Sign up and stay connected to your favorite communities.

sign uplog in
View
Sort
Coming soon
4

So my boss has tasked me with getting certified for CCNA, i took the course back in 2011 however never took the exam (family issues, horrible year). Since then I've been the network engineer for my company having migrated our old office from a mixed equipment network (nortel/3com) over to cisco 2960s and 4500 core, implemented standard templates for pix 501s, asa 5505s, 881 routers and implemented an ASA 5545 firewall pair (active/standby failover) to handle internet access and VPNs to 450 sites across the nation plus supporting them. When we moved office in 2014 I was tech lead for design and implementation of the core and server networks (3650 for campus, 4506-E for core and more recently nexus 3172s for the server network), a since departed colleague handled the campus network whilst we (largely myself) implemented Cisco ISE for wired and wireless role based network access.

My colleague on the hand left uni a year ago (degree in computer security) and has been working on our helpdesk (application and OS support mostly) and is moving onto our infrastructure team (team being myself and a line manager) as a security engineer. So has more recent experience in studying and has a good theoretical general knowledge but I have a lot more hands on experience.

Goals? Mine are to strengthen and reinforce my practical experience to move into a more architect orientated role, possibly international whilst his is to go into network security. its been hinted that if I get my CCNA then the company will fund my CCNP.

Is there any particular study guide that you would suggest and is bosons the only exam simulator worth looking at or are there others (preferably cheaper ones)? Note whilst the company may pay for the exams themselves (my line manager has said he'd try and get funding for the exams) we will be paying for any other expenses, personally I'm not that bothered as long as its affordable as it is an investment.

Thanks in advance!

1 point · 5 days ago

That's some impressive experience! With that background I'm sure you're not going to need too much. I recommend printing out the exam topics list and going one by one over each topic. If you're already familiar with it do a quick review, if it's not familiar read up on it. I used Odom's book, Exam Cram & CBT Nuggets with Jeremy Cioara. You have had a lot of great experience and you're going to fly through this thing in no time!

see more
Original Poster1 point · 4 days ago

It looks good on paper but reality a lot of it was youtube / google scrabbling for the answers. Little in-depth background knowledge on what i've had to implement (i.e. i'm weak on STP for example, and OSPF). Thanks for the encouragement !:)

The Sticky answers all this, but in short: Packet Tracer is free through Cisco NetAcademy (you have to register and sit through a short video on how to use it).

Odom's books are considered to be a good resource, as are Lammle's, although I've seen comments advising that Lammle's book was put out before the full development of the v3 roadmap.

see more
Original Poster1 point · 4 days ago

Studying for CCENT and need a good network simulator on a Mac

Are there requirements for CCNA security and is the background study close to router and switching?

119 points · 8 days ago

Support is why we don't buy HP products.

see more

Whilst I would be surprised if cisco insisted on firmware update to resolve an obvious hardware issue, updating firmware is also their preferred first answer to most calls I've logged.

I think that's because either a) it's an easy way to get you off their back for a while, and/or b) they suspect that the fix for your problem is a reboot and telling you to "update the firmware" sounds better than "have you tried turning it off and on again?"

see more

Except upgrading to their recommended wlc firmware broke my network!!

Have to say that their wlc tac isn't as good as their switching or ISE tac teams

Lasagna is a reward. Mondays are punishment.

see more

This depends on your ability to safely catch low flying hi speed trays of lasagne

For the right tray of lasagna, I'll gear up.

see more

It's a Monday... It won't be the right kind of lasagne

Load more comments

Hi, what about when you have ISE failures, how do you recover from that?

see more

We have two ISE appliances if they both fail (which hasn't happened) I have scripts that remove NAC from our access switches

1 point · 1 month ago

Is this script execution a manual process you initiate after confirming both ISE nodes are "toast" out of curiosity?

see more

Manual using the don't panic protocol

Load more comments

nbs-of-74 commented on
r/sysadminPosted by

Having to eventuate.... Sounds serious

3

Is anyone aware of a patch management solution aimed at the qsr market where the shops are reliant on realatively slow broadband connections either to a central network or the internet ?

Ideally looking for a low maintenance solution that can push down patches (Microsoft and third party) but minimise bandwidth used, key here is 7000 devices over 1000 sites without killing wan links. P2P delivery of content seems to fit if there is such a product.

Challenges are currently local disk space is not always available.

Regards

3
comment

Which why? The song, or why the hell he's using ISE in the first place?

Stupid, POS 802.1x 'solution' that deletes your entire fucking config because you dared to use a Chrome browser.

see more

?

Can you restrict which PCs are accessible to certain users via user groups?

see more

Yup, create two group policies per team one will be the permissions they have the other will be the access policy that defines who they have access to ( so you can create template standard action permissions and use across multiple teams,) then set up boost to query the ad server and choose the ad security group

Is simple. We've been using bomgar since 2011 and the only major issues we have is that the install files only work for up to a year before having to be recreated ( even if you buy a the year certificate) That and the install agent creates a random directory name under programdata and when you do a software inventory across the estate pretty much every client will have their own version of the client . Install path can be fixed to a single directory but the latter behaviour can't be changed.

Most times support has been very responsive and effective.

We run it across an estate of 7000 devices over approx a thousand stores in the UK

Wish I could give as good a recommendation for quest KACE!!

.EU can be used by European economic area members so is open to Iceland Norway and Switzerland but since UK membership is through the EU ...

So no TLD for Europe as a whole then?

298 points · 2 months ago

Oh, this ought to be fun. 90% of the captive portals running off a Cisco WLC are using the default of 1.1.1.1.

see more

Cisco NAC agent also probes 1.1.1.1 , maybe for the same reason

We've recently moved 35 servers from an IBM centre / IBM ds3x00 SAN / 4 host hs22 VMware 5.5 cluster over 8 g FC to SAN environment to a 4 host cluster and have had no issues but we don't have any heavy hitting servers yet ( moving solarwinds npm/Sam/nta over to the solution soon). So far no issues other than lack of p2v included in the solution. Xtract for vm worked smoothly to move over the esxi guests to AHV.

Allowed us to reduce from 35 U storage and 9 U computer to 4U including networking ( dual cisco nexus 3172) so boss is happy. Performance wise seems faster and management is simple and not a chore ( including upgrading AHV and prism)

We use HyCU for backup with an old quantum dxi6701 as the target with goal to replace with a qnap rack mount Nas and third copy / take out in aws

We're trying to get agreement to replace our datacentre with similar but also use nutanix and ABS to provide storage for a 15TB ms SQL server, not sure about nutanix performance in that role nor is my boss. Happy with the idea of iSCSI replacing FC but nervous about the Io performance of the nutanix storage heavy nodes being proposed. Just something new and interested in our environment so far and DB server has lot of visibility if things go wrong or performance isn't good enough ( currently it runs on two ibm hx5 servers and IBM v7000 san, plan is to run it on two hp dl360g10s with dedicated dual 10gb ports to storage vlan on the nexus switches and nutanix storage heavy nodes)

Original Poster2 points · 2 months ago

He had a habit of letting people know that they are stupid for plugging in both ports of a phone to the wall

see more

Stupid people hate the truth

u/nbs-of-74
Karma
31
Cake day
March 14, 2018
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.