Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Becoming a Network Administrator?

Posted by timothy on from the why-not-hire-one-to-show-you dept.

J. L. Tympanum writes "After many years as a star programmer, I have taken a position which involves maintaining and rebuilding the in-house network of a small company. There are maybe 100 machines, a mix of blade servers running Linux and desktop PCs running Windows of all flavors. Basically, I have to learn networking from scratch. I have been given an 'unlimited' budget to buy routers, switches, etc., to set up my own little test network as part of the learning process. So the question is: what's the right strategy here? What routers or switches or other equipment should I acquire? What books should I read? Should I take classes from Cisco, Global Knowledge, my local community college, or somewhere else?"

20 of 480 comments (clear)

  1. Step 1 by nuintari · · Score: 5, Funny

    Run, run as fast as you can, and don't look back.

    --

    --Nuintari

    slashdot : where an opinion can be wrong.

    1. Re:Step 1 by RenHoek · · Score: 4, Insightful

      1) Why does the network need rebuilding?
      2) Where the hell are they getting an unlimited budget from?
      3) Why, if they have money, would they hire somebody who never did any admin work?

      I'm not saying you won't be able to do it, I'm saying you try and figure out their motives and cover your ass with asbestos!

    2. Re:Step 1 by nuintari · · Score: 4, Informative

      And then, in all seriousness.

      Deploy Juniper products where you can. Commit confirmed alone will help keep you sane.

      As for learning how this stuff all glues together and works, that really depends on how you learn. I learn by trying things, and reading the manual, not from a classroom. YMMV, but I have never seen a class that did anything short of an awful job of explaining how networking works. I rely heavily on my peers and Google for ironing out issues that I cannot solve in my lab. Consider attending talks on subjects relevant to your needs, and anything that sounds even remotely interesting. Find someone more skilled than you who can explain shit in your native tongue and attempt to osmosis some talent bit by bit. Oh, and get yourself an O'Reilly Safari subscription, a nook/kindle/whatever, and start, as my friend Jeff says, consuming massive quantities of text.

      And seriously, consider running, you are in for a long, dark road of evil.

      --

      --Nuintari

      slashdot : where an opinion can be wrong.

    3. Re:Step 1 by pvera · · Score: 4, Insightful

      I don't understand why this is modded funny, it is the correct plan of action assuming the move was voluntary. If this is a programmer that is trying to bail out of a sinking ship and this was the only job available at equivalent pay, then it is a completely different issue.

      The biggest red flag is the "unlimited budget" that doesn't cover hiring a properly trained network admin, instead pushing him/her to learn the whole thing from scratch at the same pay.

      --
      Pedro
      ----
      The Insomniac Coder
    4. Re:Step 1 by poetmatt · · Score: 4, Informative

      Underpaid, underappreciated and overworked? Get back to work!

      Network admins, unless they are basically amazing, are in for a typically rough ride through trying to get things to work, as things perceived as small changes can have enormous impact on network stability. Then you get to things like bad password policies, bad hardware policies, bad security policies, bad corporate policy and a good portion of the time network administration is just not worth the time.

      If it were $75-90k a year maybe, but otherwise definitely not worth more stress than pretty much any job that exists today including hard sales.

      Things to do: buy enterprise grade hardware, do not ever compromise on best buy/off the shelf hardware, restrict access as much as possible (and lock down ports as much as possible), make sure all devices go through a firewall (outbound) and all inbound connections go through their own separate firewall (inbound). Make sure that all requests inbound have to be requested from internal. Make sure that as much of inbound connections as possible are over a vpn if external.

      Basics: make use of forwarding, proxies, reverse forwarding, nat. Make sure that all of your DNS addresses which are assigned to computers point to internal DNS only, and that the same applies to the servers. No server should have any DHCP or DNS assignments from the local ISP.

      Redundancy: You must have it. At all levels. Check for cable backups, keep spare parts for everything - power supplies, cables, extra routers, extra server ISO's and images, extra copies of VM's, etc. Make sure you have redundant UPS's. Do not daisy chain UPS's (or maybe you can, someone else will comment- I'm no UPS genius).. Make sure things are not physically linked in a way that when one thing fails, so cascades the rest. This means UPS's with hot swappable batteries. Make sure you have multiple switches and all servers have at least 2 NICs for both load balancing and additional fallover.

      Check for shit people don't think of - check where the servers are located, what cables are running overhead, dust situation, etc. Make sure that the cooling for the server rooms is appropriate and is set up such that if the leak plate (forgot the proper term) floods it won't drip directly on the servers. Check for maintenance schedules, physical and software, check for licensing being followed, check for PCI compliance. Check security requirements for the server room, for the pcs.

      Additional redundancy: virtualize wherever possible, hardware permitting. Offsite backups, offsite hardware backups.

      Additional: prepare for hilariously large amounts of fucker trying to deal with authentication between linux and windows. Linux is well documented and complicated. Windows is well documented and complicated.

      Lastly:
      Keep at least 3-6 full bottles of hard alcohol on hand, a 2 week resignation notice, and a mini-fridge full of beer in addition, and depending on the state you're working in, maybe keep a gun on hand if you're licensed and it's legal.

      Oh and don't forget, being a network administrator has basically NOTHING to do with being a network administrator. It's more like managing a circus of crying babies who have no idea what the fuck they're doing.

    5. Re:Step 1 by bberens · · Score: 4, Funny

      I dunno, seems like a cake job to me. As a programmer I can assure you that the problem is never the network. Just ask the network guys, they'll be sure to tell you. Never mind the trace-route, pings, and FTP client log showing 100 byte/sec transfer speed I have provided, the single green LED graphic on the monitoring tool indicates with absolute certainty that all things on the network are working swimmingly.

      --
      Check out my lame java blog at www.javachopshop.com
  2. Don't Do It!!! by rwv · · Score: 4, Insightful

    Administering networks is best left to wizards and warlocks.

  3. Step #1 by Anonymous Coward · · Score: 5, Insightful

    Hire a professional :)

  4. Welcome to management by characterZer0 · · Score: 5, Funny

    1) Use your unlimited budget to hire a network administrator.
    2) Go golfing.

    --
    Go green: turn off your refrigerator.
  5. This isn't a boon. It's a curse. by Anonymous Coward · · Score: 5, Funny

    I have this job now and my girlfriend tells me I wake up almost nightly screaming. I can't help but think they're connected.

    1. Re:This isn't a boon. It's a curse. by PrimalChrome · · Score: 5, Funny

      Haven't you seen Inception? You're still sleeping....the girlfriend should have given it away.

    2. Re:This isn't a boon. It's a curse. by dkleinsc · · Score: 4, Funny

      That's clearly crazy talk. Admins don't have time for girlfriends.

      --
      I am officially gone from /. Long live http://www.soylentnews.com/
  6. you just need to learn one thing by roman_mir · · Score: 5, Funny

    All you need is the cloud.

    What you do is get a cloud. Just connect all your machines and networks and cables to the cloud and you will be aaaaalright.

    --
    You can't handle the truth.
  7. Whatever you do... by Bobfrankly1 · · Score: 4, Funny

    ...don't take any lessons from anyone employed by Sony.

  8. Did you hear that? by DomNF15 · · Score: 4, Informative

    It's the can of worms popping open... You don't necessarily have to "buy" physical routers, switches, etc. These days, you can simulate pretty much any network setup you want via software and see how things work out: http://www.gns3.net/ Also, asking "us" what hardware you should buy is like asking someone what kind of computer you should buy, the question is too general and the answer will depend largely on the business/security needs of the company. Tannenbaum wrote a very good book about TCP/IP networking which you may want to read: http://www.amazon.com/Computer-Networks-Andrew-S-Tannenbaum/dp/0131651838 Aside from that, you should look into the basic requirements for network administration/security and make sure you understand and know how to apply them, the topics listed here could be a good starting point: http://en.wikipedia.org/wiki/CISSP

  9. Run... by dakkon1024 · · Score: 4, Informative

    I am a 12 year veteran of the field. My official title is Sr. Technical Engineer. I work for a small (15 person) consulting firm. I’m being completely straight w/ you. Start looking for a programming job. This is the end of my advice.
    If you need to fake it for a while, setup w/ a well-respected school in your area for your CCNA. If you have no budget concerns schools w/ equipment stacks and solid instruction will beat out any other option.
    But seriously, you’re making a bad career move, this isn’t meant to be funny.

  10. Hire someone who knows what they're doing by Sir_Sri · · Score: 5, Insightful

    Seriously. If you're learning networking from scratch you are not prepared to be in charge of a network with 100 computers. If you screw it up, you could mess things up for days. Start at the bottom and work your way up, or hire someone who knows wtf they're doing, you could contract in someone (there are always going to be consultants who do network around). Bring one of them in, have them go over some of it with you.

    The 'go read a CCNA book' advice isn't far off. But if you're already in charge CCNA is at least one step down from where you want to be.

    I reiterate: use your money to hire someone else. Either hire them to actually do the job and become network manager, or hire a consultant in (be prepared to see this person regularly for a year or so) to come in and help you get things going. Make sure you have people on staff who actually know what they're doing, and can tell you when you're being an idiot.

    Going from programming to network administrator may as well be going to predator drone pilot. You use computers and networks, and familiarity with computer skills is great, but they are very, if not completely different skills. And while you're at it you need to learn to be a manager, because most programmers don't learn about budgets, HR practices, setting security and devices on the network policy and all that but from the sounds of it you have to decide how to spend money.

  11. Views from a New Entrant by imlepid · · Score: 4, Informative

    what's the right strategy here?

    Proceed with caution. Make sure you enjoy networking and that its challenges interest you. Networking is very different from programming and also different from desktop support.

    What routers or switches or other equipment should I acquire?

    I have extensive experience with HP Procurve equipment and I have been satisfied with their stuff. (In the network I manage we have about 120 HP switches.) They are pretty reasonable in price and have a lifetime warranty on their switches and routers (I just got a replacement for a part for something that was manufactured 10 years ago, no hassle). Cisco is good if you like features, have a large network, and enjoy spending money. I would avoid Netgear switches (unless you need a small desktop switch (e.g. GS108) to provide more ports) as I have heard bad things but I have no first-hand experience. Expect to pay around $1000-1800 for a good 48-port Gigabit switch.

    What books should I read? Should I take classes from Cisco, Global Knowledge, my local community college, or somewhere else?

    I would look to achieve a "CCNA level" knowledge. For a network of about 100 devices you won't need much more. You can do that by simply reading a book (e.g. the CCNA prep by Lammle or Cisco Press), self-study (e.g. books alone or with video) then trying to pass the test, or taking a classroom course with Cisco or GlobalKnowledge. The material covered in CCNA is useful even if you use Procurve devices (although vocab will be different, such as "vlan trunking" (Cisco) vs. "vlan tagging" (Procurve, IEEE 802.1Q))

    Background: I managed a network at a scientific research center (1000+ end user devices and a couple hundred servers). Its a mix of Cisco (core) and Procurve (edge). I have been working in networking full time for 2 years (I was in the poster's shoes not long ago) and with computers for about 5 years in a professional setting.

  12. This is how I read it... by canadiangoose · · Score: 5, Insightful
    Dear Slashdot,

    I'd like to become an expert in a field in which I have no experience.

    It takes many years for most of the folks working in this field to gain the knowledge required to be effective, but I am very, very smart. So much smarter than most people, infact, that it shouldn't take me more than a month or two to get a firm gasp on things.

    There's just one small problem that is preventing me from teaching myself everything that I need to know to be able to do my job well. See, I'm not smart enough to know how to even begin to teach myself anything about this field. I'm sure if someone could just point me in the right direction, I'm quite sure that I'll be able to make sense of things.

    Also, which vendors provide "easy" buttons on their gear?

    Please advise.

    MrGenius

    --
    Never eat more than you can lift -- Miss Piggy
  13. Here's what to do. by Stargoat · · Score: 5, Interesting

    I'm buried so far down here, I'm sure no one will read this. But here is what you need to do.

    1. Before you begin, attend a Cisco / Global Knowledge CCNA bootcamp. You may not leave able to program routers like a master, but you'll learn how networks work.

    2. Visit every PC, Server, Router, Switch. Put eyes on everything. Create a master spreadsheet. Document model numbers, IP addresses. Create Visio documentation of the way your network is set up. Document everything. You need a good deal of cabinets to store it all.

    3. Decide what is the most deficient part of the network, fix it with the simplest solution. If you're using hubs, buy switches. If the routers need to be rebooted constantly, buy new routers. Above all, keep it simple. If possible, stay away from V-Lans, encryption software, Linux, or anything else complicated. Do this every year.

    4. Buy one third of the total number of PCs of the network plus ten percent. Buy only one model. Create a central image with Acronis and modify that image as necessary. Deploy these models. Repeat for the next three years.

    5. Outsource security. That way, when it breaks you can blame someone. At the same time, make sure you can monitor security to prevent breakage.

    6. If possible, outsource your main application. You don't want to support the product that everyone in the institution depends on. You need to keep the network up, not software.

    7. At the end of year one, bring in a network assessment. Tell the assessor what he needs to find before he arrives. Use that the next year to justify your new purchases.

    8. Make sure you stay friends with the president / CEO. When it is necessary to reorganize the server, etc, it will be necessary to have his good will.

    9. Be prepared to work like a sunuvabitch for two years. Take your spouse / GF out when you can.

    10. Don't let them make you program again. You're a network admin. You cannot support your old programming team.

    --
    Hoist Number One and Number Six.