VBlock Infrastructure Packages

VBlock infrastructure packages are pre-configured bundles that are sized to support specific workloads. These packages are available to run both on the customer site, as well as in a hosted (cloud) facility. If you have been listening to anything that has come out of VMware in the past couple years, it has been centered around the unification of private and public clouds. VBlock is a building block of this integrated cloud.

The VBlock infrastructure packages are offered in “bundles”. These bundles are numbered 0-2 at the time of writing.

VBlock 0 is an entry level package supporting 300-800 virtual machines. This is built on Cisco UCS, EMC Celerra Unified Storage, VMware vSphere and the Nexus 1000v.

VBlock 1 is a mid level package supporting 800 – 3000 virtual machines. This is built on Cisco UCS, Cisco MDS, EMC Clarion, VMware vSphere and the Nexus 1000V

Vblock 2 is a high end package supporting 3000 – 6000 virtual machines. This is buit on Cisco UCS, Cisco MDS, EMC Symmetrix V-Max, VMware vSphere and the Nexus 1000V

Integrated Pre-Sales, Service and Support – Fighting the skill silo

The defining factor in the successfully sales and deployment of virtualization infrastructure has been cross platform knowledge and experience. Storage, Network, and Virtualization vendors, as well as partners have struggled to attract and train engineering and sales forces with this cross functional skillset. Partners who have engineering teams with skills that cross these functional areas have seen success even in this down economy. Cisco EMC and VMware are smart enough to recognize this trend and have linked sales teams at the hips in engagements. Nothing makes this more apparent than John Chambers himself addressing Field Sales in the VCE webcast and requiring that these teams coordinate and act as one cohesive unit.

Acadia

Cisco, EMC and VMware have jointly funded a venture called Acadia. This venture, initially staffed at 120 employees is charted with the development and validation of cross platform solutions. They are focused on a “build operate transfer” model for service providers and large enterprise customers. The target date for Acadia’s launch is Q1 2010.

Partner Ecosystem

This was my biggest worry about this release. Does Cisco, VMware and EMC funding Acadia mean that they are going to go direct and bypass their channel? The party line is no, that all three partners will still utilize the channel to sell and distribute the VBlocks. An interesting new twist however is that there is not one master partner certification to sell “validated” VBlock solutions. To participate a partner has to be certified at reasonably high levels with all three partners to have the ability to register and sell deals under the VBlock mantra.

What hasn’t been clearly answered is what happens when a workload is moved to the “cloud”. Does that go through the channel? What if that cloud infrastructure is built onsite but maintained by Acadia? It sounds like we have to wait till January 2010 to get that answer. In the end time will tell whether Cisco will hold true to the success they have found in the channel, or whether Cisco will end up in an MBA case study of what not to do.

Want to learn more ?

Enterprise Strategy Groups write up

Scott Lowe – VCE quick thoughts

Joint Offering Portal – Privatecloud.com

Chad Sakac – an insiders view of VCE

Cisco Press Release on VCESimilar Posts:

• Nexus 5020 – Consolidated 10 Gig Ethernet and 4 Gig Fibre Channel
• VMworld 2009 Schedule
• Cisco’s Cloud Computing Offering
• Where is Colin ? Passing the VCP exam (VMware Certified Professional)
• Cisco Nexus 5020 and 5010 FCOE video ordering guide
• New features in VMware 3.1

--Colin McNamara

Cisco EMC and VMware partneship VCE VBlocks Acadia and the Partner Ecosystem

Intellectual capital driving the cloud

It is wise to follow the movements of thought leaders in Silicon Valley. Why is that? Because when enough smart people land at the same company, it is only a matter of time something great happens. This “human network” of intellectual capital has been the seed of many successful tech companies, and will continue to be true in the future.

One of these tech companies with a wealth of intellectual capital is Arista Networks. There are A LOT of ex Cisco folks walking the halls of Arista. Many of them come from the Granite Systems acquisition (Cisco’s 4500 platform). This platform, while designed with line card oversubscription to keep it between the 3560 and 6500 platforms in price and performance has an extremely elegant internal architecture. Case in point, the 4500 platform has had in service software upgrade (ISSU) for over two years, something that the 6500 still struggles with.

Now that this team, and key leaders from Cisco and other tech companies are putting together a network platform, what can they do? And more importantly, what will they do?

Before I dive into that answer, I think it is important to take a quick overview of the two major camps of network platform development, and what the advantages and drawbacks of each method is.

Creating your own ASICS in house

The first way is to create your own ASICS that handle switching and security functions. In this case, you are effectively a chipset manufacturer, who then bundles your own chipsets into routing, switching and security platforms. On one hand, developing your own ASICS can give you a competitive advantage by rolling in features that are not available to your competitors.

On the downside however because of the high cost of developing these chipsets you are forced to design for a very long lifecycle (7+ years). Another downside is that if you have any problems with manufacturing, you cannot just call up another supplier and change your sourcing strategy because you are that supplier. In the case of any Fab issues you are forced to slip your product delivery dates.

Utilizing market silicon

The second way is to utilize routing, switching, and security ASICS that are commercially available through many manufacturers and wrap your own software and chassis integration around them. This is commonly referred to as “market silicon”. In this case, your focus is end to end integration of commodity ASICS and most importanly creating  software differentiation to add value to your product.

The positives aspects of this model is that you are not locked into your own chipset design time lines. If your primary chipset supplier has a Fab issue, then you can easily change your supplier and hit your deployment time lines.

The downsides of this model is that every single networking manufacture in the world has access to the same chipsets. This forces a vendor to differentiate through better software, support, and integration of these “Market Silicon” ASICS into a superior platform.

Who uses what?

With all the talk of Market Silicon being evil, the reality is that the major networking manufacturers use a mix of home grown ASICS and market silicon to drive their products. I can’t say who uses what, but feel free to crack open your switch and take a look at the chipsets on the line cards. Don’t be surprised if you can find some market silicon sprinkled here and there. Now that doesn’t mean that these platforms are bad, it just means that for certain functions it is cheaper to source ASICS externally then to create them in house.

How does Arista approach this problem?

Aristas focus is to create an extensible network operating system that can manage and enable multiple switching ASICS and switching platforms (VMware Virtual Network Distributed Switch – vNDS).

Extensible Operating System (EOS/vEOS)

Arista created a new operating plaform, based on Linux that manages both the physical and virtual implementations of switching devices (ASIC and Virtual Switches). It is called the Extensible Operating System. This operating system has hooks into all the ASICS and vSwitches that it supports. Most importantly it provides one single operating system for all supported platforms both physical and virtual.

sysDB

Core to the functionality of EOS is the sysDB. What is the sysDB? It is a custom real time database written specifically for the interaction of individual system processes. These include routing, switching, security, management processes. By centralizing all of this information in a central location the time to react to events is minimized . This is especially true when compared to classic networking implementations where independent processes keep independent state.

vEOS

Virtual Extensible Operating system is just that – A virtualized instance of the items mentioned above. This can be run inside a vmware virtual machine. It is the same operating system, database, and daemons that run on Arista’s physical hardware. The only difference that it happens to run inside of your virtual infrastructure.

You may ask the question, why would you want to take a network operating system / hardware combination and split it apart?

vEOS and VMware Virtual Distributed Network Switch

EOS and vEOS have implemented a hook into VMware’s vNetwork Distributed Switch (vNDS) API. In effect, you can think of the vNDS as just another ASIC to the operating system. Instead of connected through a device driver, EOS and vEOS connect in through an XML API. This accomplished the function of both retrieving status and performance information that the vNDS provides, and creating policies inside EOS and publishing them into your VMware switching infrastructure.

If you have an Arista switch directly northbound of your ESX servers, you get this monitoring and configuration feature for free. If you don’t have Arista switches, (say you have Cisco, HP, Juniper or Foundary) you can use vEOS (the virtual instance) and pay a fee to get a cli interface into the VDS.

vEOS vs Nexus 1000V

This is a likely to be a highly contested item, complete with competing bumper stickers. In my opinion it isn’t that big of a deal. The reason being is that the 1000v and Arista’s vEOS implementation are completely different. Cisco’s 1000V is a dedicated piece of code running on your ESX servers that handles switching differently then VMware’s vNDS. Arista’s implementation of EOS and vEOS is more of a management interface to VMwares vNDS. vEOS does not replace the switch inside VMware, it configures and monitors it through the vNetwork API.

When comparing the two products head to head, the discussion is really a VMware vNDS vs Nexus 1000v discussion. If you have already decided to move to the 1000V because of the feature differential between the native vNDS then nothing really changes.

This doesn’t mean that vEOS does not add value. In smaller environments where the 1000V is not an option, or in an intercloud situation where state needs to be passed between disparate network instances vEOS’s vNDS implementation can be very valuable. If the vNDS features are all you need, but you would prefer a CLI for your VMware switching and cannot justify the expense for the 1000V licenses, then Arista might be right for you.

Want to learn more?

Arista Networks – Extensible Operating System

Andy Bechtolsheim‘s opinion on Market ASICs

VMware Virtual Network Distributed Switch

Cisco Systems – Nexus 1000V

Similar Posts:

• Jayshree Ullal takes the helm of Arista Networks
• Cisco Nexus 4000 Blade Switch
• Cisco NX-OS 4.0 | Next Generation Internet Operating System
• Cisco’s Cloud Computing Offering
• Altor Virtual Network Security Analyzer (VNSA) integrated with Cisco’s Nexus 1000v for VMware
• Cisco is using Linux virtualization and 40 core CPU’s for its next generation routers

--Colin McNamara

Arista Networks – Their approach to cloud networking

Altor networks goal is to provide a single pane view of communications within your ESX clusters, as well as ease access control list creation and deployment. With this single pane virtualization customers should be able to decrease the time needed resolve availability and security issues, allowing virtual enviornments to continue to scale.

This is a sign that we can look forward to many other software vendors adding Nexus 1000v  support to their existing product lines. I wonder who is next ? NetQOS maybe ….

Want to learn more ?

Altor NetworksSimilar Posts:

• Cisco releases Nexus 1000V virtual switch for VMware
• Vote for my VMworld presentation – #3221 Built to fail (shameless pandering)
• Is your network ready for Cloud Computing with Virtual Infrastructure 4?
• Interesting TechWise TV episode on virtualization
• Arista Networks – Their approach to cloud networking
• Where is Colin ? Passing the VCP exam (VMware Certified Professional)

--Colin McNamara

Altor Virtual Network Security Analyzer (VNSA) integrated with Cisco’s Nexus 1000v for VMware

The boundary between server team and network team responsibilities has become “fuzzy”

Cisco address’s this issue by putting a switch that can be managed via the same methods common to other network devices inside the ESX cluster. This switch runs the same code that has become standard on Cisco’s Nexus series of Data Center switches – NX-OS.

Prior to adoption of virtualization, when there was a connectivity problem with a host it was quite common for the network team to verify functionality down to the switch port. The server team would do the same. This allowed for each team to focus on areas that met their core competancy. Once we moved from a real switch port, to a dumb bridge inside ESX, lots of finger pointing resulted.

Now, with a Nexus 1000V sitting virtually inside the ESX clusters, the boundary between network and systems teams has been re-estabilished. Now when there is a problem with a host inside an ESX cluster, the network team can use the same day to day troubleshooting tools available to them in other portions of the network to resolve issues faster, and with less finger pointing.

Security controls have been moved further away from the hosts then we would like

A best practice for applying security policy is to apply controls as close to the source as possible. Think of this analogy – Your kids are blasting Radio Disney from their computer. Which of the following do you do?

A. Turn down the speakers at the source

B. Distribute earplugs to all members or the household

Of course, the obvious action is to go to the source, and apply a control (turn down the volume, and tell the kids to clean their rooms). The same principle is valid on the networking side. The best practice is to apply security policies such as VLAN ACL’s and TrustSec policies directly to the switchports that host your switches. Before the Nexus 1000V this was impossible to do in ESX, and forced many environments to move security controls further up into the distribution layer. The side effect of this was that now the security stance from host to host inside ESX clusters was diminished.

The Nexus 1000V brings something called port policies to the table to address this. What these are is pre-configured application security descriptions that are available to you systems administrators to apply in a point and click fashion. Once these policies are applied to the virtualized host, they follow the host where ever it is moved in your virtual cluster.

Provisioning and integrating the networks of VMware ESX clusters with classic networks for most is challenging at best

I wrote an article in march about this specific issue in my post – Challenges integrating VMware into Cisco networks . The core of this issue is that in general that the network integration portions of VMware ESX clusters is not really designed to address server teams , or network teams. In fact, you need to be pretty savy with both portions to successfully integrate VMware clusters into your network. In the real world, you generally find people that are good at one or the other, not both.

By putting a Nexus 1000V in your VMware clusters, you know give the networking teams something they can understand without having to learn Linux, and how it handles bridges (key to understanding ESX networking). With a Cisco switch running virtually inside your clusters, network teams can follow standard core / distribution / access models with the access layer now residing inside the ESX clusters. The network teams can also leverage their existing LAN switching skills for integrating the virtual switches in the clusters with the existing Data Center switching fabrics.

With these roadblocks addressed, Cisco is moving to further the DC 3.0 vision

To realize the DC 3.0 vision, the network inside of VMware clusters had to be under control, and follow the same architectural guidelines that the rest of our network is subject to. With the Nexus 1000V this is now a reality. The next steps withing the DC 3.0 vision to are to extend virtualization and mobility throughout our storage fabrics, and to continue to extend virtualization to the network as a whole, as well as focusing on application virtualization and acceleration to truly realize the vision of cloud computing in the data center.

On the storage virtualization side, Cisco will be using a technology called FlexAttach to enable virtual and physical hosts to change locations in the datacenter without storage team intervention (more on this in a near future post). And on the application virtulization and acceleration side, expect Cisco to continue to enhance it’s existing Application Control Engine (ACE) and Wide Area Application Services (WAAS), and further integrate these into their virtualization offerings.

Want to learn more ?

Introduction to VN-Link network services – Cisco.com

Nexus 1000V overview – Cisco.com

VMware distributed vNetwork switch demo – VMware.com

Challenges integrating VMware into Cisco networks – colinmcnamara.com

Douglas Gourley speaking about how Cisco and VMware will drive Cloud Computing in the Data CenterSimilar Posts:

• Altor Virtual Network Security Analyzer (VNSA) integrated with Cisco’s Nexus 1000v for VMware
• Cisco Nexus 4000 Blade Switch
• Nexus 5020 – Consolidated 10 Gig Ethernet and 4 Gig Fibre Channel
• Where is Colin ? Passing the VCP exam (VMware Certified Professional)
• Simplifying your Data Center with Cisco’s Nexus 2000 Fabric Extender (FEX)
• Is your network ready for Cloud Computing with Virtual Infrastructure 4?

--Colin McNamara

Cisco releases Nexus 1000V virtual switch for VMware

In the past couple years, VMware has changed from a product hidden in development and testing environments to a full fledged enterprise computing platform. It brings many benefits to the companies that implement it, however with those benefits come changes to the access layer of your data center. Your access layer is no longer a top of rack Cisco switch, or end of row aggregation chassis. It is now a virtual bridge that exists logically within your VMware ESX server.

This causes an interesting question to come up in many customers – Who is responsible for the configuration and maintenance of this Vswitch? At first glance most groups reference the port on the last Cisco switch as the division of responsibility between network operations and systems operations. This has worked well in the past for a three main reasons.

First, it divided responsibilities based on technical skillset. For example a network engineer understands spanning tree, trunking, routing protocols, firewalling. While a systems engineer understands file systems, databases and Linux and Windows operating systems.

Second, it provided for a interconnection point where standardized configurations could be applied by an operational group, versus complicated configurations that could impact overall network designs and require an architectural board review.

Third it provided for a clean hand off for troubleshooting. Both network and systems operations could agree on layer 2-4 functionality in an area that provided for detailed debugging on both sides.

Lack of a defined access layer

VMware ESX throws a wrench in this model. We no longer have this well defined edge at the access layer. The access layer now exists virtually inside a server. More specifically, it is a logical devices running in a Linux server. This presents a challenge because it requires cross over knowledge. Whoever is responsible for this integration has to be fluent in Linux systems administration , and also fluent in network design and operations. Frankly this is a rare skill set to come across, as it requires and engineer who has attained high proficiency in both systems and network engineering.

I see this fuzzy line of demarcation often as a failing point for many VMware integrations. Many times I see network operations teams not involved in ESX cluster design because its a “server” , and systems operations teams generally don’t have the networking skills necessary to design and implement an fully functional system.. The solution to this problem is education and collaboration.

The need for collaborative design sessions

The single most powerful element in a successful VMware integration is the creation of strong design documents. These are created by holding planning sessions where both your systems and networking leads hash out a strong design that takes both short and long term virtualization and network goals into account. Also, many times when people hear the word design, they think it is a high level Visio and a bill of materials. That is a just a fraction of the effort required. A proper design should cover everything from a 10,000 foot overview Visio down to protocol flow diagrams and configuration examples. By created a detailed design like this it is likely to bring up common issues such as 10 gig aggregation, trunking, VMotion security, layer two adjacency and layer 7 network service delivery on a white board instead of a production environment.

To create this detailed design, both your Network and Systems leads have to understand this product. VMware recognizes this is critical to successful implementation (and to further sales of their product) an offers the VMware Certified Professional certification. If you have the resources, I would recommend sending both your network and systems leads to this training at the same time. Having them attend training together allows them to leverage each others strengths and bring up questions specific to their network and their goals.

A real world example of this is the company I work for, Eplus. Last April forty of us, all senior engineers attended VMware Certified Professional training at the same time. The class was mixed up so there was an even distribution of CCIE’s, Systems Experts, and Storage Experts. Needless to say this presented our instructors with some extremely challenging questions, but more importantly it set the stage and created a venue for collaboration between these different practices within our own company.

Real world benefits

A great example of this model’s success this occurred last month. Rick and I were sitting in the engineering side of our Sunnyvale office, catching up on email after giving presentations at Cisco that morning and afternoon. In the bullpen behind us, one of the Microsoft architects was engrossed in a troubleshooting call with a large customer on the other line. It turns out a large systems vendor (who shall remain nameless) had been trying for a week to integrate the first ESX cluster into this network and just could not get the networking portion to work correctly. Our account manager received the call from a the customer, and asked the technical teams to step in to see if we could help out in any way.

The systems engineers were able to isolate the problem down to the network interconnections, but needed to bring in networking resources to resolve the problem. Rick and I were waved over and were given an overview of the problem and introduced us to the customer the far side of the call. We asked a few questions about the physical and logical architecture of their network and created a diagram of their network on the whiteboard. With this we were able to ask them to execute commands continuously isolating the problem domain until we found and resolved the issue.

Seven minutes had passed from the point Rick and I were waved over to the point the customer had a working installation. This allowed the customer to focus on moving their business forward instead of fixing a failed implementation. Three of us on the call had attended VMware Certified Professional training together. We had spent at a minimum 50 hours each creating a baseline of understanding in class, as well as many discussions in engineering meetings. The solution came in seven minutes not because of any one teams individual strengths, but because of collaboration. The systems engineers were able to isolate the problem domain very specifically. And as network engineers trained on VMware were able to quickly understand and digest the issues, and tie it together with our larger understanding of networks as a whole. Only at that point, when the team was able to leverage each others strengths were we able to address the problem so quickly.

There will come a point in the next few years where this fuzzy boundary between the “network” and the “server” is established again. My call is that this will coincide with Cisco finishing development of their Vswitch that will reside inside the ESX server. This switch will require both Cisco and VMware improve their design and integration guides for ESX which are both frankly lacking substance. Until those detailed architecture, integration and troubleshooting guides exist the key to successful ESX cluster implementation will be a strong cross trained systems and network teams that are collaborating on the next level of virtual network design in your enterprise.

Want to learn more?

Cisco – Integrating Virtual Machines Into Cisco Data Center Architecture

This is Cisco’s main design guide regarding the integration of virtual machines. You can use it as a decent high level overview if you are a network engineer who is curious how VMware ESX, or Xen servers for that matter will fit into your network.

VMware – Virtual networking Concepts

This VMware document goes between high level overviews and detailed descriptions. It is a decent resource for a network engineer, and provides an overview of ESX network features, however it misses the target for providing configuration examples.

Blog of Scott Lowe – Technical Lead for Virtualization at Eplus Technology

Scott is an engineer that works with me at Eplus Technology. He is based out of the east coast and covers servers, storage and virtualization. His blog is chock full of good of information. A recent post of interest was how to enable Cisco Discovery Protocol (CDP) on VMware ESX server network interface cards.Similar Posts:

• Cisco releases Nexus 1000V virtual switch for VMware
• Arista Networks – Their approach to cloud networking
• Cisco Certified Design Expert – CCDE – officially released by Cisco
• Cisco NX-OS 4.0 | Next Generation Internet Operating System
• Resume – Colin McNamara, CCIE #18233
• New features in VMware 3.1

--Colin McNamara

Challenges integrating VMware into Cisco networks

CERTIFICATIONS / ACCREDITATIONS HELD

• CCIE – Cisco Systems Internetwork Expert #18233
• VCP – VMware Certified Professional
• CDCUCSS – Cisco Data Center Unified Computing Support Specialist
• VSP – VMware Sales Professional
• VTSP – VMware Technical Sales Professional
• TSS – Cisco Technical Solutions Specialist, Data Center
• GCIH – GIAC Certified Incident Handler
• CCVP – Cisco Certified Voice Professional
• CSNSSS – Cisco Storage Networking Solutions Support Specialist
• CSNSDS – Cisco Storage Network Solutions Design Specialist
• CADCNSS – Cisco Advanced Data Center Networking Infrastructure Support Specialist
• CCIE Storage Networking
• RHCE v4/5 – Redhat Certified Engineer #804006368822511
• RHCT v4/5 – Redhat Certified Technician #804006368822511
• EMCPA – EMC Proven Professional Associate – Information Storage and Management
• NSCA – Netscaler Certified Administrator #2005072
• NACE – Network Appliance Certified Expert #12912
• NACP – Network Appliance Certified Professional #12017 – Data Protection
• NACP – Network Appliance Certified Professional #11985 – Storage Area Network
• NACP – Network Appliance Certified Professional #12911 – High Availability

Retired Certifications

• Cisco Qualified Specialist – IP Telephony Support
• Cisco Qualified Specialist – IP Telephony Design
• Cisco Qualified Specialist – IP Telephony Operations
• Cisco Wireless LAN Design Specialist
• Cisco Wireless LAN Support Specialist

PROTOCOL PROFICIENCY

EIGRP, OSPF, RIP, BGP, MPLS,  Spanning Tree, Rapid Spanning Tree, VPC, VSS, VDC, TRILL, Fabric Path, OTV ATM, RTP, SIP, H.323, LWAPP, RADIUS, TACACS+, Ethernet, Fibre Channel, iSCSI, NFS FCIP, FCP, FSPF, NDMP 802.11a, 802.11b, 802.11g, RBE, ISDN, SNMP

Virtualization , Parallel and High Performance Compute Platforms

VMware ESX, Kernel Virtual Machine, Xen, Platform LSF, Sun Grid Engine, Hadoop

VOICE and VOICE OVER IP

CallManager, Unity, ICS7750, PBX Trunking, SRST, Active Directory Integration, Extended Services, Call Detail Recording, Automated Attendant, Extension, Mobility, Asterisk, Callware and VSR VM.

HARDWARE

Cisco Unified Computing System (UCS) 6100, 2100, 5100, Nexus 7000, Nexus 5000, Nexus 2000 and Nexus 1000v switches, Catalyst 1900-6509 switches, 1600-7500 series routers, Cisco PIX firewalls, Cisco Load Balancers, Cisco

MDS , F5 Load Balancers, Netscreen / Juniper Firewalls, Cisco VPN3000 VPN concentrators, Cisco ASA Adaptive Security Appliances, Nortel Contivity VPN Concentrators,  Aironet Access Points and Bridges, Airespace LWAPP

concentrators. 3com TotalConnect racks, Ascend dial concentrators, Netscaler Load balancers, SSL accelerators, SSL VPN concentrators. Brocade Silkworm, HP Eva Storage

NETWORK MANAGEMENT

Nagios, Cacti, NTOP, IPswitch What’s Up Gold, BIG Brother, Spectrum Network Management, Kiwi Syslog,, MRTG , HP OpenView, Cisco Secure Intrusion Detection system,

Cisco Network Based Application Recognition, Snort IDS, Netscreen Firewall Manager, Unified Compute System Manager

OPERATING SYSTEMS

Redhat, Suse and Ubuntu Linux, Windows 2000, Windows 2003, Windows 2008, Windows XP, NT4.0, BSD, Solaris, OSX

BUSINESS ENVIRONMENTS

Consulting, Valued Added Reseller, Large Enterprise, Startup, Banking, Service Provider, Software Development, Manufacturing, Military

EMPLOYMENT

6/11 -  Present , Nexus IS

Director, Data Center Practice

Responsible for got to market strategy for Nexus IS, a national Cisco DVAR.

Accomplishments

• TBD

1/07 – 6/11, ePlus Technology

Consulting Systems Engineer – Data Center (10/08 – 6/11)

Transformed ePlus western region from a #3 and #2 ranked voice and campus partner to the #1 ranked Data Center partner in Northern California

Accomplishments

• Changed regional sales focus from technology silo’s to solutions based selling covering network, systems, storage and applications under one umbrella
• Developed and deployed go to market strategy for Cisco’s Unified Computing System resulting in significant competitive advantage in the western United States.
• Deployed the first Nexus 7000/5000/2000 architecture into production securing competitive advantage across multiple verticals.

• Increased Data Center revenues year over year in the worst economy in a century.
• Attracted and retained top industry talent.
• Leveraged unique technology positioning to win multiple key global clients.
• Partnered with business units inside of Cisco, resulting in key product enhancements as well as increased revenue for both ePlus and Cisco.
• Passed multiple certifications resulting in ePlus being able to sell and install EMC Vblock.

1/07 – 6/11, ePlus Technology

Senior Systems Engineer (1/07 – 10/08)

Accelerate Technical Sales, design and implement network, storage, voice and systems solutions for ePlus Southern California customers.

Accomplishments

• Changed regional sales focus from technology silo’s to solutions based selling covering network, systems, storage and applications under one umbrella.
• Established a trend of Advanced Technology account wins.
• Accelerated ePlus’s southern California sales by providing high-end engineering support.
• Integrated MPLS service provider designs into cutting edge Enterprise and Casino Gaming solutions.
• Filled PM and lead network engineer roles for large publicly traded company data center migrations.
• Created modular Cisco design / quote format and menu based hardware and services options to address rapidly changing customer needs.

9/05 – 1/07 ID Analytics

Lead Network Engineer

Lead team of four engineers, Define network and application integration architecture for large SaaS (financial cloud) analytics deployment , Leverage networking technology to increase security and availability, and decrease development and product deployment timelines

Accomplishments

• Led team of engineers responsible for all Production and Back Office systems in 2 offices and 3 datacenters
• Designed and Implemented ID Analytics Phase2 datacenter, processing 1.8 million financial transactions daily.
• Designed and Implemented Contents Switching and SSL offloading solution, enabled non-disruptive scaling of core products
• Integrated ID Analytics product with the largest card processors in the world – Equifax, Visa, TransUnion, etc.
• Designed and integrated centralized Fiber Channel and ISCSI SAN solution, increasing application speed and decreasing production database refresh times from 4 weeks to 1 week.
• Managed and maintained over 130 terabytes of storage
• Created lights out server imaging and deployment solution for remote datacenters
• Deployed and integrated monitoring solutions utilizing open source technology
• Created user emulation probes for real time application monitoring and trending of production systems
• Worked with development and Analytics to create structured Development and QA environments
• Spearheaded project to change Analytics / Informatics environment from “unix for workgroups” to high performance computing environment (HPC)
• Provide structured documentation to US Government and Corporate auditors
• Utilized project management skills for international rollouts

2/04 – 8/2005 Openwave Systems
Senior Network Engineer, Strategic Design and Integration Group
Provide technical leadership, Define network architecture, Establish standards and technical vision. Responsible for researching, developing, and architecting technical solutions to business needs.

Accomplishments

• Designed Openwave’s new Pacific Datacenter Networks, with 900 production, and 2000 development servers.
• Designed Openwave’s Pacific Shores Campus Networks, and Showcase Datacenter.
• Responsible for hardware acquisition budget of 1.7 million dollars
• Established ISCSI IP based SAN infrastructure with DR components in 4 major datacenters worldwide
• Promoted from the ranks, moving from running our VOIP phone systems, to Network team lead, to Senior Network Engineer in the Strategic Design and Integration team.
• Active and engaged member of multiple boards covering design review, change control, and security
• Negotiated with Cisco and SBC regarding datacenter purchases saving $906,000 off list price.
• Renegotiated Cisco support saving Openwave nearly $600,000 over our three year term
• Established improved data center controls, allowing Openwave to pass Sarbanes Oxley (SOX) audits
• Wrote and ran multiple RFP, RFQ, and RFI’s
• Utilized project management skills for international rollouts
• Managed, Piloted, and Installed new wireless systems for our Customer Briefing Center
• Responsible for 6 VOIP clusters around the world
• Recipient of multiple awards recognizing dedication and quality work.
• Attended continuing training for security management (CISSP)

2/03 – 1/04 USMC Reservist activated in support of Operation Enduring Freedom
Information Services Coordinator
Implement and maintain Tactical Data Networks, Provide consulting services to hosting units. Maintain Microsoft Exchange servers in both tactical and garrison environments. Perform security audits and remediation. Train support personnel.

Accomplishments

• Performed Disaster recovery of routed ATM LANE environment for Marine Corps Air Station Yuma enabling over 3000 users to resume work (awarded the Navy and Marine Corps Achievement Medal for that event)
• Performed security audit and created a security and performance remediation plan for MCAS Yuma
• Provided project management and security audit skills to 3^rd Marine Air Wing Yuma server support teams, managed server security audit, security remediation, and SMS rollout.
• Designed and implemented Nagios network monitoring system at Marine Corps Air Station Yuma.
• Implemented Norton Antivirus server for MWSS 473
• Provided training on to data teams from MWSS 473, MCAS Yuma Station IT, and 3^rd Marine Air Wing Yuma server teams.

12/02 – 2/04 2 Cups Solutions, Pleasanton , Ca
Principal Consultant
Founded 2 Cups Solutions to provide cutting edge Voice, Data, Wireless and Security services to clients in the San Francisco bay and Fresno areas.

Accomplishments

• Implemented WAN failover solution at two City of Hayward fire stations.
• Implemented email and web solution for Express Mobile Notary.
• Developed and implemented business plan focusing on State and Local Government contracts.

2/02 – 12/02 ExtraTeam, Pleasanton , Ca
Senior Systems Engineer
Design, Installation, Configuration and Maintenance of network systems consisting of Cisco CallManager, Unity, Cisco Secure ACS, LEAP secured wireless, Aironet, Cisco routers and switches, PIX firewalls, and VPN3000 concentrators. Integrating all systems with Active Directory. Performed VOIP feasibility studies. Managed the entire business cycle including sales, design, installation, training and maintenance.

Accomplishments

• Integrated CallManager voice system with Active Directory
• Recovered a failed CallManager implementation at Phase 2 Strategies (PR firm for Logitech). Implemented CallManager with up to date hardware and software, upgraded Unity up to reasonably current levels. Brought up remote office in Phoenix utilizing SRST.
• Implemented City wide wireless network integrated with active directory for the City of Hayward
• Implemented VPN Concentrators in conjunction with multiple levels of firewalls for City of Hayward and Hayward PD to meet CLETS requirements.
• Implemented network configuration management system responsible for the city of Hayward.
• Implemented new wan for Livermore Pleasanton Fire department moving fire stations from isdn to T1 and Gigabit fiber lines in conjunction with moving the location for the network core.
• Designed and implemented IPSEC based wan for Universal life resources, allowing nationwide secure remote office connectivity while minimizing wan connection costs.
• Designed CallManager based VOIP system for a 27 site school district
• Provided emergency support to Fire and Police agencies across the bay area
• Performed security remediation for a large bay area company
• Participated in large switched network cutover from 7500 to a 6509 with flex-wan modules for Stanislaus County.
• Achieved technical certifications for ExtraTeam to become certified under both the Wireless and IP Telephony revised specifications.

7/01 – 2/02 Infobond Inc. Burlingame , Ca
Network Engineer

Responsible for engineering duties in a leadership role. Integrated legacy PBX’s using VOIP technology. Used Quality of service to ensure VOIP service levels. Support legacy voice over IP and voice over Frame Relay technologies. Upgrade from legacy voice integrations to state of the art VOIP integrations. Create project plans and act on them.

Accomplishments

• Cut over evergreen lines shipping terminal from legacy 3com equipment to VOIP enabled Cisco routers and switches. Accomplished all work during Union stand downs.
• Contracted to Openwave, Inc. to run Remote Access while the engineer was on leave. Ran Remote Access for 5 weeks, resolving DSL RLAN issues and IPSec issues, while reducing trouble ticket backload to manageable levels. Assisted other engineers when needed.
• Implemented Cisco 6509’s to replace aging core network of a Benchmark Capital (bay area investment firm).
• Diagnosed and resolved VOIP issues that were stopping call center rollouts for Embarcadero Systems (a large bay area shipping company).

03/00 – 7/01 Knapp Publishing Corporation, San Ramon, Ca
Network Systems Administrator

Responsible for day-to-day operations of e-commerce data center, and wide area networks Performed DNS changes for both internal and external networks. Designed, piloted, and implemented network changes. Installation configuration and maintenance of NT, and Windows 2k file, print, and web servers

Accomplishments

• Improved service levels from 90% to 99.99%, enhanced security and increased bandwidth were benefits derived from implementing a state-of-the-art web hosting data center
• Implemented a network monitoring system to document, report, and notify of network status.
• Designed and implemented ISDN failover of Frame-Relay Network.
• Designed, piloted, and implemented network changes.
• Replaced NT servers with Linux based servers, integrated with the Windows network

01/98 – 03/00 DKA Computers Inc. Clovis, Ca
Manager Information Services (01/99 – 03/00 )

Ran day to day operations of a large valley ISP. Worked with systems manufacturing to bundle client software with all new PC’s. Partnered with local ISP’s to provide access numbers across the valley.

Accomplishments

• Managed web development, and professional services
• Moved web hosting from IIS on Windows NT to APACHE on Linux based servers, drastically increasing site availability
• Produced a forms based web application to configure custom systems online.
• Designed and implemented an IPSec based WAN connecting 3 stores point of sales systems.
• Managed corporate office and data center relocation project.

Senior PC Service Technician (01/98 – 01/99)

Provide on call service. Staff PC help desk. Provide direct customer systems support while maximizing company revenues. Configured all servers ordered from manufacturing.

Accomplishments

• Responsible for all day to day service activities for a 13 million dollar company. Management of 4 team members. Directly responsible for customer satisfaction
• Implemented hard drive imaging system, decreasing both warranty costs and turnaround time
• Installed and configured SCO Unix reservation system for National Park service, Kings Canyon
• Deploy Citrix Winframe Systems, Windows NT 4.0 Systems
• Designed, implemented inventory tracking database, reducing required stock on hand by $40,000

MILITARY

1996 – 2004 UNITED STATES MARINE CORPS RESERVE
Have held U.S. Government security clearance – Secret

EDUCATION

Ongoing professional education

Sans CISSP + Track

University of Oklahoma extension – Fire Science

Cisco Networking AcademySimilar Posts:

• What does it take to pass the CCIE exam?
• I’ll be at Cisco Live 2008 (networkers) in Orlando all week
• About Colin McNamara
• Cisco Certified Design Expert – CCDE – officially released by Cisco
• Challenges integrating VMware into Cisco networks
• Darrel Hinshaw – New Triple CCIE [Storage]!!!!!!!

--Colin McNamara

Resume – Colin McNamara, CCIE #18233