Thursday, May 12, 2016

That Time I Taught My First CCDE Training Class

I recently noticed a great infographic floating around the inter-webs regarding the Imposter Syndrome:

It struck me that:

  • Everyone I’ve had a meaningful conversation with on this topic has admitted to suffering from this affliction
  • No one thinks anyone else suffers from this affliction

And I do mean it -- I have spoken with dozens of people about this topic, from all walks of life. The very best network architects I know may even suffer from Imposter Syndrome to a greater degree than less experienced members of the industry. Perhaps this is a factor in their success; they never feel like they belong (technically), so they continue to study technology and achieve certifications in a quixotic attempt to finally feel like they have accomplished ‘enough’ to fit in.

And perhaps no one experiences this as much as I do. [See what I did there… I fell into the very trap that everyone else falls into, thinking that I have it worse than the rest with regards to this affliction]. The logical, calculating portion of my brain knows this is a farce. I have lots of great experience, many successful CCDE students and multiple high-level certifications that should provide proof of my abilities. In fact, they do, to everyone but myself.

So what does this have to do with my First CCDE Training Class (the title of this blog post)? I’m sure you can guess.

About a year after I earned my CCDE certification, I found myself in a classroom, tasked with teaching a group of network engineers how to prepare for the CCDE Practical exam. Well, they weren’t just a ‘group of network engineers;’ they were a self-selected class of fifteen Cisco SEs and NCEs. We began the class in traditional fashion, where I introduced myself and then gave each participant a few moments to do the same. As I recall, every member of the class had at least one CCIE certification, and in total there were over 40 earned CCIEs in the room. Only one of those was mine... Talk about the Imposter Syndrome! As one candidate briefly summed up his background (two Cisco Press books published, developer of the CCIE DC exam, etc, etc) the thought occurred to me — "I got lucky, passed a tough exam, agreed to teach a class I had no business leading, and now I’m going to melt into the floor at a Cisco office in Chicago once this class realizes I’m a fraud."

Fortunately, this class was full of extremely kind and patient students. The materials 
provided by the training vendor were not sufficient to help prepare the class, so I spent several late nights during the week preparing additional case studies. At the end of the week one of the students kindly photocopied my handwritten composition notebook to share with the class. A handful of class members had already attempted the exam and they had specific strategies that they wanted me to help them work through. One wanted to go through a merger scenario, so we worked up something on the whiteboard. As we proceeded through the various topics and designs that could be on the exam, we occasionally reached a topic that I had difficulty teaching. Each time one or another member of the class stepped in to guide the discussion.

At the end of the week, I thanked the class for allowing me the opportunity to assist them with their pursuit of the CCDE certification. I remarked that they had been an incredibly patient group and they had made me, a first-time instructor, very comfortable. Immediately several students expressed surprise that I wasn’t a seasoned teacher. Each of them remarked about how at ease I appeared during the class and how well I handled such a difficult group. My internal read on the situation was exactly the opposite of theirs. Several months after the class concluded, I began to receive emails from students thanking me for the assistance I provided, and letting me know about their success on the CCDE Practical exam. By my count, five of the seven students who ultimately attempted the CCDE Practical passed after our class.

You would think this experience had put my mind at ease, and teaching future classes would be much easier. Well, I’ve taught well over a dozen week-long CCDE bootcamps, and many more online classes, and I still get nervous before I introduce myself at the beginning of each session. The Imposter Syndrome is a part of my professional life, and I’ve come to accept it. In fact, I count on it to ‘keep me hungry,’ so I continue to study the various technologies involved in network design just as I did in 1997, when I truly did not know anything about networking.

I do in some ways fear that as the Imposter Syndrome is more openly discussed, it will become less prevalent. This could have the unfortunate effect of causing overconfidence, where everyone who knows about this syndrome thinks they suffer from it, even when they are, in fact, under-informed about their chosen craft. I somehow doubt this will be an issue except for the small minority who never actually had the condition to begin with.

Here are a few more references to Imposter Syndrome from @aliciatweet. She appears to be the source of the image at the top of this post, or at least the original infographic that this was based on:

Jeremy Filliben is a network architect and CCDE instructor. He has assisted over 80 students in their successful pursuit of the Cisco Certified Design Expert designation. His next CCDE Practical Bootcamp class is scheduled for July 25th. More details can be found on his website at

Friday, May 6, 2016

Is Network Design an Art?

I get a little worked up when I see network designers describing our craft as an ‘art.’ I understand where the thought comes from; there is certainly a level of creativity required to arrive at an optimal network design for a given set of constraints and business challenges. It is nevertheless my opinion that we are working within a science, not an art. The key differentiator is whether we can judge one network design to be superior to another. With the traditional arts, it not objectively possible to say one song/painting/movie is ‘better’ than another. We can measure them on various points (Rotten Tomatoes [link] scores for movies, sale price for paintings, etc), but how any one individual perceives an artist’s creation is not open to debate. I like Dumb & Dumber more than Casablanca, and no amount of objective information is going to change my mind! 😃 

This is not true with network design. If two network designers review a set of business and technical requirements, they may generate unique proposals. When this occurs, invariably one or more of the following are at the root of the disagreement.

A) They interpreted the requirements differently, or the requirements were defined well enough

With good network designers, this is often the root cause. It is possible that they did not receive the same requirement information. More often, one of the engineers overlooked a key piece of information, such as a customer preference or existing technology choice that must be taken into account. If the requirements were not well-defined, assumptions must be made. These assumptions become quasi-requirements, which lead to different solutions.

B) Have differing personal opinions on the implementation details of a solution

Also known as ‘practical experience’ — These are the biases that we have developed over the years of deploying and managing technologies. Pretty much every network engineer has a preferred IGP, for example. Perhaps you have worked more often with OSPF networks, and therefore you are more comfortable using it to solve most problems. That does not make it the right choice for every proposed network design. This point of disagreement can also result from negative experiences, especially as they relate to implementation-level problems. Remember that Cisco OSPF in IOS-XR bug that kept you up for several consecutive nights, or the time IS-IS ‘blew up’ for you because you added a Juniper router to a Cisco network (hopefully not real examples for you). While implementation-level details should factor into real-world designs, do not let them talk you out of the correct technology solution (especially on a CCDE exam, hint hint).

C) Do not share the same knowledge base / understanding of the design elements

This is the category of disagreement related to the knowledge of our network designers. If one engineer proposes an IS-IS solution, and the other engineer has no experience with the protocol, there is very likely to be a disagreement.

For humble network architects, this should not be a problem. We all have our areas of expertise, and I can assure you no one is an expert in all possible technologies. Those technologies with which I have less practical experience can still be valid solutions to a problem. It is my responsibility as a network architect to have a solid understanding of these options, and if one appears viable I must put in the time to study it to see if there is a place for it in my proposal. I recommend knowing enough about each networking technology to answer the following questions:

1) What problems can it solve?
2) What are the pre-requisites?
3) How well can it scale?
4) How manageable is the resulting design?

That short list is in my experience sufficient to know when/where a technology can be useful. I can quickly rule out those that won’t fit (for example, if L2 adjacency is required, I can rule out L3VPN) and then spend time researching the remaining options to find the best answer.

Note that none of these points of disagreement allow us to develop unique, equally-valid solutions to the original problem.  Perhaps in the simplest cases it does not matter if we choose OSPF or EIGRP as our IGP, but with enough probing we should be able to find information that leads us to one specific solution. Maybe we could ask the following questions:

1) Are you concerned with vendor lock-in?
2) What is your convergence requirement?
3) Does your support team have operational experience with either protocol?
4) To what size do you intend to scale the network?
5) Might you deploy dynamically-calculated MPLS-TE tunnels in the future?

After getting honest answers to these questions, two network designers should be able to come to an agreement on the correct IGP.

BTW, I am not disagreeing with the core tenet of Art of Network Architecture, and not just because Russ and Denise are two of my favorite people in networking. The point I am making is that there is a difference between network architecture and design.

Jeremy Filliben is a network architect and CCDE instructor for Pristine Packets. Details about his training can be found on his website, Jeremy has trained over 80 CCDEs in his 7 years in the industry. 

Monday, November 30, 2015

Over 300 CCDEs Worldwide

CCDE Program Update

Congratulations to my students who successfully completed their CCDE journey this year. I am currently aware of 18 passing results for the year, but I haven't heard from all of my students quite yet. I suspect a few are still celebrating their accomplishment. For those candidates that were unsuccessful (whether they are students or not), understand that achieving an Expert-level Cisco certification is a process. The rumored pass rate for Expert-level exams is around 20% per attempt, so it is not unexpected to face adversity in your path to certification. If you attended my bootcamp, think back to my instructor introduction discussion... One of the most important steps in passing a Cisco exam is often failing it first.

Now that the 2015 CCDE testing cycle has ended, we can announce that the total number of Cisco Certified Design Experts is 304, minus any that have let their certification lapse. We saw only 51 total CCDEs certified this year, which is lower than in previous years. Without knowing for sure, I attribute this to a particularly difficult exam cycle, especially the August exam. According to Cisco the candidate volume has been steady. I think this bodes well for 2016.

Personal Update

Speaking of recertification, I was fortunate to have passed my CCDE recertification exam a few weeks ago. This brings me to a pair of personally-significant milestones. I am now sure to make my 20-year CCIE anniversary in 2018, and I am also certain to reach my 10-year CCDE anniversary in 2019. I have no intention of abandoning my networking efforts, but it is comforting to know that if I circumstances change I will still reach those two goals.

That said, I am still as interested in networking today as I ever have been. It's hard to believe that in a world of such rapid technology change, Cisco has been an integral part of my networking career since the beginning. So many of the competing vendors from the early days (Cabletron, Synoptics, etc) have faded away, and new ones have come and gone often. I suppose I'm trying to say that although I have been in networking for half my life, I am still amazed and challenged by the field. With regards to Cisco technology, I do not intend to take advantage of the CCIE Emeritus anytime soon. Nor would I use a CCDE Emeritus program if one were created, although I think that is an unlikely development.

I have a few other professional updates I'll be sharing in future blog posts, but I'll keep this post short so readers can get back to their studies :)

Training Update

I am eagerly looking forward to helping more students achieve their CCDE certification goals in 2016 and beyond. Several students asked that I publish a training schedule for the year so they can better plan their 2016 training schedule. Here is my schedule of 2016 classroom training:

April 18-22, 2016 - Orlando, Florida - April Registration Link
October 17-21, 2016 - Orlando, Florida - October Registration Link

As you may notice, my students have shown that they are more interested in attending classes in Florida than in the other locations I have offered in the past. Perhaps it is the ability to extend their travels and visit Disney World or the Florida beaches. It certainly is an easy location to travel to, regardless of your point of origin. If you have another location in mind, and a group of students who are sure to attend, let me know and I can add another class to the schedule. As always, all classes are available for remote Webex attendance as well. After my most recent training a remote attendee commented:

"By the way the class you put on was the best training I have ever attended."

I appreciate the sentiment, and those of my other students. It is great knowing that Webex attendees are on equal footing with classroom attendees. This was my fear when considering offering a remote learning option, but with the help of few friends (especially Ivan and Ethan) I found technology solutions that work for both types of students.

If taking a week-long break from your normal work duties isn't possible, you can attend my self-paced training. I recently added two new CCDE practical scenarios to the four previous ones. These exams were developed based on student feedback and cover additional network designs. My students now receive access to all six exams. If you are a current student who hasn't passed the CCDE practical exam, send me an email and I will provide you the additional content at no cost.


Tuesday, September 29, 2015

Fall 2015 Training Update

Fall is upon us in the Northern Hemisphere. The weather is getting cooler in my hometown, so it is time to head down to Central Florida for my next CCDE Practical Bootcamp class :)

Training Update

My next bootcamp class will include two all-new practice exam scenarios! I have been hard at work incorporating feedback regarding my previous practice exams and the notes of my beta tester (Thank you MD!). I am confident I will have them completed in time for class during the week of October 19th. Provided the classroom feedback is positive, I will review them for online students at the next review date (see below). If you are interested in attending my October bootcamp either in person or online, please take a look at the class web page.

The next live review of my CCDE practice exams is scheduled for Saturday October 24th (AmericaTel and MetalWorks) and Saturday October 31st (two new exams -- BrasCom and Canadian Fitness). Both review sessions will begin at 8am Eastern Daylight Savings Time. This is slightly early than prior start times, so returning students will need to adjust their schedules. If you are a new student and want to attend, please register for the sessions via the Online CCDE Practice Exam training page. For those who remember separate Online vs Self-Paced practice exam training, please note that I've combined the registration for the classes. There is no difference in content between the sessions and all students are welcome to attend the Webex recording sessions. Current students should send me an email to get on the Webex invite list.

Professional Update

I have been involved in several new and interesting projects for my primary customer network. WAN encryption, Performance routing enhancements (now IWAN) and IPv6 testing are all on the list or have already been completed. I hope everyone has heard that ARIN has given out its last IPv4 prefixes. If you haven't started with IPv6 in your Enterprise, please do not wait any longer. You can be the hero who saves your organization from getting too far behind the rest of the world :)

Is anyone else deploying IPv6 at an enterprise? I am interested to hear about your approach. My strategy thus far has been to start with VPN, then move on to web hosting. Cisco AnyConnect is a great starting point for IPv6, and I suspect it will be one of the first requirements for IPv6 access. We are now providing IPv4 VPN over IPv6 transport. It works well, although the default behavior of the client appears to be to try IPv4 first, then fallback to a AAAA record for the same DNS entry. I've had to disable IPv4 access on the client side to force AnyConnect to use IPv6 for transport.

Tuesday, July 14, 2015

Cisco Live Recap and October CCDE Class in Orlando

It has been a bit over a month since Cisco Live wrapped up. Immediately after it ended I embarked on a family vacation, and I'm just now getting my thoughts together.

First, thank you to everyone I got a chance to meet and speak with this year. My favorite parts of Cisco Live are catching up with former colleagues and students, and making new connections with other networkers. This year Cisco graciously invited me to record some video on my thoughts about the future of networking, some of which was displayed during the Keynote presentations. Take a look at the Opening Keynote and the Luminary Keynote on for my opinions on the value of Cisco Live and the pace of change in IT.

I had two technical goals this year. One was to learn as much as possible about updates to Performance Routing. I attended two PfR sessions and I had an hour-long Meet The Engineer with Jean-Marc Barozet where we covered my primary use case. Unfortunately my requirements are not met by PfR3, so I'll be sticking with PfR2 for the foreseeable future. Jean-Marc was sympathetic to my requirements and took some good notes, so I am hopeful that my needs will be met in a future version. As I see it, Cisco removed quite a few configuration knobs between PfR2 and PfR3. I suspect this is to address competitor's claims that Cisco's version of SDN is too complicated (and maybe end users' complaints as well). I'd much rather have the knobs!

My second technical goal was to learn more about wireless LANs. My primary network uses a lot of Cisco WLAN gear. We are also nearing End-of-Life of much of our LAN gear. I would like to migrate the vast majority of my end users to wireless-only connectivity. My sessions and conversations during Cisco Live have given me reason to reconsider this. No one was enthusiastic about my plan. The major stumbling blocks are IP phones and overall throughput. Fortunately I have some time before making a decision, so perhaps wireless technology will catch up to my plans. The wireless QoS session was particularly interesting; once enough endpoints support the needed features the all-wireless campus could become a more realistic option.

This being John Chambers' final Cisco Live was quite bittersweet. The CCIE/DE NetVet reception was less of the "State of the Union" that we had in prior years, and more of a "Farewell to John". Cisco Live won't be the same without him. All attendees had the opportunity to take a picture with John. Here's mine:

Denise Donohue also organized a congratulatory card for John that many of the CCIE NetVets signed. Here is my picture of the card. There is a lot of "CCIE Royalty" in the signatures, if you look closely enough :)

October 2015 Class Update

I relocated my October 2015 CCDE Practical class from Dubai, UAE to Orlando, Florida USA. For anyone who is interested in attending, please take a look at the class registration page. Moving the class allows me to once again offer this training to remote attendees. If travel to Orlando is difficult, please consider this option.  I am excited about returning my class to Orlando this fall, and I can't wait to see many of you there!

It is becoming clear that candidate demand for the CCDE certification is higher than ever, and Cisco is putting some muscle behind the certification internally. I've had a number of recent Cisco students explain to me that their immediate managers are steering them toward the CCDE rather than additional CCIE certifications because this cert aligns better with the Systems Engineering role. At Cisco Live I spoke with several CCDE team members including Elaine Lopes (CCDE/CCAr Program Manager) about the certification. I will be incorporating that information into my next CCDE overview session scheduled for August 1st, 2015. If you are a student of mine before sure to email me so I can send you a Webex invitation for that session.


Wednesday, June 3, 2015

Cisco Live 2015 is Here!

Congrats to my 70th successful CCDE student, Greg P.! Greg attended my most recent CCDE Practical Bootcamp in Orlando, Florida. He is among six students who passed the exam during the May 19th exam date. Congratulations to all of you, and good luck to those who are planning to take the exam later in 2015. For those who passed, please consider joining the LinkedIn Group for certified CCDEs. It is a low-volume group exclusively for discussions amongst CCDEs. Over half of all active CCDEs have joined, so you will have access to an incredible amount of Cisco design knowledge. Recent discussions have centered around the CCAr program and IPv6 deployment. Don't miss out on the fun!

Cisco Live San Diego

After a one year absence I will be back at Cisco Live this year in San Diego (Please Cisco, don’t ever hold Cisco Live in May again; it is too difficult to travel at the end of the school year). I can’t wait to meet up with old friends and meet new ones. I will be attending the CCIE/DE NetVet reception with John Chambers (for the last time, how bittersweet) and new CEO Chuck Robbins. I will also be at the CCIE/DE party on Tuesday evening. If any of my CCDE students (past, current or future) needs a date to the party, let me know and I will get you in (first come, first serve; I only get one guest). If anyone wants to discuss the CCDE program or my training while in San Diego, please reach out to me via email or Twitter (@jfilliben) so we can catch up. The CCDE program is closing in on 300 certified individuals, which means I am 100% confident that it has ‘caught on’ and will continue to grow like the CCIE R/S, Voice and Service Provider programs. Now if only Cisco will do something on the partner side to increase the value of this amazing certification. I’ll dig around for news and rumors at Cisco Live. If you will be there be sure to let me know so we can meet up. I plan to spend time at the Social Media area, and I will also attempt to be at the New Attendee meet-up on Sunday (I volunteered to be a mentor to a new attendee this year).

Upcoming Training

If you are looking for CCDE training, my next five-day CCDE Practical bootcamp class is scheduled for the week of October 18th in Dubai, UAE. This will be my final classroom training event of the year, and unfortunately I won't be able to offer it remotely from this training location. If that date or location is inconvenient for you, my Self-Paced Online CCDE Practice Exam Training is always available to suit your schedule. I have also scheduled a refresher Webex for August 1st for any of my students who are preparing for the August 19th CCDE Practical exam date. Send me an email if you would like to attend.

If you need convincing to attend my training, take a look at this sampling of student feedback from 2015:

“I just wanted to drop you a quick note to thank you for the bootcamp in April. It was a great experience. I took the CCDE practical exam on May 19th and passed. I am now CCDE 2015xxxx”

“I would like to share with you that I achieved my CCDE yesterday! I am very happy!!! Thanks for your class, it helped me a lot to have the overall impression of the exam. It made it more clear.”

“Just want to let you know that I've passed the exam! Thank you for the insights and hints to find the answers. Really appreciate the course.”

“I was about to write you an email and say a big 'thank you' to you. You helped me a lot to pass this exam. I appreciate it and never forget it.”

“Jeremy, You now have 55 students that passed.  Thanks for the great material!”

Interesting Projects

I’ve been working on a number of new projects for a Fortune 500 financial company. I plan to write a few blog posts detailing the design aspects of these projects. Here is a short list. If you have any specific interest in hearing about these, let me know which one(s) to prioritize:

Cisco iWAN deployment - Encrypted DMVPN over the Internet and carrier L3VPN. I started on this before iWAN was published, so I thought it was quite innovative. Now that Cisco has caught up to and passed me on this technology I am playing catch up. :)

AnyConnect over IPv6 - Deploying AnyConnect over IPv6 Internet for access to IPv4 resources

WAN Core Separation - Splitting up a WAN core consisting of two locations into individual IGPs and BGP ASNs. If you’ve read my blog long enough (or scroll waaaay back) you will remember when we reduced the core from three -> two locations. This project will take us to the logical conclusion. I have a Meet The Engineer scheduled at Cisco Live to work out the details concerning Performance Routing for this new design. I expect this project to occupy a large amount of my post-Cisco Live work attention :)

Campus LAN Refreshes - Is it time for white box switching in a large L3 campus? Does Meraki scale to the required size? Or is it time for my dream of an all-wireless campus LAN (probably not yet, but soon)?

Thanks for reading this far.. Please let me know what interesting projects you are working on; I am always on the lookout for new ideas.


Tuesday, May 5, 2015

Upcoming Training Classes

Last week I was in Orlando, Florida, where I taught my eleventh CCDE Practical bootcamp class. Thank you to all of the students who traveled to Orlando to attend the class, as well as those who braved the many hour time differences and attended remotely. It was great to have all of your experiences and questions during the class. My online students and I also recently completed a review of our four CCDE practice exams over the last two weekends. These online training events are open to all of my students, until they pass the CCDE Practical exam. For those taking the exam on May 19th, good luck. I can't wait to add more names to my list of 63 successful students!

My next CCDE Practical bootcamp will be held in Dubai, UAE, the week of October 18th. Details can be found at this page, and registration is now open via Eventbrite. Dubai is beautiful in October; we will be there just after the summer heat has begun to dissipate. During my last class in Dubai I had the opportunity to tour the Dubai Mall, the Burj Khalifa and the Madinat Jumeirah resort. It truly is an amazing city. More details concerning my last class can be found in this blog post. Unfortunately due to the timezone and venue challenges I will not be able to offer remote access to my October class.

If travel is an issue, or you can't spare a week away from work to attend training, I am continuing to offer my self-paced CCDE practice exam training. With this class you get same-day access to my four CCDE practice exam scenarios, as well as access to my CCDE overview training and the instructor-led exam review sessions. I regularly update the content of these exams to reflect feedback from my students and to align with public news regarding the CCDE Practical exam. Feedback for this training has been great; a former student gave me a nice compliment in his blog, Thanks Ken!

If you are going to be at Cisco Live in San Diego, let me know so we can catch up and say hi. It is certain to be an interesting Cisco Live, considering the recently-announced CEO transition at Cisco. Chuck Robbins sure has large shoes to fill! I wasn't able to attend last year, so I signed up for a full slate of technical sessions. I even plan to slip into the self-paced labs as time permits to test some of my configuration skills. I still work on production networks every day, but we do not use every possible technology so lab time is greatly appreciated (and anticipated!).