Thursday, 6 August 2015

Not passing the Cisco CCDA exam

"Do not underestimate this exam" - comment seen on the Cisco Learning Network.

Over the years, I've published a few posts with the title "Passing the [insert_cert] exam". Sadly, this post is "Not passing the Cisco CCDA exam". I've taken the exam twice, and failed both times.

While I can't talk about the exam (for NDA reasons), I can talk about the studying...

The CCDA is an odd certification. It sits alongside the more familiar CCNA certifications (R&S, Security, Voice etc.) and, as an "Associate" certification, is classed as entry level. Despite that, reading the Cisco Learning Community discussions reveals that a lot of people only tackle it once they have most, or all, of their CCNP or have at least taken all the CCNA concentrations. There is a common theme in the discussion forums that I've read, that this is not an easy exam.

My CCNA R&S and Security certifications were coming up for renewal, so I thought I'd give CCDA a go. I'd bought the (now out-dated) 640-863 "Designing for Cisco Internetwork Solutions" years ago and while I'd found parts of it interesting, I'd never put the effort into actually studying it.

So I equipped myself with the following:

  • Designing for Cisco Internetwork Solutions (third edition)
  • The Cisco CCDA Official Cert Guide
  • CCDA Simplified

To go alongside that, I also bought the ARCH book, "Designing Cisco Network Service Architectures" which is actually part of the CCDP and goes into a lot more detail. I also read a bunch of the Cisco SAFE reference guides.

All in all, a lot of reading!

I then spent nearly two months of study, going through the above and learning the material. I've seen some people comment how the CCDA is a Cisco sales/marketing certification, and I sort of see where they're coming from because it does use a lot of Cisco jargon that relates to Cisco products.

However, that's not to say it's easy or that it isn't technically demanding. There are a lot of details to understand and the main challenge is that while it's very broad and in some ways theoretical, the material expects you to have an understanding of some pretty technical details, such as:

  • In OSPF, what does LSA type 7 do?
  • Syslog level 5 is what level of severity?
  • Which H.323 protocol is responsible for call setup and signaling?
  • Which IPv6 routing protocol uses FF02::9?

Quite a lot to understand and know.


So, in order to cover all the bases, I dived into:
  • Network architectures (three layer, modular enterprise, borderless, collaboration, data centre)
  • Campus LAN and Data centre design
  • Branch office and WAN design
  • IP addressing (both IPv4 and IPv6)
  • Routing protocols: RIPv2, EIGRP, OSPF, BGP
  • Security
  • Wireless
  • Voice
  • Network management procotols

My first attempt, a couple of weeks ago, was a bit shakey. As I went into the exam I felt it was going to be a close thing and I failed with a score of 752 out of 1000 (pass score was 790). However, I was able to see the areas that I was not strong in and focus on that. So with nearly two weeks of additional revision and study, I took it again, feeling more confident...

This time I got 777, much closer than before and potentially only a couple of questions away from a pass. Without wanting to sound like a sore loser, I've actually flagged a couple of the questions with Cisco as the wording was very poor and ambiguous. I'm not honestly expecting much to change, but we'll see.

Sadly, this is the end of the road for my Cisco certifications for the time being. My current certs will expire in a few days, so I'll have to take them all again if I want to get back to this point. Disappointing, but that's how it goes sometimes.

So is it worth doing the CCDA? I think so. Once you get past the marketing stuff, there is a lot of good content that helps focus the architect in identifying what's important in designing a network solution. It's not a hands-on exam, but you do learn a lot that can be applied to actual network implementations. The current syllabus is getting pretty old and refers to products that have now gone end-of-life, but the concepts are sound and I assume an update will fix that.

After all these weeks of spending spare time studying, I might take a few days to sit in the sun (weekend's coming!), spend time with my neglected family and play some Elite:Dangerous. I think I deserve it.


Posted by at No comments:
Labels: ,

Tuesday, 17 February 2015

Thoughts on migrating from vCloud Director

A couple of years ago, VMware provided a "free" upgrade from vSphere Enterprise Plus to the "vCloud Suite" standard edition. This gave enterprises access to the vCloud Networking and Security (vCNS) and vCloud Director (vCD) products, enabling vApp firewalling and routing, self service provisioning and multi-tenancy support. Third party companies such as Veeam and VMTurbo started adding vCloud Director support into their products and the future seemed bright. We had the tools to build private clouds.

Then VMware bought Dynamic Ops and decided to refocus enterprise customers on what was now called vCloud Automation Center (vCAC). vCloud Director would continue as a Service Provider tool only. As mild compensation, a cut down version of vCAC was added to the vCloud Suite for standard edition users.

With the release of vCloud Suite 6.0, vCD and vCNS appear to have been dropped. While VMware are continuing support for these products through to 2017, it is obvious that they are not the future if you are in the enterprise space.

So what should vCD and vCNS users do?

The answer VMware gave back in 2013 when this happened was to look to vCAC (now vRealize Automation) to replace the portal aspects of vCD. That blog post gave a suggestion that some vCloud Director functionality would move "up" to vCAC and other functionality would move "down" to vCenter Server:



VMware has been pretty much silent on the subject ever since.

For vCAC/vRealize Automation to successfully replace vCD, it needs to:
  • Support multiple organisations/tenants
  • Enable delegation of organisation VMs to non-IT end users
  • Provide IT with tools to easily assign computer, memory and storge resources to specific organisations
  • Allow for the creation of standard images through a service catalogue
  • Allow for the creation and dynamic implementation of networks and complex vApps
  • Allow for firewall/routing/VPN between vApp networks
  • Provide integration points for third party backup and monitoring tools

At this stage, I'm not sure if vCAC can do this or not. My limited exposure to the product (thanks to a presentation at the South West VMUG) left me with a feeling that to do anything with vCAC required a fair amount of development work and integration with vCenter Orchestrator.

So with vCD's migration path unclear, what about vCNS?

In the knowledge base article, End of Availability (EOA) of vCloud Networking and Security (vCNS) in vCloud Suite 6.0 (2107201), VMware recommends that customers migrate to NSX at a "discounted price". Hmm, so if customers don't pay more, what do they lose? Edge and App firewalls? VPN into vApps? Load balancing? So how will more complex vApps with private networks utilising network pools work in this situation? Will any of this even be possible without NSX?

Again, more questions than answers.

In the past, some customers were burnt when VMware deprecated Lab Manager in preference to vCloud Director, and they've done it again now with vCloud Director to vRealize Automation and vCNS to NSX. This creates a lot of work for customers, for little apparent gain, and does nothing to instil a sense of confidence that the "new" solution is going to be around in five years.

To VMware, you need to improve communication in this area. Customers need to make plans and the silence regarding on-premise private cloud is uncertain. At the moment, there seems to be no like-for-like migration plan that doesn't cost the customer more, both in terms of effort required and additional SKUs.

And the "discounted price" for NSX is frankly insulting. Don't sell enterprises the dream of private cloud, provide the tools to build it, then pull the rug from under us because you have a new product you want to sell. Providing a discount that expires in year is useless to organisations who have already submitted their budget requests.

For me, I guess I need to schedule some time in to see what vRealize Automation is actually capable of. But I'll also be watching closely to see what others in our position are doing and if there are any alternative options.

[Update - 4th March 2015:  The VMware knowledge base article referenced above has gone offline. Perhaps VMware are re-evaluating???]
Posted by at No comments:
Labels:

Monday, 16 February 2015

Passing the VCP550D exam

Last year VMware announced that the VMware Certified Professional (VCP) certification would only be valid for two years, ostensibly to ensure that candidates didn't become out of date. Now, I have no problems with recertifying when the certification isn't version specific (e.g., CCNA), but because the VCP is tied to a release of software (VCP4, VCP5 etc.), forcing a recertification does seem a bit like a cash-grab by VMware Education.

With my VCP scheduled to expire next month, I spent a couple of weeks revising and took the exam today. Fortunately I passed with a score of 340 (the passing score is 300). To be honest, I'm a bit disappointed that I didn't score higher, but a pass is a pass and it got the job done.

The exam I took was the VCP550D "delta", which focuses on the differences between vSphere 5.0/5.1 and 5.5. However, it would be worth revising the standard VCP material too as there are a lot of generic questions. The exam blueprint for the 550D is the same as for the 550, which didn't help much.

For revision, I did the following:

Took the free VMware vSphere What's New Fundamentals [v5.5] course

Took the free VMware VSAN 101 course, which has subsequently been replaced by the VSAN 6.0 course.

Signed up for the Pluralsight 10 day trial subscription and took the VMware vSphere 5.5 New Features course

Built a nested home lab environment to test a bunch of new features. William Lam's OVF template for creating Nested ESXi VSAN clusters was very helpful in getting an environment up and running quickly (as was using the vCenter Server Appliance).

There are a number of features that I specifically focussed on when revising because I don't use them day-to-day, including: vSphere Data Protection (we use Veeam), vSphere Replication (we use Veeam), VSAN (we have a SAN/NAS) and VCOPS. Getting hands on with these features in the lab was extremely helpful, although make sure you're not too rusty of "basic" VCP questions covering network, storage, DRS/HA, update manager etc.

The exam itself is online and open book, but this doesn't make passing it a foregone conclusion. You still need to know your stuff! I found it helpful to have my home lab powered up and logged in, along with the VCOPS dashboard in case I needed to quickly cross-reference something. I made sure I had access to the VMware PDFs (but didn't actually use them). Having access to Google was very useful too(!).

With 65 questions in 75 minutes, there was plenty of time to go through the exam and then have time to review "marked" questions. I did use all my time and didn't finish the review, but, obviously did enough to pass.

If you are a VCP5 holder, you only have until the 10th March 2015 to recertify. Doing the VCP550D is the most efficient and easiest way to stay certified.
Posted by at 1 comment:
Labels:
Subscribe to: Posts (Atom)