Work gave me read-only access to the network..!

mguymguy Member Posts: 167 ■■■□□□□□□□
Hi! I'm studying for the CCNP. My role at work is not 100% networking. The network team has taken interest in me (after hearing of my CCNA i guess) and have given me read-access to the cisco devices in our HUGE enterprise network.

I mean HUGE. It is a bank.


They also gave me access to weather maps so I know which is what. I train with them one hour per day; right now it is shoulder surfing but they are giving me a run down on the stuff and basic set-up. I am not officially on their team so I don't really do stuff. BUT IT IS GREAT experience though.

I would like to know what one should do to take advantage of this. Like I said I have read-access to the network devices (core included) and have begun to take things apart. I've begun Diagramming the branch swet-ups with Visio, and I have the networking team on communicator ready to answer my questions. Now i'm listing the model numbers of the different routers in an excel sheet and just trying to make send of this complex network!!

I am studying for the CCNP, so I'm looking for the instances of where things will help me like BGP implementation. It's kinda overwhelming as it is enterprise level and there are lots of things in configuration.

My question really is how to proceed and get the most out of the situation. I would love to get the most of this and become a real networker!

Comments

  • NetworkVeteranNetworkVeteran Member Posts: 2,338 ■■■■■■■■□□
    Ideas:

    Create a topology diagram for the network for each layer (L1-L2-L3).

    To me, any configurations that aren't at their defaults are interesting. For example, where and why do they filter, summarize, or redistribute routes?

    What security precautions have they chosen to take.. and not to take? Are they, in your estimation, appropriate for what the network is carrying?

    What WAN technologies are they using?
  • RoguetadhgRoguetadhg Member Posts: 2,489 ■■■■■■■■□□
    Ask if you can get copies of sanitized configurations.
    In order to succeed, your desire for success should be greater than your fear of failure.
    TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

  • networker050184networker050184 Mod Posts: 11,962 Mod
    Why would he need copies of the configs when he can just log in and look at them?

    I'd agree on making documentation and diagrams. If there are already existing ones then try and approve upon them and make sure they are up to date.

    After you know how things are set up start trying to understand why. This is a good opportunity to ask questions and show your interest in getting a deep understanding of the network.

    Good luck!
    An expert is a man who has made all the mistakes which can be made.
  • RoguetadhgRoguetadhg Member Posts: 2,489 ■■■■■■■■□□
    I was under the impression he didn't have direct access to the consoles. He was listing the model numbers on the boxes, and used visio to connect wiring.

    I just re-read the post, brain fart.
    In order to succeed, your desire for success should be greater than your fear of failure.
    TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

  • xXErebuSxXErebuS Member Posts: 230
    One of the biggest things that helped me when I first got my CCNA was to look up EVERY command that your company uses and know exactly what it does FOR THEM. CCNA got me in the door to installing networks but what I think moved me up was knowing what the purpose of every command was; not just copying off a template and installing at a different site. It will also help you with your CCNP; I also work for a large environment and Most of the commands / concepts I was familiar with when studying for CCNP (and seen it in the real world).
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    I have access to the sanitized version of the configs, and I have console access.

    I am training myself to do Visio diagrams, which I will get it proofed.
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    Ok so i'll be diagramming the branch set-up first.

    I'll be diagramming bank branches and remote-branches. From the looks of it, there is quite a combination of them (different WAN types for one).

    I will be using Visio. Do you guys have recommendation on how to learn Visio or recommendation on Visio?

    I started the below thread so others may also benefit.

    http://www.techexams.net/forums/jobs-degrees/82063-visio-training-network-diagrams.html
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    Ideas:

    Create a topology diagram for the network for each layer (L1-L2-L3).

    To me, any configurations that aren't at their defaults are interesting. For example, where and why do they filter, summarize, or redistribute routes?

    What security precautions have they chosen to take.. and not to take? Are they, in your estimation, appropriate for what the network is carrying?

    What WAN technologies are they using?

    This is beyond me at this point. I do have access to Solarwinds and have the Core already diagrammed. Would I be able to extrapolate it from here?

    This network is huge! And complex! The branch BGP setup alone confuses me, I think CCIE would make quick work of this but for an inexperienced CCNP it is overwhelming and i'm not sure where to start.
  • Danielh22185Danielh22185 Member Posts: 1,195 ■■■■□□□□□□
    If your access is read only copy the configs and try to implement them on your own via GNS3, etc. This could give you a good representation of how the network works in a live sense. You may need to make your own adjustments since this would not be an exact replica of the network but it could help you understand a lot from a implementation standpoint. Then once you have things configured break stuff (on your virtual lab)! Watch it happen live, then try and restore it!
    Currently Studying: IE Stuff...kinda...for now...
    My ultimate career goal: To climb to the top of the computer network industry food chain.
    "Winning means you're willing to go longer, work harder, and give more than anyone else." - Vince Lombardi
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    If your access is read only copy the configs and try to implement them on your own via GNS3, etc. This could give you a good representation of how the network works in a live sense. You may need to make your own adjustments since this would not be an exact replica of the network but it could help you understand a lot from a implementation standpoint. Then once you have things configured break stuff (on your virtual lab)! Watch it happen live, then try and restore it!

    Will do! I will try to get there soon. I think understanding the network might take months before I can start asking the engineer (he was the one who approached me). Right now I mostly work with the branch technician and his level 2. The Network people are actually cool which is why I liked the field. :)
  • Danielh22185Danielh22185 Member Posts: 1,195 ■■■■□□□□□□
    Sounds like a great deal! I was hoping to establish something like this through my old job but they never committed. Now I have a new job and I am completely immersed in it. The more you can expose yourself the better. The great thing about the position you are in is they are willing to train you up. Ask all the questions you can and ask to do as much as they will allow. Its always great to have people on your side willing to teach.

    One other note, some things I would new when I was brand new to my job with networking I would make a log of concepts and items I ran into that confused me. If I wasn't able to get a direct answer that day of how something worked I would research it and come back the next day well informed.
    Currently Studying: IE Stuff...kinda...for now...
    My ultimate career goal: To climb to the top of the computer network industry food chain.
    "Winning means you're willing to go longer, work harder, and give more than anyone else." - Vince Lombardi
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    Guys, will running a port scanner get me in trouble?

    I found some routes that I can't SSH into and I'm wondering what they are. We are en enterprise network, this will get detected, yes? I could just walk up and ask..
  • networker050184networker050184 Mod Posts: 11,962 Mod
    mguy wrote: »
    I could just walk up and ask..

    Thats your best bet.
    An expert is a man who has made all the mistakes which can be made.
  • RoguetadhgRoguetadhg Member Posts: 2,489 ■■■■■■■■□□
    Anything that could be determined as an "attack" should be avoided without having signed consent. Port scanning is one of those that are trying to find a weakness into a network or computer, hence - an attack. I'm sure someone, somewhere has tried the "I was performing a test" while their intentions were more dark.

    Remember to CYA. Cover Your Arse. :)
    In order to succeed, your desire for success should be greater than your fear of failure.
    TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    mguy wrote: »
    Guys, will running a port scanner get me in trouble?

    I found some routes that I can't SSH into and I'm wondering what they are. We are en enterprise network, this will get detected, yes? I could just walk up and ask..

    Yes, definitely ask!
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    ok i just asked. haha. thanks guys! icon_thumright.gif
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    I finished diagramming the Layer 1 of remote branch set-ups: T1, ADSL, DSL, POTS (backup).

    Should I continue on to diagramming Layer 1 into the core? Engineer said they needed core routers to be labeled.

    Or should I start diagramming Layer 2 and 3 of the branches?

    Input please
  • RoguetadhgRoguetadhg Member Posts: 2,489 ■■■■■■■■□□
    The engineer just told you "They needed it to be done" Sounds like an invite to label the routers. ;)
    In order to succeed, your desire for success should be greater than your fear of failure.
    TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

  • mguymguy Member Posts: 167 ■■■□□□□□□□
    Roguetadhg wrote: »
    The engineer just told you "They needed it to be done" Sounds like an invite to label the routers. ;)

    Some problems here though, as I don't have access card to the computer room so it needs to be scheduled. Maybe i'll go with technician and get it out schedule sorted. I can't really leave my post as this is kinda still unofficial.

    I think i'll continue with the diagrams for the Branches (full branches). I'm also isolating BGP set-up for the branches so I'm gathering information so I can ask well-placed questions to engineer. I got my first router in the mail. An 1801 (same as branches running ADSL), so i'll be mocking that up soon.
  • lantechlantech Member Posts: 329
    Unless you have prior permission do not go into the data center. Banks are pretty picky about who they let in there.

    Get it scheduled first.
    2012 Certification Goals

    CCENT: 04/16/2012
    CCNA: TBD
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    I won't go there unsupervised of course.

    Instead of diagramming branches, I think i'm better off understanding the Layer 2 and 3 of the remote ATMs.

    If I can isolate sections of it, it'll be easy to replicate with my GNS3.
  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    Paging through some of the Cisco Validated Designs in the Cisco Design Zone can give you some ideas of what to look for in your bank's enterprise and branch networks and give you a better idea of the network building blocks.

    The Enterprise Branch Architecure Design Overview and the Enterprise Branch
    Security Design Guide are two good places to start.

    If you're really motivated you can add the Overall Branch Network Design PDF to your bedtime reading list.
    :mike: Cisco Certifications -- Collect the Entire Set!
  • shodownshodown Member Posts: 2,271
    Mike where you been at? You went ghost for a while.
    Currently Reading

    CUCM SRND 9x/10, UCCX SRND 10x, QOS SRND, SIP Trunking Guide, anything contact center related
  • mguymguy Member Posts: 167 ■■■□□□□□□□
    mikej412 wrote: »
    Paging through some of the Cisco Validated Designs in the Cisco Design Zone can give you some ideas of what to look for in your bank's enterprise and branch networks and give you a better idea of the network building blocks.

    The Enterprise Branch Architecure Design Overview and the Enterprise Branch
    Security Design Guide are two good places to start.

    If you're really motivated you can add the Overall Branch Network Design PDF to your bedtime reading list.

    Thank you very much for this.
Sign In or Register to comment.