge but because it was cheaper to buy CCIEs that it was to build them?  Think of a sports team that doesn’t have a good minor league system but instead buys their talent for absurd amounts of money.  If you had pictures of the New York Yankees in your head, you probably aren’t far removed from my line of thinking.  When the only value of a CCIE is associating the number to your company then you’ve missed the whole point of the program.

CCIEs are more valuable than their number.  With the exception of the Gold/Silver partner status their number is virtually useless.  What is more important is the partner specializations they can bring it.  My CCIE was pointless to my old employer since I was the only one.  What was a greater boon was all the partner certifications that I brought for unified communications, UCS implementation, and even project management.  Those certifications aren’t bound to a company.  In fact, I would probably be more marketable by going to a small partner with one CCIE or going to a silver partner with 3 CCIEs and telling them that I can bring in new lines of partner business while they are waiting for my number to clear escrow.  The smart partners will realize the advantage and hire me on and wait.  Only an impatient partner that wants to build a gold-level practice today would want to avoid number lock-in.

I don’t think we need to worry about removing the CCIE association restriction right now.  It serves to entice partners to fund CCIEs without worrying about them moving on as soon as they get certified.  Termination results in the number being freed up upon mutual agreement.  Most CCIEs that I’ve heard of that left their jobs soon after certification did it because their company told them they can’t afford to pay a CCIE.  Forcing small employers to let CCIEs walk away to bigger competitors with no penalty will prevent them from funding any more CCIE training.  They’ll say, “If the big partners want CCIEs so badly that they’ll pay bounties then let the big partners do all the training too.”  I don’t even think an employer non-compete would fix the issue as those aren’t enforceable in many states.  I think the program exists the way it does for a reason.  With all due deference to Eman and Paul, I don’t think we’ve reached the point where CCIE free agency is ready for prime time.

CCIE Loses Its Voice

ccievThe world we live in is constantly adapting and changing to new communications methods.  I can still remember having a party line telephone when I was a kid.  I’ve graduated to using landlines, cellular phones, email, instant messaging, text messaging, and even the occasional video call.  There are more methods to contact people than I can count on both hands.  This change is also being reflected in the workforce as well.  People who just a few years ago felt comfortable having a desk phone and simple voice mail are now embracing instant messaging with presence integration and unified voice mail as well as single number reach to their mobile devices.  It’s a brave new world that a voice engineer is going to need to understand in depth.

To that end, Cisco has decided to retire the CCIE Voice in favor of an updated track that will be christened the CCIE Collaboration.  Note that they aren’t merely changing the blueprint like they have in the past with the CCIE SP or the CCIE R&S.  This is like the CCIE Storage being moved aside for the CCIE Data Center.  The radical shift in content of the exam should be a tip-off to the candidates that this isn’t going to be the same old voice stuff with a few new bells and whistles.

Name That Tune

The lab equipment and software list (CCO account required) includes a bump to CUCM 9.1 for the call processor, as well as various 9.x versions of Unity Connection, Presence, and CUCME.  There’s also a UCS C460, which isn’t too surprising with CUCM being a virtualized product now.  The hardware is rounded out with 2921 and 3925 routers as well as a 3750-X switch.  The most curious inclusion is the Cisco Jabber Video for Telepresence.  That right there is the key to the whole “collaboration” focus on this exam.  There is a 9971 phone listed as an item.  I can almost guarantee you’re going to have to make a video call from the 9971 to the video soft client in Cisco Jabber.  That’s all made possible thanks to Cisco’s integration of video in CUCM in 9.1.  This has been their strategy all along.

The CCIE Voice is considered one of the hardest certifications to get, even among the CCIE family.  It’s not that there is any one specific task to configure that just wrecks candidates.  The real issue is the amount of tasks that must be configured.  Especially when you consider that a simple 3-point task to get the remote site dial plan up and running could take a couple of hours of configuration.  Add in the integrated troubleshooting section that requires you to find a problem after you’ve already configured it incorrectly and you can see why this monster is such a hard test.  One has to wonder what adding video and other advanced topics like presence integration into the lab is going to do to the amount of time the candidate has to configure things.  It was already hard to get done in 8 hours.  I’m going to guess it’s downright impossible to do it in the CCIE Collaboration.  My best guess is that you are going to see versions of the test that are video-centric as well as ones that are voice-centric.  There’s going to be a lot of overlap between the two, but you can’t go into the lab thinking you’re guaranteed to get a video lab.

Hitting the Wrong Notes

There also seems to have been a lot of discussion about the retirement of the CCIE Voice track as opposed to creating a CCIE Voice version 4 track with added video.  In fact, there are some documents out there related to the CCIE Collaboration that reference a CCIE Voice v4.  The majority of discussion seems to be around the CCIE Voice folks getting “grandfathered” into a CCIE Collaboration title.  While I realize that the change in the name was mostly driven about the marketing of the greater collaboration story, I still don’t think that there should be any automatic granting of the Collaboration title.

The CCIE Collaboration is a different test.  While the blueprint may be 75% the same, there’s still the added video component to take into account (as well as cluster configuration for multiple CUCM servers).  People want an upgrade test to let the CCIE Voice become a CCIE Collaboration.  They have one already: the CCIE Collaboration lab exam.  If the title is that important, you should take that lab exam and pass it to earn your new credential.  The fact that there is precedent for this with the migration of the Storage track to Data Center shows that Cisco wants to keep the certifications current and fresh.  While Routing & Switching and Security see content refreshes, they are still largely the same at the core.  I would argue that the CCIE Collaboration will be a different exam in feel, even if not in blueprint or technology.  The focus on IM, presence and video means that there’s going to be an entirely different tone.  Cisco wants to be sure that the folks displaying the credential are really certified to work on it according to the test objectives.  I can tell you that there was serious consideration around allowing Storage candidates to take some sort of upgrade exam to get to the CCIE Data Center, but it looks like that was ultimately dropped in favor of making everyone go through the curriculum.  The retirement of the CCIE Voice doesn’t make you any less of a CCIE.  Like it or not, it looks like the only way to earn the CCIE Collaboration is going to be in the trenches.

It Ain’t Over Until…

The sunsetting officially starts on November 20th, 2013.  That’s the last day to take the CCIE Voice written.  Starting the next day (the 21st) you can only take the Collaboration written exam.  Thankfully, you can use either the Voice written or the Collaboration written exam to qualify for either lab.  That’s good until February 13, 2014.  That’s the last day to take the CCIE Voice lab.  Starting the next day (Valentine’s Day 2014), you will only be able to take the Collaboration lab exam.  If you want to get an idea of what is going to be tested on the lab exam, check out the document on the Cisco Learning Network (CCO account required).

If you’d like to read more about the changes from professional CCIE trainers, check out Vik  Malhi (@vikmalhi) on IPExpert’s blog.  You can also read Mark Snow’s (@highspeedsnow) take on things at INE’s blog.


Tom’s Take

Nothing lasts forever, especially in the technology world.  New gadgets and methods come out all the time to supplant the old guard.  In the world of communications and collaboration, Cisco is trying to blaze a trail towards business video as well as showing the industry that collaboration is more than just a desk phone and a voice mailbox.  That vision has seen some bumps along the way but Cisco seems to have finally decided on a course.  That means that the CCIE Voice has reached the apex of potential.  It is high time for something new and different to come along and push the collaboration agenda to the logical end.  Cisco has already created a new CCIE to support their data center ambitions.  I’m surprised it took them this long to bring business video and non-voice communications to the forefront.  While I am sad to see the CCIE Voice fade away, I’m sure the CCIE Collaboration is going to be a whole new barrel of fun.

Change The CCIE Portal Login!

It’s been said that achieving the CCIE is one of the more painful processes in networking and certification.  There’s a lot of time and effort that must be expended to obtain those singular digits that identify you as an internetworking expert in the eyes of Cisco.  However, the pain doesn’t always end after you get your CCIE.

All the information accrued by a CCIE candidate lives in a database somewhere at Cisco.  The access method for this database is somewhat archaic.  When you attempt to access any information from the http://www.cisco.com/go/ccie landing page, you must first log in using your Cisco Connection Online (CCO) login.  This is a pretty standard login for anything on the Cisco website, from software downloads to partner page access.  Once you input the information to log into your CCO account, you aren’t automatically granted access to the CCIE portal.  Instead, you are redirected to https://tools.cisco.com/CCIE/Schedule_Lab/CCIEOnline/jsp/UpdateProfile_Form.jsp.  For those that might not otherwise be familiar with this page, here’s what it looks like:

CCIE Login Page - Thanks to @MrTugs

CCIE Login Page – Thanks to @MrTugs

Anyone that has taken the CCIE written, tried to schedule the CCIE lab, or has passed the lab knows the pain of this page.  In order to access your score report or CCIE logos or even schedule a lab exam, you must first provide the laundry list of random information.  The candidate ID is easy enough to find since it’s the CSCO number that tracks you through the Cisco certification program.  The rest of the info is the pain point.

Why is it that almost twenty years after the inception of the program that I still need to provide my written score report information?  I could understand providing all this information the first time I log into the system.  PearsonVUE and Prometric require similar information from your first testing score report in order to tie your database record to a test and begin to track you in their system.  If I had to provide the score report for the first time to tie the CCIE written exam to my CSCO number, I would totally understand.  However, I need to provide my written score EVERY. TIME. I. LOG. IN.  Even after I pass the CCIE lab, I still need to remember that score to access my certification record.  If you’re someone that has taken several recertification exams it can be painful.  If you’re been a CCIE as long as Terry Slattery, it’s downright excruciating.  If you’re considering a multiple CCIE, the process is even worse.  You have to log into the system with your specific track score report in order to schedule a lab.  Don’t have your CCIE Voice score report handy?  Better not log in with your CCIE R&S information.  You won’t have access to schedule the lab for Voice.  It’s almost like the CCIE database is a series of separate databases running on someone’s desktop in RTP.

EDIT: Marko Milivojevic (@icemarkom) pointed out to me that the database is consistent if you are a multiple CCIE holder.  Using any one of your written exams allows you to log in and see all of your records.  You still need to use a track-specific written test to schedule the associated lab exam, however.

Cisco has a certification tracking database located at http://www.cisco.com/go/certifications/login.  It holds all the information related to non-CCIE certifications.  It also happens to be integrated with the CCO login completely.  I used to have to login to the Cisco Cert Tracker with my CSCO ID, but now I just have to login with my regular CCO login and I’m passed right on through to the pertinent information.  There’s even a field in the Cert Tracker for my CCIE number.  However, there is no information to be found related to the CCIE itself.  I’m pretty sure this has a lot to do with the historical separation between the CCIE team and the rest of the certification organization.  The CCIE was always held apart from everything else, both due to its grandfatherly status in the certification industry and the lack of any prerequisites to take the written exam.  It has only been recently that the CCIE team has been folded into the greater Cisco Certifications team.  If they truly are a part of the greater whole, it’s high time to start bring the CCIE portal over to the Cert Tracker.

I can’t see any reason to continue to require CCIEs in good standing to remember a decade-old score report in order to access a logo or look up a lab exam date.  I can see logging in with the score report information the first time to tie everything together to a candidate record.  But after that, you should only need to login with your CCO login or your CSCO number.  That information should be a unique enough value to guarantee non-overlapping logins.  You already require the CCIE candidate to have a valid CSCO number in order to take the written at a PearsonVUE testing center.  Why not use it as the sole login credential?


Tom’s Take

I’ve known too many CCIE candidates that have frantically tried to recall their written test information when the dreaded lab score report email comes.  I had my info saved in Chrome so it would auto-fill when I got to that page.  It worked until I changed laptops and didn’t import my Chrome info.   I had to dig through a filing cabinet to track down the information I needed to login.  Think about the CCIEs that have been certified for more than a decade.  Why should they be forced to produce information that has been lost to time?  My written score has been displaced by RSTP timers and EIGRP admin distance numbers.  Sure, I could keep that info somewhere safe (like a 1Password entry), but I think the better fix would be to bring the CCIE database into the 21st century and integrate it with all the other tools that Cisco provides.  You can stage the migration over the course of a few months.  Even just allowing your CCO login to access the CCIE portal would be a huge step forward.  I know this is a delicate process that has been going on for many years.  But the process is broken and silly and it’s time that someone fixed it.

 

Opengear – A Box Full Of Awesome

Presenter number two at Network Field Day 4 was Opengear.  This was a company that I hadn’t heard much about.  A cursory glance at their website reveals that they make console servers among other interesting management devices.  Further searching turned up a post by Jeremy Stretch over at Packetlife about using one of the devices as the core of his free community lab.  If it’s good enough for Stretch, it’s good enough to pique my interest.

As you can see from the short opening, Opengear is dedicated to making network infrastructure management equipment like console servers as well as PDU management and environmental sensors.  Most interesting to me was the ACM5004-G unit the delegates received, which is a 4-port model with a 3G radio uplink.  They also make much more dense devices like the one in Stretch’s lab for those that are wanting something with a few more ports.  Most of the people I know that are looking at something like this for the CCIE lab use an old 2511 router with octal cables.  Those are fairly cheap on eBay but you are taking a risk with the hardware finally wearing out and being out of warranty.  As well, there are a ton of features that you can configure in the Opengear software (we’ll get to that in a minute.

Up next…is a caution for Opengear and other would-be Tech Field Day presenters.  Yes, I understand you are proud of your customer base and want to tell the world about all the cool people that use your product.  That being said, a single slide crammed full of logos, which I affectionately call “The NASCAR Slide” may be a better idea that slide after slide of each company broken down by industry vertical.  You have to think to yourself that filling 8-10 slides of your deck with other people’s logos is not only wasting time and space, but not doing a very good job of telling us what your product does.  All of the companies on that list probably use toilet paper as well, but we don’t see that on your slides.  Better to focus on your product.

Okay, now for awesome time.  Opengear’s management software has a bunch of bells and whistles to suit your fancy.  You can configure all manner things like multiple authentication methods for your users to prevent them from accessing consoles they aren’t supposed to see.  As the underpinnings of the whole Opengear system run on Linux, it’s no surprise that their monitoring software is built on top of Nagios.  This allows you to use their VCMS product to manage multiple disparate units.  Think about that.  You’re using the Opengear boxes to manage your equipment.  Now you can use their software to manage your Opengear boxes.  Those units can also be configured to “call home” over secured VPNs to ensure that your traffic isn’t flying across the Internet unencrypted.  VCMS can also use vendor-neutral commands to manage connected UPSes.  I can’t tell you the number of times having a device that could power cycle a UPS or PDU would have saved my bacon or prevented a trip across the state.  The VCMS can even script responses to events, such as triggering a power cycle if the system is hung or stops responding.

Next up is a demo of the software.  Worth a look if your interested in the gory details of the interface:

We finished off the day with a talk about some of the new and interesting things that Opengear is doing with their devices.  I think the story about configuring them to use a webcam to take pictures of people opening roadside boxes then upload the pictures to an FTP server running on the Opengear box that then sends the picture over 3G back to central location was the most interesting.  Of course, everyone immediately seized on the salmon farm as the strangest use case.  It’s clear that Opengear has a great solution that is only really limited by your imagination.

If you’d like to learn more about Opengear and their variety of products, you can check out their website at http://opengear.com.  You can also follow them on Twitter as @Opengear.


Tom’s Take

I can’t count the number of times that I’ve needed a console server.  Just that functionality alone would save me a lot of pain in some remote deployments I’ve had.  Opengear seems to have taken this idea and ran with it by adding on some great additional functionality, whether it be cellular uplinks or software controls for all manner of third party UPSes.  I think the fact that you can do so much with their boxes with a little imagination and some elbow grease means that we’re going to be hearing stories like the fish farm for a while to come.

Tech Field Day Disclaimer

Opengear was a sponsor of Network Field Day 4.  As such, they were responsible for covering a portion of my travel and lodging expenses while attending Network Field Day 4.  In addition, Opengear provided me with an ACM5004-G console server and a polo shirt. They did not ask for, nor where they promised any kind of consideration in the writing of this review.  The opinions and analysis provided within are my own and any errors or omissions are mine and mine alone.

Do They Give Out Numbers For The CCIE Written?

I’ve seen a bit of lively discussion recently about a topic that has vexed many an engineer for years.  It revolves around a select few that put “CCIE Written” as their title on their resume or their LinkedIn account.  While they have gone to great lengths to study and take the 100-question multiple choice written qualification exam for the CCIE lab, there is some notion that this test in and of itself grants a title of some sort.  While I have yet to interview someone that has this title, others that I talk to said they have.  I have been in a situation where some of my co-workers wanted to use that particular designation for me during the period of time when I passed the written but hadn’t yet made it through the lab.  I flat out told them “no.”

I understand the the CCIE is a huge undertaking.  Even the written qualification exam is a huge commitment of time and energy.  The test exists because the CCIE has no formal prerequisite.  Back before the CCNA or the CCNP, anyone could go out and attempt the CCIE.  However, since lab spots are a finite resource, some method of pre qualification had to be in place to ensure that people wouldn’t just book spot after spot in the hope of passing the lab.  The written serves as a barrier to entry that prevents just anyone from grabbing the nearest credit card and booking a lab slot they may have no hope of passing.  The written exam is just that, though – a qualification exam.  It doesn’t confer a number or a title of any kind.  It’s not the end of the journey.  It’s the beginning.  I think the rise of the number of people trying to use the CCIE written as a certification level comes from the fact that the exam can now be used to recertify any of a number of lower level certifications, including CCxA, CCxP, and almost all the Cisco Qualified Specialist designations.  That’s the reason I passed my first CCIE written.  At first, I had no real desire to try and get my brains hammered in by the infamous lab.  I merely wanted to keep my professional level certifications and my specialist tags without needing to go out and take all those exams over again.  However, once I passed the written and saw that I indeed knew more about routing and switching than I anticipated, I started analyzing the possibility of passing the lab.  I passed the written twice more before I got my number, both to keep my eligibility for the lab and to keep my other certifications from expiring.  Yet, every time someone asked me what my new title was after passing that test I reminded them that it meant nothing more beyond giving me the chance at a lab date.

I’m not mad at people that put “CCIE Written” as their title on a resume.  It’s not anger that makes me question their decision.  It’s disappointment.  I almost feel sorry that people see this as just another milestone that should provide some reward.  The reward of the CCIE Written is proving you know enough to go to San Jose or Brussels and not get your teeth kicked in.  It doesn’t confer a number or a title or anything other than a date taken and a score that you’ll need to log into the CCIE site every time you want to access your data (yes, even after you pass you still need it).  Rather than resting your laurels after you get through it, look at it as a license to accelerate your studies.  When someone asks you what your new title is, tell them your lab date.  It shows commitment and foresight.  Simply telling someone that you’re a CCIE written is most likely going to draw a stare of disdain followed by a very pointed discussion about the difference between a multiple choice exam and a practical lab.  Worst case scenario?  The person interviewing you has a CCIE and just dismisses you on the spot.  Don’t take that chance.  The only time the letters “CCIE” should be on your resume is if they are followed by a number.

Mental Case – In a Flash(card)

You’ve probably noticed that I spend a lot of my time studying for things.  Seems like I’ve always been reading things or memorizing arcane formulae for one reason or another.  In the past, I have relied upon a large number of methods for this purpose.  However, I keep coming back to the tried-and-true flash card.  To me, it’s the most basic form of learning.  A question on the front and an answer on the back is all you need to drill a fact into your head.  As I started studying for my CCIE lab exam, this was the route that I chose to go down when I wanted to learn some of the more difficult features, like BGP supress maps or NTP peer configurations.  It was a pain to hand write all that info out on my cards.  Sometimes it didn’t all fit.  Other times, I couldn’t read my own writing.  I wondered if there was a better solution.

Cue my friend Greg Ferro and his post about a program called Mental Case.  Mental Case, from Mental Faculty, is a program designed to let you create your own flashcards.  The main program runs on a Mac computer and allows you to create libraries of flash cards.  There are a lot of good example sets when you first launch the app for things like languages.  But, as you go through some of the other examples, you can see the power that Mental Case can give you above and beyond a simple 3″x5″ flash card.  For one thing, you can use pictures in your flash cards.  This is handy if you are trying to learn about art or landmarks, for instance.  You could also use it as a quick quiz about Cisco Visio shapes or wireless antenna types.  This is a great way to study things more advanced than just simple text.

Once you dig into Mental Case, though, you can see some of the things that separate it from traditional pen-and-paper.  While it might be handy to have a few flash cards in your pocket to take out and study when you’re in line at the DMV, more often than not you tend to forget about them.  Mental Case can setup a schedule for you to study.  It will pop up and tell you that it’s time to do some work.  That’s great as a constant reminder of what you need to learn.  Another nice feature is the learning feature.  If you have ever used flash cards, you probably know that after a while, you tend to know about 80% of them cold with little effort.  However, there are about 20% that kind of float in the middle of the pack and just get skipped past without much reinforcement.  They kind of get lost in the shuffle, so to speak.  With Mental Case, those questions which you get wrong more often get shuffled to the front, where your attention span is more focused.  Mental Case learns the best ways to make you learn best.  You can also set Mental Case to shuffle or even reverse the card deck to keep you on your toes.

When you couple all of these features with the fact that there is a Mental Case IOS client as well as a desktop version, your study efficiency goes through the roof.  Now, rather than only being able to study your flash cards when you are at your desk, you can take them with you everywhere.  When you consider that most people today spend an awful lot of time staring at their iPhones and iPads, it’s nice to know that you can pull up a set of flash cards from your mobile device and go to town at a moment’s notice, like in the line at the DMV.  In fact, that’s how I got started with Mental Case.  I downloaded the IOS app and started firing out the flash cards for things like changing RIP timers and configuring SSM.  However, the main Mental Case app only runs on Mac.  At the time, I didn’t have a Mac?  How did I do it?  Well, Mental Case seems to have thought of everything.  While the IOS app works best in concert with the Mac app, you can also create flash cards on other sites, like FlashcardExchange and Quizzlet.  You can create decks and make them publicly available for everyone, or just share them among your friends.  You do have to make the deck public long enough to download to Mental Case IOS, but it can be protected again afterwards if you are studying information that shouldn’t be shared with the rest of the world.  Note, though, that the IOS version of the software is a little more basic than the one on the Mac.  It doesn’t support wacky text formatting or the ability to do multiple choice quizzes.  Also, cards that are created with more than two “sides” (Mental Case calls them facets) will only display properly in slideshow mode.  But, if you think of the IOS client as a replacement for the stack of 10,000 flash cards you might already be carrying in your backpack or pocket the limitations aren’t that severe after all.

The latest version of Mental Case now has the option to share content between Macs via iCloud.  This will allow you to keep your deck synced between your different computers.  You still have to sync the cards between your Mac and your IOS device via Wi-Fi.  You can share at shorter ranges over Bluetooth.  You can also create collection of cards known as a Study Archive and place them in a central location, like Dropbox for instance. This wasn’t a feature when I was using Mental Case full time, but I like the idea of being able to keep my cards in one place all the time.

Mental Case is running a special on their software for the next few days.  Normally, the Mac version costs $29.99.  That’s worth every penny if you spend time studying.  However, for the next few days, it’s only $9.99.  This is a steal for such a powerful study program.  The IOS app is also on sale.  Normally $4.99, it’s just $2.99.  Alone the IOS app is a great resource.  Paired with its bigger brother, this is a no-brainer.  Run out and grab these two programs and spend more time studying your facts and figures efficiently and less time creating them.  If you’d like to learn more about Mental Case from Mental Faculty, you can check out their webiste at http://www.mentalcaseapp.com.

Disclaimer

I am a Mental Case IOS user.  I have used the demo version of the Mental Case Mac app.  Mental Case has not contacted me about this review, and no promotional consideration was given.  I’m just a really big fan of the app and wanted to tell people about it.

Study Advice – Listen To That Little Voice

During Show 109 of the Packet Pushers podcast, I had the unique honor to be involved in an episode that included the uber geek Scott Morris, distinguished Cisco Press author Wendell Odom, and the very first CCDE, Russ White.  Along with Natalie Timms, the CCIE Security program manager and Amy Arnold, we discussed a lot of various topics around the subject of certification.  One of the topics that came up about 37 minutes in was about being persistent in your studies.  Amy brought up a good point that you need to find a study habit that works for you.  I followed up with a comment that I still have a voice in the back of my head that tells me I need to study.  I promised a blog post about that, so here it is only a month late.

I took three years to get my CCIE.  Only the last year really involved intense study on a regular basis.  The previous 24 months, I spent a great deal of time and effort with my regular job.  I picked up a book from time to time and refresh my memory, but I wasn’t doing the kind of heavy duty labbing necessary to hone my CCIE skills.  After I had some conversations with my mentors about what the CCIE really meant to me, I jumped in and started doing as much studying as I could every night.  Almost all of my study time came after my kids went to bed.  Basically, from 8 p.m. until about 1 a.m. I fired up my GNS3 lab and tested various scenarios and brain teasers.  I took me a bit of time before I really settled into a routine, though.  There were lots of things that kept tugging at my attention.  The devilsh Internet, the seductive allure of my television, and the siren call of video games all competed to see which one could lure me away from the warm glow of my console screen.  I had to spend a great deal of time focusing on making a conscious decision to drop what I was doing and start working on my lab.  It’s a lot like running, in a way.  Most runners will tell you that if you can get outside and start running, the rest is easy.  It’s overcoming all the obstacles in your way that are trying to keep you from running.  You have to push past the distractions and keep moving no matter what.  Don’t let an email or a text message keep you from starting R1.  Don’t let a late-night snack run distract you from loading a troubleshooting configuration.  The real key is to get started.  Crack open those lab manuals and fire up your routers, whether they be real or virtual.  After that, the rest just falls into place.

There is a downside to all that training, though.  It’s now been 13 months since I passed my CCIE lab.  To this day, I stil have a little voice in the back of my head telling me that I need to be studying.  Every time I flip on the TV or sit down on the couch, I feel like I should have a book in my lap or have a lab diagram staring me in the face.  I’ve taken some certification tests since the lab, but I haven’t really taken a great deal of time to study something that isn’t familiar to me.  I talked about what I wanted to do at the beginning of the year, and I firmly believe now that I’m halfway through that I’ve missed some opportunities to get back on the horse, as it were.  I know that the only way to satisfy that voice that keeps telling me that I should be doing something is to feed it with chapters of study guides and time in front of the lab console again.  I don’t think it will take the same kind of time investment that the CCIE did, but who knows what it might build into in the end?  I certainly never thought I’d be taking the granddaddy of all certification tests when I first started learning about networking all those many years ago.

For those out there just starting to study for your certifications, I would echo Ethan’s advice during the podcast.  You need to make a habit out of studying.  Many people that I talk to want to study for tests, but they want to do it on someone else’s time.  They want their employer to mark off time for study or provide resources for learning.  While I’m all for this kind of idea and would love to see more employers doing things like this, there is a limit that you will eventually reach.  Your employer expects you to spend your time providing a service for them.  If you truly want to have as much study time as you want, you will have to do it outside working hours.  Your boss doesn’t care what you do from 5 p.m. on.  In the case of the CCIE, it was a whole lot easier for me to try and do mock labs on Saturday than it was to try and do them on Tuesday.  The work week doesn’t afford many uninterrupted opportunities for study.  Nights and weekends do.

Make sure you take your study habits as seriously as you do your job.  It might be easy to kid yourself into thinking that you can just pick up the book for five minutes before the next TV show comes one, but we both know that won’t work.  Unless you immerse yourself in studying, all that knowledge that you gained in those scant minutes of furious reading will evaporate when the theme song to that hit sitcom starts.  You don’t have to have total silence, though.  I find that I do some of my best studying when I have some noise in the background that forces me to pay attention to what I’m doing.  However, if you don’t apply some serious consideration to your studies, you’ll probably end up much like I did in the first couple of years of my studies – adrift and listless.  If you can knuckle down and treat it just like you would a troubleshooting task or an installation project, then you’ll do just fine.