Cisco Subnet An independent Cisco community View more

The $2.3 million home lab of Scott Morris, Quadruple CCIE

Scott Morris
The $2.3 million home lab of Quadruple CCIE, Scott Morris, started out as a single standard 7-foot 19" rack. Bloomed to two standard racks... Then it grew into three Ortronics Mighty-Mo 19" rack systems. Finally it blossomed into four separate rack cabinets.
Home Lab of Scott Morris

Rack 1
Rack 1
This is the production rack as it has the most "live" equipment, an NxT-1 feed to the Internet, Autonomous System and a good amount of IP addresses. Juniper Networks J2300 Router Juniper/Netscreen 208 Firewall Juniper/Netscreen SA-1000 SSL VPN Device Cobalt/Sun RAQ2+ for Web and DNS Services Cobalt/Sun RAQ2+ for Web and DNS Services Dell PowerEdge 650 (2 x P4-2GHz, 4GB RAM) running as new Web Server for clients Dell PowerEdge 650 (2 x P4-2GHz, 2GB RAM) running as primary DNS for clients Trend Micro Network VirusWall 2500 Cisco IDS-4210 Outside IDS Sensor Cisco IDS-4210 Inside IDS Sensor Cisco VPN-3030 VPN Concentrator Dell PowerEdge MC1655 Blade Server running a variety of applications such as e-mail services, a Certificate Authority, CiscoACS server, CiscoWorks Management Centers and other things Dell PowerEdge MC1655 Blade Server running a variety of applications IOMega NAS - 320 GB Network Attached Storage IOMega NAS - 500 GB Network Attached Storage Dell 1U LCD Panel and Keyboard slide out. Everything is connected into a Cisco Catalyst 6509. The 6509 runs: Dual Sup-2/MSFC2 Modules WS-X6608-T1 T1/DSP blade Four separate WS-X6348-PWR ethernet blades with inline power WS-X6408-GBIC Gigabit Ethernet blade WS-X6624-FXS Analog Telephony blade Dual 1300W power supplies The rack is run by an APC SmartUPS 3000 battery system. Off to the side, from the bottom up: Juniper Networks (Pacific Broadband) G10 CMTS for supplying connectivity to cable modems Cisco PIX 520 Firewall (6 interfaces) The server on top of that is a clone machine with a database server from an ISP, hasn't migrated that to a blade yet. Juniper/Netscreen IDP-100 for Main Production Juniper/Netscreen IDP-100 for DMZ1 Juniper/Netscreen IDP-100 for DMZ2 Juniper/Netscreen IDP-100 for Spare Juniper/Netscreen ISG-2000 Firewall System Juniper/Netscreen NS-204 Firewall Juniper/Netscreen NS-204 Firewall Juniper/Netscreen NS-50 Firewall Juniper/Netscreen NS-25 Firewall Cisco 3750 48-port Switch Cisco 3750 48-port Switch Cisco 2811-VSEC Voice Router with CCME Juniper BRAS ERX-1410 with some OC-3 modules Around back are four APC MasterSwitches to provide remote power.
Rack 2
Rack 2
Juniper/NetScreen NS-208 Firewall #1 Juniper/NetScreen NS-208 Firewall #2 Juniper Networks M7i (2-port ATM OC-3 PIC, 4-port 10/100 Ethernet PIC, 4-port MMF SONET OC-3 PIC) NetScreen SA-1000 SSL VPN Server Netscreen IDP-100 Intrusion Detection Juniper Networks M7i (4-port MMF SONET OC-3 PIC, 4-port T-1 PIC, 4-port 10/100 Ethernet PIC) Juniper Networks M7i (1-port OC-12 ATM PIC, 4-port MMF SONET OC-3 PIC, 4-port 10/100 Ethernet PIC) Juniper Networks M7i (4-port 10/100 Ethernet PIC, 4-port MMF SONET OC-3 PIC, 1-port OC-12 ATM PIC) Cisco Catalyst 3750 - 48-port 10/100 Ethernet switch with 4 SX SFP Gigabit ports (For separate Juniper Lab usage) Juniper Networks M5e (Gigabit Ethernet LX PIC, 4-port MMF SONET OC-3 PIC, 2-port ATM OC-3 PIC) Juniper Networks M10 (4-port DS-3 PIC, Gigabit Ethernet SX PIC, OC-12 MMF SONET PIC, OC-12 MMF ATM PIC, 4-port T-1 PIC, 4-port Channelized DS-3 PIC, 4-port MMF SONET OC-3, Tunnel PIC) 24-port KVM with a SwitchView IP controller (KVMoIP) Juniper Networks Dell Olive testing platform #1 Juniper Networks Dell Olive testing platform #2 Juniper Networks M10e (4-port T-1 PIC, 2-port ATM OC-3 PIC, 4-port OC-3 MMF SONET PIC, Adaptive Services Firewall PIC, Encryption Services PIC, Gigabit Ethernet LX PIC) Juniper Networks M5e (Tunnel Services PIC, 2-port ATM OC-3 PIC, 4-port MMF SONET PIC, 4-port 10/100 Ethernet PIC) Juniper Networks M10 (1-port OC-12 SONET PIC, 2-port ATM OC-3 PIC, 4-port 10/100 Ethernet PIC, 4-port MMF SONET PIC, Encryption Services PIC, Tunnel Services PIC, Gigabit Ethernet LX PIC) This rack is run by four APC Smart UPS 3000 battery systems.
Rack 3
Rack 3
Xyplex 1640 Terminal Server #1 Xyplex 1640 Terminal Server #2 Juniper Networks/NetScreen 50 Firewall Cisco MCS-7825 Call Manager for Voice Lab Cisco MCS-7825 Call Manager for Voice Lab Cisco MCS-7847 Unity Server for Voice Lab Cisco MCS-7835 Application Server for Voice Lab Cisco Catalyst 3550 with Inline Power for Voice lab Cisco VG-200 Voice Gateway (WIC-1DSU-T1, NM-2V, VIC-2EM, VIC-2DID) Cisco 3620 (NM-1E1R2W, WIC-2T, WIC-1B-U, NM-2V, VIC-2FXO, VIC-2FXS) Cisco 3620 (NM-1E2W, WIC-1B-U, WIT-1T, NM-2V, VIC-2FXO, VIC-2FXS) Cisco 3620 (NM-1E2W, WIC-1DSU-T1, WIC-1T, NM-HDV, VWIC-2MFT-T1-DI) Cisco Catalyst 3550 with Inline Power Cisco 2611 (NM-2V, VIC2BRI-ST-TE, WIC-1T, WIC-1DSU-T1) providing 4 live voice lines Compaq DL/320 running Call Manager Publisher Compaq DL/320 running Call Manager Subscriber Cisco LS-1010 ATM Switch (capable of 20 OC-3 ATM ports + 2 OC-12 ATM ports) Cisco 2610 (NM-16A) for Juniper Lab Terminal Server and Rentals Juniper Networks M5e (ATM OC-12 MMF PIC, 4-port DS-3 PIC, 1-port Gigabit Ethernet SX PIC, 4-port MMF SONET PIC) Juniper Networks J4300 (10 - 10/100 Ethernet ports, 4 - T-1 ports) Juniper Networks M7i (4-port 10/100 Ethernet PIC, 4-port T-1 PIC, 4-port Channelized DS-3 PIC, Gigabit Ethernet SX PIC) Cisco uBR-7223 Cable Modem Termination System (CMTS) with a uBR-MC14C (one downstream and four upstreams) and an OC-3 ATM blade This rack is run by an APC SmartUPS 3000 battery system. Around back: (9) Cisco uBR-924 Cable Modems with voice capability Cisco VPN-3002 VPN Device Cisco 575 LRE Long Range Ethernet Modem Cisco ATA-186 Analog Telephone Adapter/MTA Wavecom Dual4040 Upconverter Wavecom UC-4040C Upconverter (6) APC MasterSwitches providing remote power access to Rack2 and Rack3 The CMTS units and cable modems are all connected via a mass of cables. There are two Wavecom Upconverters in the back of this rack in order to provide the channelization of cable.
Rack 4
Rack 4
This is where most of the routers lie. Up top: Juniper/Netscreen RA-525 SSL VPN #1 Juniper/Netscreen RA-525 SSL VPN #2 Rack: Juniper/NetScreen 25 Firewall Cisco Catalyst 3550 switch with two SX GBIC's Cisco Catalyst 3550 switch with two SX GBIC's Cisco 3620 Frame Switch (NM-8A/S, NM-1E2W, WIC-1DSU-T1, WIC-1B-U) Cisco 3620 ISDN Switch (NM-8B-U, NM-2E2W, WIC-1T, WIC-1DSU-T1) Cisco Catalyst 3560 switch Cisco Catalyst 3560 switch R1 - Cisco 2811 R2 - Cisco 3825 (NM-16-ESW, WIC-1T, WIC-1T) R4 - Cisco 2811 (WIC-1T, WIC-1T) R5 - Cisco 2811 (WIC-1T, WIC-1T, NM-4B-U) R6 - Cisco 2811 (WIC-1T, WIC-2T) R7 - Cisco 2811 (WIC-1T) R8 - Cisco 2811 (WIC-1T) R9 - Cisco 2811 (WIC-2T) BB1 - Cisco 2811 BB2 - Cisco 2811 BB3 - Cisco 2811 Spare - Cisco 2811 (NM-32A) Cisco IDS-4215 Cisco ASA-5510 Cisco ASA-5510 Juniper Networks M5e (4-port E-1 PIC, 1-port OC-12 ATM MMF PIC, 4 port 10/100 Ethernet PIC) Juniper Networks M5e (2-port DS-3 PIC, 1-port OC-12 ATM MMF PIC, 4 port 10/100 Ethernet PIC) Juniper Networks M5e (4-port E-1 PIC, 1-port OC-12 ATM MMF PIC, 4 port 10/100 Ethernet PIC) Juniper Networks M5e (2-port DS-3 PIC, 1-port OC-12 ATM MMF PIC, 4 port 10/100 Ethernet PIC) This rack is run by one APC SmartUPS 3000 battery system and four APC SmartUPS 1000 battery systems. Around Back: Adtran Atlas 800Plus Telephony Switch (configured with 8 PRI/T-1 ports and 24 ISDN BRI ports) Three APC MasterSwitch devices providing remote power access Otherwise not pictured - Cisco 1760V (VWIC-1MFT-T1, VIC-2FXS, WIC-1DSU-T1, WIC-4ESw) About a dozen 7960 IP Telephones Two 7935 IP Conference Phones Cisco IDS-4210 (loaned out to a friend studying CCIE Security) Cisco AP-1232 Wireless Access Point running 802.11 a/b/g simultaneously with both internal and external antennas Sun Microsystems SunFire V100 (Future broadband voice and PacketCable) Sun Microsystems SunFire V100 (A second future-use system) IP/TV Archive Server IP/TV Control Server IP/TV Broadcast Server Various laptops and other network pieces not related to the lab There are also a few different webcams set up at strategic places with various sensors to assist in providing security and environmental monitoring. The lab has its own air conditioning system.

--------------------------- There is more to the story than just a home lab: "While starting out as something for studying for certification, the lab seemed to take on a life of its own." "Having various certifications spanning multiple vendors, the mass of equipment not only serves to assist in studying, but also in course development and serves for Proof of Concept testing for various consulting projects," said Scott Morris, (Scott is an instructor for Internetwork Expert, Inc. in the CCIE training space as well as a Juniper certified instructor). "When collecting equipment, there are many other considerations to take into account other than just the purchase cost of stuff." "Extra things like the impact on family, the electric bill, the amount of heat generated and simply the amount of space all the equipment occupies, are very important." "Once we had a discussion on GroupStudy about the most expensive thing anyone had to purchase because they had their lab, and many people talked about racks, or cabling or the electric bill." "I mentioned that I needed to get a completely new air conditioner and place the equipment in a room by itself in order to combat the sheer amount of heat generated." "It's all part of the entertainment in being an Uber-Geek!" Contact Scott directly: Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE #153, CISSP, et al. CCSI/JNCI-M/JNCI-J CCIE Training Instructor - Internetwork Expert, Inc. Email: smorris@internetworkexpert.com Telephone: 775-826-4344 Fax: 877-224-8987 http://www.internetworkexpert.com TCPmag.com online Q & A with Scott Morris

Brad Reese Profile
http://www.BradReese.Com

From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies