How to become a network administrator

Chris Sienko: All right, hello and welcome to this week's installment of the Infosec Institute weekly web video series. This week is another career track interview, we are talking to Elias Papatestas, or Eli to his friends. We will be talking today about the career path to network administrator. Just to tell you a little bit about our guest today, Eli has extensive history in the IT industry. He started in the 1980s learning how to program BASIC from computer magazines, and building his first network between two machines with no modem cables. In college, Eli took summer IT jobs, then worked in the IT department for one of the largest stock brokerage firms as well as banks, working in the system and user administration.

Eli then started to work as a consultant, then work for a number of years providing training for telecommunications technicians, starting to work with IP-based networks and VOIP. With over 15 years' experience in corporate and professional training, Eli has experience with needs assessment, process documentation, help file development, e-learning, and traditional training course development. His experience spans financial, government, telecommunication, and pharmaceutical industries. Eli has numerous IT certifications across system and network administration as well as IT security, and again, today we are going to talk about the career path to network administrator. Eli, thank you for being with us today.

Elias Papatestas: Thank you, Chris.

Chris: Great. Tell me a little bit about your background. It sounds like, based on the bio there, that networking computers has been your interest from the very beginning, so what drew you to the profession and the process of networking, and what keeps you excited about it?

Elias: Well, I was a teenager sort of around the birth of the personal computing industry in the '80s, and both of my parents were interested in computers. I was also lucky enough to live in an area that we had computers available in school, so I learned to program and tinker pretty young, and through that, got interested in IT in general. Probably, you know, when I went to college, there was computer science, but there really wasn't IT management or that type of fields, because the industry was still fairly young. I didn't see myself as a mainframe programmer or mini-computer programmer, and personal computing was still in its infancy, so you didn't see quite the level of PC usage and the requirement of having network computers the way we did today.

For example, one of my early summer jobs, I was the interoffice mail guy, I literally carried around envelopes, which you don't really have anymore, because it's all via email now. Probably the thing that drew me most to it was I loved learning new things, there was always something else to learn, some new skill, some new trick, some new whatever. Whether it was breaking into the video games we played back then and making modifications to the character files, or it was helping a business do a mail merge, even was something that was interesting back then. It was the curiosity that kept me in it.

Chris: Interesting. For those of us, our viewers who are watching and are maybe just getting on the first couple rungs of the ladder, kind of give me, what are the sort of steps from like basic network person, basic programmer up to network admin? What are the major hurdles to clear to get to that level?

Elias: Well, a lot depends on the size of the organization, but usually the basic tasks would be basic troubleshooting the physical infrastructure of a network, whether it's, you know I think I walked around with an RJ45 cable crimper in my pocket for the first two or three years that I worked with the diagram of the 568A and B wiring diagram with me. A lot of the introductory jobs are, is it plugged in, or you're doing basic installation, following a checklist, that type of thing. As far as managing devices, or let's say you're replacing a piece of equipment, getting a basic configuration onto that piece of equipment, and then allowing someone else to download the full one or update, stuff like that.

A lot of it's checking stuff and then troubleshooting stuff, is probably the first level, which would probably be like a network assistant or something like that. Moving up to network admin is when you're starting to deal more with making decisions about configurations or giving input to the decision making process, and managing the priority of the different tasks that might get done. Whether it's the moves, adds and changes that you'll have on a regular basis, or whether it's the planning for the future because you know there's some new implementation X number of months down the pipeline, for example.

Then the other aspect is, obviously, troubleshooting, frankly, dealing with both end users, again, depending on the size of the organization, the network admin might be the person they call when the accounting computer can't get access to the software, and there may or may not be a separate system administrator compared to the network administrator. Then the other is, obviously, dealing with business requirements in terms of providing solutions, to make sure the business has the IT support and networking capabilities that they need.

Chris: Okay, now do you work a lot with the sort of business, managerial element or the C-suite or whatever, or are you still basically working on the nuts and bolts of keeping the system running, or do you work on sort of decision making as well, as a network admin?

Elias: As a network admin, you're probably doing less of the C-suite type stuff, that's more becoming into like the network engineer position, although again, the titles vary by company. If you're working for a small or medium business, you might be doing both.

Chris: That might be everything, yeah.

Elias: Exactly, exactly. You know, that's true of companies with up into the tens or close to hundreds of millions of dollars in revenue. A lot depends on the size in terms of people, as well as the size in terms of number of locations, will kind of dictate some of that type of stuff. Yeah, as an admin, you, even if you're not an engineer and you're not doing the communication with the C-suite, you're still working to implement whatever business decisions might've been made, and hopefully you're focused on not just, "All right, we're getting this done," but the why, so you can pass suggestions back the other direction sometimes as well.

Chris: Right, so there is something of a managerial role in itself, in that you're sort of dealing with the boots-on-the-ground people and making sure that they have the information or access that they need, and things like that.

Elias: Exactly, exactly. Yeah, in most organizations over, let's say, one location or 30 people, there's probably at least one assistant that you're going to direct in terms of doing triage versus planning versus troubleshooting, et cetera.

Chris: Right. What would you say are some of the most interesting parts of the job on a day-to-day?

Elias: For me, it's still the, "Wow, I had no idea," aspect of it. I've been working with and tinkering with different pieces of equipment, one of the things I actually tell my students all the time is in 20-plus years in IT, and now 12-plus primarily working doing instruction, I have yet to teach a class where I didn't learn something new. Same thing when I'm working with clients, obviously the industry keeps changing, so while you need a basic grounding on the standards that have been in existence for 30 years, you also need to understand some of the new ideas. There's always some new change or feature that you may decide to implement, and that's really the part that's so interesting.

Chris: What's something surprising that you've discovered recently that you might be able to share with us?

Elias: Geez, in terms of networking, that's a tough one, Chris. I would say, probably some of it's the changes in the defaults, and probably the biggest thing is the way that security is being handled. Probably one of the big changes you're seeing now is the expectation or requirement to have some form of either security in terms of configurations or security in terms of transportation of data on the network. There's always a business life cycle for equipment. You know, when I started my regular corporate jobs in the late '90s, early 2000s, security wasn't really an issue.

Security has been more and more of an issue recently, but as you try to implement security, for example, providing for encryption of data that's being transmitted, a lot of times the equipment is sold, like yes, it supports encryption, but how many concurrent sessions, how much bandwidth? Stuff like that, so the difference between what's advertised and the true capabilities are always surprising.

Chris: I think, as we've looked at, or we've talked to a number of people about their various career paths and so forth, the one thing that sort of connects all of them is what you just said, which is basically it's not really possible to be so sub-specialized that you don't see the outside world. If you're going to do networking, you have to have some knowledge of security. If you're going to do security, you should know how to move the wires around and stuff like that. If you're going to do instant response, you should know how networks work, and so forth.

Elias: Absolutely. You know, and there's no, I mean even at large organizations that have a separate IT security, networking and system admin, you have to be able to communicate between the groups, because at the end of the day, unless you are working in a sort of managed service environment where your product is networking, you're supporting a business process. You have to keep an eye on that as well, and at the very least, ask the questions or communicate with those other team members to make sure that you're enabling those requirements as well, and that those other requirements are well-designed, well-written.

Chris: If you find yourself promoted to the role of network administrator, you make your way up, what day-to-day tasks will you leave behind from your previous network working jobs, and what skills would you need to acquire on the job or in the moment?

Elias: Probably the biggest thing, and I think this is common across a lot of industries, as a network admin, like I said before, you're likely to have, maybe you have a small team. Usually if you're being promoted to an admin spot, it's because you came up from an assistant position or something like that, or network analyst or something along those lines. Usually if you are at a large organization where you see that type of progression, you're going to be giving up a little bit more of the day-to-day, you know, "this user can't connect to the internet", that type of thing, and get more into the planning aspect, working with the network engineer if there is one, or as we said, maybe potentially working more directly with the business requirements to implement and match those requirements, that you're being more proactive than reactive, is probably the biggest change, hopefully.

Then, so probably the skills you need once you get to admin, you're getting outside of just pure networking skills and pure IT skills, let's say. Now you have to get into the aspect of project management, team management, et cetera, communication, it's really important that the networking department doesn't get too siloed, so that your voice is heard when decisions are being made. That's partly, as an admin and/or engineer, your goal is to be the voice for your department, really.

Chris: Once again, like I say, I feel like we're connecting all of these different career track videos, but everyone has said the importance of communication is really important, written communication, spoken communication. Again, for anyone who's considering this position and is just thinking that you'd just get to move networks around and fiddle with things on a day-to-day basis, you still need to make your theories understood to other people, both people beneath you and people above you.

Elias: Absolutely, especially as you progress higher up. If you're a network analyst or a network for systems, it's not as big a deal, but once you get into being the engineer or the admin, it is a business position, not just an IT position.

Chris: Now Eli, you teach some classes with us here at Infosec, and obviously certifications are a big thing with our company. What are some certifications that aspirants should pursue on their path to becoming a network admin, what would be the sort of cert track, if any?

Elias: You know, probably the gold standard of networking certifications is still Cisco CCNA Routing and Switching. It's well-respected, it has, since its inception, had a hands-on portion, even though it's not actual physical equipment hands-on, it's at least emulated or scenario-based. The knowledge part of it as well, the requirement really is to understand the concepts. The fact of the matter is, even with all the changes we've seen over the past 20 or 30 years of new technologies and the move to voice or IP and anything as a networkable service, that basic understanding especially of basic data flow is critical, and probably the CCNA gives you that better than any of the other certs.

Before the CCNA, there's the CompTIA Network+, which is also an excellent starting point, although less hands-on, more theoretical. Then beyond that, there are, Cisco has its own range of specialties, but I would say then it depends on what vendor you're more likely to work with. Getting a firm grasp of the command line or interface configuration for, again, whether it's command line or a graphical user interface, for really doing configurations as well as troubleshooting, is probably your next step up, is trying to be more product-specific at that point, after you have the basic understanding.

Chris: How strongly weighted do you feel that certs are in the interview process? Do you think hands-on experience or certs are more heavily weighted by employers or interviewers these days? Can you get through without one or the other?

Elias: I think that as you're moving positions or changing jobs, whether you're changing jobs or careers, the fact of the matter is that having a certification is a gateway to getting the interview in most cases. There are, obviously, you know and I still think this holds true, there's a classic discussion of the best way to get a job is to have a friend who knows about a job, word of mouth. The reality is, even if you have a friend, you're still going to usually have to go through a corporate process to get through the interview process. If you don't meet at least the minimal number of requirements, it's going to be harder to get that interview.

That being said, I think that once you get to the interview, especially if you are applying for a more senior job, that it is critical that you really can do the hands-on work, or show that you can learn the hands-on aspect of that particular job because you know the concepts so well. For example, my background has mostly been working with Cisco equipment, so if I was applying for a job where they had Juniper equipment, which uses a different command line for configuration, there'd be a learning curve. That being said, I know enough about it and I know which concepts apply across the board, that I could probably demonstrate some skill there, so you have to have a little bit of both.

Chris: Now, what is the sort of work culture like for the average network admin? I mean, we've talked to incident responders who are traveling from city to city and holing up in hotels, and other people who are kind of on call around the clock. Is a network admin sort of on the clock all the time, or do you keep banker's hours? Do you have a certain workflow through the week that changes?

Elias: Again, it's really dictated by the size of the organization. I know usually as a network admin, especially at like a larger office, you're going to be tied to your location and working relatively long hours, and again, it depends. In traditional networking, I think you're seeing a trend where 10 or 15 years ago, they might have tended to maybe have more staff, and now there might be less staff because of automation or the demand to reduce costs of what's traditionally a back office department. In those situations, you tend to be on call an awful lot, although that can be balanced among team members depending on the size of the organization. Yeah, you're usually working a regular nine to five, and then if there's some project or if something's gone wrong, you're basically there 'til you fix it, type of thing.

Chris: I imagine that you're probably on site an awful lot, because you have to be sort of there for the technical issues and so forth, there's not a lot of work from home or anything like that, other than when you're on call and you have problem solving to do.

Elias: Yeah, exactly. Again, it depends. In more stable architectures, there might be a little bit more opportunity for work from home, as long as you can respond within X number of, you know within an hour or two or something like that. Then there are some network admin-type jobs that are, as I said, like in managed services you might be traveling all the time, but effectively you're a network admin for hire with those types of consulting jobs. Where you might be at one location today and another city tomorrow, depending on the size of the organization you're working for, but all of the work is admin and troubleshooting-related.

Chris: Are network admins kind of self-directed, or what would be like the next level up where you would be taking direction from, or are you really working from the top down?

Elias: I think admins tend to be pretty self-directed. They tend to be given requirements to be met or needs that have to be met, and they have to figure out how to make that happen. Whether it's we need X amount of connectivity, we need to support voiceover IP, there's some new service, we're doing video streaming, what do we need to make that happen? Again, that's where you get crossover, admin versus engineer, depending on calling titles. Yeah, they tend to be very self-directed at that level, where they might, again like I said before, as you move into network admin, you're going to do some triage, you're going to pass some paths along to other people, you're going to have to figure out what needs to get done in which order.

Chris: Are you in charge of things like directing budgets or new acquisitions of tech and things like that?

Elias: Potentially, yeah, and that's, again, where the communication comes into play. The more you get into the budgeting process, the more you need to be able to communicate the needs in a way that other departments and other executives will understand.

Chris: What are some of the common mistakes that people make on the way to becoming network admins? I mean, you could focus too much on racking up a bunch of certs, or maybe you're not learning certain skills, but what is a common thing that you see that people do wrong in trying to climb the ladder?

Elias: Well, in terms of like everyday type of stuff, not understanding the default settings for the equipment that you're working with, and tweaks and changes that need to be made. I think another big one is not documenting things when you fix them. Chances are that any problem you have on a regular basis is a problem you're going to confront again later on, and I've run into this before. When I first started in IT and networking, it was solve the problem, move to the next problem, solve the problem, move to the next problem. Now, I have more of a solve the problem, write down what I did, because the next time I have it I want to be able to refer to my notes so that I can solve it much more quickly, rather than having to dig around.

Then I'd say another is the planning aspect of it. Not so much within a career path, although to a certain degree there, but in the job role, again, moving to being proactive rather than reactive, so that you can administer in a synchronized fashion, basically.

Chris: Okay, that is interesting. Can you talk a little more about the problem solving flowchart? Like you said before, it was, you would solve a problem and you would move on, but there's a lot more emphasis on documenting all the problem solving. Talk a little bit about the overall, I guess the health of your network. You're looking at all these past mistakes, and are you reviewing them just independently, or when another thing breaks down, you're going back to your notes, or how does this skill set build up, I guess?

Elias: The first thing is, I would say a high-70%, 80% of jobs, when you come into a network, unless you're building a network from scratch, the chances are that the documentation you're going to be given doesn't match how things are actually wired, set up, put together, so that as you start working with your network, you want to update whatever existing network diagrams you have. That's the first part of it. The next part in terms of troubleshooting, so if a problem occurs there, you know again, and a lot of times you can solve the problem, but it may be difficult to identify the root cause. Then you have another related problem, and you keep your notes to say, "Right, this is how I fixed it," but then eventually you can kind of build the framework or go, "Oh, now I understand what's going wrong," so that something keeps happening or something that seems intermittent actually has a pattern.

Keeping notes will help you identify, "Right, this happened X number of times in this time period," or like whenever we had a lightning storm, this device would power off and power cycle, and somehow the default config keeps getting reloaded, or something along those lines.

Chris: That sort of saves time and money, and you're not reinventing the wheel every single time something falls apart.

Elias: Exactly, exactly. Then the other aspect is, if you're working with a team, making sure those solutions get disseminated, so that no one else is reinventing the wheel.

Chris: Yeah, you're not cleaning up their mistakes as well.

Elias: Exactly.

Chris: Again, a lot of our viewers who have been watching these videos so far have said that they are just looking in to sort of see a career path that seems a very long way away from whatever it is they're doing, whether they're just in a call center, like you say, in a mail room or some other sort of thing. I guess one question I always like to ask is, what is one thing in a person's current position that they could change today that would bring them one step closer to becoming a network admin? Is there a task that you could request from your boss, "I want to start doing more of this," or whatever, that would give you that skill to give you a leg up?

Elias: I would say that the first thing is to start, if it's not your main field, if you're not in the networking field at all, is to start tinkering with your personal network equipment at home. Most people have at least a home router, wireless network, et cetera, you need to start looking at that stuff, install some of the software that you could use to examine network data flow, and really start asking the like "how is this working" questions. You know, because even though the complexity level is much greater in a corporate environment, your personal home device is a router, switch, wireless access point, so it does give you at least the ability to start looking at how does this stuff actually run, and how can I tweak it if I needed to get this performance and that performance, you know what I mean?

Chris: Yeah, absolutely.

Elias: That's probably the first part, and then if you're in the field and you're trying to move forward, it's, I think being proactive and working with whoever is the next step up to showcase that you're ready for either more responsibility or you're giving feedback that helps them be proactive, that type of thing, is the other, at least within your organization. Then I think if you're trying to move between organizations, frankly, getting a certification is probably the first step. Like I said before, it's almost always how you get your foot in the door for getting a new job, especially if you're going in between industries, where it might be hard for you to define how your job skills apply to their infrastructure.

Chris: Now, jumping back a little bit, like you said, if you're at home and you want to be tinkering with your home device, I imagine there's a lot of free online resources, YouTube and whatnot. Are there any hazards of learning by doing or learning by free tutorials and things like that that we should be aware of?

Elias: No, I think there a number of pretty good free tutorials, I mean there's a number of fairly terrible spoof ones that are somewhat obvious. Like there's some classic networking ones where people wrap a wire around a wire and say it gives them more bandwidth, or something like that, but for the most part, there's a number of excellent resources, both in terms of how-to videos as well as documentation. I mean, most vendors provide their documentation free on the internet, and you can start researching about what are these options, what are these settings. There's also, I think probably one of the biggest things in terms of learning the next level is, if you don't have access to the physical equipment that you want to learn about, eBay is a great source for used equipment.

I used to keep a rack of Cisco equipment at home just for labs, but nowadays, you can virtualize almost all of that through tools like GNS3. I know actually, Infosec Institute has a number of GNS3 blogs on their site. There's Cisco's VIRL product, which requires a little more admin background to set up, but is a great virtualization tool. I know lots of network admins that they'll often have a virtualized environment that duplicates their actual corporate network, so they can do "what if" scenarios that way before they do implementations.

That's probably one of the biggest things, is you really want to start accessing those resources so you can, if you're more towards the theoretical side, you develop the hands-on side. Because at the end of the day, the certs help, but you need to really be able to demonstrate, "Yeah, I know how to make this operate, and I can at least troubleshoot by finding out what is the config, what are the settings."

Chris: I suppose it's probably a lot safer if you're fiddling with your home network, and if it breaks, it's not as big of a deal as if you're testing out your work network, and so forth.

Elias: Exactly. That's the other benefit of using some of the virtualization tools, is if your virtual network goes down, generally you're still okay.

Chris: Yeah, you can go really wild if you want, and experiment and so forth.

Elias: Exactly.

Chris: Are there any new technologies or skill requirements that are coming up in the networking field that people should be aware of?

Elias: Well, I think probably one of the big ones is, along with the move to virtualization, we have the move to virtualized networks, so that's probably one of the biggest areas, is virtual network management. Other areas are software-defined networking, is probably a big area where the move to… rather than really defining the equipment by its physical type, you'll have effectively a device that has multiple networking ports, and then it can be a router or a switch or a firewall or an IPS, but that's all managed centrally by a controller, so learning about how software-defined networking operates is a big part of it.

Then obviously, interacting with different cloud services and some of the aspects of wide area networking, where it used to be the majority of resources would either be local to your location, maybe in a different VLAN or LAN off of another router, or at least a corporate data center. Now, chances are more and more you'll see something hosted in the cloud, and you have to deal with, how do we provide dedicated bandwidth, how do we assess our needs, how do we do security and interact with our cloud vendor to do those things.

Chris: Do you think that's going to be across the board in the years to come, or is that still a niche thing at this point?

Elias: No, I think it's going to be across the board that more and more services are definitely hosted in the cloud, and even internally hosted stuff is more likely to be virtualized, so you have both those aspects. Then the ability to purchase the functionality of router, firewall, antivirus, any of the networking defensive tools through a cloud provider by having your internet and LAN networking routed through that provider. You're not troubleshooting the physical equipment, you're troubleshooting the configurations.

Chris: All right, well this gives us a lot to think about, for people who are considering networking, network admin jobs. Do you have any final tips or encouragement for our listeners?

Elias: Yeah, I mean one of the things is, there's still a huge demand for these skills. Most businesses, while they may be staffed up, a lot of time people are still falling into the like, "I know how to do this because of the checklist," and so there's still a high demand for people who can move beyond that basic checklist, to help provide solutions, not just quick fixes.

Chris: That sounds great. Well, thank you very much, Eli Papatestas, thank you again for all of your insights today. For our viewers and listeners, I'd just like to remind you to check out our YouTube page for all the other video interview series, security awareness topics, tool demonstrations, and lots more. Also, several of these episodes will be in audio form if you prefer listening to podcasts. Please check out Cyber Speak with Infosec Institute, which I believe is in process now and will be on the site very soon. Also, as Eli pointed out, the Intense School resources page, that's resources.intenseschool.com, has a generous supply of GNS3 routing tutorials that you may check out for free, they include their own config files and so forth.

If you'd like to read more networking information, again, resources.intenseschool.com, and also resources.infosecinstitute.com for the security side of things. Once again, thank you very much, Eli, for being here today, and thank you all for watching. We will see you again next week.