Archive for June, 2009
CCIE Routing & Switching Techtorial
Yeah, ok, so I’m a day late.. Deal with it!
I’m sitting here in the wonderful world of Cisco Live (aka Networkers) 2009 in San Francisco! Today is the first day of Techtorial and Labtorial sessions. I’ve been spending my time harassing various speakers and Cisco folks along the way, but generally having fun!
Today is the CCIE Routing & Switching Techtorial. l dropped in to see what all was new and exciting with the upcoming changes in the blueprint! We started off talking about the basic stuff that we all already know. The exam (both lab and written) is changing on October 18, 2009! The written exam for v4 will be in beta in August. So those who are looking for an inexpensive recert, watch for this! ($50!)
Hello all! Writing to you from the 2009 Networkers Conference in San Fran. I hope all readers around the world are well today and feeling the buzz about Cisco technologies.
We have many of the CCIE R/S Written Bootcamp students testing this week at the Networkers Conference. As such, we made Practice Exam 1 a priority and completed it last night. It is now posted and available in all Member’s Sites.
This 100 question practice exam covers all topics within scope and should defintely pinpoint any of your weak areas. Enjoy!
NOTE: The actual CCIE R/S Written is currently 105 questions, but only 100 of the questions are graded.
been quiet for a while, had to travel a lot last week. We have posted the updates to the IEWB-SC VOL1 “Hotfix” section:
IPS VLAN Groups and Virtual Sensor
IPS Event Summarization
IPS Event Processing
IPS Blocking and Rate-Limiting
IPS Application Inspection and Control
IPS META Engine
IPS Anomaly Detection
and to IEWB-VO VOL1
SIP Phone Endpoints
Basic User Configuration
CUCM OS Users
Phone Button Templates
Common Phone Profile
Directory Number/Line Configuration
Calling Search Spaces
Gateway – MGCP T1 PRI
Gateway – H.323
Local Route Group
As for R&S, we’re currently working on the new addition to VOL1, which outlines the troubleshooting process in general, defines strategies and provides troubleshooting examples. This is to be released the next month. In addition to that, we’re preparing separate troubleshooting labs to be delivered in addition to VOL2 scenarios. Those will use separate topologies and will use a trouble-ticket pool that we develop. As for technology updates, we’re hindering that a bit and giving more priority to the troubleshooting scenarios. Personally I believe that adding troubleshooting to the CCIE R&S lab is the most important change, as it affects the whole lab strategy
There were people asking for our new R&S rack topology. We delayed that announce, because the one we’re currently working with would probably be expensive for many people using their own racks. We’re looking for a ways to implement our workbooks on a hybrid, less expensive topology. But if you want to know what being used now – it’s 5x1841s for R1, R2, R4, R5 and R6 and one 2811 for R3. All cabling connections and switches remain unchanged. If you would pick up that topology, you wont miss anything (well maybe some money); but if you’re trying to minimize the upgrade expenses, we’ll do our best to make that possible.
I have all three parts of this for everyone now in the on-demand format – enjoy!
just to keep you posted. We have another bunch of updates uploaded to our memebers area.
For R&S, there are two new IEWB-RS VOL2 labs (Lab11 & Lab12). Those two are basically re-worked versions of older VOL2 labs, better balanced and formatted to match the blueprint. For SC, there is new IEWB-SC VOL2 Lab4 (full-scale) packed with new features for you guys that need more challenge. In addition to that, there are new labs posted under IEWB-SC VOL1 “Hotfix” sections. Here is the full list of the labs currently in this section:
ASA Redundant Interface
ASA Enhanced Object Groups
Flexible Packet Matching
Zone Based Firewall
ZFW Rate Limiting
ZFW Application Inspection
Control Plane Protection (CPPr)
Remote Session Authentication using TACACS+
Exec Authorization using TACACS+
IOS Local Command Authorization
IOS Remote Command Authorization
Using RADIUS for Session Control
Classic IOS Transparent Firewall
ZFW-Based IOS Transparent Firewall
IOS IP Virtual Reassembly
IOS ACL Selection IP Option Drop
As for the Voice track, there is a fresh pack of new IEWB-VO VOL1 labs as well! See list of the new VOL1 labs below:
CUCM Navigation and GUI Interface
CUCM CLI Interface
Communications Manager Initialization
Verifying Database Replication
Phone Auto Registration
SIP Phone Endpoints
Flexible Packet Matching is a new feature that allows for granular packet inspection in Cisco IOS routers. Using FPM you can match any string, byte or even bit at any position in the IP (or theoretically non-IP) packet. This may greatly aid in identifying and blocking network attacks using static patterns found in the attack traffic. This feature has some limitation though.
a) First, it is completely stateless, e.g. does not track the state/history of the packet flow. Thus, FPM cannot discover dynamic protocol ports such as use by H.323 or FTP nor cannot it detect patterns split across multiple packets. Essentially, you are allowed to apply inspection per-packet basis only.
b) Additionally, you cannot apply FPM to the control-plane traffic, as the feature is implemented purely in CEF switching layer. Fragmented traffic is not assembled for matching, and the only inspected packet is the initial fragment of the IP packet flow.
c) IP packets with IP options are not matched by FPM as well, because they are punted to the route processor.
d) Lastly, this feature inspects only unicast packets and does not apply to MPLS encapsulated packets.
Configuring an FPM filter consists of a few steps.
(1) Loading protocol headers.
(2) Defining a protocol stack.
(3) Defining a traffic filter.
(4) Applying the policy & Verifying
Let’s look at every of these steps in depth.
Real quick, a short overview of our recent updates
new “Hotfix” section posted to VOL1 v5.0 area. This new section is designed to cover the recent addition to CCIE SC blueprint. So far it’s just about 50 pages, but we’re going to update it constantly until we cover all “hot” topics. Check it out for some new ASA features, IOS FPM, ZFW and CPPr.
VOL2 Lab3 has been released with updated solutions. Lab4 should be coming out this weekend as well.
Routing & Switching:
Look into your VOL2 v5.0 area to see updated Labs 8 and 9 added there. We’re going to post additional four labs this week and then switch back to releasing the updates for CCIE RS v4.0 track.
New addition to VOL1 labs of IEWB-VO. Here is the updated list of the new labs:
We’re looking for a talented person to join our team as a CCIE Voice developer and/or instructor. The requirements are simple: Energetic personality, CCIE Voice + CCSI, extensive instructor background, experience teaching CCVP classes or CCIEV bootcamps. Excellent knowledge of the latest CCIE Voice lab topics and technical English writing skills are also a must. In addition to that, as an instructor, you should be able to travel across the US up to two weeks per month.
What do you get? First, being a CCIE instructor or developer is a lot of fun and challenge! If you are all about networking, you will enjoy working with the latest Cisco technologies and putting your skills at test. Next, as an IE employee, you would gain tremendous experience and meet a lot of nice people. And last but not least – the job is well paid!
If you are interested and ready to take the challenge – send your resume and expected salary to petr@INE.com!