CISCO networking and
certification authority speaks...
Interview by Stephen Ibaraki, I.S.P.
Stephen Ibaraki, I.S.P., has an exclusive interview with the
widely respected networking expert and author,
David Hucaby, CCIE No. 4594.
David is a
lead network engineer for a large medical environment where
he designs, implements, and maintains networks using Cisco
products such as Cisco multilayer switching and security
products. Prior to his current position, David was a senior
network consultant, where he provided design and
implementation consulting, focusing on Cisco-based VPN and
IP telephony solutions.
Q: David, we are fortunate to have you come in to do this
A: It’s a great pleasure for me to be here. Thanks for
Q: Can you describe your current work, and as an independent
consultant focusing on Cisco-based solutions for the
healthcare and banking industry? What products and services
are particular to these industries?
A: Sure. My current work involves maintaining the network
infrastructure for a university medical center. I get to
recommend design changes for the network of Cisco switches
and routers, as well as install and configure the actual
devices. And of course, when things go south, I get to be
involved in the troubleshooting work too.
Working in a healthcare environment is a bit challenging, as
the network carries not only the usual user traffic (email,
web browsing, instant messaging, and so on)—it also carries
mission critical traffic like patient lab results, CT and
MRI scans, and even telephone conversations! When the
network is down or slow, patients might not receive the care
As for networking products that are particular to healthcare
and banking, the LAN switches and routers perform the same
function as they do in all businesses. However, these
industries require a high level of availability and
performance, so the switches are usually large chassis with
many high-bandwidth links. These are usually arranged so
that any one box can fail completely and the network won’t
As you might imagine, security is very important too. I see
the full spectrum of security products in use—many
firewalls, intrusion detection systems, Virtual Private
Network (VPN) gateways, and so on. Hospitals and banks not
only have to keep unauthorized people out of their networks,
they have to make sure the integrity of their data is secure
when it travels over a network.
Q: Do you have some stories about very challenging
situations and their resolution?
A: Most of my stories involve networks being down and crowds
of people gathering. I had one experience where a hospital
network suddenly had a condition called a “bridging loop”.
Basically, this is where a portion of a switched network
forms a closed loop, usually from a faulty piece of
equipment or from someone inadvertently connecting things up
wrong. Normal user traffic that used to flow just once now
begins to circulate around and around the network, as fast
as the switches can pass it. The end result is that most
every link in the network becomes unusable very quickly.
In this situation, the cause of the bridging loop is very
hard to find. We had several people working together at
different locations for several hours before we were able to
find the one link that was faulty. To compound the stress
level, we kept hearing the hospital staff announce that most
of the areas were resorting to pencil and paper methods from
In another experience, a hospital’s core or backbone
switches had a software bug that caused most of their
servers to be unreachable. Again, many of the patient care
functions ground to a halt. Although very stressful, I had a
very good experience with Cisco’s Technical Assistance
Center (TAC). I was able to stay on the phone with them for
a couple of hours while they brought in more technical
experts to troubleshoot and offer advice. That problem was
solved by loading new software on the backbone
switches—something that was complex, especially in a crisis,
but easily done thanks to very competent people on the other
end of the phone line.
Q: What trends do you see in networking with regards to
products and services? Please make some predictions about
the future, and future technologies that businesses and IT
professionals should be considering?
A: Well, those are difficult questions. The one major trend
I see is something Cisco calls “convergence” on the network.
For many years, networks have been used to pass data files
and allow connections or sessions from one machine to
another. Recently, we’re seeing those same networks carry
new real-time traffic such as voice (telephone calls) and
video (teleconferencing and streaming video). You can
definitely do much more with your network connection now,
and that network has to perform well all of the time.
Wireless network access is also quickly developing. You can
find wireless LAN access in hotels, airports, cafes, and
many businesses. People can be productive in their jobs no
matter where they are located. Naturally, wireless is going
through the same type of evolution—your laptop can access
all of the resources you need to do your job, and voice and
video applications are quickly following. Add to that VPN
access, where a user can securely connect from anywhere to
the corporate network and its resources, and the “mobile
office” is complete.
Q: Do you have differing recommendations for small, medium
and large enterprise organizations?
A: I think we’re to the point where organizations of any
size must consider the same basic things—network
availability and security. The actual network design will
probably differ just because the budgets and performance
requirements differ. One nice thing about today’s networking
equipment is that it is fairly straightforward to scale a
small network up to meet new or increasing needs.
Q: Can you provide your list of the five most important
issues facing corporations and IT professionals today? How
can these issues be resolved?
A: 1) Security – proper staffing and training is just as
important as buying devices and appliances that perform
2) Obtaining and retaining highly skilled IT staff.
3) Keeping up with technology – Technical training is
necessary to advance skills and embrace new developments.
4) Budgeting for new technology.
5) Proper evaluation of new “miracle” technologies – Often,
new products sound much better than they turn out to be. The
ROI may be great, but do you really need it and does it
really work in your environment?
Q: With regards to security, please provide your detailed
recommendations in this area?
A: Businesses rely heavily on their networks, so they must
take every precaution to protect themselves from
unauthorized or malicious people. It’s easy to throw
security-related equipment at this problem, as I’ve often
seen. But I think it takes much more than that to be
effective. Security-related equipment generates large
volumes of activity or error logs, and somebody needs to
review all of that information regularly. I think many
organizations either fail to realize the need for full-time
staff dedicated to this task or they underestimate the
number of people needed.
I also think it is very important for an organization to
develop detailed security policies and stick to them. It’s
very common for businesses to decide to put in firewalls at
the edges of their networks, but they have no idea what the
firewalls should be configured to do. It sounds silly, but
the most difficult task of implementing a firewall is
getting an organization to identify what types of
applications and traffic they have and what resources they
want to protect.
Q: How did you get into computing and specifically into
A: Oddly enough, electrical engineering seems to run in my
family. My father instilled an interest in electronics and
computing in me for as long as I can remember. I’ve always
enjoyed building digital circuits, and also enjoyed
programming for several years after college. However, I
found that I wasn’t an elegant programmer at all. A job
change exposed me to a few Cisco routers back when I hardly
knew what a subnet mask was.
What struck me about working with the routers and networks
was the design and troubleshooting—I was finally blessed
with work that meshed very nicely with my engineering
I’ve always managed to work in places that are Cisco shops,
so I’ve been exposed to more and more Cisco equipment. One
nice thing about Cisco is that they are a (the) market
leader with a wide range of products and functionality. They
are also very open with technical information about their
equipment and also about the underlying technologies. There
is really no end of new things to learn!
Q: What is your recommended path into Cisco certification
and what are the benefits of each? Can you share your study
tips and important issues and challenges around the
A: Cisco offers several levels of certification:
“associate”, “professional”, and “expert”. These correspond
to the Cisco Certified Network Associate (CCNA), Cisco
Certified Network Professional (CCNP), and the Cisco
Certified Internetworking Expert (CCIE). You can start with
the CCNA and work your way up to the CCIE through a series
of many exams. Or, you can jump right into working on the
Cisco offers many training courses through third-party
training partners. These are all instructor-led and have
hands-on lab exercises too. Taking a course is a great way
to learn about a technology and get to see and touch
equipment you might not otherwise see. Most courses are four
or five days in length, so you get a lot of material in a
relatively short time.
Cisco Press offers a wide range of books that can help you
learn or study for certifications. There are books that
correspond to the instructor-led courses, so you can read
and study the same material at your own pace. Other books
are targeted at a particular Cisco certification, and cover
the complete subject matter while giving practice exam
questions and scenarios.
The CCIE is the only certification that requires a two-fold
process: a written qualification exam and an intense one-day
lab exam. If you can achieve the CCIE, you have both
technical knowledge and practical skills. The idea is that a
CCIE can be dropped into most any situation and find a
resolution in a short amount of time. Naturally, this is a
very grueling process, requiring plenty of study and plenty
of hands-on practice on a variety of equipment. Most people
don’t pass the CCIE lab exam the first time. Or the second
I know many people who have benefited from online study
groups for any of the Cisco certifications. It’s nice to
read and participate in discussions with other folks working
toward the same certification. In short, the Cisco
certifications are so popular and the technologies are so
open that it is quite easy to find enough material and
enough help to study and pass the exams.
Q: You have done quite a bit of writing:
VLANs and Trunking
CCNP BCMSN Exam Certification Guide (CCNP Self-Study,
Cisco CCNP Certification Library (CCNP Self-Study)
Cisco Field Manual: Catalyst Switch Configuration
Cisco Field Manual: Router Configuration
CCNP Switching Exam Certification Guide
What are the major themes in each and specific tips you can
A: My first book with Cisco Press was the CCNP BCMSN Exam
Certification Guide, which is wholly devoted to LAN
switching. One of the CCNP exams focuses on switches in a
campus environment, and this book teaches and prepares the
reader for the exam. Cisco certifications also change over
time, to follow developing technologies. This exam and the
LAN switching subject matter have been updated, so this book
was completely rewritten and released as the last one on
your list, “CCNP Switching Exam Certification Guide.” That
exam is very new, and the book was just released at the end
I’ve also written two books with a CCIE friend—the two
“Cisco Field Manuals”. These books are a very different
format, as they break networking down into various functions
and present a step-by-step sequence of Cisco commands
needed. There are so many different Cisco devices, so many
commands, and so many different protocols and technologies,
I just can’t remember them all! These books are really meant
to be quick references that you can carry in your laptop bag
(if you’re a traveling consultant) or within reach at your
Q: How can a novice get into writing, what important lessons
have you learned, and do you have shortcuts to speed up the
A: First, I think you have to have a real interest in
technical writing. It might be good to start out by writing
short “tech notes” or white papers for your own organization
or for an online or printed magazine. The more you write,
the easier it becomes.
To write a book, a novice author will first need to submit a
book proposal and a sample initial chapter to the publisher.
The proposal gives a detailed description of the book, its
subject matter, and intended audience. The sample chapter
gives an idea of the author’s abilities to write about
technical subjects. Usually, this proposal is circulated
within the publishing company, as well as to outside experts
on the subject. If everyone agrees that the book sounds
unique and marketable, then a contract can be drawn up
between the publisher and author.
Writing whole technical books is amazing to me. By this I
mean that I can’t ever remember writing anything over 20 or
25 pages in college. Just one Cisco Press book can average
anywhere from 500 to 800 pages! Obviously, detailed outlines
are a critical piece of a large book. Once you know the
subject material very well and have developed an accurate
outline of topics to cover, you can write the big book one
small section at a time.
I must also say that Cisco Press has been an excellent
publisher to work with. They have provided very talented
editors, project managers, graphic artists, and so on—each
of them very helpful.
Q: You must have both interesting and funny stories to tell
from your many rich experiences—please share a few.
A: I’ve had a legacy of ruining laptop computers at work and
while writing books. After just a short time in my current
job, I left my laptop on my desk too close to the window
overnight. Needless to say, it was gone the next morning,
extracted through a small hole in the window made by a
brick. After the laptop was replaced, I took it into a
communications closet. I had it nicely placed on top of an
old ethernet hub while I worked. I went around to the other
side of the equipment rack and began to unscrew a device I
was replacing, not realizing that device held up the laptop.
When the last screw came out, I heard a sliding noise and a
crash. That laptop met the cold, hard concrete...
Q: Which ten resources do you find the most useful?
A: 1) Cisco.com – The all-encompassing information source
for all things Cisco and network-related.
2) Cisco Press (www.ciscopress.com)
– many, many good books on every networking subject.
3) Cisco Networkers conferences plus the RFC Sourcebook from
Network Sorcery (http://www.networksorcery.com/enp/default0504.htm)
– Very handy reference for RFCs and networking protocols.
4) Incidents.org – The Internet Storm Center and the SANS
InfoSec reading room.
5) SANS Institute (www.sans.org)
for security information and training.
6) The CERT Coordination Center (www.cert.org)
for anything security-related.
7) Groupstudy.com – Cisco certification discussion groups.
8) eBay – The source for cheap, used Cisco equipment;
studying for certifications requires hands-on experience,
which requires lab equipment.
9) The Internet Assigned Numbers Authority (www.iana.org)
– The official protocol and port number registration source.
10) Dilbert (www.dilbert.com)
– Maintaining a sense of humor about the workplace is vital.
Q: If you were doing
this interview, what three questions would you ask of
someone in your position and what would be your answers?
A: 1) Are your certifications worthwhile
after all? As for me, I have a CCIE, and I would say ‘yes,
it certainly is’. Not only has it helped me move ahead with
my career, but it has helped me be much more competent in my
2) Do you see the need for networking
skills diminishing in the future? No, I don’t believe so.
Networking is constantly expanding and constantly
developing. The skills required to support corporate
networks seem to always be on the increase too.
3) What do you do in your spare time?
Because I work a full-time job and have been writing Cisco
books for the past couple of years, spare time might seem
hard to come by. Fortunately, I’m able to write every night
while the rest of my family sleeps, leaving time for family
fun. As for non-technical hobbies, I collect and use antique
Q: Do you have any more comments to add?
A: None at all.
Q: It was a pleasure interviewing you. Thank you for sharing
your wealth of knowledge with our audience.
A: This was a fun experience for me. Thanks for allowing me
to be here.