Network technologies and trends

March 29, 2015  4:45 PM

Is CCIE is an addiction?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
CCIE, CCIE consultancy, Cisco, Network

Generally it’s observed that most of CCIE’s always attempt for their second CCIE Certification in another track and they are successful in obtaining the second CCIE certification. What does this mean? Its been well said by boss “ CCIE is an addiction” He himself is a CCIE but not dual like me.

Screen Shot 2015-03-29 at 7.40.35 PM

I feel most us are carried out by the success of first CCIE and the thought of having second CCIE, never goes of the mind. So most of them attempt for their second CCIE in different track and so on.

What makes one to attempt the second /third /forth /fifth on so on CCIE certification attempts?

The question has many answers I left this to dual, triple or penta CCIE to answer.

Well there are many certifications which are as valued as CCIE, yet most of the CCIE’s fail to embrace them. The question is when is one does get satisfied? What value does a dual CCIE adds to one?

As far as the feedback from the dual CCIE they didn’t experienced a drastic change in their pay. Nor they got the special recognition? Yet they peruse.

When I think of seriously about second CCIE certainly I will ask myself the same questions which asked when I started the journey of CCIE,

  1. Why do I want to be a CCIE ?
  2. What is stopping me from becoming a CCIE ?
  3. What extra mile I can go to over come my obstacles to achieve my CCIE?
  4. What resources I should choose to pass the CCIE?
  5. Who else in my professional group are interested in CCIE ?
  6. What impact will have on me after CCIE ?
  7. What is the time line I am looking for to complete CCIE ?

If its worth certainly I will peruse but not for the sake of fame or addiction.

March 29, 2015  3:29 AM

Cisco’s Hackathon is here

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
Cisco, firewall, IPS

Cisco is currently conducting couple of challenges in the month of April -2015; one of the challenge Cisco is conducting is called Security Challenge. Cisco is teaming with HackeRank to conduct this contest from April 9 -2015 to April 11-2015.

Screen Shot 2015-03-29 at 6.27.41 AM

Basically Cisco is challenging everyone to break their new ASA firewall or IPS, which are powered by Firepower. With introduction of Firepower into their ASA’s, Cisco is aiming to provide the features of Next Generation Firewall like visibility, continuous control, and advanced threat protection.

This happens to be a litmus test for both Cisco and the contenders. Cisco is rewarding the successful contenders with MacBook pro and much more gifts. More details can be found from Cisco Security Challenge home page. Best of luck to those who really want to prove themselves.

March 26, 2015  9:40 AM

A review for “Troubleshooting and Maintaining Cisco IP Networks (TSHOOT) Foundation Learning Guide: (CCNP TSHOOT 300-135)”

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
CCNP, Certifications, Cisco, Cisco Press

First and foremost I would like to thank my Professional friend Jamie Shoup for providing me the copy of this book. When it comes to preparations for Cisco certifications Cisco Press books are awesome. Cisco Press titles are written based on the blue print and topics covered for the exam.  The Cisco Press title “Troubleshooting and Maintaining Cisco IP Networks (TSHOOT) Foundation Learning Guide: (CCNP TSHOOT 300-135)” is crafted for the CCNP TSHOOT exam 300-135.

CCNP Tshoot

This title consists of 10 chapters covering following topics

  • Chapter 1 Troubleshooting Methods
  • Chapter 2 Structured Troubleshooting
  • Chapter 3 Network Maintenance Tasks and Best Practices
  • Chapter 4 Basic Switching and Routing Process and Effective IOS Troubleshooting Commands
  • Chapter 5 Using Specialized Maintenance and Troubleshooting Tools
  • Chapter 6 Troubleshooting Case Study: SECHNIK Networking
  • Chapter 7 Troubleshooting Case Study: TINC Garbage Disposal
  • Chapter 8 Troubleshooting Case Study: PILE Forensic Accounting
  • Chapter 9 Troubleshooting Case Study: Bank of POLONA
  • Chapter 10 Troubleshooting Case Study: RADULKO Transport

The author is quite smart in discussing the troubleshooting approaches in chapter 1, this really gives a good understanding of troubleshooting approach one could adopt in any given situation. Personally I liked the chapter that deals with the Network Maintenance best practices as the author discusses every aspect of troubleshooting including the most neglected part like documentation and policy.

The case study chapters are quite interesting and prepares a CCNP aspirer to think out of the box at times to troubleshoot the problems reported in day to day network operations and also now you have the liberty of downloading the typologies and diagrams from the Cisco press website for your own reference.

To conclude a good title, quite easy to understand what the author is trying to express, the only suggestion Cisco might consider is offering Virtual labs for the cases mentioned in this book or at least share the VIRL typologies so that one can have good hand on before appearing for the CCNP TSHOOT exam 300-135

March 23, 2015  5:09 AM

Being CCIE is an ultimate thing in life?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
CCIE, Certifications, Cisco certifications, Networking

Recently I received a message in LinkedIn, asking about CCIE, the question put forward to me was as follows

 ‪”I’m just curious about network technologies. There is a lot of hype about CCIE; it is said once you pass CCIE lab there are plethora of opportunities waiting for you. Some even speculate starting salary of 25k SAR in KSA. Is CCIE a global certification which is accepted worldwide even in North America?

‪Do you agree with aforementioned assertions? Please share some insights.”


Many of the Networking or non-networking professionals have certain beliefs related to CCIE, some of them are

  • CCIE is an ultimate certificate.
  • Once one passed the  CCIE lab, he conquered the world.
  • Companies around the World will approach to him with amazing 3 digit offers.
  • A new horizon will open for him; he will be welcomed everywhere

Well all these things are wrong beliefs. Certainly it does adds value to one’s career, but at the same time he /she should justify the CCIE certificate he/she posses.

Recently trends are changing even college graduates with no networking experience started to prepare for CCIE labs and they are successful in passing the lab. Does this justify that; they have the same caliber of the experienced Network Engineer, certainly not. At one end this is a good sign, this shows how CCIE is valued in the professional world. But at the same time CCIE is losing its value due to huge increase in the number of CCIE s.

I believe experience and knowledge is what matters, not the certifications. Many people have a wrong perception towards CCIE; they think by passing the CCIE lab they can conquer the world. Well this is obsoletely wrong.

Wisdom and experience cannot be replaced by certifications, certifications does add value to those, who  already posses good experience in the field. Yes CCIE is one of most prestigious certification and accepted world wide, yes CCIE does offer a good remuneration provided that you are experienced and can justify your CCIE.

March 20, 2015  2:30 PM

Virtual resources for Palo Alto Accredited Configuration Engineer (ACE) Exam preparations

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

When it comes to Palo Alto Accredited Configuration Engineer (ACE) Exam preparations, options are quite minimal in terms of virtual resources. As discussed in my previous post one can either relies on Palo Alto PA -200 firewall or their Palo Alto VM 100 firewall, you may need to contact your local Palo Alto team to get the trial access with license.

If you got hold of Palo Alto VM 100 firewall then preparing the lab scenario using Unified Networking Lab is quite easier.

You can find out more details about Unified Networking Lab by visiting their web site and I recommend you to download the unetllab from their website. Still it’s in beta version yet it is more powerful. You can simulate scenarios using many vendors’ virtual products.

Once you downloaded and installed the Unified Networking Lab do follow the instructions mentioned in this blog by Andrea the creator of Unified Networking Lab. This blog shows you how to copy the Palo Alto VM 100 firewall into Unified Networking Lab

In the next post I will show how to create the topology recommended by Palo Alto for   the Palo Alto Accredited Configuration Engineer (ACE) Exam.

March 17, 2015  4:45 AM

Palo Alto should consider offering virtual labs for Palo Alto certification preparations

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
Cisco, F5

When it comes to preparations for any Certification exams, it is key to have an access to the appliance either in Physical or Virtual form. When it comes to Palo Alto certification preparations its quite challenging to find the virtual resources. Palo Alto recommends to practice their Firewall Installation, Configuration, and Management: Essentials I -Lab Manual on PA – 200 firewall which is a hardware appliance not a virtual appliance.

Palo Alto recommends the below shown topology for preparations of Palo Alto Accredited Configuration Engineer (ACE) Exam – PAN-OS 6.0

Screen Shot 2015-03-17 at 7.26.13 AM

Source: Palo Alto Firewall Installation, Configuration, and Management: Essentials I -Lab Manual

Well I believe the same topology can be created on the virtual environment especially when Palo Alto is marketing their virtual firewalls. Like F5 they can offer a trial license of 30 days purely for study purpose or certification purposes or like Cisco’s VIRL which can be bought at very nominal price. When it comes to preparations of much advance Palo Alto certifications like Palo Alto Networks Certified Network Security Engineer (PCNSE), one has to purely rely on either on Official Palo Alto training or hands on experience

It would be worth Palo Alto give a serious thought on coming out with a solution for their certification preparations especially when they are growing and trying to dominate the Next Generation Firewall world.

March 15, 2015  4:55 AM

What is Palo Alto Fuel?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
Network, Security

Palo Alto launched a Fuel community in 2014 is headquartered in Chicago, Illinois. The organization is governed by a volunteer Board of Directors and is managed by a headquarters staff

Screen Shot 2015-03-15 at 7.51.13 AM

Basically Fuel is created for those professionals who are responsible for securing information and critical infrastructure, Fuel gives an opportunity to create a professional community and its members are empowered to influence and shape the future of security through meaningful online and in-person engagement with peers and industry experts.

Any one can be part of Fuel community and can be part of any local Fuel Chapter; Fuel also gives an opportunity for Security professionals to enhance their leadership qualities by heading a local chapter in their area. If you don’t find a Chapter in your Area you can approach Fuel team to create a Local Chapter in your area and you are fully supported by the Fuel Team.

Some of the benefits you can availed being part of Fuel Local Chapter are

Discussion Forums >>

Connect on member forums that are specific to a topic, industry, region or interest area. Learn best practices, ask questions and discuss challenges and solutions with other members.

Resource Center >>

Fuel’s file library contains all recent and past webcasts, presentations, technical papers and articles regarding cybersecurity. Fuel’s year-round training resources allow members to keep current within their role and industry.

Exclusive and early access to Palo Alto Networks News

Be in the know. Fuel members receive exclusive Palo Alto Networks product information and news first.

I strongly recommend you to access Fuel Website to see more details.

Good news for Saudi Palo Alto lovers is,a local chapter has been created and named as Saudi Arabia User Group. So be part of Saudi Arabia User Group to avail all the benefits of Fuel and do spread the word among your peers.

March 12, 2015  5:53 AM

Two books one should consider while preparing for CCIE

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
CCIE, Cisco, Network, Networking

When it comes it comes to CCIE lab preparations most of us talk about the technical resources one should refer, hardly I see some one talks about the non-technical part of preparation. Well I am not trying to reinvent the wheel, yet would like to suggest two titles that will keep you motivated and help you to build a complete CCIE journey strategy.

There was great initiative by two gentlemen Dean Bahizad and Vivek Tiwari both of them are CCIE’s, they  understood the pain and come out with an amazing title called “Your CCIE Lab Success Strategy: The Non-Technical Guidebook


An amazing title, which serves as a personnel coach to some one who is preparing for the CCIE lab, they have crafted their journey in an interesting fashion and does offer lots of tips and strategies one could imagine of. So I certainly recommend to have this in your book self. This book offers a lot and its quite simple and a small book, which can be read in a week’s time.

Its been observed we give up the things even before starting the CCIE journey, we are afraid of failure, incompetency, no self confidence, no motivation to move forward, negativity, laziness and much more, in order to over come all these trials once could refer to Tony Robbins “ Awaken the giant with in “

Both these titles are quite helpful and will be your best friends for the journey of CCIE.

March 10, 2015  6:30 PM

Does CCIE track selection needs counseling?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
CCIE, Cisco, Cisco certifications, Network

When it comes to choosing a CCIE track most of the CCIE aspirers are confused, everyday I encounter at least one CCIE aspirers approaching me for an advice. Some times I petty them but there are in need of guidance, so I morally try to support them and guide them to best of my ability.


Why are most of them are confused in choosing CCIE tracks?

Its been observed that most of them are confused at the step 1 of CCIE, they struggle to choose a CCIE track for them, some of them try to meet instructor after instructor of different tracks to select the CCIE track, this makes them more confused. Even I have seem some people start with a CCIE track A for few months and then again they change their track to track B, this is not a good sign for some one who already started the journey of CCIE.

I believe most of them want to choose a CCIE track for different reasons like

  • Which CCIE track is in more demand?
  • Which CCIE track is easy to pass?
  • Which CCIE track offers me more remuneration?
  • Which CCIE track is easy to simulate?
  • Which CCIE track costs less?

So and so forth, well these are not the valid reasons to select a CCIE track. I strongly believe there should be strong desire and passion towards a particular track, which comes out when you ask the series of questions which mentioned in the article “ The Journey of CCIE – Series 1”. Yet some people may need some sort of Pre CCIE counseling in selecting a CCIE track and planning their journey.

Well as per my knowledge no one is offering such service, if some one wants to seek any guidance they can reach me out I can assist them in choosing their passions. Yes CCIE is a passion and can be only achieved when some one gives more than 100%. Please do feel free to reach me out, I will more than glad to help you.

March 9, 2015  4:42 AM

What is Accredited Configuration Engineer (ACE) Exam – PAN-OS 6.0 Version exam ?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Yesterday I passed the Palo Alto Accredited Configuration Engineer (ACE) Exam – PAN-OS 6.0 Version, the exam was quite easier provided you have hands on experience on Palo Alto firewall.

The Palo Alto Accredited Configuration Engineer (ACE) Exam – PAN-OS 6.0 Version is an entry-level exam of Palo Alto Certifications, which tests your knowledge of the core features and functions of Palo Alto Networks next-generation firewalls. The ACE exam is web-based and consists of 50 multiple-choice questions. The exam is not timed, and you can retake it as many times as necessary to earn a passing score.

Those who wants to be an Accredited Configuration Engineer (ACE) Exam – PAN-OS 6.0 Version, they just need to visit Palo Alto education website and get registered. Once done with registration, one can straight away attempt the Accredited Configuration Engineer (ACE) Exam provided he/she has the through knowledge of Palo Alto firewall. If not the best way to master ACE concepts is to register for Firewall Installation, Configuration, & Management (EDU-101 or EDU-201), EDU-101 is available at no cost as a self-paced online learning experience. EDU-201 is instructor-led with lab exercises and is offered through Palo Alto Network Authorized Training Centers (ATCs).

I took Firewall Installation, Configuration, & Management (EDU-101) self-paced online course which is about 6 hours long. The course is quite informative and the instructor has done an amazing job in explaining the concepts in simple language.

Certainly the Firewall Installation, Configuration, & Management (EDU-101) gives any one a good understanding of the concepts, but what about the hands on experience?  You can certainly use the Firewall Installation, Configuration, and Management: Essentials I -Lab Manual for this purpose provided you have an access to any Palo Alto firewall which is not under production. Palo Alto recommends PA -200 firewall for this lab, however if you don’t have physical appliances one can make use of Unified Networking Lab for the preparation of the Accredited Configuration Engineer (ACE) Exam. In the upcoming post I will try to shed some light on Unified Networking Lab and how you can make it as your source of preparation.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: