Cisco Live: Forecast is (Google) cloudy with race cars

August 21, 2018 at 3:08 pm | Posted in Cisco, Conferences | Leave a comment

Attendees of this year’s Cisco Live conference in Orlando Florida left with a big takeaway: Cisco and Google Cloud now work together.

The importance of this initiative to Cisco was obvious because of the time spent on the subject by Cisco CEO Chuck Robbins as he delivered the keynote address, and by the unmistakable signage everywhere at the conference announcing the new joint venture.


During the keynote, Robbins discussed how Cisco aims to change some network paradigms by making faster business decisions based on real time data.

What does this mean? Cisco customers can choose from either Google Cloud, Cisco cloud offerings, or a hybrid of the two. The new architecture uses open source solutions as part of the structure. This new partnership will assist organizations to become both more robust and flexible. The cloud enhancement will not only improve scalability, but will also help to enable an advanced level of security for enterprise systems.

Another unscientific observation made by this reporter is that tech companies really, really dig car racing. The World of Solutions exhibits featured many companies displaying the race cars that they sponsor. Below Troy McMillan poses with the #43 Bubba Wallace Nascar entry sponsored by World Wide Technologies:

troy cisco live

Until next time,

Troy McMillan


The Great Password Debate – Where we disagree about password resets and failures (Part 3)

September 20, 2017 at 3:30 pm | Posted in cybersecurity, Knowledge, Technical Tips | Leave a comment
Tags: ,

This post is part three of our reaction to new recommendations in the National Institute of Standards’ Digital Identity Guidelines (NIST Special Publication 800-63), Appendix A – Strength of Memorized Secrets. You can check out Part 2 here.

In the Great Password debate that has been generated by the latest NIST guidelines, we (the trainers and experts on the Transcender team) find we agree with some recommendations and disagree with others. In our previous post, Josh discussed the way password complexity has been found less secure than longer passwords made up of simple words. In this post, we (Robin Abernathy, Ann Lang, and Troy McMillan) want to discuss NIST’s new guidelines for password resets (password age) and responding to password failure/account lockout (failed authentication).

Among the otherwise sound advice in the Digital Identity Guidelines (NIST SP 800-63B), we did pick out three points that cause us some consternation:

  • Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator. (Section
  • Unless otherwise specified in the description of a given authenticator, the verifier SHALL limit consecutive failed authentication attempts on a single account to no more than 100. (Section 5.2.2)
  • When the subscriber successfully authenticates, the verifier SHOULD disregard any previous failed attempts for that user from the same IP address. (Section 5.2.2)
Love it a long time, or leave it every 30-60 days?

How many of you out there work for a company that requires you to change your password at a regular interval, usually every 60 or 90 days? Bullet point 1 states that this is no longer necessary.

Troy says: I disagree with this recommendation. I contend that changing the password at regular intervals DOES increase security because it shortens the amount of time it is available for disclosure. The logic behind this new NIST rule is based a failure of how people implement it, not a failure of the concept of password age. In other words, the concept fails because the users do not use unique or secure passwords. They usually choose a new password that’s similar to the previous passwords with a few character changes. This issue would be resolved with proper security awareness training and policy enforcement. Also, there are solutions out there that can prevent users from creating a password that is too close to a previous password. So while we understand what NIST is trying to do with this change, I personally don’t agree with it.

Ann says: I disagree somewhat. The theory is that if you’re ALSO making people choose much longer, easier-to-remember character strings for passwords, like IlikebigpasswordsandIcannotlie! Twoyears beforeI changeit lala hooray!, then you still have the advantage of the password being much, much harder to crack or guess from a mathematical standpoint. After reading through their breakdown of Authenticator Assurance Levels (AAL), I’d be okay following their password age recommendations for any site that’s operating at AAL2 or above.

(For what it’s worth, Microsoft’s 2016 Password Guidance for IT Administrators both counsels you to lose the mandatory periodic password reset, AND to educate users on choosing appropriate passwords and banning commonly used passwords.) Continue Reading The Great Password Debate – Where we disagree about password resets and failures (Part 3)…

Introducing the new CCNA: ICNDv3 exams, 100-105 and 200-105

October 12, 2016 at 8:27 am | Posted in Certification Paths, Cisco | Leave a comment
Tags: , ,

Cisco has officially retired the old CCNA exams (100-101 and 200-101, or the combined 220-120), so the opportunity to take the ICNDv2 has come and gone. The new path to Cisco’s flagship certification is the ICNDv3 path. As of October 2016, you need to pass one of these combinations to earn the CCNA Routing and Switching certification:

  • Exam 100-105: Interconnecting Cisco Networking Devices Part 1 (ICND1)
  • Exam 200-105: Interconnecting Cisco Networking Devices Part 2 (ICND2)


  • Exam 200-125: CCNA Interconnecting Cisco Networking Devices: Accelerated (CCNAX)

Passing the 100-105 exam alone will also earn you the Cisco Certified Entry Network Technician (CCENT) certification.

How much change should I expect for the ICND1?

For the first exam, Cisco has rearranged the material and condensed the objectives from seven to five. Here’s a comparison of the old and new objectives:

OLD: 100-101 ICND1 v2.0
1.0 Operation of IP Data Networks
2.0 LAN Switching Technologies
3.0 IP Addressing
4.0 IP Routing Technologies
5.0 IP Services
6.0 Network Device Security
7.0 Troubleshooting

NEW: 100-105 ICND1 v3.0
1.0 Network Fundamentals
2.0 LAN Switching Technologies
3.0 Routing Technologies
4.0 Infrastructure Services
5.0 Infrastructure Management

While at first glance it might appear that the CCENT removed troubleshooting questions entirely, the new exam simply integrates troubleshooting into each objective. For example,  Objective 2.0: LAN Switching Technologies will have you troubleshoot interface and cable issues (collisions, errors, duplex, speed), while in Objective 1.0: Network Fundamentals, you’ll have to troubleshoot IPv4 and IPv6, as well as “apply troubleshooting methodologies to resolve problems:”

  • 1.7.a Perform fault isolation and document
  • 1.7.b Resolve or escalate
  • 1.7.c Verify and monitor resolution

The changes in the objectives typically just mean reorganization of the old material, but there have been a few additions and deletions of topics for this exam, which I’ll explain.

Key Topics Removed from ICND1 or Moved to ICND2 Exam:

OSPF (single area) and other OSPF topics were moved into ICND2. Instead, RIP is used to introduce CCENT candidates to IP routing protocols.

Dual Stack was removed from ICND1, since there are many different IPv4 to IPv6 transition technologies being used.

Cisco Express Forwarding (CEF) has been removed.

Key Topics Added:
  • High level knowledge of the impact and interactions of infrastructure components in an Enterprise network, specifically:
    • Firewalls
    • Access Points
    • Wireless Controllers
  • Awareness of the Collapsed Core architecture compared to traditional three-tier architectures. This option collapses the Distribution and Core into a single tier, with the Access as the second tier.
  • Configuring and verifying IPv6 Stateless Address Auto Configuration (SLAAC).
  • Coverage of anycast IPv6 addressing.
  • Knowledge of Link Layer Discovery Protocol (LLDP). An L2 discovery protocol is used in addition to Cisco Discovery Protocol.
  • Knowledge of RIPv2 for IPv4 as the primary focus for understanding of how routing protocols work.
  • DNS and DHCP related connectivity issues.
  • Syslog message logging for device monitoring.
  • Skills and knowledge of device management related to backup and restoring device configurations, IOS feature licensing, and configuring time zones.

How much change should I expect for the ICND2?

While the number of objective domains has remained 5 in the update of the 200-101 (ICND2)  to the 200-105 exam , those domain topics have changed and also the content. The comparison of the domain changes are as follows:

OLD 200-101 ICND2 v2.0:

1.0 LAN Switching Technologies
2.0 IP Routing Technologies
3.0 IP Services
4.0 Troubleshooting
5.0 WAN Technologies

NEW 200-105 ICND2 v3.0:

1.0 LAN Switching Technologies
2.0 Routing Technologies
3.0 WAN Technologies
4.0 Infrastructure Services
5.0 Infrastructure Maintenance

Topics have been both moved and deleted.

Key Topics Removed from ICND2:

Frame-Relay and Serial WAN technologies are no longer covered.

VRRP and GLBP have been removed from First Hop Redundancy Protocols. Only HSRP remains, since it is most commonly deployed.

Key Topics Added to ICND2:
  • Knowledge of dual-homed vs single-homed Intelligent WAN topology options.
  • Basic knowledge of external BGP (eBGP) used to connect Enterprise branches.
  • Expanded VPN topics to include DMVPN, Site-to-Site VPN, and Client VPN technologies commonly used by Enterprises.
  • Understanding of how Cloud resources are being used in Enterprise network architectures, including:
    • How cloud services will affect traffic paths and flows
    • Common virtualized services and how these coexist with a legacy infrastructure
    • Basics of virtual network infrastructure (Network Function Virtualization)
  • Awareness of Programmable Network (SDN) architectures including:
    • Separation of the control plane and data plane
    • How a controller functions and communicates northbound to network applications and southbound to the R&S infrastructure using APIs.
  • How to use the Path Trace application for ACLs which is a key new network application enabled by the Application Policy Infrastructure Controller – Enterprise Module (APIC-EM). This tool automates the troubleshooting and resolution of complex ACL deployments.
  • Understanding of QoS concepts related to marking, shaping, and policing mechanisms used to manage congestion of various types of traffic. The need for QoS and how it is used for prioritizing voice, video and data traffic. Plus an understanding of the automation

How much change should I expect for the combined exam?

The 200-125 exam, like its predecessor the 200-120, covers all topics from the 100-105 and 200-105. The content is organized in the following domains:

1.0 Network Fundamentals
2.0 LAN Switching Technologies
3.0 Routing Technologies
4.0 WAN Technologies
5.0 Infrastructure Services
6.0 Infrastructure Security
7.0 Infrastructure Management

Everything that has been written about the prior two exams applies to the 200-120.

What if I passed some of the old exams, but need the new certification – or to recertify?

Cisco has developed a handy tool, called the Associate-Level Certifications Exam Logic Tool, that lets you plug in your exact combination of exams to predict which ones you’ll require:

CCNA Routing and Switching is a three-year certification. When three years have passed, you must recertify. This page has the information you need to help you plan your recertification path.

And, finally, here are the links to the CCENT and CCNA Transcender practice exams. Keep your eyes peeled for special holiday exam pricing, and be sure to sign up for our mailing list if you aren’t receiving deal notifications!

Transcender Practice Exam for 100-105 NetCert: Interconnecting Cisco Network Devices Part 1 (ICND1) v3.0

Transcender Practice Exam for 200-105NetCert: Interconnecting Cisco Networking Devices Part 2 (ICND2) v3.0

Transcender Practice Exam for 200-125 Composite Cisco Certified Network Associate Exam

Until next time,

–Troy McMillan

Cisco Live 2015: Meet the New Boss

August 18, 2015 at 8:29 am | Posted in Cisco | Comments Off on Cisco Live 2015: Meet the New Boss

The big news at Cisco Live 2015 this year in San Diego is the change in leadership at the company’s top level. After transforming Cisco from a company with revenue of US $70M to over $40B, John Chambers (at right, below) is turning over leadership to Chuck Robbins (speaking at left). It will be kind of strange to NOT hear a keynote from John next year after all these years.


One of the things I find interesting about this topic is some of the talk I heard over the week from attendees about John. I’m always fascinated by the metrics that people to use to judge leadership. One comment that really struck me was this one from one attendee: “I always love John’s keynote. Did you notice he walks the crowd when he speaks? That means he REALLY knows what he has to say.”

Regardless of what metrics you use, there’s no doubt that John has been a success. I think many are wondering what will change when he’s gone. From all indications, Chuck will do just fine; but there was a slight undercurrent of uncertainty until he spoke. After that,  everyone seemed to be more at ease.

The attendance of the event continues to grow while other tech conferences shrink. Take MS TechEd, which folded into MS Ignite–a sure sign of struggle with defining, or attracting, their audience. While the Cisco Live event had over 25,000 attendees (an increase of about 1,000 from last year), the exhibit hall looked much bigger than last year’s. I think one of the reasons it came back to San Diego after being in San Francisco last year is that there simply isn’t room there anymore.  I think this conference is destined for only the largest convention facilities in the future–maybe even Las Vegas next year.

Until next time,

Troy McMillan

Hurry, hurry — don’t miss the deadline to take your 642 series CCNP exams!

January 22, 2015 at 2:36 pm | Posted in Certification Paths, Cisco | Comments Off on Hurry, hurry — don’t miss the deadline to take your 642 series CCNP exams!
Tags: ,

If you’ve been working to earn your CCNP Routing and Switching certification and you began the process by taking a required exam that began with the prefix 642-, you are about to run out of time to take the old versions of the exams.

The last day to test via the first-generation CCNP exams ROUTE (642-902), SWITCH (642-813), and TSHOOT (642-832) will be January 29, 2015. After that date, you will have to face the new series of CCNP Routing and Switching exams (the v2.0 refresh): ROUTE (300-101), SWITCH (300-115), and TSHOOT (300-135).

According to this chart on the Cisco Certification website, you should be able to mix the 642- version exams with the 300- version exams and still earn the CCNP. In other words, if you started your exam series with 642-813, you should be able to take 300-101 and 300-135 and earn the same credential if you pass:

ccnp v2

However, you may want to rush to beat that January 29 deadline if you invested in study materials that are targeted to the old exams. Although there are no major changes, the subjects being tested are slightly different on the new exams.

If you still need study materials for the old exams, they will still be available on our site until the last day.

Good luck with your testing!

–Troy McMillan

Say goodbye to the OLD CCNA exams, and hello to the ICND series!

December 10, 2013 at 3:13 pm | Posted in Cisco | Leave a comment
Tags: , , , , ,

Say goodbye to the old CCNA exams and Version 1 of the Cisco Certified Network Associate (CCNA).

It’s official; the deadline for achieving your CCNA by taking the exams 640-816 and 640-822 (or alternately the 640-802) has come and gone, and these exams are retired.  The new path to achieving Cisco’s flagship certification is  to take both exams 100-101 (ICND 1) and 200-101 (ICND 2), or to pass the composite exam 200-120 (CCNAX). Passing the 100-101 ICND1 earns you the next-generation CCENT certification; passing both ICND1 and ICND2 (or the single CCNAX) earns the CCNA: Routing and Switching certification.

A further change worth noting: as of October 2013, the CCENT is a prerequisite for the Cisco Certified Design Associate (CCDA) certification.

How much change should I expect?

When Cisco changes the numbering on an exam (as from 640 to 100), it typically indicates a change in the exam’s topic coverage. In some cases the changes are significant, and in others they are minor. In the case of the CCNA exams, the changes are not major overall; this is largely the same set of exam topics. However, some topics have been dropped completely, while others have shifted from the 200-101 exam to the 100-101, and other topics have been shifted from the CCNP-level exams to the 200-101.

The end result is a small increase in the level of difficulty for all three new exams as compared to their older counterparts. People who had been studying with version 1 materials may want to review version 2 before committing to take the exam.

Changes to topic coverage in ICND1 v2

With respect to the 100-101 ICND1 (formerly 640-822), the following topics have been eliminated from the exam:

  • RIP
  • WLAN
  • SDM

The following topics are new to this certification exam:

  • IPv6
  • OSPF
  • Static routing

The following topics used to be covered in ICND2, but are now included in ICND1 (100-101), which changes these topics from the CCNA level to the CCENT level:

  • VLSM and summarization
  • Port security
  • NAT
Changes to topic coverage in ICND2 v2

The following topics used to be covered in ICND1 (640-822) but are now included in the new ICND2 exam, 200-101:

  • Router hardware
  • IOS loading
  • WAN configuration

The following topics have been moved from the higher-level CCNP exams, and are new to ICND2:

  • First Hop Redundancy protocols (VRRP, HSRP etc.)
  • Syslog
  • Netflow

Here is a complete list of the exam topics:

What if I passed some of the old exams, but need the new certification – or to recertify?

Cisco has developed a handy tool, called the Associate-Level Certifications Exam Logic Tool, that lets you plug in your exact combination of exams to predict which ones you’ll require:

CCNA Routing and Switching is a three-year certification. When three years have passed, you must recertify. This page has the information you need to help you plan your recertification path.

And, finally, here are the links to the CCENT and CCNA Transcender practice exams. Keep your eyes peeled for special holiday exam pricing, and be sure to sign up for our mailing list if you aren’t receiving deal notifications!

Transcender Practice Exam for 100-101 NetCert: Interconnecting Cisco Network Devices Part 1 (ICND1) v2.0

Transcender Practice Exam for 200-101 NetCert: Interconnecting Cisco Networking Devices Part 2 (ICND2) v2.0

Transcender Practice Exam for 200-120 Composite Cisco Certified Network Associate Exam

Transcender’s Cisco CCNA Simulator for 100-101 NetCert: Interconnecting Cisco Network Devices Part 1 (ICND1) v2.0

–Troy McMillan

Hey! Who moved my CCNA simulations?

February 24, 2012 at 1:34 pm | Posted in Cisco | Leave a comment
Tags: , ,


At Transcender, we sometimes get customer emails with a subject line that resembles the title of this blog post.  These emails come from longtime customers who want to know what happened to the simulation items that “used to be” in our CCNA practice tests. Those items haven’t appeared in our products for some time, and we’ve blogged about this topic before, but since we’ve just released updates to our CCNA products, I thought this was the perfect time to revisit the topic.

First, you need to know that there are simulation items in Cisco’s CCNA exam(s). Let me say that again a little louder:

There are simulation items in the Cisco CCNA exams!

You will definitely have to know how to use the command line to get configuration information from a device and configure devices.  But before I discuss the kinds of simulation items we include in our Transcender practice test, let’s define what is and is NOT a simulation item, and discuss how they show up on the live exam. Here’s a complete rundown of the item types you are told you may see in the CCNA exams (as per the CCNA web site): Continue Reading Hey! Who moved my CCNA simulations?…

Reminding all TechHeads to bring IT on and jam at the Tabernacle!

May 13, 2011 at 11:53 am | Posted in Microsoft, Vendor news | Leave a comment
Tags: ,

A number of years ago, I attended Microsoft TechEd in Boston and noticed something on the agenda called “Jam Sessions.” Now, being a former professional musician, this caught my eye, but I said to myself , “What would an actual jam session be doing on the agenda at Tech*Ed?”  I figured Nah, it must mean some sort of Rock Band game thing.

Nevertheless, Josh, George, and I set out that night to see what it was all about.  Boy, were we in for a surprise. Microsoft had rented out an entire nightclub in Boston, provided top-notch sound and light equipment, and set up instruments of all types on the stage. What followed was an entire night of techies climbing onstage in random pairings playing tunes.

As soon as we saw what was going on, my buddies started needling me to get up and play, but I was a bit apprehensive because I have too often been drawn into “jamming” with the guy who professed to play drums in high school and the singer who made William Hung sound good, and I tell you, it’s not fun to be trapped onstage with these guys.  But to my amazement, the people on stage could actually play! There was a few times when the guitar player zigged while the bass player zagged, but no more than I’ve seen with professionals jamming (which can also be pretty horrible, especially if adult beverages are involved). Anyway, I ended up playing and having a great time. So next time around when I saw Jam Sessions on the agenda at Tech*Ed in L.A., I immediately said, “I’m there!” Having an idea of how it worked, I had an even better time because I came prepared with a few songs everyone knows, so it went much better.  (Below is a horrible shot taken from a cell phone at L.A.)

So where I’m going with all of this? Consider this post a call to all Tech*Head musicians. The  Jam Session will be at The Tabernacle (which is an awesome venue if you’re not familiar) on Tuesday night from 9PM to 1AM. If you’re going to Tech*Ed, comment to this post or contact me through this blog and let’s arrange to play something together on Tuesday night! There’s also this musicians-seeking-musicians thread on the Tech*Ed Discussions page:

Oh, by the way, it would  help for you to know that I play bass. And no, I DON’T play bass like it’s a lead guitar, I play it like it’s meant to played.  (Ok, I’m off my soapbox, just wanted that off my chest.)

Let’s have some rock n’ roll at Tech*Ed!

Visit me at the Tech*Ed Hands-On Lab or Join me at MCT Day Zero

May 11, 2011 at 4:30 pm | Posted in Kaplan IT Training news, Microsoft | Leave a comment
Tags: ,

In 2009, during Tech*Ed in Los Angeles, I helped Microsoft out in the Hands-on Lab area. If you’re unfamiliar with the concept, HOL is an area set up with workstations using virtual machines, loaded with labs to let you try out all the new and upcoming technologies. There are also MCTs, like myself, present to help if you have any questions about the labs.

The Hands-on Labs have proven to be one of the more popular destinations at Tech*Ed. Most of the sessions are very good, but let’s face it, at some point you don’t want to see any more PowerPoint presentations — you’re ready to actually get your hands dirty.  Well, you can do that in the Hands-on Labs — there are over 250 scheduled for next week.

Apparently all is now forgiven between Microsoft and myself concerning that little incident in L.A. with the erased hard drives (I swear I didn’t know that magnet was in my pocket!), because this year I’ll be back in the Hands-on Lab. Come by and say hello! I will have on the same T-shirt as all the other MCTs in that area, but just look for the shortest guy there and it’s likely to be me. (I used to be the shortest guy with the longest ponytail, but that’s one of the problems with having cut my hair off – I lost my most recognizable feature.)

Me minus the hippie hair

I’ll be proctoring for the 200-level and 300-level labs in the Security, Identity & Management lab track (filter here to pull 41 of the sessions and times). Here’s my schedule (as always, check for last-minute changes):

Sunday  3:00 PM to 6:00 PM

Monday 2:45  PM to 6:00  PM

Tuesday 4:45 PM to 8:00 PM

Wednesday 7:00  AM to 10:00  AM

Thursday 12:15  PM to 2:30 PM

Before Tech*Ed even starts, I’ll be kicking off my weekend on Saturday, May 14th, at the MCT Day Zero meetup at the Mariott Marquis. It’s a free (donations are suggested) mini-conference that will cover topics of interest to certified trainers, including the Microsoft Learning Quality and Roadmap for 2011-2012. Pre-registration ends tonight at midnight (Wednesday, May 11) if you’re interested.

As a reminder, Transcender will be exhibiting at Booth #1904, and we’ll be giving away puzzles, games, and a chance to win a $250 Gift Card (no purchase necessary). Something else I did in L.A. was participate in the Jam Sessions. I plan to issue a call for all Tech*head musicians to come out on Tuesday night and play some music. Stay tuned for details on that later this week!

–Troy McMillan

Our newly expanded Test Pass Guarantee, in plain language

March 1, 2011 at 5:17 pm | Posted in Kaplan IT Training news | Leave a comment

Those of you on our mailing list already are aware of this, but it’s worth repeating here: the Transcender Practice Test Pass Guarantee has been improved, extended, and generally expanded. While it was already the best in the business with a three-month coverage period, it now reads:

If you buy a Transcender practice test and fail the corresponding exam within 6 months of activating the product, simply return the product to us for a full, no-hassle refund.

That’s it.  Clear.  Simple.  Easy to understand.

There is no reason to hurry and cram to take your exam before the window of opportunity passes. We invite you to take your time to really learn the concepts covered in the practice test and be armed with the knowledge you’ll need to pass your exam. You now have six months to use our product to help you prepare for the exam. If our product does NOT help you pass, then you contact us for a refund of your payment (everything except shipping costs for physical media is refundable).

So how does our competition stack up on their test pass guarantees? Well, here are a few examples (with the names removed to protect the guilty).

Competitor #1: The testing date for the failed exam may be no sooner than 30 days after and no later than 180 days after the original purchase date.

(No sooner than 30 days? I’m ready now.  Why should I have to wait for my pass guarantee?)

Competitor #2: The individual person licensed for the product must provide proof of failing the actual corresponding vendor’s exam TWICE and must notify us within 90 days of the software purchase.  Exam failures must be between 10 to 90 days after the license registration to qualify.

(Okay, you have to fail twice to cash in AND you have to take both of those tests in only 90 days, after waiting for 10 days to take your first attempt? That’s pretty labor-intensive.)

Yes, we’re confident that we have the best guarantee in the business – even though we hope you never have to use it!

Next Page »

Entries and comments feeds.

%d bloggers like this: