Friday, March 6, 2026

Mission Impossible: Cisco Preferred Networking Partner

  March 06, 2026    

When I started at TD-K 10 years ago, the Cisco business was pretty much non-existent, and I was the very first networking employee. Back then it was unthinkable that we could reach “Gold” status within a few years, considering the very complex requirements that partners had to fulfill.

Nevertheless, it was a natural step for me to invest in Cisco training and eventually become CCIE certified. At the same time, my team has grown to 9 employees, each of them certified in Cisco.

When the program changed to the new Cisco 360 Partner Program, it suddenly became possible to reach the “Gold” status that I had been aiming for for 10 years. The name is different though: Cisco Preferred Networking Partner.

So what is the Cisco Preferred Networking Partner?

The designation is given to Partners who have achieved advanced technical expertise, invested deeply in customer engagement, and built foundational practices. 

Recognized for deep sales and technical skills, lifecycle practices, and the ability to deliver specialized solutions tailored to customer needs. Cisco Preferred Partners can further differentiate their expertise and technical capabilities with specializations aligned to Cisco’s flagship offers and solutions. Said in simpler terms: it is the new “Gold” status.

How did we get there?


The program measures four categories: Foundational, Capabilities, Performance, and Engagement.

Capabilities

Since the program started, we reached the maximum points in Capabilities due to my CCIE certification. I had already spent more than 1000 hours on this, mainly outside office hours. Both our Black Belt certification and Career Certification maturity were above the index from the start. Easy, right?

However, kudos to Cisco for designing the new program to consider individual capabilities. Unfortunately, this was not enough for us to become a Preferred Partner, which was the ultimate goal.

Performance

This is a tough one, especially considering our size. However, all the services I have built were designed with MSP in mind, so our renewal rates are very high and our bookings are increasing. Because of that, we reached 6/10 in the performance score.

Engagement


This category requires a lot of work, both in the completion of deals and adoption of solutions.

While we haven’t done anything specifically to increase the score, we have always created deals for almost all our orders, which eventually improved the score.

Foundational

I left this for last, because most of the work in the past six months has been done in this category. The score is heavily impacted by Customer Success Practice Maturity and Managed Services Practice Maturity. We had already invested in becoming a Select Provider due to its advantages, such as automatic deal approval and fixed discounts, but that was not enough.

We then invested in upgrading to a Premier Provider, both to improve our PVI score and to gain even better discounts and benefits.The process for becoming a Premier Provider is quite complex. It requires an extensive audit that ensures you are delivering Cisco services with the same quality standards used worldwide.

To make this happen, we decided to go for two Cisco Powered Services:

Meraki Access

Meraki Security & SD-WAN

I had already built these services a few years ago, as our company mainly operates as an MSP, but they needed to be formally certified. The audit process was quite complex, but the end result was great. We received a lot of positive feedback from the auditor. You can read some of the comments below.




But was this enough? Not yet. Our score in the Foundational category still needed a boost. So I decided we should pursue the Cisco Customer Success Practice Maturity.

Another audit? Really?...

After submitting a large set of documents and screenshots across all the tools and systems we use to manage customers and solutions, everything was reviewed—and we passed.

This was the final push toward reaching the golden 7.5 points. And funnily enough, I didn’t even notice we had achieved the score until an email arrived with Cisco U All Access Passes for 10 of our employees, which is one of the benefits of the designation.

Conclusion


After literally thousands of hours of work, I’m incredibly grateful that the Cisco business we started from scratch 10 years ago has flourished. Today, we are one of only 8 partners in Denmark, out of 161 Cisco partners, to receive the Cisco Preferred Networking Partner designation. 



Read More

Tuesday, September 23, 2025

CIS Benchmark Cisco Meraki: Network Inventory and Asset Management

  September 23, 2025    

This post is focusing on building the Center for Internet Security (CIS) Benchmark for Cisco Meraki. CIS is one of the most respected institutions when it comes to security standards, with CIS Controls being one of the most widely used resources for implementing and securing infrastructures. This benchmark is considered a prescriptive configuration recommendation for Cisco Meraki. This section of the Benchmark will focus on Inventory and Asset Management. 

Why do we need a Benchmark?

Following the configuration guides can sometimes be complicated and without having a logical connection between the different documents, it's almost impossible to ensure that all the necessary security features are enabled. In order to streamline the security implementation, it is recommended to follow security standards. One of the most widely used security standards is CIS Controls, due to its very detailed and practical way of describing the technical and organizational safeguards to build a secure infrastructure. I decided to join CIS as an Editor and Subject-Matter Expert to help the community and the rest of the world. 


Fig.1 CIS Editor with focus on Cisco Meraki

Who is this benchmark for?

This benchmark is intended for system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Cisco Meraki equipment and solutions.

Network Inventory and Asset Management

Inventory Tracking

Each organization in the Meraki Dashboard has an inventory that tracks Cisco Meraki devices and the networks they belong to. The inventory must be kept up-to-date to manage security effectively. Without a full view of the inventory, it is not possible to ensure proper configuration, patching or security for the assets. 

Fig.1 Organization Inventory

Audit Procedure

Log into the Meraki Dashboard, go to Organization -> Configure  -> Inventory and verify that all claimed devices are in use and assigned to a network.

Mapping: CIS 8.1 Control 1.1, 1.2

Tagging and Naming Convention

Implementing device naming convention and device tagging helps in improving operations, troubleshooting and accountability. Without standardized naming, device management is inefficient, especially in larger deployments. In case of incidents, it is very difficult to identify devices and the troubleshooting process becomes slower. Using a well-defined naming and tagging schema helps the technical staff with operations and the compliance staff with meeting requirements. Maintaining the asset inventory, proper naming and tagging introduces extra overhead. The effort is outweighed by better visibility, reduced risk and more efficient operations. There is no service impact when implementing changes.

Audit Procedure

Verify if the organization has implemented a naming convention schema. Then log into the Meraki Dashboard.

Go to Organization -> Network -> Wireless -> List Verify that the wireless devices have proper naming and tags describing location and ownership.

Go to Organization -> Network -> Switching -> Switches Verify that the Switches have proper naming and tags describing location and ownership.

Go to Organization -> Network -> Security & SD-WAN -> Appliance Status Verify that the Firewalls have proper naming and tags describing location and ownership.

A similar approach should be followed with Mobile Gateways, Cameras and Sensors.

Mapping: CIS 8.1 Control 1.1

Unofficial recommendation. 

Due to the nature of the Benchmark, I won't be able to provide a very detailed guideline in implementing a naming convention and tagging schema. This is very different from organization to organization, and it needs to make sense to the staff that will be using it. There are though some generic guidelines I can provide in this blog post. Some of the key principles to keep in mind are:
  • Documented schema - A document should be written with the structure, so existing and new engineers can easily understand the naming
  • Uniqueness - Every device should have a name that is unique within the domain where it's used.
  • Clarity - The name or tag should make sense and be easy to read. 
  • Scalability - The schema should provide the possibility to add new devices without the risk of running out of space
  • Structure - The name should be split in sections, where each is representing a specific component. 
In medium-sized networks, one of the most common structures I use is BuildingCode-RoomNumber-RackIdentifier-DeviceType-DeviceID. 

Structure: BB-RR-N-DD-II

BB -> Building number (HQ - Headquarters, WH - Warehouse etc.)
RR ->  Room Number ( 204 - Server Room, 103 - Kitchen)
N -> Rack Identifier (R1, R2)
DD -> Device Name (FW, SW, AP)
II -> Device Identifier (01, 10)

While this model might not fit to any customer size, some of the sections can be omitted or expanded based on the installation. Be careful with making too long names or using special characters, which might cause confusion and difficulty in automation. 

Conclusion

The CIS Meraki Benchmark is an important resource to implement and maintain a resilent network. By keeping an up-to-date inventory and using proper naming and tags, we provide better visibility, simplified operations and troubleshooting. Periodical reviews ensure consistency and reduce risk introduced by unauthorized and undocumented assets. 

Call-to-Action

CIS Benchmarks are built by community members like you and me. We need more people like you to come with input and make sure that we are providing real, practical advice to the rest of the world. Please join: CIS WorkBench / Benchmarks

References

https://documentation.meraki.com/General_Administration/Organizations_and_Networks/Organization_Menu/Manage_Tags

https://documentation.meraki.com/General_Administration/Organizations_and_Networks/Renaming_a_Network_or_Organization

https://developer.cisco.com/meraki/api-v1/update-device/

https://developer.cisco.com/meraki/api-v1/update-network/





Read More

Thursday, September 18, 2025

CIS Benchmark Cisco Meraki: Administrative and Dashboard Access

  September 18, 2025    

This post is focusing on building the Center for Internet Security (CIS) Benchmark for Cisco Meraki. CIS is one of the most respected institutions when it comes to security standards, with CIS Controls being one of the most widely used resources for implementing and securing infrastructures. This benchmark is considered a prescriptive configuration recommendation for Cisco Meraki. The first section of the Benchmark will focus on Administrative and Dashboard Access. 

Why do we need a Benchmark?

Following the configuration guides can sometimes be complicated and without having a logical connection between the different documents, it's almost impossible to ensure that all the necessary security features are enabled. In order to streamline the security implementation, it is recommended to follow security standards. One of the most widely used security standards is CIS Controls, due to its very detailed and practical way of describing the technical and organizational safeguards to build a secure infrastructure. I decided to join CIS as an Editor and Subject-Matter Expert to help the community and the rest of the world. 


Fig.1 CIS Editor with focus on Cisco Meraki

Who is this benchmark for?

This benchmark is intended for system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Cisco Meraki equipment and solutions.

Administrative and Dashboard Access

Administrative Accounts

There are 2 basic types of dashboard administrators: Organization and Network. Organization administrators have access to the entire organization with all the networks, while network administrators are limited to the individual networks and their devices. We need to make sure to use named accounts that are not shared, in order to minimize the risk of unauthorized access and ensure accurate audit trails. We also need to go through the list periodically and revoke access as necessary. 

Fig.2 Administrative and Dashboard Access (Beta)

Audit Procedure

Log into the Meraki Dashboard, go to Organization -> Configure -> Administrators, and go through the list to make sure there are no shared logins, like "info", "support", "VendorX" etc.

Mapping: CIS 8.1 Control 5.

Network Admin Accounts

Network access need to be granted only where required, preferably in read-only mode. If network-level administrators are granted more privileges than required, they may accidentally or maliciously alter configurations across the networks that they have been granted access to. This can cause service outages, security policy violations or exposure of sensitive data. It is necessary to do periodical review and revoke unnecessary access. 

Audit Procedure

Log into the Meraki Dashboard, go to Organization -> Configure -> Administrators, and go through the list of network accounts to make sure there are no shared logins, like "info", "support", "vendorX" etc.

Mapping: CIS 8.1 Control 5

Role-Based Access Control

Accounts with higher privileges than necessary pose significant security risks. Implementing Role-Based Access Control reduces the attack surface. Failure to implement proper role-based controls in the Meraki Dashboard increases the risk of unauthorized or excessive administrative access. Overprivileged accounts can cause accidental or malicious changes to the organization. Organizational data might also be exposed.

Fig.3 Role-Based Access Control (Beta)

Audit Procedure

Log into the Meraki Dashboard, go to Organization -> Configure -> Administrators, verify the organization and network level access for all accounts, with focus on the custom role assignments. Audit Camera access permissions. Verify if the existing roles match the documented process of the organization for assigning role-based access account. Compare results to the last dated role-based access control audit.

Mapping: CIS 8.1 Control 6.8

Multi-Factor Authentication

Enforcing Two-Factor Authentication protects from unauthorized access in case the password of the administrator is compromised. This reduces the risk of account takeover, unauthorized configuration changes and security breaches.If two-factor authentication (2FA) is not enforced for all Meraki Dashboard logins, accounts are only protected by passwords, which can be targeted with phishing, credential stuffing, and brute-force attacks. A compromised administrator account without MFA can provide attackers with full access to network configurations, client data, and security policies, leading to potential service disruption and security breaches.

Fig.4 Multi-Factor Authentication

Audit Procedure

Log into the Meraki Dashboard, go to Organization -> Settings -> Security. Verify that "Two-Factor authentication" is enabled. Go to Organization -> Configure -> Administrators and verify that users are using 2FA. 

Mapping: CIS 8.1 Control 5.2

Audit Logs

Audit logs need to be enabled and reviewed regularly to ensure accountability, detection of unauthorized changes and support investigations. Without proper audit logging and regular review, malicious or unintentional changes can cause security breaches, service disruption and compliance violations. Audit logs help to mitigate these issues by providing historical data. Audit logs are enabled by default in Cisco Meraki and can't be disabled. Periodical audit procedure should be established to ensure traceability and detect unexpected changes.

Audit Procedure

Log into the Meraki Dashboard, Go to Organization → Monitor → Change Log. Verify that audit logs are being collected. Audit logs can also be fetched through API to external systems like a SIEM. Verify that the periodical review procedure is in place. 

Mapping: CIS 8.1 Control 8.2

Conclusion

The CIS Meraki Benchmark is an important resource to implement and maintain a resilent network. By enforcing named (non-shared) accounts, role-based least privilege, enabling MFA, and reviewing access regularly, you significantly lower the risk of misconfigurations, data exposure, and service interruptions.

Call-to-Action

CIS Benchmarks are built by community members like you and me. We need more people like you to come with input and make sure that we are providing real, practical advice to the rest of the world. Please join: CIS WorkBench / Benchmarks

References





Read More

Friday, February 28, 2025

Ethical Hacker: Why should you learn networking?

  February 28, 2025    

Ethical Hacker: Why should you learn networking?

Networking is arguably the most vital component of the current internet and IT infrastructure, the backbone of today’s technology. Imagine a world where computers, servers and other IT systems wouldn't be able to communicate with each other. That would basically kill the modern internet and most of the technology as we know it. As an ethical hacker, your job is to understand the logic behind networking, because that’s how you find vulnerabilities and misconfigurations. 



Fig.1 Mr. Robot reading CCNA 

So where do you learn networking from?

The golden standard for learning the basics is Cisco CCNA. While it doesn’t teach you anything about hacking, it helps with understanding the fundamentals of how networks are built. It covers one of the many domains you have to master to become a great ethical hacker.

How can an ethical hacker use networking knowledge?

Let's look at some of the attacker tactics and techniques in the MITRE ATT&CK framework, one of the most widely used knowledge bases, and compare some of the tactics and techniques to the topics addressed in the CCNA blueprint. The CCNA topics are only scratching the surface, since hacking is not the focus, but there is a ton of useful information to build solid knowledge on many protocols exploited by hackers.  While there is no 1-to-1 mapping between the attack techniques and the CCNA blueprint topics, we can find a few crossing points between the two. 


Network Reconnaissance & Scanning (MITRE Tactic: Reconnaissance & Discovery)


Ethical hackers gather intelligence on a target using IP addressing, subnets, VLANs, and open ports.

Tools like Nmap, Wireshark, and Netcat help with network mapping. 


CCNA Topics:

1.0 Network Fundamentals – Understanding IP addressing, subnets and VLANs helps hackers map networks. 

2.0 Network Access – Layer 2 discovery (CDP, LLDP, ARP) - Protocols used for reconnaissance. 

3.0 IP Connectivity - Routing Concepts and layer 3 protocols (OSPF, Static Routing) - Identification of network topologies. 


MITRE Techniques:

T1595 – Active Scanning (Port & Service Discovery)

T1046 – Network Service Scanning

T1018 – Remote System Discovery

T1071 – Application Layer Protocol for Command & Control


Exploiting Network Vulnerabilities (MITRE Tactic: Initial Access & Execution) 


Attackers exploit weaknesses in TCP/IP, HTTP, FTP, and SSH to gain unauthorized access. MITM attacks like ARP poisoning and DNS spoofing can intercept or redirect network traffic.


CCNA Topics:

2.0 Network Access - (Telnet, SSH, HTTP, HTTPS)

4.0 IP Services - Understanding NAT, DNS, SSH 

5.0 Security Fundamentals - Understanding 

Device Security - Administrative Access, Device Hardening. 


MITRE Techniques:

T1189 – Drive-by Compromise

T1203 – Exploitation for Client Execution

T1557 – Man-in-the-Middle (MITM)

T1040 – Network Sniffing


Wireless Attacks (MITRE Tactic: Credential Access & Privilege Escalation)


Wi-Fi hacking targets weak encryption (WEP, WPA, WPA2) and uses deauthentication attacks.

 

CCNA Topics:

5.0 Security Fundamentals (WLAN, WPA, SSID, Authentication)


MITRE Techniques:

T1602 – Network Sniffing for Credentials

T1556 – Modify Authentication Process

T1078 – Valid Accounts 


Post-Exploitation & Data Exfiltration (MITRE Tactic: Lateral Movement & Exfiltration)


Once inside a network, ethical hackers move laterally using pivoting, port forwarding, and VPN tunneling. DNS tunneling and C2 servers are used for exfiltrating data.

CCNA Topics:

IP Connectivity - Routing Concepts - helps with pivoting and lateral movement.

Network Automation - Learning basic scripting, which could help with exfiltration techniques. 


MITRE Techniques:

T1570 – Lateral Tool Transfer

T1095 – Non-Application Layer Protocol (ICMP, UDP for Covert C2)

T1048 – Exfiltration Over Alternative Protocol (DNS Tunneling)

T1071.004 – Exfiltration Over C2 Channel


Conclusion

Networking is the backbone of the modern technology.  Whether you are an ethical hacker, IT technician or security analyst, understanding how networks work will make you more effective in doing your daily job. CCNA being the golden standard in learning networking is one of the certifications to consider for building the fundamental knowledge in protocols, infrastructure and communication. 


References

MITRE ATT&CK framework: MITRE ATT&CK®
CCNA Blueprint: CCNA Exam Topics


Read More

Wednesday, January 29, 2025

CCIE Coffee Blog: #29174 Arijan Jashari

  January 29, 2025    
    Welcome to the third post of the CCIE Coffee Blog, where we highlight the inspiring journeys of Albanians who have achieved the prestigious CCIE certification. It's meant to provide some background info for the CCIE Hall of Fame for Albania and Kosovo. This series contains non-technical content aiming to the inspiration of young Albanians to pursue similar paths like our much respected guests.

    
Fig.1 CCIE Coffee Blog

Meet our Third Guest: Arijan Jashari

    Arijan is a truly dedicated networking engineer, with over 20 years of experience. His passion for math and coming in contact with telecommunications in the early days became the catalyst for the upcoming long and prosperous journey in networking. Cisco CCIE has had a tremendous impact in his career and opened up many doors for him in the tech industry. Arijan has worked for global companies like Juniper, Nike, LibertyGlobal and most recently UBS, where he has a Network Reliability Engineer, Director role. 

    Knowing first hand how the war in Kosovo has impacted so many Albanians, it is truly remarkable that Arijan has been able to keep focus on networking, by starting the certification journey only 2 years after the war. I had a chat with Arijan about his career journey. 


Fig.2 CCIE #29174 Arijan Jashari

1. Career Inspiration:

What sparked your interest in networking and technology? Who or what has been your biggest inspiration in your career?

    Like many of us in high school, I was unsure about my career path. However, one thing was clear, that I loved math. It came naturally to me, and I enjoyed solving problems. In 1996, I decided to study applied mathematics but soon realized that my true passion lay not in pure math but in its applications within computer science, particularly in number theory, equations. This realization led me toward technology, but my journey wasn’t straightforward, after the war in 1999 I worked as an interpreter for the U.S. military, during that time, I noticed that telecommunications played a crucial role in everything they did, this sparked my fascination with networking and computer systems. By 2001 I was certain that this was the field I wanted to dedicate my career to. Because I enjoyed the preparation process, I pursued multiple CCIE and JNCIE tracks. 

2. CCIE Certification Experience:

Can you describe your experience while preparing for the CCIE exam? How did you balance study with other commitments?

    Preparing for the CCIE exam while managing other responsibilities was incredibly challenging. When I began my preparation in 2006, I was working full-time and raising two young children. My wife took on most of the family responsibilities, allowing me to focus on work and studying. I dedicated every spare moment to preparation.

    On my first attempt, I felt confident about my lab work, but unfortunately, I didn’t pass. It was a tough moment, but instead of discouraging me, it strengthened my determination to succeed.

3. Professional Achievements:

What are some key achievements or milestones in your career since obtaining your CCIE certification?

    Earning my CCIE certification was one of the biggest milestones in my career. The preparation itself was a transformative experience, I spent long hours in the lab fully immersed in learning, and truly enjoying the process. The knowledge and expertise I gained opened countless doors. I was invited to multiple job interviews and received numerous offers. Achieving my CCIE certification marked a turning point in my career, giving me the recognition and credibility to take on more advanced roles in networking.

4. Challenges and Overcoming Them:

What have been some significant challenges in your career, and how did you overcome them?

    One of the most significant challenges I faced was deciding the direction of my career. In 2001, I was torn between pursuing mathematics, computer systems, programming, or networking. It was a difficult decision, but I ultimately realized that my passion lay in networking and systems.

    Committing to this path was the best decision I made, shaping my entire professional journey. I started with CCNA, then progressed to CCNP and MCSE. Soon after, in 2003, I began teaching a CCNA class at Cisco Academy in Gjilan, which further solidified my expertise in networking.

5. Impact of CCIE on Career:

How has being a CCIE-certified professional impacted your career trajectory or opportunities?

    The CCIE certification solidified my focus on networking and positioned me as an expert in the field. Achieving such a prestigious certification brings immense recognition and unlocks incredible opportunities. It’s a challenging journey but once you accomplish it opportunities start knocking at your door.

6. Life Lessons from the CCIE Journey:

What are some important life lessons you’ve learned during your journey to and after achieving CCIE certification?

    One of the most valuable lessons I’ve learned is the importance of following what you truly enjoy. However, I also realized that long hours of studying, especially sitting for extended periods, can take a toll on your health. Maintaining a balance is crucial.

    The CCIE certification offers multiple career paths, and even if you don’t end up taking the exam, the learning journey itself is invaluable. It taught me the significance of perseverance, discipline, and the joy of continuous learning.

7. Personal Growth and Development:

How do you continue to grow and develop professionally? Are there specific areas or technologies you’re currently focused on?

    Currently, I’m focusing on automation and development, particularly leveraging AI to build innovative solutions. At the same time, I’m prioritizing a better balance between professional growth and family life, something I struggled with in the past but now deeply value.

Conclusions: 

    Arijan is one of the stars of the CCIE HoF for Albania and Kosovo, truly dedicated to networking. He decided to focus 100% on the networking field and used Cisco certifications combined with Juniper to support the journey. Having a clear plan and persistence in over 20 years in networking has clearly shaped his own career. Continuous learning is a crucial part of his career, and even today he is improving his skills with all the new AI developments in the field. The networking field can be quite demanding, but Arijan has found the key to have a balance between the career and family life.

Read More