Secretly, one of my new year’s ambitions was to get a new job, though it wasn’t on the list as I didn’t want to rock the boat at all at work.  I’ve been growing out of my role at the council for some time, and have wanted to get my teeth into something a lot more hands on.

Having plopped my CV on a few job boards in the new year I was delighted to hear from a company who had decided I might be worth talking to.  This was definitely very exciting.

They seemed perfect – an IT solutions company who have some very diverse, high profile customers working with big technologies.  Their website boasted happy employees, 98% retention, consistent growth, happy customers, ethical working, staff investment, and the engineers get to work for different customers in different environments.  It could not be more aligned with where I want to be.

Brilliantly, two interviews later I was offered a position, and jumped at accepting it.  It’s just the opportunity I’ve been waiting for, and I’m determined to be a success.

So, ladies and gents, please rise for new Tomorrow Communications recruit Tom Bell.  I can’t wait to get started.

This weekend was spent at work putting in the equipment for the new office network.  10 hours on Saturday and 12 hours on Sunday (not including the 1 hour travel each way) later and we have the new equipment installed and in place.

Aside from swapping out the kit, our entire rack or patching was stripped and re-patched neatly with new cables by a couple of colleagues (all 30U of it) whilst another colleague and I did the configuration bits.  All in all things went pretty well, even if the days were a little longer than we are used to.

Come Monday morning all of us were in early in anticipation of any problems, things which we might have missed etc.  Happily there were only one or two patching related issues which were easily sorted in minutes.  Coupled with that, we also had a positive report of network speeds following the work, so all is looking well.

Most of the new network equipment has turned up at work, and so I’ve been working on getting it all configured.  Sadly the main core switch has not turned up so we’ve had to improvise, using an old 3550 L3 switch to pretend to be the core switch for the time being.  VTP allows a little bit of the work to be automated, as when we turn on the new core switch, we can configure VTP and all our VLANs will magically appear.  For the rest of the work, such as the L3 SVIs, ACLs and any other config work we’ve done on the “core switch,” this can be copied/pasted from what we’ve done so far so nothing should be wasted.

Essentially the network (in very basic form!) looks a little like this:

We have the KPSN CPE router which also hosts the wireless LAN controller, an add-in module for the 3825 router (and all modular ISR routers).  Connected to this we have the core switch, which will eventually be a Cisco 4506, and assorted workgroup switches which will be 2960s and 3560s.

Getting the wireless piece working was a challenge.  Having not configured a wireless LAN controller before, this was an excercise fraught with Google searching and reading articles from the Cisco website.  As the WLC had previously been deployed we wanted to factory reset it.  Most of the articles were along the lines of “once you’ve done the incredibly trivial task of getting your access points associated with your controller all this is child’s play.”  Having reset the WLC, configured it, set the clock on it (important for access point association), configured DHCP option 42 (and another that escapes me at the moment) we still couldn’t get the access points associated.  Eventually we found that because the APs has also previously been deployed and had self signed certificates (SSCs) we had to sit on the debug of the WLC, capture the SSC and add it into the configuration of the WLC.  Once we had done this the APs associated and joined the WLC fine.  This took care of 5 out of the 6 APs, but one was still in “autonomous” mode.

A Cisco autonomous AP is an independent (as you might imagine) access point which you individually configure, and has a standalone image.  You can “upgrade” an autonomous AP to remove its intelligence and make it a Lightweight Access Point (LWAP), and that’s what we had to do with the final AP.  Having discovered that Cisco meant what they said about running the update tool on Windows XP (and not Vista / Windows 7 like I was initially trying) we eventually had the final AP all joined on as an LWAP.

Having done the heavy lifting with the wireless network, we now just need to spend some time tidying a few things up, deploying a RADIUS server to authenticate the wireless network against, configure some NAT to allow us to talk to head office, a bit of port security and the basic network is in place.  Following that we need to revisit the connection to our remote office to make things a little more efficient and secure there, and just continue to evolve, improve and secure the new LAN infrastructure.

Hopefully soon afterwards our server infrastructure will arrive and we’ll really see a big difference in performance.

Here at EIS towers things have moved a little bit.  I realise that I’ve not updated for a while so I thought I’d throw this out there to keep things ticking over!

We have been given the go-ahead to implement a new Cisco based network here at work and the kit has been ordered.  Next phase will be configuration and implementation, and this may take a while as there are debates over how we should implement things.

It’s still exciting though, in terms of the opportunity to implement what is a greenfield network, and also for the unit to have a network which works how it should and meets our business needs (which we don’t really have now, if we’re honest).

There is also some slight forward motion in the service which we have been touting for schools too.  A school is desperate to move ahead with things but we haven’t yet got contractual stuff sorted out.  Ho hum, hopefully we’ll get there.

In other news, I passed my CCNA Security test this weekend.  I think I’m going to concentrate on the BGP aspect of obtaining the CCIP next, then the MPLS.

During the CCNP course which I took back in February, myself and a colleague got excited about all the things we were learning and how we should be applying these concepts back at work.  Things like 802.1x authentication and proper wireless security, voice over IP, even things as basic as VLANs – we didn’t (and still currently don’t) do any of it.

We started planning what we could do with our office network if let loose on it, and even began to draw up some plans.  Then a thought struck – this could be a service we offer to schools.  Schools in Kent (typically, not in all cases) have some fairly shocking networks.  There is a lot of cheap kit flying about, networks built from switches from a dozen different vendors, basic configuration out of whack, really quite bad stuff.

So, a service for schools….  We knew that we would need to put a fairly convincing case together to swing the idea by the management team, so with the office network in mind, we started building a service specification document in the mould of something that we could use when presenting to schools.  Two birds with one stone (is that a phrase used outside the UK?) – we would like the opportunity to overhaul our creaking office LAN, and this would give us the opportunity to present a case for renovation of our own environment, and offer a proof of concept for a service to schools.

I should point out that neither I or my colleague are currently involved in roles within our organisation where this sort of service would be part of our work.  We support the broadband service for schools, and this, although linked, is in a somewhat different direction.  There is an issue as to whether we are “available” to support such a service, but hopefully this case fairly simply be overcome.

I’m pleased to report that following a meeting with most of the management team our idea was accepted as a good one with some managers quite excited by the idea of bringing it to life.  What’s more, they were unified in their agreement that our LAN needs investment and agreement was made for us to lead its renovation.  A very successful meeting!

The head of unit suggested that we commission a couple of pilot school installations so that we may get an idea of whether the service will work, so a couple of lucky schools will get bought and paid for brand new networks in exchange for kind words and praise when we inevitably give them a lovely shiny new network (hopefully!).

Hopefully the start of something new and exciting, and something that my employers can be proud of for years to come.  Watch this space….

I’m at home today as I don’t feel well enough to travel to the office.  This also saves the others I work with from being polluted by by sneezing, coughing and other forms of germ propagation.

I quite like working from home, I can be really productive with no phone ringing, no office noise to contend with, just me focused on the job I want to complete.  Home working should be an option for anyone who doesn’t need to be in an office, but it shouldn’t be a full-time pursuit.  Here’s why.

How many times do you bump into people in corridors and find stuff out?  How often do you overhear conversations and get wind of things that are happening that affect you?  How often do you wander to other parts of the building to see colleagues and find out other cool stuff?  How many impromptu meetings do you attend?  I’d say most people reading would be able to say that at least of of these things has happened to them.

Your business needs that interaction, it’s an unofficial form of dissemination, stuff gets passed around the grape vine.  You know what else?  You need that interaction too.  No human being should be locked in a room all day with no opportunity for human contact, or for opportunity to interact with colleagues and bounce ideas off one another.  Collaboration tools can go so far to replace the human contact but never fully, humans need that interaction.

I work with a guy who told me that he had to threaten to leave to be allowed to work from home.  At the time he had a boss who didn’t really believe in it, but he gave way to the request and allowed the home working.  Guess what.  The guy who wanted to work at home now HATES working at home, and the homeworking culture generally.  Loneliness is a real issue.  In a company that pushes all employees to work from home there is even no real value in travelling into the office – everyone you need to see is at home.  It becomes a real effort to arrange times when you will all be in the same place.

In my extremely scientific finger-in-air opinion, I’d say that people need to be in the office at least one day per week, probably more like two.  And everyone should be in on the same days too.  That way, you get the benefits of no distraction home working, and the collaborative benefits of human interaction.  Or you take the Joel Spolsky approach and ban teleworking and give those that need them private offices to work in.  It’s actually not as costly as you think.

It’s been a bad day at work today.  We authorised a change to our filtering system which upset a lot of people, and then when those people complained, we pushed back against the complaints.  Bad news all round – a lot of extra work for my team, and lots and lots of unhappy customers, a definite big fat FAIL.

I should start by saying that up front I was in favour of the change, we actually thought that the change was already in place, and it was a surprise to us last week to learn that it wasn’t, so after some internal debate we raised a change to fix the situation.  However, minutes after the change went live this morning there were people calling in to complain that we had taken away some of their access, and that they wanted it back.  After about the third report of this I threw it over to our project team.

What I had hoped and campaigned for was that we would revoke the change, admit error, take it back and re-think.  What I got was a decision that this was policy and that we should run with it.  I instructed my team accordingly and we got on with it.

The end result was that each of us took call after call, email after email from people unhappy about the change, and we had to deal with it.  It’s easy to make unpopular policy decisions when you don’t have to deal with the consequences, isn’t it.  It’s a bad day when every call you take is from someone who wants your head on a plate and tells you that you’ve screwed up their day.

Come the end of the day certainly the folks in my team had had enough.  The change was made with the intention of furthering protection for children, which it does certainly achieve by denying access to the resources, but at what cost.  Sometimes you have to make a decision based on cost/benefit analysis and not based upon Utopian ideals that “everything should be this way so let’s force it to be this way,” it just doesn’t work.

Tomorrow is another day.