Finally… it was bound to happen. My three year journey is complete.

It was about this time last year that I posted about my second JNCIE-ENT lab attempt, and sadly it didn’t go the way I wanted it to!  Due to work commitments I was not going to be prepared to sit the 2012 Q3 round of lab offerings, so I resolved to sit the December / January round.

I picked up my studies again and worked on my weak areas noted during my first two attempts. I paid particular attention to areas of multicast and switch security as these two topics were areas of weakness for me last time. I was lucky enough to work on a project at the end of last year that included nearly 1000 ports of 802.1x with dynamic VLAN allocation, so that proved to be an excellent “lab environment” for me.

After a need to reschedule for March, as the January exams were cancelled in Sydney, I knew I was going to do everything in my control to pass this time around. I didn’t want to face the thought of making attempt #4!

Long story short this time around I felt much more prepared and actually finished with more than enough time to go back through all of the questions to confirm the points I believed I had earned. I cannot say enough about good time management efforts during the lab. Set a maximum amount of time per question (or per point) and really make yourself stick to it. Unless you know you need this question to continue on to later questions, just leave it as it is (preferably in a non-broken state), and move on to other questions. Earn more points and come back later.

I finished up the exam reasonably confident, but I also knew I felt confident after attempt #2. I caught a train home and prepared myself for the 15 business day turn around for the exam results. Luckily I didn’t have to way this long to get my results, and after a couple of days I was advised that I had passed!

I am now JNCIE-ENT #368… and Im very happy / relieved 😉

In previous posts Ive covered tips and tricks etc, so I would really like to dedicate this post to saying thanks to people.

All my thanks

• First I would like to thank Liz Burns and everyone at the JNCP team. Thanks for all the work you guys have put in to making these exams and the encouragement you provided me over the past three years has been must appreciated.
• All of my current and former co-workers. Thanks for the opportunities I was given to work on real life network environments and exposure to quirky designs. Also there is no end of thanks for putting up with me on all those days I had my cranky pants on
• All of my current and former customers. Without your need for new networks, and not to mention some of the crazy requests you have thrown at me over the years, I wouldn’t be able to get my head around some of the tricks of the lab.
• Thanks to my friends at Juniper, most notably Francois Prowse, Ashton Bothman and Doug Hanks. Again thanks for the encouragement and the kick in the butt I needed not to give up. Many people from within Juniper were invaluable in answering many of the problems I ran into while studying.
• To everyone on #juniper over on Freenode. Much appreciation for your advice… “hrmpf“
• To Chris Jones and the guys at Proteus Networks. I was lucky enough to be performing “Technical Editing” duties on the new Proteus JNCIE-ENT Preparation Workbook (which was obviously pre-release at the time). As part of this I labbed almost every scenario from the workbooks to ensure they were correct and the descriptions matched. I cannot recommend this guide enough to people studying for the JNCIE-ENT, and I plan to do a separate review in the near future.
• To Burkey and to Nick. I hope you guys both know what your support meant. #FHP
• To “The Wolfpack”. ARRRROOOOOOOOOOOOO! You know who you are, thank you for allowing me to “de-stress” and express myself in some pretty non-conventional ways 🙂
• Last but not least, to my wife Belinda. Thanks for all the love (and feeding) during this journey. You suffered more of the cranky pants than anyone else, and yet you still encouraged me to keep going. Love you heaps 🙂

As many of you know, I had the honour and good fortune of being able to take part in beta testing the JNCIE-ENT lab in August of 2011. The day completely wiped me out and I was walking around in a daze for the remainder of that week. While I knew the technologies I was unprepared for the time-management skills required to pass this lab. Needless to say it was no surprise when I received my fail-mail advising me that I was unsuccessful.

Well after almost a year, I decided it was time to get back on the horse and try again for getting those digits. Here in Australia the Juniper lab exams are only offered every 3 months, and I felt I was unprepared to sit the exam when it was offered in January. I knew that a friend of mine, and now colleague, Cooper Lees was preparing to take his JNCIE-SEC exam during the May schedule so I decided to book my attempt for the same day.

I have spent a lot more time working with Junos and various Juniper hardware devices in the time since I took the beta exam in August, and I was now a lot faster on the CLI, and didn’t need to refer to any documentation during the exam (except verify some config when I thought I had completed each step correctly! Needless to say… I hadn’t).

I had the good fortune at both my previous job at eintellego and also my current position at ICT Networks to have a wide variety of Juniper equipment at my disposal to create a lab environment in which to hone my skills required to get through the exam. I made quite extensive use of these labs to prepare and its true that nothing beats hands on experience when it comes to the lab. The JNCIE-ENT exam is based on EX4200 switches and SRX240’s – so be prepared to configure and support anything on these devices (sometimes items on “the edge of the blueprint”!).

So the lead up to the lab date was “exciting” with Cooper and I giving each other some “friendly rivalry” to try and be ready for the exams we had in front of us. We swapped experiences and ideas back and forth. Even though we were sitting different exams, having somebody else work with you on problems during prep time was certainly a god send. I had this during my prep for the beta with Nick Ryce and Chris Jones, both of whom have now gained their JNCIE-ENT certification.

On lab day Cooper and I met around 8am for breakfast near our office (which is only a few blocks from Juniper’s Sydney Office). A hearty breakfast of Bacon, Eggs, Grilled Tomato and Coffee certainly helped calm my stomach. After some banter about how we just wanted to “get this thing started!”, we decided to head over to the lab location and wait. We got there a little early, but it gave us time to settle down. The foyer area outside the room that served as the lab location included a table tennis table, an xbox and a pinball machine. Cooper showed off his fine table tennis skills while the rest of us pretended like we weren’t stressed 😉

While talking to the other candidates, we worked out that there were 3 attempting JNCIE-SEC, 3 attempting JNCIE-SP, and just myself attempting JNCIE-ENT (The “easy one” apparently :P). All of the candidates had a wealth of experience behind them including front line engineers, instructors and consultants. This was great company to be a part of.

Well the next part of the day is all covered by NDA, but I can tell you that I was wiped out by the end of the day. I feel like I was much better prepared this time around, though I am not sure if I scored enough points to earn a pass. I have already gone over some of the “stumpers” from the exam and worked my way through various solutions.

Im reasonably sure I am going to have to give this lab another attempt, but there is not much I can do about that now. This is all in the hands of the Juniper Certifications Team now. There is a 21 day SLA on the turn around of lab results, so all I can do is wait and prepare to book my next attempt.

I would like to leave the following advice to anybody preparing to take the JNCIE lab in the future:

• Prepare for time management. There is a lot crammed into the exam
• Read the entire exam. There are a lot of steps throughout the paper that can be consolidated and completed at the same time. I suggest making a list of all questions that affect each device and trying devise a strategy on how to meet all requirements before diving in.
• Know all of your topics. The lab exam is laid out quite clearly by topic, and these topics align with the same major headings as the blueprint. You are required to successfully complete at least one task from each section to pass. This means that you cannot say “Oh, I am weak in CoS or Multicast” and think you can make up your points elsewhere. Not completing a task from each section is an instant fail. BE PREPARED AND KNOW YOUR STUFF!
• My workstation during the lab was a Windows notebook computer with an external keyboard and mouse. You are allowed to bring your own keyboard and mouse if you wish. Unfortunately this was not what was tripping me up. You see, I am a Mac user and I had to get used to the fact that Ctrl is used instead of the Command key – I spent a lot of time pressing ALT 🙁 This will probably not be a problem for most people, but I will invest more time in lambing on a windows computer so I get the hand of where the keys are 😛 This may change in the future, but this was what I experienced.
• The lab is accessed via a VPN + Remote Desktop and a console server. All of this was up and running before I sat down at the lab machine. There was a little bit of lag for keystrokes, but nothing outside of what I am used to working on customer equipment in remote locations. Due to the time constraints in the lab though, you will want to be well versed in the Junos CLI short cuts (including Ctrl+W, Esc+b, Esc+f, Ctrl+A and Ctrl+E at the very least). These should help you move around the CLI without waiting for your console to catch up.
• Unlike other vendors, then JNCIE lab does include external machines that operate to show if your configuration is working. Be sure you know how to diagnose correct operation of your protocols and features from the blueprint  because it will be of great benefit with these devices behaving correctly.
• And last of all Juniper have made the sensible decision that IPv4 and IPv6 are equal. (Except of course where EX Licenses are concerned!). Know how to configure most of the tasks on each protocol – because you never know where you might get tested! Remember, this is the future of networking whether you like it or not, so get your IPv6 on!

As mentioned, the rest is just a waiting game now, and I promise I will post an update regardless of pass or fail! Until then, Im back to labbing some of the scenarios I came up against that I thought “should have worked!”.

POST: Well this blog post was supposed to be published over a week ago, unfortunately I have received my “Fail Mail” in the last couple of days, so I will be preparing to take this lab once again in August 🙁 This isn’t the worst news Ive received over the past week, as one of my best friends died in an accident at the beginning of last week and the “Godparent Card” has been activated. This is why my post was delayed somewhat as I have been working through assisting his wife and 2 young boys (both under 3) to deal with everything that is happening.

I havent blogged at all for March (and this is only a very brief one) because I have been very busy studying and it seems to have paid off! I managed to get the first step towards my CCIE R&S exam out of the way last week – I passed my CCIE Written exam 🙂

I made the commitment back in December to sit the exam while I was at Cisco Live Melbourne 2011. If you have been following any of my tweets so far this year you may have noticed that I have spent nearly as many days out of the country as I have in. My work travel schedule was pretty hectic for January and February and I didnt have as much time dedicated to study as had hoped.

When March rolled around and I knew that I would be spending the last week of that month down in Melbourne I knew I had to kick my study into overtime! I received lots of encouragement from many of my friends on Twitter but I can tell you I really wasnt feeling ready for the exam (even as I walked into the room!) but I managed to pass – much to my relief!

Now that I have passed, I am working when to schedule the lab. I am thinking either September 9th (My Birthday!) or in the beginning of December. Either way I know that if I do not set a hard date I will keep putting off the serious study required to complete the lab!

As you may have heard, Juniper has been shaking up their certification program – and all I can say is “It’s for the better!”.

In an effort to consolidate the disparate certification tracks (which were previously product based), they have moved towards being more centered around the market segments (and by extension the careers of the engineers going for the certs).

The first change was migrating the M track to becoming the Service Provider track. This is actually the track that would have made the most sense for my 9 to 5 (also 5 – 9) job, but as usual I don’t like to follow convention.

In August, it was announced that the exam I had been studying for (JNCIS-ER) was being retired, and that a new exam track which brought together both the -ER (Routing) and -EX (Switching) in the context of Enterprise Networking was being released. I decided to instead sit the JNCIA-ER exam (which I blogged about previously and received some interesting feedback 😉 ), and then wait until the new JNCIS-ENT course was announced.

It was an anxious wait with the teasers about the new exam coming out of the JNCP office! In early October the exam objectives were announced, then quickly followed by course material being available on the Juniper Fast Track website. I am fairly sure the fast track information had been up for maybe an hour before I had downloaded it and started working on a study plan.

At this point I knew that I had about a week before Prometric would allow me to book the exam, and I knew I wanted to be one of the first people with this certification. Its an ego thing – leave me alone. Unfortunately fate (well a friend’s wedding) would see me out of town the first 3 days the exam was available to sit, and during this time a friend from the twitterverse managed to beat me to it (JERK!). So instead I booked for the following weekend (October 16th).

I figured I had all the time in the world to study for this exam (1 week to be exact), and that I would manage to get all of it in with time to spare, and maybe relax with a few dirty chais pretending that I was enjoying it! Once again, fate intervened. After the 3 day weekend interstate for a wedding, I managed to have an extremely busy week preparing for my presentation at the Australian IPv6 Summit, as well as the lab guide for the training I was presenting on the first day (I flew out to the summit the day after I sat my exam).

Never fear, I can read through 160 pages of routing study guide on the Thursday night, and 140 pages of switching on the Friday. Well, maybe I can read 50 pages on Thursday, but I will head home early on Friday and read all of the remaining sections Friday night. Yeah, that’s a great plan! Lets move on with that.

So, on rolls 6pm Friday night, and I’m still in the office. I’m making every effort to be out of there without anybody stopping me! Phone rings – customer has a problem and somehow I’m the only one able to fix it. Joy! I guess I can study while supporting an onsite engineer. Maybe I can get a few pages in while he is moving between locations.

No. No I couldn’t. By the time I left the office at a 21:45, I had read 3 pages and possibly remembered half a sentence at most! Never fear! The exam isn’t until 10am – that’s more than 12 hours away, and I can still read when I get home. My wife had a different opinion on the matter! Never mind I can get up early, drive the 100+ km back to Sydney and be at the exam centre early and read from the car park.

3 alarm clocks and and two snooze cycles later, I managed to get away on time. I should make it with plenty of time to spare. Wait… what’s that up ahead? Why is there traffic as far as the eye can see? This doesn’t fit at all with my plan.

So a lesson for life – don’t curse at traffic on the freeway and wish bad thoughts on who ever caused it! If only because you will feel really bad when you see that its a Rural Fire Service truck over turned in the middle lane. That moment really snapped my perspective into shape!

So I made it to the exam centre with 30 minutes to spare, so I decided best bet was to flick through both guides as a refresher, and go in trusting on the experience I have gained over the past exams I have studied for and real world experience.

Sign in, sit down, and get underway! Here is my review of the exam:

• JNCP have put a lot of thought into their new plan and the work has paid off
• The study material provided on the Fast Track portal vastly superior to the previous material on the site. If you have previous theory knowledge on the exam objective topic areas, these study guides should be enough to get you through. If not, you should look to supplementing your knowledge with some of the great courses offered by your local Juniper training partners.
• Between the time I sat my JNCIA-ER and JNCIS-ENT, I have learnt a lot more about the Juniper philosophy of building skills layer on layer throughout the certification process. Unfortunately this makes several of my comments about the JNCIA less valid – such a focus on “simple” features, J-Web, or the low end focus. Each exam is there to test a level of knowledge, and the following exam builds on that without repeating content.
• The merging of the Routing and Switching tracks makes a lot of sense, and the content has been very well distributed between the two.
• Don’t be cocky! You will need to study for this one, and you will need to know the theory behind each of the technologies from the exam objectives. Try and get some hands on with both routers and switches.
• There were several questions about correct configuration of certain features from the exam objectives. If you know the theory, and have practical experience with the Junos configuration model, it shouldn’t be too hard to pick between the different options.
• The exam confirmed things I already knew – my skills were strongest in BGP, Protocol Independent Routing and HA. My weakest areas were Spanning Tree (know the default values!), and IS-IS
• IS-IS? In an enterprise? It’s not unheard of, but its far from common! Given that it is the only scalable IGP other than OSPF on the Junos platform, I can understand why it is in the exam. My previous certification and study experience had given me a basic theory for IS-IS, but I should have focused more on the implementation of this to supplement the theory.
• While the exam felt heavier in IS-IS and spanning tree questions at the time, when I think back I must admit the questions were evenly placed, but because of my weakness in those areas they really stood out in my mind.
• The pass mark for this exam was lower than I expected, but this is probably good news for many out there!
• The discounted price of this exam if you go via the Fast Track program certainly makes it viable to sit the exam to get a feel for it!

My result? Well I really thought the result could have gone either way once I closed my eyes and hit submit on the final question and review stage. I knew I had nailed some of the questions, but there still felt like many I wasn’t sure about. Nervously I opened my eyes to the news I had passed! It wasn’t the greatest score I have received in a test, but I had pulled off what I come to do!

So what’s next? Well, the JNCIP-ENT hasn’t been released yet, but I am certainly keen to get started on that as soon as the exam objectives and format are released some time in the new year! In the mean time I have to pass my CCDA (worst exam in the world to study for as an engineer!), and continue preparing for my upcoming CCIE written exam.

Special Thanks

I think special mention needs to be made of Liz Burns and her team at the JNCP. If you aren’t already, you should start following @JuniperCertify on Twitter. Liz provided a lot of information in preparation for the exams, as well as encouragement in the weeks leading up to the exam. The JNCP team are really great community ambassadors for Juniper. Liz and Kieran from the JNCP also featured on PacketPusher’s Runt Packet this last week outlining the future of certification at Juniper.

Thanks to Nick (@NetDonkey) and Chris (@ccie25655) for the encouragement and friendly competition in getting ready for the exam.

Lastly, thanks to those three readers of my mindless blog ramblings!

As a Network Janitor, I spend a lot of time mopping up other peoples mess!  When called in for a consulting job, it doesnt pay to be a vendor bigot. This is why we decided that staff at my company would need to get trained in the key vendors in the networking space. We identified our first 3 targets as Cisco, Juniper and HP. We then started working towards improving our partner levels with each of these vendors, and this is a process that is still underway.

The partner process opens up the requirement for X number of individuals with A, B and C qualifications – Juniper is no different. There was a requirement for at least one career certified individual (along with the obligatory sales and SE “certification). Being no stranger to certification, I felt I should at least attempt to meet all three requirements. Passing the Sales and SE was somewhat trivial, but Juniper has provided many good resources to accomplish this in their Partner Portal.

I had registered with the Juniper Fast Track program back in 2008, but had not really attempted to complete the process – I guess I took the slower track?! Back in 2008 my Account Manager sent me on the Junos as a Second Language course as an incentive to buy more Juniper kit. They threw in a copy of “Junos Enterprise Routing” and a Juniper Sports bag!

I had started to study for the JNCIS-ER (second level) exam when I saw the announcement from Juniper that they had decided to retire the JNCIx-ER and -EX certification and replace them with a single -ENT course. I decided to “wimp out” and instead sit the JNCIA-ER (entry level exam), as this still met the requirements for my partner status. I made this decision on Wednesday, sat the Fast Track prelim exam online, and booked the exam for 10am last Saturday.

I arrived an hour early (I live about an hour out of Sydney so I like to leave plenty of time), and after the usual pre-exam processing and ritual emptying of pockets, I made my way to my assigned seat.

What follows is my cliff notes from the JNCIA-ER:

• The first thing I noticed was that I was able to go back and change questions after submitting them in the exam. This really took me by surprise after so many Cisco exams. I really had to resist the urge to swap and change my answers. I did give in at the end and did a complete review of the exam.
• My allocated question set included 60 questions in 90 minutes. All multiple choice. No Lab/Sim questions.
• There seemed to be a lot of product specific questions – “What is the default setting for X on the M Series Platform” etc.
• Very few of my questions were protocol or technology specific, but rather “Which command implements feature Y”.
• There seemed to be a surprising number of questions relating to the J-Web interface. “Where would you configure Z in the J-Web Interface”. Now Juniper have spent a lot of time making J-Web be pretty and functional, but to be completely honest I had never logged into this interface in the 12 months I have played on Juniper kit (Well… until I got back from the exam at least!). I’m a Network Engineer, not a Windows Admin 😉 I do everything from the CLI.
• If you managed to work your way through the Fast Track material, and were able get some hands on with the Junos platform, you should not have problem passing this exam. (Lets just say I had more than 2/3rds my allotted time left over when I left the room, much to the annoyance of the other candidates who started at the same time I did).

In the end I passed this exam, and am actually looking forward to reading what the curriculum is for the JNCIS-ENT certificatiom, and would like to make a start on that soon after it is announced. Part of my certification road map has the JNCIE-ER (-ENT?) as a probability within the next 18-24 months, so I plan to put a lot more effort into the Juniper product portfolio.

If you follow my @networkjanitor twitter feed than you may know that I spent 3 days last week in training provided by Juniper and the local distributer Avnet.

In the old tradition of “free training for channel partners”, I signed up for “Junos Routing Essentials (JRE)” and “Junos for Security Platforms”. There was an “Introduction to Junos Software” course on the Monday that I sent one of my engineers along to, but I didnt attend personally. I have included below my review of the two courses.

Junos Routing Essentials (JRE)

This course was a one day course aimed at engineers who may or may not already understand the theory behind various routing protocols and processes.

There was a brief overview of how a routing table works and how the forwarding table is produced from this, which felt a little redundant at first, but led into further discussion about the various routing tables used within Junos and their functions. There were a few things I had not picked up working on Juniper kit that was handy here.

Quite a bit of this course was devoted to routing policy and how to import and export using Junos routing policies. This makes sense as once you understand the routing policy structures within Junos you open the doorway to some of the true power of the design inherent in Junos. There are quite a lot of match options available to routing policies that make life much easier (especially if you come from a Cisco background). I am working on a seperate blog post to discuss this topic further, as I feel there is a lot to point out.

The section on (stateless) firewall rules was interesting for me because I am used to working on SRX series routers which use zone based / statefull firewalls. To date the extent of my firewall policies was around rules on the loopback to control access to SSH/Telnet/SNMP etc.

Class of Service section was brief but gave an overview of how to build policies to control different CoS settings. You really would want some kind of previous exposure to QoS/CoS to supplement this module, but that really is the point of these condensed courses.

Junos For Security Platforms (SEC)

This course was a two day course focusing on the SRX series routers. Most of my Juniper experience has been on SRX240s, so I felt quite comfortable in this class. As always, I taught myself to do exactly what I needed to do to get the job done, so learning the ins and outs of how and why the platform works the way it does was insightful.

The opening module discusses the benefits and features of a converged router/firewall device and the superiority over traditional disparate devices. Mostly a lot of “my product is better”, but there is little dive into how the hardware traffic flows through the SRX platform. The module finishes up discussing the modular design of the Junos OS and further discussion of Flow based processing that is the foundation of the SRX platform (and shows its lineage from ScreenOS products).

The next two sections discussed the advantages of Zone based firewalling and how to build security policies to implement your goal. Discussion of the scheduling feature of policies to enforce time of day or day of week style firewall rules was an interesting design I had never really looked at, but has obvious uses within an enterprise type environment.

Firewall authentication, which is the ability to auth against the firewall to open up a particular set of firewall policies was interesting, and I have seen similar things when I used to use OpenBSD as a firewall, but I felt the uses were fairly restrictive and somewhat limited. If I really wanted something like this, the SRX is perfectly suited to operate as a VPN device and provide even greater functionality to boot.

Given the lineage from ScreenOS, the SRX platform has inherited a series of SCREEN features to filter broadstroke denial of service attempts as well as handling suspicious traffic. We discussed when to use SCREEN versus some of the optional IDP features or using firewall policies.

NAT on the SRX platform is somewhat different from both traditional Junos as well as from ScreenOS. The usual list of features are supported. Static 1:1 NAT, Destination Nat (port forwards etc), and Source Based Nat (both with and without PAT). Two interesting gotchas with the NAT implementation:

a) Security Policy is applied after NAT translations, so say you have a static 1:1 NAT arrangement, you would actually apply your zone based rules on the outside interface, but reference the internal address in the destination as opposed to the IP address used by the remote host. This makes sense after a while, but took some time to get my head around.

b) Like other firewalls, the SRX will happily snatch and translate any traffic routed through it according to any NAT rules that are configured. If on the otherhand you have say a large subnet on the “untrust” side of the firewall, and you try to make some NAT rules using some of those additional addresses, you will need to tell the router to Proxy ARP those addresses. I had been caught out on this one on a previous job, and felt a little foolish when they brought it up on the course. I wont be forgetting this one.

As one would expect from a modern firewall product, the SRX supports IPSec VPNs, which were covered quite well in the course. There are two types of IPSec VPNs – policy based and route based. Essentially policy based uses security policies to determine which traffic gets handled by IPSec. Anyone familiar with Cisco IPSec implementations should understand this concept. The other option is route based which configures a new interface on the router (st0.x) that is used as the tunnel between two VPN gateways. You can assign IP addresses to these interfaces and route traffic across it (Or use a dynamic routing protocol) just like any other interface type. It feels somewhat like a GRE tunnel in IOS, but with the added benefit of IPSec encryption and integrity checks.

A very brief look at the Intrusion Detection and Prevention features of the SRX was given, but this could have been a whole course on its own, not to mention this is a licensed feature of the SRX. A lot of interesting features, but not as powerful as a dedicated IPS/IDS solution. Worth considering for a branch deployment though, which is where this feature is aimed.

The last section covered an area of the SRX that I have spent some time on – High Availability. One of the great features of the SRX platform is that you can implement an Active/Active zone based firewall solution even on the smaller branch/appliance series of devices. I have implemented a HA pair of SRX240’s for a customer and have been quite happy with the result (though I suggest you lab this heavily before implementing due to instability issues on certain Junos versions).

In HA mode, you configure a set of redundancy groups and weightings for device failover triggers. There is a bit of fiddling to get some of these groups configured the way you expect them, but this is mostly due to the fact that both devices in the cluster have active data planes, and you need to know which interfaces (and on which device) traffic will ingress and egress.

HA on SRX Platforms could take another whole blog entry, which I am happy to go into if there is enough interest – so let me know if you want to hear more.

Final Thoughts?

So, after 3 days of training I walked away feeling that I had managed to learn quite a bit even though I have been working with Juniper equipment for 12 months now. The theory was aimed at engineers who already understood core concepts and routing protocol requirements, but even a junior engineer would learn a lot from these courses. There was a lot of hands-on lab exposure to teach you the ins and outs of the theory – it certainly made sure you learnt the material.

If you can get your account rep to organise the training (or have a company who will pay for it for you), then this is certainly worth spending some time on.

Hope this helps someone out there who is starting to look into Juniper as an alternative network vendor. Please let me know if you want me to follow up anything here, or would like me to show some further examples of the Juniper solutions.

Im currently working on my plan of attack on the CCIE R&S and I need some advice. I finally finished my CCNP in June after years of putting it off (I first got my CCNA in 2001!), and now I am trying to determine the best course of action moving forward.

So far my plan is this:

1. Buy CCIE Written Certification Guide – Check!
2. Improve my Skills in QoS, BGP and MPLS – Sit each of the CCIP exams associated with these subjects as confirmation of understanding of the base knowledge.
3. Review each major section of the CCIE R&S Blueprint, and read books from the CCIE Recommended Reading list.
4. Purchase IP Expert (At this stage) self study package and study from the video and audio material
5. Sit CCIE Written
6. Continue deeper study of each topic from the Blueprint
7. Work through practice lab exams from IP Expert and other online sources
8. Book and Sit Lab exam
9. Repeat #8 until I pass!

So does the above plan sound reasonable? Should I attempt the written exam earlier and spend more time focusing on the lab preparation? Are there other resources that you have found worked well for you? Should I alter some of these steps?

Let me know your thoughts.