What should a network engineer know? Check list

More recently, our company has organized an internship program for young professionals in the following areas:

1. Networking Basics ( Cisco ).
2. Server administration (Windows, Linux).
3. Technologies of virtualization and data storage systems (VMware, Microsoft Hyper-V).
4. Modern means of information protection ( UTM , NGFW , Sandbox , etc.).
5. Ethical hacking (CEH) and Pentest .
6. Processing machine data (Log management - Splunk , MaxPatrol SIEM)

If we take the network direction, then during the practice, almost all novice network engineers or students in this direction have the question: “What does a network engineer need to know? What is the focus of power? ” . I always started to advise some topics and directions, then I realized that it would be nice to make a checklist for young engineers to have a clear vector of development. In addition, I will try to provide links to resources where these skills can be obtained. Naturally there is no universal list and all I can offer is my own idea of ​​the necessary skills of any network engineer. This list was compiled on the basis of personal experience and reflects what is often encountered in the work. I am sure that the majority have their own opinion on the obligatory skills and most likely it does not coincide with mine. If you are interested in this topic, then welcome under the cat ...
')
1) Network Basics. I think everything is clear here. Just what is meant by “basics”? Earlier, I recorded a video course for a young fighter , however, it is only suitable for starting a career and it is clearly not enough for a good specialist. In my opinion, the engineer should have knowledge at the level of CCNA or Comptia Network +. The certificate is not required in principle, but is very welcome (this will help in your career). I’d hardly find anything in Russian, so I can only recommend courses from CBT Nuggets (paid) or Cybrary (free). There are interesting courses on the site Udemy.

2) Network emulators / simulators. Here, too, everything is obvious. It’s hard to imagine a network engineer who doesn’t know how to use Cisco Packet Tracer or GNS3 . UNetLab (now EVE NG) will also be very useful. You just have to be able to quickly deploy the layout “on the knee”. VirtualBox and VMware Workstation skills are also required.

3) Fundamentals of network security. This item is forgotten by many or simply avoided. In general, network security is a separate direction, but it is absolutely not independent. It’s impossible to seriously deal with network security without understanding how the network works. It can be argued that the opposite - you can not build a network without thinking about security at all. That is why I strongly recommend to study the protection of networks at the level of CCNA Security or Comptia Security +. Personally, I like the CBT Nuggets and Cybrary courses the most . In the simplest case, you can start with this .

4) Fundamentals of cryptography. This item follows from the previous one. Almost all companies are actively using VPN, the Internet is increasingly moving to https, passwords are used around ... It’s very sad to see a network specialist who does not understand the difference between pre-shared key and certificate based authentication. At a minimum, you should distinguish symmetric encryption from asymmetric encryption, understand what a hash is and be able to at least explain the basics of PKI on your fingers. If we consider the Russian-language resources, then there are several successful courses on Intuit . The best courses on cryptography in my opinion on Coursera .

5) Fundamentals of network design. A good engineer should not only be able to administer existing networks, but also create new ones. These are completely different things. To do this, you definitely need to know the basics of design. Excellent preparation - CCDA (best from CBT Nuggets ). I also tried to describe the main points in the corporate network architecture and in one of our webinars .

6) Documenting networks. This item does not like the majority of engineers. Setting up and testing networks is almost always fun, but developing documentation is awfully boring. Block diagram, L2 / L3 schemes, IP addressing, description of settings ... Every engineer must be able to develop similar documentation. If you created and set up a network, but after that you did not leave a single document with a description, then you just didn’t finish your work - this is a hack. Unfortunately, I did not have to meet the literature, where they would describe the process of creating technical documentation (not design). If you know such a guide, please write in the comments.

Not networks are united
When working with the network it is very difficult to avoid contacts with the server infrastructure. That is why you should have at least basic skills in this area. In most organizations, server experts are allocated in a separate group. At the same time, network specialists are very often forced to contact them and must communicate in “one language”. Below we describe some more necessary skills for a network engineer:

7) Virtualization technologies. It’s hard to imagine a company that doesn’t use virtualization tools. And in virtualization go not only the server, but also the network. In many organizations, firewalls, routers, intrusion prevention systems are also represented as virtual machines. You simply must have basic skills in working with VMware ESXi and Microsoft Hyper-V. You need to understand what a virtual switch or virtual adapter is. Again, I recommend courses from CBT Nuggets . You can also look at Udemy.

8) Basics of working with Linux. I think this point is also obvious to everyone. A huge number of routers and firewalls is based on Linux. Proxy, Anti-Spam, IPS, DLP systems ... all this is in most cases slightly modified Linux. Therefore, it is very important to be able to navigate the file system, execute simple tracebacking commands (ip route, tcpdump, traceroute) and edit configuration files using the built-in text editors (vi). A basic course on CentOS would be a good start.

9) Basics of working with Windows Server. Virtually any company has a Windows Server, which organizes such important services as NTP, DNS, DHCP, etc. in one place. And it would be very nice to be able to configure at least these services, without which the network will not function in principle. I personally like this mini course .

10) Basics of programming (bash, python). In the life of any network engineer there is a moment when the task of automating routine processes arises. Here come to the rescue "scripts" (most often bash or python). There are a lot of free courses on the basics of python and even in Russian. Definitely recommend to study.

11) English . If you decide to build a career in IT, then English should be your second mother tongue. Take this as an axiom. My opinion is that if you do not know English well, then you are a bad IT person. No matter how insulting it sounds. 95% of all really useful materials are published on the Internet in English. The same CCNA exam is taken in English. Almost all the material is in Russian, it is either a translation (not always correct), or outdated information, because The new one just did not have time to translate. More details about this can be found here .

From our point of view, this is exactly the list of necessary knowledge for a network engineer. This is a necessary foundation for further professional growth.
In addition, relatively recently, Cisco has published the article “ Network Transformation and Essential Skills for Next Generation Network Engineers ”. If you translate literally, you get something like: "The transformation of networks and the basic skills of next-generation network engineers." If someone is too lazy to read the presentation completely, then the main points will be displayed here (in Russian).

We will be glad if you share your thoughts about the necessary skills of a network engineer.

PS We would also like to inform you that we periodically hold business breakfasts where we discuss various IT technologies. From the nearest:

May 16 (Tuesday)

• VMware: Virtualization and Security
• VMware VSAN:
• Modernization and storage management in a virtualization environment;
• Using local storage with VMware VSAN;
• VMware NSX:
• Virtualization and security in modern DC;
• Transition to the network virtualization and micro-segmentation model;
• VMware Airwatch:
• Digital working environment;
• Mobile device and application management.

May 23 (Tuesday)

• Cisco approach to information security architecture
• Information Security Architecture: Cisco Approach;
• Cisco ISE and NGFW. Demonstration of Rapid Threat Containment;
• Cisco AMP platform. Web Security. Email Security. Comprehensive demonstration.

Time: 10:00 - 13:00 (GMT)
St. Petersburg
Meeting place: "Kazan, 7"

You can register here . When registering for the Workshop, specify the topic you would like to visit.