Why do I say that? It is simple, every server that moves from a corporate data center into a cloud provider is a switchport and fibre channel port (and now server) that is not purchased from Cisco. More so, each system that is moved into the cloud hurts secondary sales of security and content switching products.

The promise of enterprise cloud computing

The ability to dynamically scale enterprise compute workloads while only running a “right sized” private infrastructure is top of every CIO’s mind. This is the promise of cloud computing in the enterprise space. However, right now most cloud offerings are too new, and lack the critical integrations with VMware or XenSource (the two most common enterprise virtualization platforms) to make a serious dent in Cisco’s revenue stream. But fast forward 12 to 16 months and the kinks will be worked out. Projects that would previously have required new capital infrastructure will be restructured to use cloud providers as an operational expense. This will present a real threat to Cisco’s revenue moving forward.

John Chambers and his team of technologist are not new to this game, this is not the first threat to Cisco’s sales model. And I am sure that it won’t be the last. So if I was in their shoes, what would I do? (and more specifically, what do I think they are doing)

Create a compute platform that can power the cloud at a much lower cost that my competitors

Cisco publicly announced their computing offering, the Unified Computing System in March of this year. The promise of the UCS is to minimize power, cooling, capital costs and management overhead of data center compute. Looking at this new product line from an enterprise sales perspective it makes sence. For Cisco to continue with their growth plans they had to choose to enter the Compute or Storage markets, with the compute (server) market being the logical step.

While the Unified Computing System is well placed as an enterprise computing platform, I think there is a larger goal in mind. The large goal is to make a platform that can be shared by Cisco’s largest enterprise clients in their emerging private clouds, as well as by Cisco itself for it’s own cloud offering. By producing their own servers, with technology that Cisco alone has access too (memory expansion / hypervisor bypass) Cisco sets themselves up to have both lower hardware costs in their own cloud, as well as lower operational costs (power/cooling). This will provide Cisco with higher margin at the same price point as their competitors.

Distribute application aware network devices at customer locations

Cisco already has a significant edge over any competitive cloud offering. A vast majority of enterprise customers already run Cisco routers, switches and firewalls. If Cisco decided to say, port the TCP optimization code from their WAN acceleration platform into IOS, and configure it to work with their own cloud offerings this would give them an immediate leg up on the competition. Combine this with the existing WAAS auto discovery and Cisco could conceivably automatically integrate a cloud based caching offering with a customer’s onsite devices.

Create an application centric cloud security model that can be integrated with virtualization platforms

Last year Cisco announced a new approach to security called Cisco TrustSec. This technology includes a change from layer 4 based acl’s to an application focused role based implementation. This is applicable in the cloud environment because it provides a standard integration for controlling the access to and mobility of applications as they travel between public and private clouds.

An interesting side bar, is the fact that when integrating public and private clouds, there will always be applications that you want to keep on your internal cloud. The easiest way to do this is to put some sort of meta information on the virtual server containing a flag that this server should only run on the private cloud. With VMware there are fields that are used for DRS that can house just such data. I would not be surprised that with all the work that Cisco and VMware have been doing together if this was not implemented with vSphere (Virtual Infrastructure 4).

Learn as an organization how to profit from a SaaS model

I think this last piece of the puzzle has been overlooked by many people. Cisco already has in house experience dealing with a massive Software as a Service (SaaS) offering – Cisco WebEx. In acquiring WebEx Cisco also acquired the talent and technology behind the worlds largest collaboration platform. Cisco should be able to take the lessons learned from running and improving this platform, and apply them to their upcoming cloud offering.

Summary

Cisco has to go to market with a Cloud offering to maintain long term viability as a company. When they do they will have the benefit of lower cost of building and operating the grids that their cloud offering will run on. They will be able to leverage millions of Cisco network devices in their current install base as well as provide application centric security integrated with these same devices. And most importantly they will be able to use the lessons learned from running WebEx to ensure flawless delivery of an upcoming cloud computing offering.Similar Posts:

• Cisco EMC and VMware partneship VCE VBlocks Acadia and the Partner Ecosystem
• VMworld 2009 Schedule
• Is your network ready for Cloud Computing with Virtual Infrastructure 4?
• Where is Colin ? Passing the VCP exam (VMware Certified Professional)
• Unified Computing Podcast with Cisco Interactive Network
• Cisco releases Nexus 1000V virtual switch for VMware

--Colin McNamara

Cisco’s Cloud Computing Offering

If you are from the San Francisco bay area you will recognize the towns of Los Altos and Los Gatos. In  this diagram, the chipsets are Altos and Gatos. But where is the Los ? Missing of course, because it it a Lossless fabric.

Yes, I LOL’ed

Want to learn more?

Nexus 5000 architecture – Building blocks of the unified fabric Similar Posts:

• Cisco Nexus 7000 DataCenter switch released – Welcome to DataCenter 3.0
• Nexus 5020 – Consolidated 10 Gig Ethernet and 4 Gig Fibre Channel
• Cisco Nexus 5010 released
• Cisco Nexus 4000 Blade Switch
• Simplifying your Data Center with Cisco’s Nexus 2000 Fabric Extender (FEX)
• Is your network ready for Cloud Computing with Virtual Infrastructure 4?

--Colin McNamara

Humor inside the Nexus 5000 switch fabric architecture

This is the first step towards sitting for a practical examination that will hopefully be released this October. And, in response to Micheal Morris’s blog post – Yes Mike, I can pass the CCDE written.

The second big item on my todo list was to recertify my CCIE. Thankfully, Cisco counts the CCDE written towards my recertification requirements. I am waiting for the system to update, but I think this will set me up to be certified till June of 2011.

There is one interesting side effect of passing my CCDE written the week before networkers. I had originally planned on using the free exam at networkers as a “safety” exam in case I struck out on this attempt. Now of course, that is not necessary. Since I am already a CCIE, there isn’t much incentive to take a professional level exam.

So, after weighing my options, I have decided to take the CCIE Service Provider written. It covers much of the MPLS / IP Next Generation Networks material that I have been studying. I only have 7 days to prepare, so the odds are against me. However, with the heavy service provider focus in the CCDE blueprint, I have a feeling after I battle the CCDE practical I will be set to roll right into the CCIE Service Provider lab.Similar Posts:

• It’s on like Donkey Kong – CCDE practical registration is open
• CCDE Practical – Beta candidate deadline August 1 2008
• Cisco Certified Architect – Board examination above the CCIE and CCDE
• My experience taking the CCDE Practical Beta
• Cisco Certified Design Expert – CCDE – officially released by Cisco
• What does it take to pass the CCIE exam?

--Colin McNamara

Passed CCDE written and Recertified my CCIE – Killed two birds with one stone

Please join me in thanking Jayshree for all the positive contributions she has given to Cisco and the industry, and wishing her the best in her future endeavors.

Similar Posts:

• John McCool chosen as Jayshree Ullal’s replacement to lead Cisco’s Data Center Switching and Services Group (DSSG)
• Jayshree Ullal takes the helm of Arista Networks
• CCIE Party 2008 Recap – Cisco Live Networkers 2008
• Cisco Nexus 4000 Blade Switch
• Cisco releases Nexus 1000V virtual switch for VMware
• BIG Cisco – VMware announcement – 1:30 Pacific time

--Colin McNamara

Thanks and farewell to Jayshree Ullal

Cisco TrustSec starts at the edge by negotiating a secure link if both hosts support it (802.1ae). This is similar to wireless encryption schemes, where a secure handshake is established and the L2 path become impervious to sniffing. This is user configurable, and to my knowledge the asics available to support line rate encryption are currently only on the Nexus 7000 blades.

The next step is to start 802.1x negotiations. For the people not familiar with 802.1x, it is a way of passing username / password information from your computer up into the network infrastructure. Once this is completed, the switch can not only utilise tools like NAC to place you into the appropriate quarantine, or access vlans, but it also know knows your identity.

Now the “network” is aware of your identity, a new level of granular security control can be deployed across your infrastructure. These security policies can map into “user x can connect to webserver y” instead of being restricted by ip and port. This allows you to utilize true roles based administration similar to what you use in your Windows and Unix file systems, but now you can do this across the network.

How is this done ? I like to think of this as a mix between dscp and mpls tags. Which in a nutshell means that when traffic enters the network it is tagged with a small amount of additional “identity: information which is retained as it traverses the network. This information can be used to augment or completely replace your current ACL based security controls in a way that enables you to more effectively comply with complex regulatory environments such as PCI, SOX, GLBA and HPPA.

Over the past few years we have learned how to leverage intelligence in the the network by utilizing tools like QOS, MPLS VPN’s, and many others. Expect to add Cisco TrustSec to your quiver of tricks to address the ever growing compliance needs faced by today’s network designers.

Learn more about Cisco TrustSecSimilar Posts:

• Encrypting your backup tapes with Cisco Storage Media Encryption (SME)
• Cisco Nexus 7000 DataCenter switch released – Welcome to DataCenter 3.0
• Altor Virtual Network Security Analyzer (VNSA) integrated with Cisco’s Nexus 1000v for VMware
• Cisco releases Nexus 1000V virtual switch for VMware
• Zone based IOS firewalls
• Cisco Nexus 4000 Blade Switch

--Colin McNamara

Identity aware networking using Cisco TrustSec

What useability enhancements do you feel are the most beneficial?

1. A separate, IP enabled, Management Interface. This has been a long time coming. The out of band management interface is very similar to a Ilo card in the HP world. it is effectively a supercharged console server that happens to site on the backplane of the sup engine. I am sure whoever pushed this feature through is going to get flowers one day from a Tech who DIDN’T lock himself out because the management interface was effectively a separate system.
2. Finally, a functionally USB Interface that I can transfer IOS (well, now NX-OS) images through. Everyone has a USB key nowadays, even my Grandmother has one, it will make life so much easier when I can have a 4 gig key with me that has most IOS / NX-OS  versions and my common configs and just pop them right in.
3. The integrated Cabling system is CLEAN. I love that it forces you to reserve the appropriate space for cabling, and that there finally is the possibility to avoid the flying spaghetti train wreck we see so often in Data Centers.
4. Front to back Cooling. The cooling design is well thought out. I liked the fact that it draws from directly above the front floor and exits rear top.. This should help out in raised floor data centers that have a large temperature gradient as you move to the top of the rack. It also negates problem of having multiple 6500 chassis side to side and having warm air blowing from the exhaust of one 6500 to the intake of another 6500.
5. Fan Slots are now placed where it is IMPOSSIBLE to cover with cables. I would say 7 out of 10 times when I walk into a new customers Data Center I find that there are cables run directly over the fan tray with no slack. That is not a failure in design per say, but it could have been avoided. With the Nexus 7000 fan trays in the back the problem is solved before it is created.
6. Power supplies are in the back . FAR away from the data cabling. It never fails that 20 amp circuits get uncomfortably close to copper cabling. By moving the power supplies to the back side of the chassis, this becomes a mute point and we remove any shadow of a doubt about EM interference causing craziness in our cabling.
7. This one sounds really mundane, but a quick heads up grouping of status lights. In the past these were normally in a position where you had to squat down to see them, or they are obscured by cables. Buy putting them on the front of the cable tray assembly it ensures these will always be visible.

What can we focus on now to make it a better platform?

1. One thing that worried me a little was the placement of the compact flash cards in the supervisory module. For those how haven’t it up close look at this picture of the chassis  and look for the Grey cover midway up the sup modules in the center slots. Behind them are two flash cards, one for system partition extension, and one to dump log files into. Having these cards available are great features however I could see an operational process of security rotating out the log partitions, or more likely and engineer pulling the flash card after dumping some data for analysis to it, and then pulling the wrong card by accident. Having a simple strap (like the screw downs for power supply plugs) or something similar would go along way towards mitigating that risk.
2. Continue with the spirit of innovation that has defined Cisco over the years. Cisco has consistently came out with or acquired and integrated many great products that directly address the needs of the market place into the product line (MARS, ASA, AireSpace, TelePresence, MDS, ACE, Etc) but frankly the last GAME CHANGING product that set the industry on its heals and forced everyone to rethink how we utilize technology to accelerate business as a whole was the acquisition of Selsius and the introduction of VOIP as an enterprise class product to the world. I remember having the hair stand up on my arms from the excitement of going up against Avaya and Nortel back then and fighting that uphill battle, educating customers and peers about this “new thing called VOIP and how CallManager (now Unified Communications Manager) is your ticket towards productivity.

   When we talk about the Virtual DataCenter, I/O Virtualization (FCOE) and VFrame Automation it is not just another incremental improvement of existing technology. It is a paradigm shift, a leap ahead, a GAME CHANGER. I get the same chills that I did when VOIP was new because I know that those are technologies that will force us to rethink how we approach computing and data systems. These technologies are to the Data Center what IP telephony was to the PBX, and Cisco is the only company with technologies and engineering know how in all the verticals necessary to pull this off.

Similar Posts:

• Simplifying your Data Center with Cisco’s Nexus 2000 Fabric Extender (FEX)
• Cisco Nexus 7000 DataCenter switch released – Welcome to DataCenter 3.0
• Nexus 5020 – Consolidated 10 Gig Ethernet and 4 Gig Fibre Channel
• Simplifying remote site security with Cisco’s new video surveillance modules on the ISR
• Moving towards a Green Data Center – Truth behind the hype
• New features in VMware 3.1

--Colin McNamara

Usability features in Cisco’s Nexus 7000

As with any vendor specific event, there is a mix of for public knowledge and for private consumption content, so I generally choose not to talk or write about subjects that may have been covered in the VT unless I can find some public documentation on that subject. So don’t expect to find any juicy pre-release information or gossip here. I don’t want to have the NDA police knocking at my door, and its just not cool to let stuff slip. So, I will generally avoid the subject.

What I can tell you is this – There is a lot of buzz about the Nexus 7000. It is a rocking platform, and we spent the majority of a day going over it. I can’t share much more then I did the night before the VT just yet (will wait till I get lab access to one) but I can share this.

Yes, most people are proud of their shots with Tom Cruise, or Oprah, Richard Stephens or BSD Girl. But I can Top that.. I have a picture of me and the Nexus 7000.

The DC Channels team was nice enough to take us down to the DataCenter and Network Applications (DNA) lab. Where the Nexus 7000 has taken its new throne. They allowed to ooh and ahh and poke and prod it. Weirdly enough, the one thing that struck most was the attention to detail that went into the physical design of this chassis. It is not only good looking, but has some super usability enhancements that really impressed me.Similar Posts:

• Darrel Hinshaw – New Triple CCIE [Storage]!!!!!!!
• Quoted on ZDnet – Shameless self promition
• Humor inside the Nexus 5000 switch fabric architecture
• Cisco releases Nexus 1000V virtual switch for VMware
• Measuring and mitigating risk involved with sharing virtual infrastructure between DMZ and Internal environments
• BIG Cisco – VMware announcement – 1:30 Pacific time

--Colin McNamara

Me and the Nexus 7000 last week at the Data Center VT

• Cisco Nexus 7000 DataCenter switch released – Welcome to DataCenter 3.0
• Thanks and farewell to Jayshree Ullal
• Jayshree Ullal takes the helm of Arista Networks
• The emergence of MDS features in Cisco’s datacenter networking equipment
• Me and the Nexus 7000 last week at the Data Center VT
• John McCool chosen as Jayshree Ullal’s replacement to lead Cisco’s Data Center Switching and Services Group (DSSG)

--Colin McNamara

DataCenter SVP Jayshree Ullal interviewed about the Nexus 7000

One feature that is new, and frankly extremely exciting is Virtual Device Contexts. Each virtual device runs with its own process, vs the use of tagged differentiators in technologies such as VRF-Lite. This provides for paravirtualized management instances, and clear lines of delineation for both software and hardware for a resource that can be shared between different groups within an enterprise.

Chassis that run NX-OS will support In Service Software Upgrades (NSSU) to allow operations groups to upgrade operating systems with zero downtime. This is accomplished through a combination of modular software architecture, and the decoupling for the control and forwarding planes.

One of my favorite features in SAN-OS is the embedded is fabric analyser. This is a tool that can sniff management traffic without having to plug in a sniffer, or provision a span port. You can dump in real time to a tcpdump like interface in the command line, output to a local file, or map to the ip of a wireshark instance that layer 3 access to the management port. Cisco again has taken the best of SAN-OS and bundled it with NX-OS. You will be able to remotely span management traffic without having to set up rspan, or trudge down to the datacenter to set up a sniffer.

Now, your router can call home right now so that is not a totally new feature. Smart Call Home was released recently into IOS. But that still doesn’t stop it from being a great feature. This allows you to configure NX-OS powered devices to mail an xml formatted troubleshooting email to TAC, and / or your support staff. This has been proven to drop the average time to resolution from 16-30 hours to 6 hours.

Now the drum roll…… All IP routing features are VRF aware. This has been a point of contention with me for a while. As Cisco and the market in general has embraced virtualization as an answer to pressing business concerns of leveraging shared infrastructure, while retaining security controls segregating disparate environments technologies such as MPLS and VRF within the datacenter have become more and more prevalent. That is great, however it never fails that the feature you need at that moment always seems to be coming out in the NEXT IOS release. With Cisco NX-OS 4.0 this is no longer a question.

Now, if I was a CIO and I was reading about all these new technologies that Cisco was pushing with NX-OS, I would frankly be cautious, and rightfully so. The thing is, most of these features are not new, they have been in use, and in production under the most stringent uptime conditions in the world – storage networking. They have been tried and tested on Cisco’s MDS line of storage networking switches. So get comfortable, get educated, but most importantly get on board for DataCenter 3.0.Similar Posts:

• Cisco is using Linux virtualization and 40 core CPU’s for its next generation routers
• The emergence of MDS features in Cisco’s datacenter networking equipment
• New features in VMware 3.1
• Link Round Up – L2TPv3 FCOE Trill Wounded Warriors
• About Colin McNamara
• Arista Networks – Their approach to cloud networking

--Colin McNamara

Cisco NX-OS 4.0 | Next Generation Internet Operating System

Highlights of the the Nexus 7000’s features are -

• 15 Terrabit per second backplane
• Support for 40 and 100 gig ports in the future
• Seperate control and data planes
• link layer encryption
• front to back airflow (FINALLY available in a non NEBS chassis)
• Lossless non blocking fabric (VOQ enabled)
• Fibre Channel, Infinaband, and Ethernet blades in one unified platform
• Cisco Data Center Network Manager (MDS Fabric Manager on steroids)
• Virtual Device Contexts (Network Systems virtualization, the next level past VRF route tags)

You can learn more about this switch in upcoming articles, and at http://www.cisco.com/en/US/products/ps9402/index.htmlSimilar Posts:

• Nexus 5020 – Consolidated 10 Gig Ethernet and 4 Gig Fibre Channel
• Cisco Nexus 4000 Blade Switch
• Simplifying your Data Center with Cisco’s Nexus 2000 Fabric Extender (FEX)
• Cisco’s Unified Computing System – It’s not just a blade center
• Humor inside the Nexus 5000 switch fabric architecture
• Interesting TechWise TV episode on virtualization

--Colin McNamara

Cisco Nexus 7000 DataCenter switch released – Welcome to DataCenter 3.0

CERTIFICATIONS / ACCREDITATIONS HELD

CCIE – Cisco Systems Internetwork Expert #18233

VCP – VMware Certified Professional

CDCUCSS – Cisco Data Center Unified Computing Support Specialist

VSP – VMware Sales Professional

VTSP – VMware Technical Sales Professional

TSS – Cisco Technical Solutions Specialist, Data Center

GCIH – GIAC Certified Incident Handler

CCVP – Cisco Certified Voice Professional

CSNSSS – Cisco Storage Networking Solutions Support Specialist

CSNSDS – Cisco Storage Network Solutions Design Specialist

CADCNSS – Cisco Advanced Data Center Networking Infrastructure Support Specialist

CCIE Storage Networking

RHCE – Redhat Certified Engineer #804006368822511

RHCT – Redhat Certified Technician #804006368822511

EMCPA – EMC Proven Professional Associate – Information Storage and Management

NSCA – Netscaler Certified Administrator #2005072

NACE – Network Appliance Certified Expert #12912

NACP – Network Appliance Certified Professional #12017 – Data Protection

NACP – Network Appliance Certified Professional #11985 – Storage Area Network

NACP – Network Appliance Certified Professional #12911 – High Availability

Retired Certifications -

Cisco Qualified Specialist – IP Telephony Support

Cisco Qualified Specialist – IP Telephony Design

Cisco Qualified Specialist – IP Telephony Operations

Cisco Wireless LAN Design Specialist

Cisco Wireless LAN Support Specialist

TECHNICAL PROFICIENCY

PROTOCOL PROFICIENCY

EIGRP, OSPF, RIP, BGP, MPLS,  Spanning Tree, Rapid Spanning Tree, ATM, RTP, SIP, H.323, LWAPP, RADIUS, TACACS+, Ethernet, Fibre Channel, ISCSI, FCIP, FCP, FSPF, NDMP 802.11a, 802.11b, 802.11g, RBE, ISDN, SNMP

Virtualization Platforms

VMware ESX, Kernel Virtual Machine, Xen

VOICE and VOICE OVER IP

CallManager, Unity, ICS7750, PBX Trunking, SRST, Active Directory Integration, Extended Services, Call Detail Recording, Automated Attendant, Extension, Mobility, Asterisk, Callware and VSR VM.

HARDWARE

Cisco Unified Computing System (UCS) 6100, 2100, 5100, Nexus 7000, Nexus 5000, Nexus 2000 and Nexus 1000v switches, Catalyst 1900-6509 switches, 1600-7500 series routers, Cisco PIX firewalls, Cisco Load Balancers, Cisco MDS , F5 Load Balancers, Netscreen / Juniper Firewalls, Cisco VPN3000 VPN concentrators, Cisco ASA Adaptive Security Appliances, Nortel Contivity VPN Concentrators, Aironet Access Points and Bridges, Airespace LWAPP concentrators. 3com TotalConnect racks, Ascend dial concentrators, Netscaler Load balancers, SSL accelerators, SSL VPN concentrators. Brocade Silkworm, HP Eva Storage

NETWORK MANAGEMENT

Nagios, Cacti, NTOP, IPswitch What’s Up Gold, BIG Brother, Spectrum Network Management, Kiwi Syslog,, MRTG , HP OpenView, Cisco Secure Intrusion Detection system, Cisco Network Based Application Recognition, Snort IDS, Netscreen Firewall Manager, Unified Compute System Manager

OPERATING SYSTEMS

Redhat, Suse and Ubuntu Linux, Windows 2000, Windows 2003, Windows 2008, Windows XP, NT4.0, BSD, Solaris, OSX

BUSINESS ENVIRONMENTS

Consulting, Valued Added Reseller, Large Enterprise, Startup, Banking, Service Provider, Software Development, Manufacturing, Military

EMPLOYMENT

1/07 – Present, ePlus Technology

Consulting Systems Engineer – Data Center

Accelerate Data Center sales, design and implement network, storage, and systems solutions for ePlus west coast customers.

Accomplishments

• Developed and deployed go to market strategy for Cisco’s Unified Computing System resulting in significant competitive advantage in the western united states.

• Increased Data Center revenues year over year in a the worst economy in a century.

• Changed regional sales focus from technology silo’s to solutions based selling covering network, systems, storage and applications under one umbrella.

• Established a trend of Advanced Technology account wins.

• Accelerated ePlus’s southern California sales by providing high end engineering support.

• Increased sales for ePlus’s northern California office by overlaying and training field sales.

• Integrated MPLS service provider designs into cutting edge Enterprise Solutions.

• Filled PM and lead network engineer roles for large publicly traded company data center migrations.

• Created modular Cisco design / quote format and menu based hardware and services options to address rapidly changing customer needs.

9/05 – 1/07 ID Analytics

Lead Network Engineer

Lead team of four engineers, Define network and application integration architecture for large SaaS analytics deployment, Leverage networking technology to increase security and availability, and decrease development and product deployment timelines

Accomplishments

• Led team of engineers responsible for all Production and Back Office systems in 2 offices and 3 datacenters

• Designed and Implemented ID Analytics Phase2 datacenter, processing 1.2-1.8 million financial transactions daily.

• Designed and Implemented Contents Switching and SSL offloading solution, enabled non-disruptive scaling of core products

• Integrated ID Analytics product with the largest card processors in the world – Equifax, Visa, TransUnion, etc.

• Designed and integrated centralized Fiber Channel and ISCSI SAN solution, increasing application speed and decreasing production database refresh times from 4 weeks to 1 week.

• Managed and maintained over 130 terabytes of storage

• Created lights out server imaging and deployment solution for remote datacenters

• Deployed and integrated monitoring solutions utilizing open source technology

• Created user emulation probes for real time application monitoring and trending of production systems

• Worked with development and Analytics to create structured Development and QA environments

• Spearheaded project to change Analytics / Informatics environment from “unix for workgroups” to high performance computing environment (HPC)

• Provide structured documentation to US Government and Corporate auditors

• Utilized project management skills for international rollouts

2/04 – 8/2005 Openwave Systems
Senior Network Engineer, Strategic Design and Integration Group
Provide technical leadership, Define network architecture, Establish standards and technical vision. Responsible for researching, developing, and architecting technical solutions to business needs.

Accomplishments

• Designed Openwave’s new Pacific Datacenter Networks, with 900 production, and 2000 development servers.

• Designed Openwave’s Pacific Shores Campus Networks, and Showcase Datacenter.

• Responsible for hardware acquisition budget of 1.7 million dollars

• Established ISCSI IP based SAN infrastructure with DR components in 4 major datacenters worldwide

• Promoted from the ranks, moving from running our VOIP phone systems, to Network team lead, to Senior Network Engineer in the Strategic Design and Integration team.

• Active and engaged member of multiple boards covering design review, change control, and security

• Negotiated with Cisco and SBC regarding datacenter purchases saving $906,000 off list price.

• Renegotiated Cisco support saving Openwave nearly $600,000 over our three year term

• Established improved data center controls, allowing Openwave to pass Sarbanes Oxley (SOX) audits

• Wrote and ran multiple RFP, RFQ, and RFI’s

• Utilized project management skills for international rollouts

• Managed, Piloted, and Installed new wireless systems for our Customer Briefing Center

• Responsible for 6 VOIP clusters around the world

• Recipient of multiple awards recognizing dedication and quality work.

• Attended continuing training for security management (CISSP)

2/03 – 1/04 USMC Reservist activated in support of Operation Enduring Freedom
Information Services Coordinator
Implement and maintain Tactical Data Networks, Provide consulting services to hosting units. Maintain Microsoft Exchange servers in both tactical and garrison environments. Perform security audits and remediation. Train support personnel.

Accomplishments

• Performed Disaster recovery of routed ATM LANE environment for Marine Corps Air Station Yuma enabling over 3000 users to resume work (awarded the Navy and Marine Corps Achievement Medal for that event)

• Performed security audit and created a security and performance remediation plan for MCAS Yuma

• Provided project management and security audit skills to 3^rd Marine Air Wing Yuma server support teams, managed server security audit, security remediation, and SMS rollout.

• Designed and implemented Nagios network monitoring system at Marine Corps Air Station Yuma.

• Implemented Norton Antivirus server for MWSS 473

• Provided training on to data teams from MWSS 473, MCAS Yuma Station IT, and 3^rd Marine Air Wing Yuma server teams.

12/02 – 2/04 2 Cups Solutions, Pleasanton , Ca
Principal Consultant
Founded 2 Cups Solutions to provide cutting edge Voice, Data, Wireless and Security services to clients in the San Francisco bay and Fresno areas.

Accomplishments

• Implemented WAN failover solution at two City of Hayward fire stations.

• Implemented email and web solution for Express Mobile Notary.

• Developed and implemented business plan focusing on State and Local Government contracts.

2/02 – 12/02 ExtraTeam, Pleasanton , Ca
Senior Systems Engineer
Design, Installation, Configuration and Maintenance of network systems consisting of Cisco CallManager, Unity, Cisco Secure ACS, LEAP secured wireless, Aironet, Cisco routers and switches, PIX firewalls, and VPN3000 concentrators. Integrating all systems with Active Directory. Performed VOIP feasibility studies. Managed the entire business cycle including sales, design, installation, training and maintenance.

Accomplishments

• Integrated CallManager voice system with Active Directory

• Recovered a failed CallManager implementation at Phase 2 Strategies (PR firm for Logitech). Implemented CallManager with up to date hardware and software, upgraded Unity up to reasonably current levels. Brought up remote office in Phoenix utilizing SRST.

• Implemented City wide wireless network integrated with active directory for the City of Hayward

• Implemented VPN Concentrators in conjunction with multiple levels of firewalls for City of Hayward and Hayward PD to meet CLETS requirements.

• Implemented network configuration management system responsible for the city of Hayward.

• Implemented new wan for Livermore Pleasanton Fire department moving fire stations from isdn to T1 and Gigabit fiber lines in conjunction with moving the location for the network core.

• Designed and implemented IPSEC based wan for Universal life resources, allowing nationwide secure remote office connectivity while minimizing wan connection costs.

• Designed CallManager based VOIP system for a 27 site school district

• Provided emergency support to Fire and Police agencies across the bay area

• Performed security remediation for a large bay area company

• Participated in large switched network cutover from 7500 to a 6509 with flex-wan modules for Stanislaus County.

• Achieved technical certifications for ExtraTeam to become certified under both the Wireless and IP Telephony revised specifications.

7/01 – 2/02 Infobond Inc. Burlingame , Ca
Network Engineer

Responsible for engineering duties in a leadership role. Integrated legacy PBX’s using VOIP technology. Used Quality of service to ensure VOIP service levels. Support legacy voice over IP and voice over Frame Relay technologies. Upgrade from legacy voice integrations to state of the art VOIP integrations. Create project plans and act on them.

Accomplishments

• Cut over evergreen lines shipping terminal from legacy 3com equipment to VOIP enabled Cisco routers and switches. Accomplished all work during Union stand downs.

• Contracted to Openwave, Inc. to run Remote Access while the engineer was on leave. Ran Remote Access for 5 weeks, resolving DSL RLAN issues and IPSec issues, while reducing trouble ticket backload to manageable levels. Assisted other engineers when needed.

• Implemented Cisco 6509’s to replace aging core network of a Benchmark Capital (bay area investment firm).

• Diagnosed and resolved VOIP issues that were stopping call center rollouts for Embarcadero Systems (a large bay area shipping company).

03/00 – 7/01 Knapp Publishing Corporation, San Ramon, Ca
Network Systems Administrator

Responsible for day-to-day operations of e-commerce data center, and wide area networks Performed DNS changes for both internal and external networks. Designed, piloted, and implemented network changes. Installation configuration and maintenance of NT, and Windows 2k file, print, and web servers

Accomplishments

• Improved service levels from 90% to 99.99%, enhanced security and increased bandwidth were benefits derived from implementing a state-of-the-art web hosting data center

• Implemented a network monitoring system to document, report, and notify of network status.

• Designed and implemented ISDN failover of Frame-Relay Network.

• Designed, piloted, and implemented network changes.

• Replaced NT servers with Linux based servers, integrated with the Windows network

01/98 – 03/00 DKA Computers Inc. Clovis, Ca
Manager Information Services (01/99 – 03/00 )

Ran day to day operations of a central valley ISP. Worked with systems manufacturing to bundle client software with all new PC’s. Partnered with local ISP’s to provide access numbers across the valley.

Accomplishments

• Managed web development, and professional services

• Moved web hosting from IIS to APACHE based servers, drastically increasing site availability

• Produced a forms based web application to configure custom systems online.

• Designed and implemented an IPSec based WAN connecting 3 stores point of sales systems.

• Managed corporate office and data center relocation project.

Senior PC Service Technician (01/98 – 01/99)

Provide on call service. Staff PC help desk. Provide direct customer systems support while maximizing company revenues. Configured all servers ordered from manufacturing.

Accomplishments

• Responsible for all day to day service activities for a 13 million dollar company. Management of 4 team members. Directly responsible for customer satisfaction

• Implemented hard drive imaging system, decreasing both warranty costs and turnaround time

• Installed and configured SCO Unix reservation system for National Park service, Kings Canyon

• Designed, implemented inventory tracking database, reducing required stock on hand by $40,000

MILITARY

1996 – 2004 UNITED STATES MARINE CORPS RESERVE
Have held U.S. Government security clearance – Secret

EDUCATION

Ongoing professional education

Sans CISSP + Track

University of Oklahoma extension – Fire Science

Cisco Networking Academy

Similar Posts:

• What does it take to pass the CCIE exam?
• Cisco Certified Design Expert – CCDE – officially released by Cisco
• About Colin McNamara
• I’ll be at Cisco Live 2008 (networkers) in Orlando all week
• Where is Colin ? Passing the VCP exam (VMware Certified Professional)
• Challenges integrating VMware into Cisco networks

--Colin McNamara

Resume – Colin McNamara, CCIE #18233