New CCIE LAB format coming up

CCIE LAB Framework now includes Design (Low Level Design – LLD), Automation and Programmabillity.

CCDE is not going away – CCDE focuses on High Level Design – HLD

LAB exam splits into 2 modules

  • Module 1: Design (3 Hours)
  • Module 2: Deploy, Operate, Optimize (5 hours)

It is not possible to move unused time in module 1 to module 2

The “old” Troubleshot module is moved into Module 2 (Operate & Optimize)


Cisco Champion Program & Cisco Live EMEA 2020

My blog has been quiet for the last year – but with a good reason.

The last year have been spent in the name of “Offline” mentoring new Cisco CCNx and CCIE candidates – but the reward being granted the Cisco Champion Program 2020 is worth it all – and I am very proud and honored.

Next up is Cisco Live 2020
My last year “only” buying Explorer Pass was such a great success that I am going to make a retake on that package again this year, and combined with Cisco Champion Program opportunities it is even better.

Cisco Champion + Meet The Engineer + Explorer Pass = What more do you need, what a CRAZY week

My Schedule - Cisco Live EMEA - 2020

Cisco Live 2019: One week of DevNet

My second time at Cisco Live EU – this time with an “Explorer Pas”.

I had a vision of a week at Cisco Live with a bare minimum of sessions and more time in World of Solutions and meet ‘n greets with great friends and old colleagues.

With an “Explorer Pass” you only have “limited access” to the Keynote Speak, World of Solutions and the DevNet Zone.

After browsing arround the DevNet sessions, my entire shedule filled-up in a instant – WOW there are a huge amout of valuable knowledge.

One of my Cisco contacts fixed a VIP pass for me, giving exclusive access to the “Meeting Village” with secret 1:1 roadmap session ect.

Hope to see you in Barcelona next week – either at the event or downtown for a beer or cocktail in the evening.

cisco live 2019

CCIE Security: re-cert stacking/extension

Can you stack/extend CCIE re-certification time? YES


  • You must wait 180 days after last passed CCIE Written
  • You can only stack/extend by 2 years once every 24 month period


  • You pass CCIE Written January 1st 2017
  • You pass CCIE LAB January 1st 2018 (next re-cert date is January 1st 2020)
  • You pass CCIE Written January 2nd 2018 (next re-cert date is January 1st 2022)

CCIE Security: The road to success, how NOT to study

When I started my Lab exam preparation last summer – I wrote a blog post about my time schedule.
I have been keeping pretty tight to that schedule, but it is not a way that I would ever recommend to a person that asks me “how should I prepare for my CCIE” (I only stuck to that plan because I had a “baby deadline” 9 month in front of me)

In short:

  • 800 hours Technology training over 6 month
  • 7 days intensive Bootcamp Training
  • 2-4 month Full Scale Mock Lab Training 2-3x 8 hours sessions each week (2-400 hours)

The plan was only possible due to a contract that I had with my wife, family and friends. “You will not see me, as in not see me at all for the next 8-10 month”

The overall time spend seen over the entire lenght of my training was a perfect fit for me and my knowledge level – but if you ask me how to sprinkle your study hours across a calender year, then evenly distribute the 800 hours Technology Training over an entire year, so you have time for your family and friends, and you do not have to say no to birthday parties… And when you get to your intensive Mock Lab Training, then you say: “I will be unavailible for 1-2 month” and you go full speed ahead.


CCIE Security: Mock Lab #1

I am so grateful for all of you supporting me, and what better way to give back, than by giving you all a Mock Lab.

First draft of the Topology can be found here and I will work as hard as I can to have the finished topology and workbook/questions ready.

All of it can be build in EVE-NG / GNS3, but even better is it if you have have some physical equipment (for ASA Cluster, and Catalyst Dot1x)


  • Flexvpn HUB-Spoke
  • Site-to-Site IKEv1
  • Clientless SSL VPN
  • AnyConnect VPN
  • PKI
  • Dot1x
  • MAB
  • Securing Routing Protocols (BGP and EIGRP)
  • Firepower/FTD/NGIPS
  • ASA A/S
  • ASA A/A (Requires either physical ASA or ASA8.2 image for GNS3)
  • ASA Cluster (Requires physical ASA)
  • TrustSec
  • WCCP
  • WSA

CCIE Security V5 Mock Lab Topology


Please comment below if you like the Mock Lab or something should be changed.


CCIE Security: Move time between sections

Have you ever seen this image on the Official Cisco CCIE page?


It states, that you can move a maximum of 30 minutes between the Troubleshoot and Configuration section.

In reality you can move an indefinite amount of time from the Troubleshoot section to the Configuration Section – but the Troubleshoot section can never be longer then 2½ hours.

Tip: Can you complete the Troubleshoot section within 1 hour, then you have 6 hours to complete your Configuration section.

(Diagnostic is a fixed 60min section – nothing to do here but wait until the timer runs out)