Another great session happened today – thank you so much to everyone who attended π
Attached as usual are the slides – feel free to reach out to me if you have questions π
What lab topics should we cover next?
Another great session happened today – thank you so much to everyone who attended π
Attached as usual are the slides – feel free to reach out to me if you have questions π
What lab topics should we cover next?
Christian strikes again!
And whatβs that shiny new badge he’s showing off today?
Another PaloAlto Badge?
Does this man have a personal life or is he a 24/7 learning AI?
Didn’t he share one a day ago?
That’s right – Brace yourselves, because this time itβs the new #PaloAltoNetworks Cybersecurity Practitioner badge thatβs been unlocked! π₯³
Yes folks, you read that right β Iβve officially leveled up with the Practitioner Exam – that makes 2 Palo Exams in 2 days!
That came out of nowhere for some of you, right? π
Boy, do I LOVE surprises as much as you do π
Don’t worry – still also going after my JNCIE’s at full throttle (after all I still have to get the last 3 of them) π
But seriously, this exam was more than just fun β it was a deeper dive into the complexities of cybersecurity in the real world.
Itβs the perfect mix of general security theory and Palo Alto’s Portfolio.
For anyone eager to elevate their game in the industry this exam is the way to go!
And I’m sure there’s more to come so who’s ready for a learning group? π
The Team did an AMAZING Job with these 2 exams and I literally cannot wait until the next one comes out (boy I hope there will be a next one).
For those (still) thinking, βWhy bother when youβve got a JNCIE-SEC under your belt?β β I say, why not? π
Itβs all about continuous growth and pushing my boundaries.
Every cert is a step forward, and each one adds a new layer of knowledge and skills.
The badge is just a way of saying “I’ve studied, I know how to do this – and now I have proven it”!
So, hereβs to staying curious, stepping out of your comfort zone, and never settling! πͺ
https://www.credly.com/badges/c9848315-c0c4-43ba-97c4-685200e70373/public_url
Aha – Christian got a new Badge!
But wait?
What’s that?
Not a Juniper Badge?????
This must be it – his account has been pwned for sure, right?
DEFCON-1 FOLKS – FREAKIN DEFCON-1!!!!!
Nope – don’t panic – back to DEFCON-5 – I’ve tried something new that I always wanted to try but never focused on – until now π
I’ve been fortunate enough to try the new #PaloAltoNetworks Cybersecurity Apprentice Exam (passed yesterday) and boy was that a fun one π It not only covers Palo-specific content but rather provides a broad and unique view of security in the networking field and gives a great overview of the extensive spectrum, that a Sec-Engineer has to deal with every day. Additionally, the examβs format encourages critical thinking and problem-solving – both are essential skills for anyone becoming a security professional. Overall, itβs an excellent investment in your professional development and a great way to validate your expertise in the field.
I can personally highly recommend this to anyone starting their security journey π
And while some people might think “Big wow – a JNCIE-SEC doing an apprentice exam so what?” – I’m still proud of every little cert I have done throughout my career and will continue to broaden my understanding of our industry across all vendors. Getting out of the comfort zone is extremely important for anyone wishing to be a successful engineer. Brace yourselves – there’s more coming π
As promised, here is the SLidedeck from today’s session π
What should we present next for the use of EVE-NG and Juniper?
Would deploying EVE-NG as a VM (in various flavors) be interesting?
EVE-NG on proxmox? (although I need to check if this works)
vJunos-Switch + vJunos-Router running in EVE-NG connecting to the MIST-Cloud?
Let me know what you think π
As always, thanks for joining – you folks ROCK π
Taking Tuesday’s JNCIE-ENT exam was an experience I will never forget.
From the moment I entered the virtual testing center (because sadly it’s still 100% remote only), I felt a mix of excitement and nervousness. The months of rigorous preparation, countless hours spent in my room, going over the documentation again and again, and endless practice labs all led to this moment. The nervousness kicked in way before Tuesday but had its peak the evening before (as usual). Although I am always the one telling others to not make the mistake of a day before the exam of going over topics again, I found myself learning the very day before because I thought I might need some finishing touches which honestly wouldn’t make a difference but it calmed me down a bit).
As the exam began, I was immediately immersed in the complex scenarios and configurations that make the JNCIE-ENT one of the most respected certifications in the networking industry. Each task required deep knowledge, fast execution (after all you only have 6 hours instead of 8), and an ability to think critically under pressure. The adrenaline was pumping, and I found myself in intense focus, determined to solve each challenge presented. My course is to always go for the “100%” – which led to failure in the attempts before as I wasted precious time-solving problems that I wasn’t asked to solve but solved anyway – silly, right?
Throughout the exam, I was constantly reminded of why I chose to pursue this certification. The complexity and depth of the material were not just a test of my technical abilities but also a testament to the real-world applications and problem-solving skills that are essential for any E-Level network engineer and which I deal with every day. The exam environment, while demanding, was also incredibly rewarding. It was a true measure of my capabilities and a chance to prove my expertise in real-world scenarios and not just tasks that no one would ever perform in the real world just to have them in for the sake of the exam. Another reason why I LOVE JNCIE Exams. No Question tries to trick you – it’s a true skill exam.
After completing the exam when the adrenaline began to vanish, and a wave of exhaustion set in, the hours of concentration and mental exertion had taken their toll, and I felt both relieved and drained. However, this was just the beginning of another challenging phase, one that is always the toughest if you ask me β the waiting period.
Anyone who has taken any E-Level exam from any vendor knows that the wait for results can feel like an eternity. Every candidate experiences the anxiety and anticipation that comes with waiting for the final result on their performance. It’s a unique kind of suspense, where every day feels like a week and every thought revolves around the possible outcome. The uncertainty can be overwhelming, and it requires immense patience to endure. Have I failed? Have I succeeded? Constantly thinking about these 2 questions and hoping that this very mail soon pops up (hopefully with a big PASS in the email header). Thankfully, Juniper is known for efficiency in evaluating exams, and they typically provide results within just five business days. While this is an impressively short turnaround time, it can still feel like an age when you’re on the edge of your seat, eagerly awaiting news that could significantly impact your professional future. The speed at which Juniper operates is commendable, and it certainly helps to take some of the stress associated with the waiting period away.
As I sit here reflecting on the entire experience, I can’t help but feel a HUGE sense of gratitude. I am thankful for the opportunity to take such an exam – most folks have to pay for it themselves, while I have a GREAT employer who supports me and helps with this “burden”. I am especially grateful to the proctors and the entire Juniper team for their professionalism and dedication to maintaining the highest standards in the industry. The proctors are always super helpful and try to be as calm as possible – which helps me a lot. The exam was not only a test of my skills but also an incredible journey of learning and growth I have undergone.
Now, as I await the results, I remain hopeful for a positive outcome. Regardless of the result, the experience itself has been invaluable, and I am proud of the effort and determination I put into preparing for and completing the JNCIE-ENT exam. Here’s to hoping for the best and continuing to strive for excellence in the field of networking.
Thank you, Juniper, for a remarkable exam experience, outstanding proctors, and the fast evaluation process. This journey has been unforgettable, and I look forward to the next steps in my professional development. And once the ENT is “clear”, I can go for the final 2 Exams: DC and SP.
You know me – I still have so much to learn – and I’m just getting started π
UPDATE 30.05.2024:
Unfortunately, I didn’t make it this time.
So I will now focus on the areas in which I lost the most points and then go for it again π
As we traverse the expansive landscape of network protocols, one stands out as a cornerstone, like the granddaddy of routing: OSPF, or Open Shortest Path First.
Its dynamic nature and robust features make it a vital component in the toolkit of any network engineer.
OSPF isn’t just another routing protocol; it’s a dynamic routing protocol designed to adapt to changes in network topology with lightning speed. Understanding OSPF isn’t merely about memorizing commands – it’s about grasping its underlying principles and applying them. One of the favorite reasons I like OSPF is its IPv6 capability β making it ideal for small, medium, and large enterprises. Setting it up in a basic manner is simple and helps the Admins immensely, but once networks get bigger, it can get a bit more complex β especially when other protocols such as BGP are also present.
As many of you know, Iβm currently prepping for my JNCIE-ENT exam. It requires a comprehensive understanding of OSPF. But fear not, for armed with Juniper’s resources, we are equipped to conquer this challenge. From understanding OSPF areas and types to mastering its adjacency formation, every aspect is meticulously explored on our quest for eternal mastery β or something like that π
One of OSPF’s defining features is its hierarchical structure, facilitated by areas, allowing for scalability and efficient routing. Whether it’s Type 1, Type 2, or Type 3 LSAs (Link State Advertisements), each plays a crucial role in OSPF’s operation, and mastering them is key to success in the JNCIE-ENT exam.
Letβs have a look at the areas:
Backbone Area (Area 0):
The Backbone Area serves as the core of an OSPF network. All other areas must connect to the Backbone Area, making it the foundation for OSPF routing. It ensures connectivity between all areas within the OSPF domain.
Standard Area (Non-Backbone Area):
Standard Areas are areas within an OSPF network that are not designated as the Backbone Area (Area 0). These areas are interconnected via the Backbone Area, facilitating routing between different OSPF areas.
Stub Area:
Stub Areas are areas where routing information is simplified to reduce routing overhead. In a Stub Area, routers only maintain a default route to reach external networks, leading to a smaller routing table and improved scalability.
Totally Stubby Area:
Similar to Stub Areas, Totally Stubby Areas further simplify routing by allowing only a single default route to be advertised to routers within the area. This greatly reduces routing table size and complexity.
Not-So-Stubby Area (NSSA):
NSSAs are areas that allow for the introduction of external routes (routes learned from other routing protocols or redistributed routes) into OSPF without requiring full OSPF routing information. NSSAs use a special type of LSA, called Type 7 LSAs, to advertise external routes within the OSPF domain.
Not that hard, right? Well β true, but thereβs something else called an LSA-Type that you need to remember. Letβs have a look at that as well:
Type 1 (Router LSA):
Generated by every OSPF router for each area to which it belongs, Type 1 LSAs contain information about the router itself, including its interfaces and neighbors within the same area.
Type 2 (Network LSA):
Generated by the Designated Router (DR) for each multi-access network segment, Type 2 LSAs describe the network segment itself, including all routers connected to it.
Type 3 (Summary LSA):
Originating from Area Border Routers (ABRs), Type 3 LSAs summarize inter-area routes, providing information about networks from other areas. A single Type 3 LSA can represent multiple Type 1 and Type 2 LSAs from other areas.
Type 4 (ASBR Summary LSA):
Also generated by ABRs, Type 4 LSAs provide information about how to reach Autonomous System Boundary Routers (ASBRs) within an OSPF domain.
Type 5 (AS External LSA):
Generated by ASBRs, Type 5 LSAs advertise routes to networks external to the OSPF domain. These LSAs allow OSPF routers to learn about routes to destinations outside of the OSPF domain.
Type 6 (Multicast OSPF LSA):
Historically used for Multicast OSPF routing information, Type 6 LSAs are now considered obsolete and not used in modern OSPF implementations.
Type 7 (NSSA External LSA):
Exclusive to NSSAs, Type 7 LSAs are generated by ASBRs within NSSAs to advertise external routes. Type 7 LSAs are converted to Type 5 LSAs by the NSSA ABR before being propagated into other areas.
My problem was/is that I know the LSAβs and Areas, but often struggle way more than I should with combining them in the most effective way. Iβve spent the last weeks and months mastering OSPF β compared to a colleague, who struggles with BGP β I guess every engineer has stronger and weaker protocols in his memory β but thatβs what makes this job so unique and interesting π
Redistribution, another cornerstone of network design, enables seamless integration of different routing domains. Juniper’s SSB study material equips us with the needed knowledge to redistribute routes optimally, ensuring consistent reachability across our network. The SSB (Self-Study-Bundle) has some really good Labs for this task if you ask me – and the JNCIE-ENT is a very fun and solid exam π
Who said that adam was the first being created by god?
I found this antique (okay 3D-printed fresh off the printer) model of Marvis – do you believe us MistFits now when we say that Marvis is our Lord and Savior and is as old as time itself? π
FAQ:
Yes – This sculpture really exists (no April fools)
Yes – this is a birds-nest for obvious reasons…
Yes – reach out to me if you want the STL-File π
And YES – we do have a LOT of fun π π
Great News Folks π
I’ve joined a very exclusive group of people united under the banner of Juniper Mist (praise Marvis, our robotic overlord, and savior) to show you all how awesome the solution has become. As you know, I’m working every day (and night) with the MIST System (mostly Campus Fabric with the EX and SD-WAN with the SRX) and it makes life as a network engineer/architect so much easier.
The new group also has a brilliant name: MISTFITS!
I’m very excited and thankful for this opportunity as some really BIG Names known in our Industry also joined – but we don’t want to spoil all the fun, do we? π More info coming soon – stay tuned π
As you might have heard, last week HPE and Juniper told the world, that HPE will be acquiring Juniper.
Nothing more, nothing less.
And yet, for some folks this was a clear sign, that ravens would flood the earth, Jehovah was coming and the world would end… Again: without knowing even a single detail of what will happen. It was just the headline “HPE will acquire Juniper”. I was (and probably still am) one of the very very few folks who genuinely believe that competitors should start to shit their pants right now because this new company will probably be the next leader in every space, taking a LOT of customers away from them. Unlike the “A&C Deathbringers” spreading a lot of misinformation already (probably because they are really really scared) I think this new company will shine in the networking space. Imagine a HUGE portfolio, fully AI-powered, covering EVERY field of networking and with access to not only network but compute and storage as well: M-I-N-D-B-L-O-W-I-N-G!
Both companies have a successful portfolio and both benefit from the other’s expertise. Will we see some products vanish? Who knows because exactly: It’s still to freakin early to tell…
We will probably see some new (AI)products, solving problems that we think are unsolvable today.
A lot of you reached out to me, asking me how I feel about the situation, asking If I am okay (that was really sweet – thanks) asking if I will continue my Journey towards my “All JNCIE” and most importantly:
Does it still make sense to get certified for any JNCI-A-S-P-E? (Got that question SO MANY TIMES)
Well: Getting JNCIS-MistAI-Wired certified earlier today (a really solid exam by the way – GREAT Job Folks) and signing up for my next JNCIE-ENT attempt hopefully shows my point of view.
Nothing has changed!
DAMN RIGHT I’m still following this goal – and why shouldn’t I?
And why should you stop getting your Juniper Certification?
Has anything changed? Not really
So why should I / should you worry about unlaid eggs?
Why should anyone think about every possibility that might happen, wasting our precious lifetime with scenarios that probably will never even become reality?
Folks – just breathe π
Let’s just wait for what will happen. Even if something happens in 2-3 years – can we change that?
Not really – so why waste energy on that (now)?
Even if your JNCI-A-S-P-E or your beloved device gets “cut” – do you lose the knowledge about the protocols?
The knowledge about the mechanisms of networking?
Not really. Remember: Juniper certifications are one of the most valuable in the entire networking community for a reason: because they are veeeeeery close to the daily work and the tech itself. As you can see in most blueprints, the exams all focus a LOT on the actual gears running behind the protocols and don’t just ask you “How does Juniper do this, that, these, those” – sure there are some questions about JunOS, the cli or a certain Juniper based GUI in some exams – but the concepts, the tech, the protocols are the same for Juniper, for Cisco, for Aruba, for Arista and what not.
Put me in front of ANY Device (assuming feature parity):
Sure It will take longer for me to check how the syntax is applied but without sounding cocky I bet every nickel that I have that once I’m finished, your device will do exactly what I want it to do – just like any EX or QFX π
Why that is you ask? BIG-Surprise:
Same tech, same RFCs, same protocols (vendor lock-in protocols aside as nobody should use them in 2024 anyway to avoid a vendor lock-in)
It’s mindblowing how many “Analysts”, “NextGen-Network-Experts” and “Enterpreneurs” suddenly pop up like Trolls leaving their caves after a long winter to report that this is a bad thing just to grasp on that sweet sweet social click that “fear” creates. Do you know so little about networking? Do you really know what a Router does? I beg to differ if I read some articles even coming from big tech portals in our Industry – makes me question if the folks who actually knew stuff have already retired…
I have one clear piece of advice for anyone getting nervous at this stage of the acquisition:
Why don’t you just sit back, stop telling everybody (including yourself) that the world ends, take a sip of tea, and enjoy the ride – you might be surprised what’s coming =)
For me, the last week was already better than any movie I’ve seen so far.
I already filled my Popcorn up because I bet that new dystopian articles will follow π π π