Monday, September 19, 2016

Evaluating Your CCDE Practical Score Report

(This entry is a cross-post from my September CCDE newsletter. If you'd like to receive this to your email inbox two weeks prior to posting on my website, please sign up for my newsletter)

Over my years of helping CCDE candidates prepare for their Practical exam I have often been asked for my help in understanding the score report that an unsuccessful attempt yields. It is unfortunate when a candidate receives an unsuccessful result, but it happens often. Cisco's pass rate for Expert level exams (CCIE + CCDE combined) is approximately 15 - 20% per attempt, so more often than not, a candidate will not pass.

Unlike many of Cisco's written exams, the CCDE Practical does not give you a technology-based breakdown of your performance. While it would be great to receive something like this:

OSPF          70%
EIGRP         40%
IS-IS         30%
L3VPN         95%
Security      30%
etc, etc      10%

You will actually receive this:

1.0 Analyze Design Requirements           40%
2.0 Develop Network Designs               50%
3.0 Implement Network Design              60%
4.0 Validate and Optimize Network Design  90%

(These are made-up scores. If they match yours, I promise I wasn't looking at your paper)

So what can we do with this information? It certainly doesn't tell us which Cisco Press book to re-read in preparation for our next exam attempt. How can you build a study plan that gets will get you the crucial points to pass during the next exam date?

First, trust your gut. Your score report is given to you immediately after completion of the exam. The day's scenarios should be relatively fresh in your mind. Which of the technical topics was most challenging for you? Were there any terms or acronyms that were unfamiliar? I'm not ashamed to admit that during my CCDE Practical exam I came across at least one term that I hadn't been exposed to in my studies. This is why you'll see a few oddball acronyms in my training materials, especially during my practice exam.

Make a list of all of the topics, terms and design situations that made you uncomfortable. If it is a large list, so be it! I still haven't met a CCDE who was completely confident in their results before they saw their score report. The exam is designed to put you, the network designer, in uncomfortable spots. After all, doesn't real-world networking require compromise and educated guessing from time-to-time? The difference being that in the real-world we are allowed to use Google to validate our guesses before hitting submit.

So what does my result in each of these categories actually mean?

1.0 Analyze Design Requirements

This section is worth approximately 36% of your exam. The questions that fall into this category are of the style of 'What additional information do you require to develop your design?' Poor scores on this category reflect trouble understanding the scenario, and especially the business constraints presented. I like to think of this category as the one that tests your reading comprehension capabilities. It has been my experience, when working with students, that low scores make it practically impossible to pass the exam, as your core understanding of the scenario is flawed in some way. It is very difficult to determine the right answer to the following sections without proper knowledge of the core documents.

2.0 Develop Network Designs

This section represents the plurality of points on the exam, about 39% of the total points. These questions can be presented in many ways (multiple choice, multiple answer, diagram/hotspot, etc). The core skill tested in this category is the 'Which network design is most appropriate for this scenario?'. If your scores in this section are low, that represents a hole in your technical knowledge. Perhaps you do not understand one or more of the proposed technologies (if selecting the right solution) or the specific technology in the question (for example, where to place the BGP Route Reflector). Poor performance on this question type also makes section 4.0 (Validate and Optimize Network Design) difficult, as you are likely to go down a branch of the exam that does not have any correct answers available.

3.0 Implement Network Design

These are your implementation plan questions. As we discuss in my training, there is a specific strategy that I recommend for this question type. These represent only 13% of the total points on the exam, but with a passing score at or near 80%, every point counts. Fortunately, getting these questions wrong does not usually lead to a bad branching path.

4.0 Validate and Optimize Network Design

Although this section is only worth 12% of the exam points, I consider it the heart of the CCDE program. These are the questions that ask, 'Why did you make the design recommendation in the previous question?' or 'Why is this other proposed design not optimal?' I like to think of this question type as the one that clarifies whether the candidate knew the answer to the Design Recommendation question that came before it, or whether they had a lucky guess. It is very difficult to guess correctly twice in a row!

I hope this article has helped candidates who were unable to pass on their last CCDE Practical attempt. Next month's article will be a technical one, Provider Backbone Bridging (PBB) 101.

Thank you for reading this!


Wednesday, June 15, 2016

Why You Should Prepare For Your CCDE With Jeremy

Once you commit to pursuing the CCDE certification, your next decision is how to prepare for it. Here are ten reasons why you should trust me with your training:

1) Proven Success

I have trained 10x the successful CCDE candidates as all other CCDE training companies combined. Nearly 100 of the 300 CCDE candidates who passed since I first offered my training have attended my classes. Why risk your training time and money on an unproven training vendor?

2) Focused Training

I only provide CCDE training! I am not distracted by offering training in other Cisco disciplines like CCDA/CCDP, or CCIE tracks. All of my development time is focused on this one certification. If you need training for other certifications, I will happily recommend a great provider. But I won't be able to help you myself!

3) Professional Experience

I have been a network designer/architect for 20 years. I earned my first Expert level Cisco certification (CCIE R/S #3851) in June, 1998. I have worked on the networks of several of the world's largest companies (General Electric, Comcast, Level-3, JP Morgan Chase). I am employed as a network architect at a Fortune 500 company, and I provide consulting to several additional companies. I not only teach this material, I implement it as well.

4) Teaching Experience

I have led dozens of CCDE training sessions since I started provided CCDE training in 2010. I know how to get critical concepts across to my students, and I am always available via email, Skype, or chat to offer advice and encouragement. I even earned the Certified Cisco Systems Instructor designation in 2010.

5) Long Involvement with the CCDE Program

I was present at the launch of the CCDE certification at Cisco Live in Anaheim, California in 2007. I was an active member of the CCDE beta team, and I was among the first handful of engineers to earn my CCDE certification (February 2009, CCDE #2009::3). I have lived and breathed CCDE subject matter since before other CCDE trainers had even heard of the program.

6) CCDE Success

I'm not normally one to boast, but I passed the CCDE certification exam on my first attempt. No other CCDE trainer can make this claim.

7) Clear and Legible Training Materials

As a native English speaker I am able to generate content that is easy to understand. You won't struggle to understand me whether you are in the classroom or online. This helps if you are also a native English speaker, but it is even more critical if English is not your primary language.

8) I have access to a wealth of CCDE-related minds

I am friends with many current and former CCDE program members. While this does not provide me with access to NDA materials (I would never cross that line!), it does allow me to keep current with developments in the CCDE program. My materials are always targeted at the current version of the exam.

9) Cisco Employees Trust Me, You Should Too

I have provided training for over 30 Cisco-employed CCDEs. I am a registered Cisco vendor and I have provided my classes on-site at Cisco offices. If you can't trust Cisco's judgment, who can you trust?

10) Simple Business Model

My CCDE business model is incredibly simple. You have two options:

          Option 1) Sign up for my online CCDE training for $995 USD. This entitles you to unlimited access to my online materials until you pass the CCDE Practical exam.

          Option 2) Sign up for my 5-day bootcamp class for $4995 USD. This allows you to attend one of my five-day bootcamp classes in person, or online; whichever works best for you. It also entitles you to unlimited access to my online materials until you pass the CCDE Practical exam. If you want to attend the bootcamp again you may do so for a nominal materials fee of $299 USD.

      Simple, right? No subscriptions, no upcharges, etc. Sign up for my training and I will work with you until you pass the exam. That's the guarantee I made my first students in 2010, and it is the guarantee I still provide today. Nearly 100 successful CCDE candidates can't be wrong!

Additional Information

Online Training
Bootcamp Training

Thursday, May 12, 2016

That Time I Taught My First CCDE Training Class

I recently noticed a great infographic floating around the inter-webs regarding the Imposter Syndrome:

It struck me that:

  • Everyone I’ve had a meaningful conversation with on this topic has admitted to suffering from this affliction
  • No one thinks anyone else suffers from this affliction

And I do mean it -- I have spoken with dozens of people about this topic, from all walks of life. The very best network architects I know may even suffer from Imposter Syndrome to a greater degree than less experienced members of the industry. Perhaps this is a factor in their success; they never feel like they belong (technically), so they continue to study technology and achieve certifications in a quixotic attempt to finally feel like they have accomplished ‘enough’ to fit in.

And perhaps no one experiences this as much as I do. [See what I did there… I fell into the very trap that everyone else falls into, thinking that I have it worse than the rest with regards to this affliction]. The logical, calculating portion of my brain knows this is a farce. I have lots of great experience, many successful CCDE students and multiple high-level certifications that should provide proof of my abilities. In fact, they do, to everyone but myself.

So what does this have to do with my First CCDE Training Class (the title of this blog post)? I’m sure you can guess.

About a year after I earned my CCDE certification, I found myself in a classroom, tasked with teaching a group of network engineers how to prepare for the CCDE Practical exam. Well, they weren’t just a ‘group of network engineers;’ they were a self-selected class of fifteen Cisco SEs and NCEs. We began the class in traditional fashion, where I introduced myself and then gave each participant a few moments to do the same. As I recall, every member of the class had at least one CCIE certification, and in total there were over 40 earned CCIEs in the room. Only one of those was mine... Talk about the Imposter Syndrome! As one candidate briefly summed up his background (two Cisco Press books published, developer of the CCIE DC exam, etc, etc) the thought occurred to me — "I got lucky, passed a tough exam, agreed to teach a class I had no business leading, and now I’m going to melt into the floor at a Cisco office in Chicago once this class realizes I’m a fraud."

Fortunately, this class was full of extremely kind and patient students. The materials 
provided by the training vendor were not sufficient to help prepare the class, so I spent several late nights during the week preparing additional case studies. At the end of the week one of the students kindly photocopied my handwritten composition notebook to share with the class. A handful of class members had already attempted the exam and they had specific strategies that they wanted me to help them work through. One wanted to go through a merger scenario, so we worked up something on the whiteboard. As we proceeded through the various topics and designs that could be on the exam, we occasionally reached a topic that I had difficulty teaching. Each time one or another member of the class stepped in to guide the discussion.

At the end of the week, I thanked the class for allowing me the opportunity to assist them with their pursuit of the CCDE certification. I remarked that they had been an incredibly patient group and they had made me, a first-time instructor, very comfortable. Immediately several students expressed surprise that I wasn’t a seasoned teacher. Each of them remarked about how at ease I appeared during the class and how well I handled such a difficult group. My internal read on the situation was exactly the opposite of theirs. Several months after the class concluded, I began to receive emails from students thanking me for the assistance I provided, and letting me know about their success on the CCDE Practical exam. By my count, five of the seven students who ultimately attempted the CCDE Practical passed after our class.

You would think this experience had put my mind at ease, and teaching future classes would be much easier. Well, I’ve taught well over a dozen week-long CCDE bootcamps, and many more online classes, and I still get nervous before I introduce myself at the beginning of each session. The Imposter Syndrome is a part of my professional life, and I’ve come to accept it. In fact, I count on it to ‘keep me hungry,’ so I continue to study the various technologies involved in network design just as I did in 1997, when I truly did not know anything about networking.

I do in some ways fear that as the Imposter Syndrome is more openly discussed, it will become less prevalent. This could have the unfortunate effect of causing overconfidence, where everyone who knows about this syndrome thinks they suffer from it, even when they are, in fact, under-informed about their chosen craft. I somehow doubt this will be an issue except for the small minority who never actually had the condition to begin with.

Here are a few more references to Imposter Syndrome from @aliciatweet. She appears to be the source of the image at the top of this post, or at least the original infographic that this was based on:

Jeremy Filliben is a network architect and CCDE instructor. He has assisted over 80 students in their successful pursuit of the Cisco Certified Design Expert designation. His next CCDE Practical Bootcamp class is scheduled for July 25th. More details can be found on his website at

Friday, May 6, 2016

Is Network Design an Art?

I get a little worked up when I see network designers describing our craft as an ‘art.’ I understand where the thought comes from; there is certainly a level of creativity required to arrive at an optimal network design for a given set of constraints and business challenges. It is nevertheless my opinion that we are working within a science, not an art. The key differentiator is whether we can judge one network design to be superior to another. With the traditional arts, it not objectively possible to say one song/painting/movie is ‘better’ than another. We can measure them on various points (Rotten Tomatoes [link] scores for movies, sale price for paintings, etc), but how any one individual perceives an artist’s creation is not open to debate. I like Dumb & Dumber more than Casablanca, and no amount of objective information is going to change my mind! 😃 

This is not true with network design. If two network designers review a set of business and technical requirements, they may generate unique proposals. When this occurs, invariably one or more of the following are at the root of the disagreement.

A) They interpreted the requirements differently, or the requirements were defined well enough

With good network designers, this is often the root cause. It is possible that they did not receive the same requirement information. More often, one of the engineers overlooked a key piece of information, such as a customer preference or existing technology choice that must be taken into account. If the requirements were not well-defined, assumptions must be made. These assumptions become quasi-requirements, which lead to different solutions.

B) Have differing personal opinions on the implementation details of a solution

Also known as ‘practical experience’ — These are the biases that we have developed over the years of deploying and managing technologies. Pretty much every network engineer has a preferred IGP, for example. Perhaps you have worked more often with OSPF networks, and therefore you are more comfortable using it to solve most problems. That does not make it the right choice for every proposed network design. This point of disagreement can also result from negative experiences, especially as they relate to implementation-level problems. Remember that Cisco OSPF in IOS-XR bug that kept you up for several consecutive nights, or the time IS-IS ‘blew up’ for you because you added a Juniper router to a Cisco network (hopefully not real examples for you). While implementation-level details should factor into real-world designs, do not let them talk you out of the correct technology solution (especially on a CCDE exam, hint hint).

C) Do not share the same knowledge base / understanding of the design elements

This is the category of disagreement related to the knowledge of our network designers. If one engineer proposes an IS-IS solution, and the other engineer has no experience with the protocol, there is very likely to be a disagreement.

For humble network architects, this should not be a problem. We all have our areas of expertise, and I can assure you no one is an expert in all possible technologies. Those technologies with which I have less practical experience can still be valid solutions to a problem. It is my responsibility as a network architect to have a solid understanding of these options, and if one appears viable I must put in the time to study it to see if there is a place for it in my proposal. I recommend knowing enough about each networking technology to answer the following questions:

1) What problems can it solve?
2) What are the pre-requisites?
3) How well can it scale?
4) How manageable is the resulting design?

That short list is in my experience sufficient to know when/where a technology can be useful. I can quickly rule out those that won’t fit (for example, if L2 adjacency is required, I can rule out L3VPN) and then spend time researching the remaining options to find the best answer.

Note that none of these points of disagreement allow us to develop unique, equally-valid solutions to the original problem.  Perhaps in the simplest cases it does not matter if we choose OSPF or EIGRP as our IGP, but with enough probing we should be able to find information that leads us to one specific solution. Maybe we could ask the following questions:

1) Are you concerned with vendor lock-in?
2) What is your convergence requirement?
3) Does your support team have operational experience with either protocol?
4) To what size do you intend to scale the network?
5) Might you deploy dynamically-calculated MPLS-TE tunnels in the future?

After getting honest answers to these questions, two network designers should be able to come to an agreement on the correct IGP.

BTW, I am not disagreeing with the core tenet of Art of Network Architecture, and not just because Russ and Denise are two of my favorite people in networking. The point I am making is that there is a difference between network architecture and design.

Jeremy Filliben is a network architect and CCDE instructor for Pristine Packets. Details about his training can be found on his website, Jeremy has trained over 80 CCDEs in his 7 years in the industry. 

Monday, November 30, 2015

Over 300 CCDEs Worldwide

CCDE Program Update

Congratulations to my students who successfully completed their CCDE journey this year. I am currently aware of 18 passing results for the year, but I haven't heard from all of my students quite yet. I suspect a few are still celebrating their accomplishment. For those candidates that were unsuccessful (whether they are students or not), understand that achieving an Expert-level Cisco certification is a process. The rumored pass rate for Expert-level exams is around 20% per attempt, so it is not unexpected to face adversity in your path to certification. If you attended my bootcamp, think back to my instructor introduction discussion... One of the most important steps in passing a Cisco exam is often failing it first.

Now that the 2015 CCDE testing cycle has ended, we can announce that the total number of Cisco Certified Design Experts is 304, minus any that have let their certification lapse. We saw only 51 total CCDEs certified this year, which is lower than in previous years. Without knowing for sure, I attribute this to a particularly difficult exam cycle, especially the August exam. According to Cisco the candidate volume has been steady. I think this bodes well for 2016.

Personal Update

Speaking of recertification, I was fortunate to have passed my CCDE recertification exam a few weeks ago. This brings me to a pair of personally-significant milestones. I am now sure to make my 20-year CCIE anniversary in 2018, and I am also certain to reach my 10-year CCDE anniversary in 2019. I have no intention of abandoning my networking efforts, but it is comforting to know that if I circumstances change I will still reach those two goals.

That said, I am still as interested in networking today as I ever have been. It's hard to believe that in a world of such rapid technology change, Cisco has been an integral part of my networking career since the beginning. So many of the competing vendors from the early days (Cabletron, Synoptics, etc) have faded away, and new ones have come and gone often. I suppose I'm trying to say that although I have been in networking for half my life, I am still amazed and challenged by the field. With regards to Cisco technology, I do not intend to take advantage of the CCIE Emeritus anytime soon. Nor would I use a CCDE Emeritus program if one were created, although I think that is an unlikely development.

I have a few other professional updates I'll be sharing in future blog posts, but I'll keep this post short so readers can get back to their studies :)

Training Update

I am eagerly looking forward to helping more students achieve their CCDE certification goals in 2016 and beyond. Several students asked that I publish a training schedule for the year so they can better plan their 2016 training schedule. Here is my schedule of 2016 classroom training:

April 18-22, 2016 - Orlando, Florida - April Registration Link
October 17-21, 2016 - Orlando, Florida - October Registration Link

As you may notice, my students have shown that they are more interested in attending classes in Florida than in the other locations I have offered in the past. Perhaps it is the ability to extend their travels and visit Disney World or the Florida beaches. It certainly is an easy location to travel to, regardless of your point of origin. If you have another location in mind, and a group of students who are sure to attend, let me know and I can add another class to the schedule. As always, all classes are available for remote Webex attendance as well. After my most recent training a remote attendee commented:

"By the way the class you put on was the best training I have ever attended."

I appreciate the sentiment, and those of my other students. It is great knowing that Webex attendees are on equal footing with classroom attendees. This was my fear when considering offering a remote learning option, but with the help of few friends (especially Ivan and Ethan) I found technology solutions that work for both types of students.

If taking a week-long break from your normal work duties isn't possible, you can attend my self-paced training. I recently added two new CCDE practical scenarios to the four previous ones. These exams were developed based on student feedback and cover additional network designs. My students now receive access to all six exams. If you are a current student who hasn't passed the CCDE practical exam, send me an email and I will provide you the additional content at no cost.


Tuesday, September 29, 2015

Fall 2015 Training Update

Fall is upon us in the Northern Hemisphere. The weather is getting cooler in my hometown, so it is time to head down to Central Florida for my next CCDE Practical Bootcamp class :)

Training Update

My next bootcamp class will include two all-new practice exam scenarios! I have been hard at work incorporating feedback regarding my previous practice exams and the notes of my beta tester (Thank you MD!). I am confident I will have them completed in time for class during the week of October 19th. Provided the classroom feedback is positive, I will review them for online students at the next review date (see below). If you are interested in attending my October bootcamp either in person or online, please take a look at the class web page.

The next live review of my CCDE practice exams is scheduled for Saturday October 24th (AmericaTel and MetalWorks) and Saturday October 31st (two new exams -- BrasCom and Canadian Fitness). Both review sessions will begin at 8am Eastern Daylight Savings Time. This is slightly early than prior start times, so returning students will need to adjust their schedules. If you are a new student and want to attend, please register for the sessions via the Online CCDE Practice Exam training page. For those who remember separate Online vs Self-Paced practice exam training, please note that I've combined the registration for the classes. There is no difference in content between the sessions and all students are welcome to attend the Webex recording sessions. Current students should send me an email to get on the Webex invite list.

Professional Update

I have been involved in several new and interesting projects for my primary customer network. WAN encryption, Performance routing enhancements (now IWAN) and IPv6 testing are all on the list or have already been completed. I hope everyone has heard that ARIN has given out its last IPv4 prefixes. If you haven't started with IPv6 in your Enterprise, please do not wait any longer. You can be the hero who saves your organization from getting too far behind the rest of the world :)

Is anyone else deploying IPv6 at an enterprise? I am interested to hear about your approach. My strategy thus far has been to start with VPN, then move on to web hosting. Cisco AnyConnect is a great starting point for IPv6, and I suspect it will be one of the first requirements for IPv6 access. We are now providing IPv4 VPN over IPv6 transport. It works well, although the default behavior of the client appears to be to try IPv4 first, then fallback to a AAAA record for the same DNS entry. I've had to disable IPv4 access on the client side to force AnyConnect to use IPv6 for transport.

Tuesday, July 14, 2015

Cisco Live Recap and October CCDE Class in Orlando

It has been a bit over a month since Cisco Live wrapped up. Immediately after it ended I embarked on a family vacation, and I'm just now getting my thoughts together.

First, thank you to everyone I got a chance to meet and speak with this year. My favorite parts of Cisco Live are catching up with former colleagues and students, and making new connections with other networkers. This year Cisco graciously invited me to record some video on my thoughts about the future of networking, some of which was displayed during the Keynote presentations. Take a look at the Opening Keynote and the Luminary Keynote on for my opinions on the value of Cisco Live and the pace of change in IT.

I had two technical goals this year. One was to learn as much as possible about updates to Performance Routing. I attended two PfR sessions and I had an hour-long Meet The Engineer with Jean-Marc Barozet where we covered my primary use case. Unfortunately my requirements are not met by PfR3, so I'll be sticking with PfR2 for the foreseeable future. Jean-Marc was sympathetic to my requirements and took some good notes, so I am hopeful that my needs will be met in a future version. As I see it, Cisco removed quite a few configuration knobs between PfR2 and PfR3. I suspect this is to address competitor's claims that Cisco's version of SDN is too complicated (and maybe end users' complaints as well). I'd much rather have the knobs!

My second technical goal was to learn more about wireless LANs. My primary network uses a lot of Cisco WLAN gear. We are also nearing End-of-Life of much of our LAN gear. I would like to migrate the vast majority of my end users to wireless-only connectivity. My sessions and conversations during Cisco Live have given me reason to reconsider this. No one was enthusiastic about my plan. The major stumbling blocks are IP phones and overall throughput. Fortunately I have some time before making a decision, so perhaps wireless technology will catch up to my plans. The wireless QoS session was particularly interesting; once enough endpoints support the needed features the all-wireless campus could become a more realistic option.

This being John Chambers' final Cisco Live was quite bittersweet. The CCIE/DE NetVet reception was less of the "State of the Union" that we had in prior years, and more of a "Farewell to John". Cisco Live won't be the same without him. All attendees had the opportunity to take a picture with John. Here's mine:

Denise Donohue also organized a congratulatory card for John that many of the CCIE NetVets signed. Here is my picture of the card. There is a lot of "CCIE Royalty" in the signatures, if you look closely enough :)

October 2015 Class Update

I relocated my October 2015 CCDE Practical class from Dubai, UAE to Orlando, Florida USA. For anyone who is interested in attending, please take a look at the class registration page. Moving the class allows me to once again offer this training to remote attendees. If travel to Orlando is difficult, please consider this option.  I am excited about returning my class to Orlando this fall, and I can't wait to see many of you there!

It is becoming clear that candidate demand for the CCDE certification is higher than ever, and Cisco is putting some muscle behind the certification internally. I've had a number of recent Cisco students explain to me that their immediate managers are steering them toward the CCDE rather than additional CCIE certifications because this cert aligns better with the Systems Engineering role. At Cisco Live I spoke with several CCDE team members including Elaine Lopes (CCDE/CCAr Program Manager) about the certification. I will be incorporating that information into my next CCDE overview session scheduled for August 1st, 2015. If you are a student of mine before sure to email me so I can send you a Webex invitation for that session.