Certification Zone Zone Newsletter

Interview with the Author - Annlee Hines

Howard C. Berkowitz

CZ: Tell us a little bit about yourself and your current networking interests.

AH: How little do you want to know? I spent 9 years in the Air Force, in systems that were early blends of IT and decision-making support (some were so early they still used vacuum tube computers, which were large beasts). I learned self-discipline and responsibility for ensuring my own learning from working ongoing operations with these systems. I eventually left the service for family reasons, and have had a varied professional career ever since. I've owned a couple of small businesses (which is very educational), taught part-time in community college, and moved into IT. Teaching working adults was where I really learned to communicate things I knew in some depth to those for whom it was totally new. And I learned to really respect adults trying to change their lives: my students usually held full-time jobs, paid for their education themselves, and sometimes (too often) were single parents. I learned from them that life-changing really is in our own hands.

CZ: How did you get interested in VPNs?

AH: For some strange reason, which my husband does not understand, I like working the security side of IT. It's a never-ending challenge, probably because you're always working against the brains of others. Sometimes those brains are deliberately testing and trying to do harm, sometimes they belong to well-meaning-but-not-thinking users. Either way, it's never dull. VPNs are a major component of security, because you really can't have privacy in a world where communications are electronic; coming as close to that as possible is an ongoing challenge.

CZ: From your personal experience, what are the most important things to consider when dealing with VPNs?

AH: It's always finding the right balance to solve the customer's need(s). That, of course, requires some work on your part to elucidate the customer's needs, since they don't always really know; sometimes they only know they have a problem. But solving that problem, meeting the needs, requires a balance of technology and human application. The solution has to be implementable by the people there, not by me. And it has to be affordable for the business; offering a solution they can't afford is a waste of the time and money spent to develop it. The IT Fairy is no more real than the Tooth Fairy, and the money to implement has to be planned for instead of assuming it will be under your keyboard in the morning. It really is (at least) a 3-way balance, of technology that will do what's needed, when used by the people there as they will use it, in a manner they can afford.

CZ: From your personal experience, what is the biggest challenge associated with VPNs?

AH: I think the biggest challenge is making clear there can be no ironclad guarantees. I cannot guarantee them privacy; I can't even guarantee confidentiality (for the difference, read the tutorial). The most I can do is make a violation of that confidentiality terrifically unlikely. But, of course, the techniques to make it _most_ unlikely are much more expensive than those which make it merely unlikely. So the cost tradeoff always enters into this promise of imperfect solutions, too.

CZ: What advice can you give our audience of Cisco certification candidates when it comes to dealing with VPNs?

AH: That would be the same advice I give on almost any topic: it's not enough to cookbook your way through this. No scenario in a tutorial or a book or on an exam will be as messy as the real life problem your customer has. You must understand the underlying technologies -- plural -- as well as possible. That set of technologies needs to be as wide as you can manage, too, because your customer (which could be your own company, if you're staff --bummer, your customer really can fire you!) -- your customer has a network which is full of other stuff, like servers running applications, and users with unauthorized applications on their desktops, and so forth. Maybe the head person in the company has a wireless network at home, and his kids picked up a virus or trojan from a file-sharing "service" and that trojan lurks in the home network that you're connecting to corporate with a VPN. You must know about LANs and their applications, wireless and the possibility of a war driver leaving an unpleasant gift behind that compromises the home network. Otherwise, you're doing less than you could. No matter what you're getting paid, you owe the customer your best, if for no other reason, than just as a matter of good business on your part.