From: Alan Basinger (abasinge@xxxxxxxxxx)
Date: Tue Feb 20 2001 - 11:35:42 GMT-3
Having been on both sides of the issue I would have to say Adrian is right
about proper design being the first step to better security as well as link
utilization etc.etc. Currently I design network for Global Companies that
have huge IT budgets and they do spend time and money to correctly utilize
there networks. But in Chucks defense I also know some companies I have
worked for have had there networks evolve as more of an afterthought and
spent more money having poor coded network apps written that in the end
would not run on the network they had in place. Instead of fixing the poor
code (from Oracle by the way) they threw huge dollars at bandwidth to make
it work never really fixing the real problem. Against my better judgment and
also my advice (being the network engineer). In turn it seems managers not
in the know end up listening to developers and NT admins about network
design of which they know very little. So I can see both sides being right
some of the time.
Alan Basinger
Systems Engineer
SBC DataComm
Houston Texas
abasinge@swbell.net
| |
||| |||
.|||||. .|||||.
.:|||||||||:.:|||||||||:.
C i s c o S y s t e m s
Certified Gold Partner
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Steven Weber
Sent: Tuesday, February 20, 2001 6:40 AM
To: Adrian Chew
Cc: ccielab@groupstudy.com
Subject: Re: CCIE Design Lab
Well said Adrian ;-)
Adrian Chew wrote:
> I would actually disagree on security - security is important no doubt but
> it isn't nearly this huge thing it has been made out to be. It almost
seems
> a CCIE Security might be a little too easy - IMO, security is nothing more
> than a piece that goes into the CCIE Design. Those customers who spend
> foolishly often think they can get away with a ton of firewalls and
> intrusion detectors, etc - but the key in security is fundamentally sound
> network design. A well designed network takes security into account among
> many other factors.
>
> Most firewall implementations almost look like the design of the firewall
> design discussion going on now - you need border routers to the Internet,
> load balancers and lots of redundancies and have all these secured. Any
> 'security' specialists usually do nothing more than clean up after the
> designer of the network failed to deal with the security aspect. There's
> just too many 'myths' that enables security to sell, but it all boils down
> to stuff that should have been done from day 1 with the design.
>
> More bandwidth is not necesarily an catch-all solution... often the root
> problems might be caused by other factors including the servers, apps, etc
> that run on the networks. More bandwidth can be almost like sinfully
using
> duct tape to patch a million little leaks. Having done everything from
> traffic shaping/rate-limited to queueing on starved links, I'd say a lot
is
> possible if you're dealing with cases when the bandwidth isn't likely to
go
> up easily - international bandwidth can be extremely expensive.
>
> Given a set of requirements, and a budget to do that with - I do think as
> the 'engineer' - we've got the responsibility to design, propose and
> implement the best 'fit' solution. This can usually be done - and
sometimes
> you have to make compromises and choices when resources are limited - in
> those cases the compromises should be made known and the client has to
make
> the final call.
>
> ----- Original Message -----
> From: "Chuck Larrieu" <chuck@cl.cncdsl.com>
> To: "Cal Michael" <cmichael@solutionlabs.com>; <ccielab@groupstudy.com>
> Sent: Tuesday, February 20, 2001 12:09 AM
> Subject: RE: CCIE Design Lab
>
> > My own opinion is that there is far more value to be had and offered in
> the
> > CCIE / Security certification, and that is where Cisco should place its
> > support and resources.
> >
> > In my dealings with customers over the last year I find that as far as
> > design goes, the solution to every problem is more bandwidth, and the
> > companies that have money will spend it foolishly, and the companies
that
> > don't will just do it as cheaply as possible no matter what the
> > consequences. So design becomes merely a matter of slapping together a
> bunch
> > of boxes in the desired price range with the ability to connect via the
> > transport mechanism of choice.
> >
> > Security, on the other hand, is a skill that transcends Cisco specific
> > solutions, and will provide value to the certified individual and
his/her
> > customers for some time to come.
> >
> > JMHO
> >
> > Chuck
> >
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Cal
> > Michael
> > Sent: Monday, February 19, 2001 3:43 PM
> > To: ccielab@groupstudy.com
> > Subject: CCIE Design Lab
> >
> >
> > - Just talked to the registrar at San Jose and was
> > informed that the Design Lab is going to face a
> > critical decision regarding it's future.
> >
> > The decision is to go forward with a redesigned
> > Design lab, or to pull it's proverbial plug.
> >
> > Is it time to give Cisco a show of support for
> > the Design program? The Design CCIE has been
> > touted as the "Master CCIE" program because of
> > the unrealistic mix of product that can possibly
> > be seen on the lab exam.
> >
> > The "life or death" decision is supposed to be
> > made in the beginning of April.
> >
> > - Does anybody else have any other details regarding
> > the fate of CCIE Design program?
> >
> > --- ----- ---
> >
> > ---------------------------------------------
> > - Cal Michael - Author www.solutionlabs.com -
> > - CCIE R-S/ISP Dial #5033, CCDP, AVVID CIPT -
> > - mailto:support@solutionlabs.com -
> > ---------------------------------------------
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:53 GMT-3