Guys that “know cisco” but say “the certs just prove you can take tests” (MYTH)
Ever wonder why getting vendor Certifications in Cisco, Microsoft, VMWare etc. are so important to your career as IT engineer?
Certifications with no Experience is of course bad! You need real experience working in the field to have at least a good understanding of how something works.
But often, experience with no certifications can be just as bad. Just because someone is “experienced” does not prove they have gained the knowledge necessary to really understand how something works. To really “prove” you got what it takes - get certified and get experience!
Getting certified helps you learn the theory behind how something works, so you can later understand exactly WHY YOU ARE doing something when working in the field.
Here is an example that comes to mind (I see this a lot):
I often see firewall/security guys list redundant statements in their firewall access lists. It’s obvious from reading these few lines of code some was either careless or simply does not understand what they are doing…
A few lines of a live access-list on a firewall;
access-list outside_allowed_in permit ip host 188.8.131.52 host 184.108.40.206
access-list outside_allowed_in permit gre host 220.127.116.11 host 18.104.22.168
access-list outside_allowed_in permit icmp host 22.214.171.124 host 126.96.36.199
What is wrong with this access-list?
Well the first line makes the second and third lines unnecessary!
“permit IP” states “all IP protocols, 1-255 are permitted” between the two hosts…
(source = 188.8.131.52, destination = 184.108.40.206)
The second line then states IP protocol 47, Generic routing encapsulation (GRE) packets should also be permitted. The third line states IP protocol 1, Internetwork control message protocol (ICMP) should be permitted.
GRE (47), ICMP (1), TCP (6), UDP (17), ESP (50), OSPF (89), EIGRP (88) are all types of IP packets (“network” or layer 3 of the OSI model).
Studying for and passing Certifications helps us at troubleshooting also! You’ll understand a lot more about what your are working on whether you have 1 day of or 20 years of “experience”.
(I removed the second and third lines in that ACL, and nothing broke :)