Want to be a network admin. How to gain credibility so I can work with the expensive stuff?
October 17, 2012 7:25 AM   Subscribe

In my experience, the network administrator ladder is a combination of years of experience and cisco (or similar) certifications, mostly certifications.

The other approach is to land a job at an early-stage startup and put in the hours / years to grow their network, acting as sysadmin and netadmin. If they take off, you've got credible network administration on your resume.

Since the folks who buy really expensive routers are pretty seriously risk-averse, the certification route is probably the most likely to work out.
posted by jenkinsEar at 7:41 AM on October 17, 2012 [1 favorite]

Get your certs. CCNA to start. Employers are in love with paper tigers at the moment, so get your paper, tiger.

On the other hand, I got there by being a cross-platform Unix admin - TCP/IP networking is built into the bones of most Unix-alikes. A Raspberry Pi is what, $35? Buy five of 'em and a couple of cheap 4-port switches and a cheap managed switch, like a refurbed Cisco 300, and a junky old desktop PC or two you can slap a 4-port network card into, and get them talking to each other over two or three different networks.

Set up one of the little pi's as a sniffer, and play with wireshark. Play with some of the security and pen testing tools, and spend some time hardening your little lab network. Set up IP phones on two of 'em, and mess with QoS and CoS. Build one of the PC's into a Linux firewall, a proxy, and a SSL VPN gateway that serves three different networks at once. Then learn how to do it on an OpenSolaris and NetBSD system. Learn to set up IPSEC and SSH tunnels between the little boxes, and learn to set up an IPSEC VPN concentrator.

You will find in short order that You Know What You're Talking About, and will be able to move up in your little company with more network and sysadmin responsibilities, or you'll be in a sweet place when interviewing for networking gigs.
posted by Slap*Happy at 7:46 AM on October 17, 2012 [7 favorites]

(To be clear, the junky old PC's are there to be configured into Linux systems - Unix systems were in common use as routers up until 10 years ago, Linux still does a decent job of routing traffic between multiple networks. Also, most network gear that isn't Cisco uses a lot of unix/linux conventions in their configuration and troubleshooting tools - hell, Juniper brags that JunOS is unix.)
posted by Slap*Happy at 8:00 AM on October 17, 2012

What Slap*Happy says.

Learn to think like a router, and to think like an end host. Each of them views the network differently. Use wireshark and tcpdump a lot. Figure out why things act weirdly. As an example, here's a situation that keeps biting folks in my experience: if you have a bunch of routed networks connected together, and you have a unix host that is multihomed on at least two of those networks. What hosts can talk to which IPs on the unix host, and why - or why not?

A note on certifications: In general, the CCNA is a good "I can operate a router without falling over" bar to meet for a junior neteng. When I worked for a Very Large Company, the folks we hired into our NOC needed to have a CCNA or get one within a short amount of time.

The CCIE is the big gun of network-related certifications. But you can end up a great senior-level neteng without one.

Most of the certifications in between don't mean that much, in my experience.
posted by rmd1023 at 8:17 AM on October 17, 2012

1) Unlike a lot of other certs out there, Cisco certs do require you to develop the appropriate depth of knowledge. 80% of what's tested you'll never use, but that other 20% you'll use all the time. Employers like having that piece of paper that says you have a cert, and in some segments it's even required.
2) Experience. Nobody will let a greenhorn straight onto the core routers but the edge devices are great places to start.
posted by Runes at 8:20 AM on October 17, 2012

My husband has done exactly this. Feel free to MeMail me for details; I've discussed this before, and he's happy to elaborate.

It took him maybe two years to start from no-certifications, internal phone support in the TAC (he had previous telecom experience, but chucked it to move up here and be with me) to completing both his CCNA and CCNP.

After about 18 months working crap hours in the TAC, while working on (and passing) his CCNA on the first try, he moved up to the NSE for a network specialist position. That was a major jump in terms of hours and responsibilities, but he did well. Most of those guys had had their CCNAs, but a few didn't.

He immediately started work on his CCNP and passed each of his tests on the first try, with a perfect score on Troubleshooting. I am saying this in the best and most respectful way: he's not ultra-smart, and in fact it takes him a while to internalize information he reads and works on. But once he gets it in, it's in. He found a ton of Test King (I think that was the one) question and answer banks online and drilled himself, over and over, marking the ones he didn't get and coming back to them. Because the questions were more than simply picking one answer -- you have to pick anything from one to seven possible answers -- it seemed to help him in his day-to-day work as well, and vice versa.

Six months later, pretty much the day he was eligible for a promotion and a week after he got his CCNP, he got bumped up to a full-on network engineer position with a gigantic raise. That was 10 months ago; he's been doing Net2 work in his Net1 position, and they've already pressed him to hand over his resume to move up the ladder.

He works for a major cable/internet company that is not Kabletown. They've paid for his school, which has been great; he's finishing out an online program in information and communication technologies through one of our state universities that includes CCNA/CCNP certification in its curriculum. He's going about half-time.

He's not what you would call a nerd, or the kind of guy who likes to mess with hardware, but he has purchased a couple of junky routers and things to play around with at home. (It's kind of a joke now. I think we have more routers than rooms in the apartment.) I can get the specs on the kinds of things he bought.
posted by Madamina at 8:37 AM on October 17, 2012 [3 favorites]

What ladder do you climb that gets you to a point where you're working on enterprise-level routing equipment?

Quickest? work helpdesk in a NOC for a big telco or ISP. That's where you deal with networking day in and day out. Otherwise how many networking tasks need to be done is a function of size and security requirements.

You probably won't get much hands on for the 'big' stuff, but most 'big stuff' is normal every day stuff at a larger scale. If you understand layer 2 for a 10 person LAN, it's not much different to scale that up for a 100 or 1000 person LAN.

Three suggestions that have served my career. One - get certified for a non-cisco vendor: Juniper is #2 but HP, Dell, F5, whatever. Most networks use equipment from multiple vendors and showing you have the skillset to make them play nicely is a big plus.

Two - don't forget the other pieces of the 'network' job. Syslog usage, load testing, understand telco circuits, good visio skills, hands-on with common management software or tools like ssh and packet analyzers.

third, and this is the big one: the network is a platform. Being able to setup the platform is only half of the job, at minimum you need to understand the common services like DHCP, DNS, and SNMP. Understanding other more advanced services will only help as well - IPSec, QoS, iSCSI, FCoE, VOIP, IPv6, etcetc.

Unix systems were in common use as routers 10 years ago

Depending on how you look at it, that's still going strong with NX-OS and JunOS kernals.
posted by anti social order at 8:41 AM on October 17, 2012

Oh, and I'll add a few more notes about certifications, etc.:

As I mentioned, he moved up here with about 8 years of experience at a phone company, basically working for their escalation team but not advancing. He didn't really have networking experience. He took a huge pay cut to work in the TAC, and between the nine months it took him to find that job in the first place and all of the other jobs he tried to get in the next 18 months (seriously, the TAC sucked, although mostly because of a crap manager), he had a TON of job interviews around town.

Without a CCNA, or even a CCENT, it was very difficult for him to quantify his experience. He'd go in and they'd say, "What's that yellow wire on this doohickey?" and he'd be like, "Look, I can't remember it off the top of my head, but if you give me a hint, I can tell you its name, function, place in the hierarchy, you name it." That wasn't good enough.

Only when he got his CCNA could he really say, "Here you go; I've got this benchmark of experience that makes it almost unnecessary for you to wade through my whole patched-together resume."

It was also much easier to look FOR jobs. He had a clear idea of what he could and couldn't do, as well as knowing where he could go to improve that level of knowledge.

Now, at his Net1 (or, hopefully, Net2) level, they want all of their guys to get CCIEs, but I think only one or two senior managers currently have them. But the company will cover it.
posted by Madamina at 8:46 AM on October 17, 2012

Please take the advice of posters above and take the CCNA classes. You will learn everything you need to know to do hands-on router configuration and much much more. I took that class and learned so.very.much! I hope to return for a CCNP someday.
posted by Lynsey at 9:50 AM on October 17, 2012

Others have talked about getting a CCNA, but I'll just add that the importance of the other kind of networking can't be understated. Stay in touch with as many co workers and managers as you can. If people know you as a smart guy who can solve problems, and someone who is comfortable getting thrown into the deep end and learning quickly, its possible to get that sort of job without certs or a degree. I managed it at an ISP where I had a few friends that worked there, with almost no relevant experience.
posted by empath at 10:46 AM on October 17, 2012

Oh, and yeah, there really isn't a HUGE amount of difference between the huge switches that ISP's use and the lower end cisco gear. The main difference is going to be the sorts of problems that you're concerned with, the kinds of cards that they'll have installed, the configurations and so on.

They don't let you touch them, not because the equipment is so expensive and complicated that they're worried you'll break them, but because they either carry a huge amount of traffic, or extremely important traffic that they have SLAs on and any downtime will cost them a lot of money. They really aren't much harder to use, its just that the costs of making a mistake are a lot higher.
posted by empath at 10:50 AM on October 17, 2012

Focusing on the Cisco stuff won't prevent you from working on other stuff (Juniper, uh... other stuff? I dunno...)

I know I said this in your previous post, but for anyone else who doesn't go over there: my husband says that it's been very helpful to pay attention to the people on the other end of the phone/email. Find out who they are, what their structure is, what they do and how they do it.

Here's his Network Specialist description from his resume draft:
Document network devices and customer circuits. Respond to interdepartmental network configuration requests. Isolate trouble in optical networking including SONET and ROADM technologies. Assist in tier 3 isolation of network issues and direct customer contact. Manage complicated issues; responsible for carrying complex issues through to resolutions. Work closely with tier support and utilize vendor support to reach resolution.

And here's the draft list of his "familiar technologies":
DMS and 5E switches; SONET, ROADM and Infinera transport technologies; Adtran, Cisco and Juniper routers; OSI model; Internet Protocol; Broadworks; Copperview; Netmeeting; SecureCRT and Procomm clients; Sentinel and CDR for SS7 monitoring tools; SOA; Centrex blocks and Centrex Mate tool; AS400 and F&E systems; 8MS; T1, OC1 and DS3 lines; Anymedia; DSLAM; Alcatel and Titan DACS equipment; Spirent, React and Harris test sets; Glenayre and Octel voice mail systems; Edgelink and Adtran MUX equipment; Remedy; SIP Messaging; Windows XP/Vista/7 and Mac OS X operating systems.
posted by Madamina at 12:56 PM on October 17, 2012

Madamina, if I might ask: How did he get experience with DMS and 5E switches without already having a sweet telco job? I am interested in that sort of thing and I have a good handle on the Cisco/Juniper/Force10 side of things, but not so much the telco side...
posted by Juffo-Wup at 5:24 PM on October 17, 2012

You may absolutely ask, and please don't hesitate :)

He says, "I don't know if you can get the experience on DMS and 5E without a job, but the industry is kind of moving away from them anyway."

(I asked him when/which level he worked with them, but he hasn't responded yet.)
posted by Madamina at 8:40 AM on October 18, 2012

Madamina, thank you for the very useful information in this thread.
posted by lostburner at 5:47 PM on April 21