RE: Multiple IEs

From: Santi (ccie@texas.net)
Date: Thu Jan 31 2008 - 02:30:01 ARST

Thanks. This helps me and gives me confidence that I am on the right track.
I don't want to be another security engineer who does not have a real solid
understanding about what is going on underneath it all. I want to move way
beyond my comfort zone and really learn.

I have met several "Security Experts" in Iraq who thought a simple "duh"
command such as "mac-address-table static xxxx.yyyy.zzzz vlan xy drop" was
the coolest command ever. When I experienced this, I had one of those
"Scooby-doo" thoughts, "uh oh Shaggy". And I am not exaggerating. I mean
IANE's, Information Assurance Network Engineers, are supposed have a solid
foundation in network admin, processes, and design from a small to medium
scale network, as well as be proficient in net sec. Yet, I have only met
"MAYBE" a handful IANE's who really understood what was going on. Most
obtain their CCNA, and not their CCNP, but obtain their CCSP, then their
CISSP to qualify for DOD contracts, assuming they are good to go on security
clearances. They generally do not have at least "real" world CCNP level
experience. It is MUCH worse with I.T. net-admins and sys-admins. For that
matter, some of the net-admins hired by a couple of the DOD company's out
there, barely had their CCNA's. Yet, they were responsible for the O&M of
very large military networks. Sorry for saying this, but I loathe working
with "TEST KING BABY'S". My partner and I called them TKB's, for short,
because we would watch these contractors print out TestKing after TestKing,
and still barely pass the exam. On many occasions, my partner and I had to
take over the network, whenever these other contractors made enough mistakes
to bring down the network. It was not even our job, but we were asked to
step in. Once we corrected, stabilized and documented the network, we had
to turn it back over to the other contractors, only to slowly watch them
screw it up again. It still irritates the $*#&#Q out of me. So, I need to
stop right here.

Sorry for the rant. Guess I am still venting.

-----Original Message-----
From: Gary Duncanson [mailto:gary.duncanson@googlemail.com]
Sent: Wednesday, January 30, 2008 12:30 PM
To: Santi
Cc: ccielab@groupstudy.com
Subject: Re: Multiple IEs

Certainly agree with that.

A have found lot of folks in security are really lacking in networking
fundamentals surprisingly. Unlike yourself I think a lot of people just
rapidly moved into it because it was seen as being the cool thing to do. A
recall asking a security specialist some years back if vlans were employed
to provide security on a particular network. He replied 'oh no our security
works at layer 2'

Go figure.

There are a myriad of things to learn concerning network security that go
way beyond the stock stuff many security consultants espouse to know
something about. DAI is just one of them.

----- Original Message -----
From: "Santi" <ccie@texas.net>
To: "'Paul Dardinski'" <pauld@marshallcomm.com>
Cc: <ccielab@groupstudy.com>
Sent: Wednesday, January 30, 2008 2:51 AM
Subject: RE: Multiple IEs

>I would agree with that. Additionally, going for another might help to
> round out your CCIE specialty. For instance, busting my butt for the CCIE
> R&S would help me to better understand the underlying network, traffic and
> flows when I wish to really tear up security. I have been in the security
> field for 8 years now and still learning a lot. However, when I worked
> with
> a couple of engineers that had their CCIE R&S, this really forced me to
> step
> up and learn more about the network. In fact, they created IE level
> problems
> for me to solve and that had to be integrated into a security solution.
> This
> forced to learn about the various protocols and technologies much more
> deeply.
>
> So, since I really wanted to be more than just someone with a single CCIE
> in
> security, I also wanted to assure myself that I had more than just a CCNP
> level of expertise in networks. After working with CCIE R&S engineers, I
> quickly learned that there was much more to the network which is paramount
> to a real solid security design. So, I am studying for the IE R&S before
> obtaining the IE Security.
>
> I hope this is a good plan.
>
> Santi
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Paul
> Dardinski
> Sent: Monday, January 28, 2008 8:51 PM
> To: EdmondsSG@aol.com; ccielab@groupstudy.com
> Subject: RE: Multiple IEs
>
> I think it is because in the first one we all get kind of "weird" and
> pretty much become study addicts:)
>
> PD (#16842)
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> EdmondsSG@aol.com
> Sent: Monday, January 28, 2008 6:20 AM
> To: ccielab@groupstudy.com
> Subject: Multiple IEs
>
> Why do so many people get their first IE, then immediately go for a
> second
> (SP/VOICE/SECURITY)?
>
> Is almost like they get the IE in say R/S and think .. thats it ..I know
> it
> all now - I can move on to something else.
>
> But it takes years to become a true 'EXPERT' in any field - so dont let
> the
> certifications grandiose title fool ya!
>
> Build on what you have learnt through exam study - become a true expert
> -
> and you will be a man my son ..
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:47 ARST