New Book Review – PKI Uncovered

I recently had the pleasure of reading PKI Uncovered: Certificate-Based Security Solutions for Next-Generation Networks from Cisco Press.

This book sure packs a lot of info into a slim 252 page book. I was pleased to see that there was no lack of technical content.
The book seems to be targeted at experienced  cryptographers as well as those reading about the subject for the first time. This is evidenced by the first chapter: Crypto Refresh. This chapter reviews key concepts that lay the foundation for the chapters to come.

I really was impressed with the detailed diagrams included in the explanations and examples. Many times, high level concepts are not illustrated well, leading to confusion. Not so in this book.

This book also includes a nice chapter on troubleshooting. PKI can be a challenge at times to figure out just what is not working. The troubleshooting chapter breaks down the process into three logical areas: Keying Material Generation, Enrollment Process and Certificate Use and Validation. By breaking down the troubleshooting process in this manner, the reader is shown a methodology for identifying and isolating problems in a logical and sequential manner. Yes, there are plenty of examples in this section showing output from devices to support the narratives. The chapter ends with several pages of troubleshooting flow charts that will be a valuable tool for all that are faced with trying to fix PKI problems.

The book also includes chapters on PKI design in general along with specific  solutions including Site to Site VPN’s, Remote Access VPN’s, 802.1x, Unified Communications and Cisco Virtual Office.

I have carved out a slot on my security bookshelf for this great little gem. I think that anyone that is currently designing and supporting any PKI infrastructure or someone that is just breaking into PKI can benefit from this book.

You can see excerpts from PKI Uncovered here.

Larry Hadrava
CCIE #12203

Scott Morris Launches New Training Initiative

Scott Morris, CCIEx4, CCDE, JNCIEx2, CISSP to Launch Nova Datacom Education Services Offering

Complementary Open House to Include Training Sessions by Morris and other Noted Instructors


Chantilly, VA – February 1, 2011:  Nova Datacom, LLC, a provider of information technology services to the public and private sectors and a CompTIA Authorized Partner, a Cisco Learning Partner and a Cisco360 (CCIE) Learning Partner, today announced the upcoming launch of their Education Services offering, spearheaded by Scott Morris, Nova Datacom’s Chief Technologist, and partner Learning Tree International.  Scheduled for February 16th, in Chantilly, VA, this one day event will allow attendees to meet with Morris and his team, attend sample training sessions, and familiarize themselves with the offered curriculum.

 A well-known figure in the IT industry for over 25 years, Scott Morris, CCIEx4, CCDE, JNCIEx2, CISSP and Cisco Designated VIP, has fulfilled a number of roles within both the public and private sectors. As a Certified Cisco Systems Instructor (CCSI) and Juniper Networks Certified Instructor (JNCI), Scott has provided world-renowned CCIE training since 2002. He has delivered courses to a wide variety of audiences including internal training at Cisco Systems.

 Offering formal classroom instruction with full lab and NOC, or on-site worldwide, Nova Datacom, under the direction of Morris, will offer a variety of training curriculums to satisfy a broad range of requirements.  Additionally, Morris concentrated on recruiting top level instructors to provide unparalleled course delivery.

 “I’ve selected instructors who maintain a wide area of consulting and training experience to best present information as it relates to specific customer environments,” noted Morris. “Combining this deep knowledge with the ability to operate in both classified and unclassified environments allows our team to be even more effective at conducting training sessions that address specific security concerns, current vulnerability gaps, and pressing mission critical requirements- conveniently located where our customers need it most.”

 Additional instructors include Marvin Greenlee  (CCIEx3, CCDP, JNCISx3, CISSP) and Keith Barker (CCIEx2, CISSP, and Cisco Designated VIP).

 With 15+ years experience in the IT industry, Greenlee has been instrumental in the development and delivery of high-level technical training courses for live and online classes. Likewise, Barker, with 25+ years in the IT industry, has been involved with the creation and delivery of training in classroom and large audiences since 1995.  

 Sample training courses to be presented at the Open House were designed by Morris and his team specifically to showcase their ability to target courseware to specific topics of interest.  Sessions include:

 Subnetting and Binary Math for IPv4 and IPv6: A review of subnetting techniques and how to best identify appropriate configurations in both IPv4 and IPv6 networks. Practical and designed examples given.

 Multifactor Authentication: Maintaining confidentiality is critical for a secure network. In this lesson we will learn about multi-factor authentication, as well the strengths, weaknesses and best practice for each.

 BGP Attributes and Path Selection: When using BGP for Inter-Autonomous System routing, it is important to know the features and attributes that allow for manipulation of path selection. If studying for certifications, this will also help in choosing the right solution for abstract problems given to you in practical labs.

 Understanding MPLS for the Routing & Switching Engineer (CCIE Focus):  A new method of thinking and moving information around the network, as largely adopted by service providers around the world.  Session breaks down the concepts and demonstrates network effects. Includes demonstrating how a CCIE candidate identify, implement and work through any scenario in a short period of time.

 If you would like to attend the Open House, please register at

 Or click the link to register for the Open House from ‘s homepage.



About Nova Datacom:

Nova Datacom (NDC) M/WBE 8(a) provides solutions that expand, improve, and strengthen client capabilities to satisfy mission assurance objectives. Focused on four practice areas, Business Continuity (BCEP); Information Assurance; Governance, Risk, and Compliance; and Enterprise Networking, NDC provides expert-level expertise and proven past performance across multiple technology segments to the public and private sectors.

 NDC’s approach combines operational planning, budget optimization and cutting-edge security measures to provide a solid framework for daily operations that withstand disruption. We accomplish this through continual training and vendor agnostic technology expertise resulting in a team of the best minds in the IT community.

 SBA-Certified 8(a), SBD, Minority Woman-Owned | Nova Datacom: Security is in our DNA

 About Learning Tree International

Learning Tree International sets the world standard for hands-on management and IT training. Since 1974, over 2 million Learning Tree Course participants from over 65,000 organizations around the world have enhanced their skills through intensive hands-on exercises under the guidance of expert instructors with real-world experience.

New Years News From Narbik!!!!!

Hello All:
Happy  New Years!!!! Narbik sent this note to Eman Conde  letting him know what he is doing and how he is expanding the product line for CCIE candidates.
Eman and Narbik have agreed to help spread this great news here. Enjoy!!!!

Hi All,

 I hope that you all have a peaceful, healthy, and wealthy new year. We saw lots of changes in the routing and switching labs in 2009 and I believe we will see similar changes in the SP, Voice and other tracks as well in 2010. 

 I would like to assure you all that I will continue teaching the tracks like I have been, I just added more material to what I already have in order to make the learning easier and fun.

 I have been extremely busy writing new material, writing material in different tracks, starting my VODs, and God willing soon we will be offering online classes.

 I worked with Maurillio Gorito to tech edit the “CCIE Routing and Switching certification Guide Fourth edition”, an excellent book by Wendell, Rus, and Denise for the written exam.

 I finished the 2500 page 2.0 advanced CCIE R&S.  I’ve worked on the SP work book with Paul Negron (who has tech edited the previous version of the CCIE R&S cert guide and many other Cisco press books).  I’ve worked on the Security work book with Piotr, an extremely knowledgeable person who happens to also be a Dual CCIE (Soon to be Triple).  I have not seen a match when it comes to security. 

 I’ve worked on the Troubleshooting labs with Dan Shechter (a Triple CCIE), what a gentleman, this guy knows his stuff.  I mean he knows it and he knows it well. 

 I am still working on the VODs and online training. 

 Not to mention the fact that I taught 28 boot camps and bunch of custom classes.

 Sometimes when you are this busy, deadlines are NOT met, and sometimes I completed the book; but when I looked at it, I did not care for it, so I deleted the entire thing and started again. Some of my students are getting upset but I WILL NOT SELL CRAP, QUALITY MUST BE THERE or else I will not sell or put my name on it.

 I am also looking into adding other tracks like CCNA (R&S, Security, and Wireless), CCNP, CCVP, and CCSP. But I offer these with world leaders; these are people that rule in this area and have no match. Once negotiations are completed, I will let everyone know who these guys are. If you have done any work in IT, you will know these gentlemen.  

 Starting end of Jan people who attend my boot camp will see a huge change, I have added around 5 hours of additional lecture and I have added the following material to what my students get when they attend my boot camp:

 Foundation – Upon registration, the students will get an E-copy of this work book. This work book will prepare my students for the BOOT CAMP and NOT the actual lab.

 Advanced CCIE R&S 2.0 – This is a 2500 page work book that is technology focused covering every item in the blue print.

 Boot Camp 2.0 – This is a brand new work book that contains mock labs, there is a mock lab for RIPv2, there is a mock lab for Eigrp and so forth. These are tough labs and they convey unbelievable amount of information a MUST have work book.

Troubleshooting 2.0 – Each student gets 2 eight hour troubleshooting labs. These labs are designed to cover the blueprint. You basically load the initial config file which configures the routers and switches for EtherChannel, Trunks, RIPv2, Eigrp, OSPF, BGP, Redistribution, Security, Multicasting, Ip services, IPv6, and etc…… and once the initial configuration is loaded, you will have 15 tickets to resolve. Unbelievable is all I can say about these labs.

 360 Program – These are 2 volume work books plus a lab guide.

 We have added CCIE Service Provider and Security tracks to our schedule and you can see them on our website as of today; we are planning to offer these tracks on monthly basis soon. Remember once you purchase one of the tracks the other tracks will ONLY cost you $1500 each. For example, if you purchased R&S, the SP will cost you $1500, and if later on you decide to take the security track, it will cost you another $1500, as I have stated before, this certification should NOT cost you an arm and a leg. Remember, just because its $1500, the quality WILL NOT SUFFER.

 We have added more racks for our students, and we have made the price affordable, ONLY $450 for the entire month, 24 hours a day for 30 days. 

 One big favor, when ever you attend a boot camp, no matter who the vendor is, be vocal, write about your experience, what happened, what was your expectation going in, and if they met your expectation. This is the best way to keep us vendors honest, if you liked the boot camp, write about it, if you did not like the boot camp you should also write about it.

Many times people attend these boot camps with vendors that have an excellent reputation and they don’t get what they were promised or they paid few thousand dollars for a week of slide shows, they should write about these vendors every where. People read these posts and they decide where to spend their hard earned money.

Don’t worry I have spoken to the owner of GS and other forums and they have absolutely NO problems with true posting of your experience with any product or boot camp.

  I get over 10 e-mails about some of the flame/arguments that goes on in some of the forums and blogs, but my new year’s resolution is to IGNORE them all.

I have made guys famous by getting into arguments with them, I am NOT mentioning any names here but this is the way it’s going to be, I will NOT participate in any of these useless and pointless discussions. I know…..I know….I am NOT being nice, but if you know me, you know that I am a straight shooter, I call it exactly the way it is and some have a problem with that, well……… that is their problem and no one else’s.

Teaching has turned into “lecturing”, chalk talks have turned into “Let me get back to you” or “Let’s check the doc-cd” or the instructor purely uses his/her artistic maneuvering to get out of it. O well………..enough of this and that……

I hope this gave you guys an idea of what’s happening in Micronics Training Inc. I hope to see 5 digits next to your names soon.