Category: Operational Policies

Bad Recruiting

The methods used today fail to connect the capable and willing contractor or employment seeker with good jobs.

I have experienced a great increase in job offers; all at 1970’s prices. None have come from the actual consumer of my professional services.

Many of the people that contact me are reading from scripts and have no idea what your expressing in technical jargon. Yet they are your first assessment.

Subsequent contacts in the chain of those contacts prove a further distancing from a firm understanding of the job.

Technical questions cannot be answered.

The automated scanning of resumes to create matches for the solicitors to contact you, miss critical points like REMOTE ONLY.

Could real people contact me after reading the resume and visiting the websites please. Be a check signer; a decision maker with needs.

The “Novice Threat”?

Novice threat…

bll_red_shirt_and_beard Bernard Lambert

The idea that novice or inexperienced people pose a threat belies the fact that the process to get those individuals to mastery is a very secure method due to the process of passing through those apprentice, novice, journeyman, and master programs. Absent of that, how will one read about it, write about it, talk about it, and do it?

purple_crocus
purple_crocus

In IT, certification is insufficient without seat time at the consoles of those tools and devices. The addition of deep problem solving skills and a great deal of experience are the necessary requirements of these complex IT jobs.

For those new to IT, the question is often “How will they get any experience when locked out of job experience?”.

Your thoughts please

NANOG > NewNANOG

November 11, 2021 – Bernard Lambert

The North American Network Operators Group originally came out of Merit University as a function of network study and research. I always found it handy to track Internet core transit problems and solutions. It began over thirty years ago. You can join NANOG lists at https://www.nanog.org/resources/nanog-mailing-list/nanog-mailing-lists/

Back in February 2011 – https://www.merit.edu/news/new-agreement-transfers-nanog-trademark-and-resources/

At this seclists.org you can read all the listserve messages that come from them up to today as well as a wealth of other network operating and security lists. They keep all the messages nicely indexed so you can see what is going on or has gone on in the past.

Another resource for you may be the http://readlist.com lists archives.

Bernard Lambert – November 11, 2021

The Job I Want

With the decades of experience that I have, it is hard to find a contract to perform network or systems work that commands $85 an hour. Please consider these things prior to contacting me:

  • No third party recruiters.
  • All work is contracted either W2 or 1099.
  • Remote work is the only type desired.
  • Equipment can be provided, leased, or sold to customer.
  • All monitoring activities available:
  • zabbix, SolarWinds, Netscout, SOC, NOC, ISE, pandora
  • Firewalls and Load Balancers
  • Palo Alto, F5, Cisco, Checkpoint
  • Scripting bash, powershell, python, ansible, chef, puppet, etc.
  • Orchestration Salt, Ansible, Kubernetes
  • Cloud, hybrid, and captive enterprise systems and networking capable.

Please send your inquiries to System Wrights:

The Forces of Insecurity

Bernard Lambert September 13, 2021

IT security is in a revolution via the present-day challenges and how they are overcome. Some idea of the future is the speculation that follows.

We are presently countering invasions of the communications systems, the destinations along their routes, the systems at any of those destinations, and theft of the information in those systems. It is a vigil. The most often mistake made toward guarding against these things is to “bolt-on” some device or system and let it do the work. The vigil is left to the robots to alert you when things go awry. A most recent hack even invaded the very systems used to do such monitoring.

We are reacting to such things and not being proactive. High grade, high paid help is not employed here. A NOC or SOC is set up where the labor is cheap and fingers crossed; things won’t go wrong. Because of specialization in applications, systems, and networking individuals seldom have the combined talents necessary and are willing to work for much less compensation. The worst I have seen it is for the 150 monitoring systems in a global enterprise dropping from sight without anyone knowing for a long time.

workThat instance was easily remedied with robots to watch the robots along with continuous visual feeds to the NOC and enterprise management personnel. The vigil was reintroduced and easily used. What can stump everyone after such systems begin a cascade of information coming your way, is the sheer volume of the info stream and the adverse effect it has upon the operators of the NOC or SOC. One cannot keep up with the avalanche of data. This is a self-induced attack.

In all cases, the staffing headcount requirement has been woefully inadequate once problems arose. The “averaging” done on personnel cost neglects the real need in a real crisis. Because these happen in an instant an organization cannot react in a timely fashion with such short staffing. Problems are not “headed off”. Some are postponed to a future project. The response is thus untimely.

My recommendation is to establish a broad-based knowledge team to install and operate this vigil in a distributed fashion. You can use a cloud, do a hybrid, or build a data center. The team you hire to do the systems, application, networking, virtualization, cloud security, and compliance issues must have integration experience and integration skills. Yes, pay the man or woman more than fifty-five an hour.

What is your experience??

Liar’s Dividend

I was listening to an interview on the TV where the fellow described the method where one tells a lie and continuously reinforces it to further one’s cause. He was describing Trump behavior. After a thorough detailing of how it works we were reminded that this behavior has a common name; Liar’s Dividend.

What was very interesting was that the way it works was well explained. The one telling the lie can set the agenda by first offering up the lie. Thereafter anything that reinforces that lie is used to keep it out in a debate. In that process, the lie is made legitimate because it is accepted by at least a small group of supporters.

Fast forward to today….

Wharton School gradute speaks dividend!

Bernard Lambert – September 7, 2020

Core Competency…REALLY?

I was engaged recently in a project to identify the traffic on a global network to solve slowdowns in the work being performed by engineers on high performance workstations.

The most difficult part of the work was the total lack of tools. The second most difficult thing was the failure of the management to be concerned about that.

The mission was to gather requirements to be submitted to enterprise network plan, build, and run teams so that the slowdown problems could be remediated.

As I began the requests went in for basic information like a global network map, monitoring tools, and access to machines in order to place probes.

Network maps, either physical or logical, were non- existent.

The monitoring tool was a well known more than adequate management and performance monitoring system that I had used for many years. It was not set up properly, it could not retain much information for analysis, and custom reporting access was refused. It was installed in three regions without any joining together of the database backends.

Requests to get access to the machines to place probes was refused.

While this is going on I learn that the purchase of undersized, out of specification, equipment for a remediation of a site that was a decade overdue was being done so that a schedule was met and the money spent before the end of a fiscal cycle. The kind of work to be done on the site had no bearing on the decision.

One other interesting thing was that all datacenters were to be consolidated by collapsing them into fewer and fewer sites all colocated off-site from existing corporate sites.

Everyone in every technical discipline was concerned that the plan was inadequate and that given past practices the future was not going to be good.

The corporation was grown by acquisition. It was not grown by innovation. Decades old talent that had worked at the acquired organizations left in droves. Those that remained were waiting for their retirement.

When asked about why the organization would place their data centers into another organizations hands the reply was “It is not our core competency”.

Given the experience one wonders what is their core competency? I know! Pass the buck.