|  BlueWolf's Howl   | Comics and Art  | Higher Level  | Photography  | Poetry and Stories  |
|  Chess  |  Letterboxing  |
|  2003 Blogathon Archive  |   2005 Blogathon Archive  | 8th Layer Archive  | Blue702 Archive  |

BlueWolf's Howl

« Huh? | Bluewolf's Howl | Not Again »

September 19, 2004

Pix and progress

Well...I'm not sure if anyone noticed or cared... but, I haven't made any progress on the sidebar in quite some time. Yeah...that's what it's there for: to make me feel guilty enough to do something when I start to slack off.

Actually, I haven't slacked off as much as it appears. But, yes, I have slacked a bit. The pages read section only counts books that are finished. It doesn't count the pages of the books I've started and not completed. So the first thing I'll need to work on is FOCUS. To that end, I've decided to finish the PIX book I've been reading off and on.

There's a lot more to a PIX than I had previously known. I've had some PIX experience, but it was one of the smaller units and it ran a very standard/simple configuration. There were two interfaces (inside,outside) and a failover. I knew how to build the static mappings and create conduits. But, there are so many other PIX versions and configurations....and it's pretty exciting (to me) to learn all of this.

There has also been the element of luck in all this. In my new job, they called to see if I could phone support someone with a PIX problem. I told them I'd give it a shot - and found out enough to know that the problem was over my head. They were trying to set up a VPN from firewall to firewall with another company. I've never set up a VPN before, so I gathered as much information as I could, called the office and raised my hand for help. The call was to be handed off to a more senior engineer. I knew the guy they were handing the call to...he's awesome (MIT graduate who really knows a lot). I gave him a call to explain the situation and asked if I could sit in on the call. He didn't mind at all. Luckily, my current circumstances allowed me to sit on the phone and listen in to the call. I learned quite a bit and was afforded some experience that I might never have had - all because I asked.

Opportunity knocked - and I flung the door open. My point in all this is not to show how lucky I am...but, to show that training doesn't necessarily have to come from a course, a book, or a class. Training is where you find it. And if you look hard enough and are flexible, sometimes you can find it even when you're not looking.

To reinforce that training, I'm reading the PIX book (from Cisco Press) from cover to cover. [Chapter 11 covers the exact task that we completed over the phone.]

Chapter 8 covers aaa > authentication, authorization and accounting. I started into that chapter eagerly... I had set up a few switches to use TACACS+ to authenticate, so I figured it would be familiar material. Some of it... then I hit the part about authenticating other services. Virtual FTP, Virtual Telnet and Virtual HTTP? From the description, it sounds like a proxy. It sounds like something that security people would love to have, but users would hate to use. Imagine logging onto a workstation and having to authenticate again to use a browser. What? And after a configured idle or absolute time, you'd have to authenticate again. In most places that I've worked, people would be screaming in the hallways if IT ever tried to implement that. Well, at least I'll know how to do it if the need ever arises...

Speaking of finding training in odd places... I also found another means of training (which is not publicly available). The company I work for happens to partner with Cisco for a certain program. Part of this program requires the field engineers (that's what I do now) to access Cisco training and take 4 exams to prove proficiency. I've taken the 4 exams (all free) and have met the required obligation. Hmmm...but, I see that all this e-learning, visual hands-on and lab training is available to field engineers. Okay, so it's not required...but, it's ALLOWED! YES! I believe I've hit another motherlode of training - all free and direct from Cisco! Granted, the material might not help with certification. Much of the material covers hardware and the capabilities of various models versus the more academic topics of routing and protocols ... but, it's free training nonetheless... And it doesn't hurt that they offer gifts for completing x number of exams (and fill out a feedback form). Ten exams and I get a Cisco cap. Twenty and I get a Cisco logo mug (I'm an avid mug collector). And Forty will get a special logo, long-sleeved t-shirt. Okay...I'll admit it -- I'm doing it for the shirt.... I'm so easy to motivate.

Once again...my point being that there are numerous places to get free learning. You just have to look and ask. I'm very aware that most people can't afford training. I can't afford a $3,000 training course. And I know that many employers won't pay to train their IT staff. Those days are gone. But, the information isn't. It's there somewhere...you just have to find it. Sure, the 3K course is out of my financial grasp -- but, the $60 book on the same topic is well within my reach. Granted, it takes more time and effort. But, at least you CAN get there from here...

Posted by BlueWolf on September 19, 2004 08:17 PM