season of certs / advanced networking
The Season of Certs, AWS Advanced Networking Specialty and MegaCertapalooza #
Since January I have been participating in our companies certification competition Mega Certapalooza
Yearly, Versent runs a company wide certification competition, with prizes for getting certified across different technologies
I recently sat and passed the AWS Advanced Networking Specialty Certification
https://aws.amazon.com/certification/certified-advanced-networking-specialty/
Details:
-
Name: AWS Certified Advanced Networking - Specialty
-
Code: ANS-C01
-
📋 Exam guide: here
-
Passing Grade: 700/1000 (70%).
-
It holds up to its reputation for a tough exam, if you do this from home make sure to eliminate distractions, it is really worth going to the exam centre for this one. 2hrs 50min has ample time to get distracted. I had a neighbours car alarm go off for a while. In the end I finished with 20 mins and a lot of flags to re-review, the 170mins is not a lot of time.
-
I used both the Stephane Maarek (Udemy) https://www.udemy.com/course/aws-certified-advanced-networking-specialty-ans/ and Adrian Cantrill courses https://learn.cantrill.io/p/aws-certified-advanced-networking-specialty, both were great resources but some newer AWS features were not in the courses so its worth seeing whats new to not miss them.
-
Transit gateway (https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/transit-gateway.html) featured a lot and how to configure it with a DX + DX Gateway and the considerations across regions, study this thoroughly
-
I thought BGP community tags (https://docs.aws.amazon.com/directconnect/latest/UserGuide/routing-and-bgp.html) would be more important but it wasn’t, knowing which VIF to use for different networking conditions was important and knowing what you can reach with a Public VIF I got a bunch of questions, knowing you need a Transit VIF whenever a Transit Gateway is used was common
-
Route53 had a lot of questions, you’ll get asked about resolver endpoints (https://docs.aws.amazon.com/whitepapers/latest/hybrid-cloud-dns-options-for-vpc/route-53-resolver-endpoints-and-forwarding-rules.html) and hybrid DNS, DNSSEC (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-configure-dnssec.html) (know the flow for KSKs, ZSKs, the records that get produced and what resources they get attached to), different types of routing policies
-
Global Accelerator can point to an ALB: https://aws.amazon.com/blogs/networking-and-content-delivery/improving-availability-and-performance-for-application-load-balancers-using-one-click-integration-with-aws-global-accelerator
-
Private Site-to-site VPNS: https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-aws-site-to-site-vpn-private-ip-vpns/
-
Accelerated Site to Site VPN: https://docs.aws.amazon.com/vpn/latest/s2svpn/accelerated-vpn.html Accelerated Site to site VPN is scalable up to 50Gbps: https://docs.aws.amazon.com/whitepapers/latest/hybrid-connectivity/aws-accelerated-site-to-site-vpn-aws-transit-gateway-single-aws-region.html
-
Private NAT Gateway: https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/private-nat-gateway.html
-
MQTT protocol -> TCP -> Use NLB (https://aws.amazon.com/blogs/iot/building-an-iot-solution-to-securely-transmit-mqtt-messages-under-private-networks/)
-
When to use flow logs https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html, traffic mirroring https://docs.aws.amazon.com/vpc/latest/mirroring/what-is-traffic-mirroring.html, wireshark, guard duty https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html, inspector https://docs.aws.amazon.com/inspector/latest/user/what-is-inspector.html
-
I had a question on enhanced networking and ways to improve networking performance
-
I got a question about Reachability Analyzer https://docs.aws.amazon.com/vpc/latest/reachability/what-is-reachability-analyzer.html automation https://aws.amazon.com/blogs/networking-and-content-delivery/automating-connectivity-assessments-with-vpc-reachability-analyzer/ to make sure a path isn’t blocked and alert if a path through to a web server through a load balancer ever got blocked then alert
-
I got a lot of questions about load balancers, which should be used under different circumstances, know about connection draining with classic load balancers, know about path and host based routing etc, this can be found in the course content (just remembered another, had a question on the best way to load balance with one target group in AWS and another target group on prem, would need IP targets, look into this scenario)
-
Direct Connect MACSEC came up so study what do to in a key compromise (detach old key, attach another, what the names of the keys are)
-
Know the difference between CloudFront and Global Accelerator and what you would use each for in different scenarios
-
I got questions about WAF and IP Sets as a way to block malicious IPs
-
(Almost forgot a few questions on gateway load balancer so understand those too)
-
I didn’t get any questions on Transit Gateway multicast or appliance mode but worth knowing incase
Yearly Versent runs a company wide certification competition, with prizes for getting certified across different technologies relevant to the business.
For 2026 I decided to take a different tact and tried micro-certifications, associate and practitioner level certifications to get a wider breadth of the tech market given there’s so much going on in the field of Artificial Intelligence and Cloud and wanted to make sure I had exposure to a bunch of different services to build solutions.
Began studying back from break 27th of January - 15th March
A cert every 2.28 days
Amazon Web Services #
- AWS Certified Cloud Practitioner https://aws.amazon.com/certification/certified-cloud-practitioner/
- AWS Certified AI Practitioner https://aws.amazon.com/certification/certified-ai-practitioner/
Anthropic #
Given the rise of Anthropic over the last year getting an understanding of Claude
- AI Fluency: Framework & Foundations https://anthropic.skilljar.com/ai-fluency-framework-foundations
- Building with the Claude API https://anthropic.skilljar.com/claude-with-the-anthropic-api
- Claude 101 https://anthropic.skilljar.com/claude-101
- Claude Code in Action https://anthropic.skilljar.com/claude-code-in-action
- Claude with Amazon Bedrock https://anthropic.skilljar.com/claude-in-amazon-bedrock
- Introduction to Model Context Protocol https://anthropic.skilljar.com/introduction-to-model-context-protocol
- Model Context Protocol: Advanced Topics https://anthropic.skilljar.com/introduction-to-model-context-protocol
Google #
Google has pedigree in the AI space and this can be seen in it’s services
- Google Generative AI Leader https://cloud.google.com/learn/certification/generative-ai-leader
- Cloud Technical Series CTS https://cloudonair.withgoogle.com/events/apac-cts-onboard you get a badge for doing the labs
GitHub #
At Versent Github is our repository hosting service and engineers have access and are encouraged to use Copilot to accelerate tool development
- Github Copilot GH-300 https://learn.microsoft.com/en-us/credentials/certifications/github-copilot/?practice-assessment-type=certification
Notion #
At Versent we’ve adopted Notion as our document service of choice for
- Notion Essentials https://academy.notion.com/page/essentials-catalogue?reg=1
- Notion Workflows https://academy.notion.com/page/workflows-catalogue?reg=1
- Notion Advanced https://academy.notion.com/page/advanced-catalogue?reg=1
- Notion Certified Admin https://academy.notion.com/path/admin?reg=1
LucidChart #
At Versent we use LucidChart for developing architecture diagrams for our cloud environments and the results that come out are excellent. I spent some time with LucidChart courses to see if there was anything I’ve missed to improve my diagram creation workflow
- Basics in LucidChart https://training.lucid.co/basics-in-lucidchart
- Intelligent Diagramming https://training.lucid.co/path/intelligent-diagramming
- Technical Systems in LucidChart https://training.lucid.co/technical-systems-in-lucidchart
Miro #
Similarly to LucidChart, We’ve made use of Miro for workshopping and I’ve found it’s a really effective tool for team collaboration. I took the Miro essentials course to get a better sense of features available in Miro.
- Miro Essentials https://academy.miro.com/path/miro-essentials
Linux Foundation #
Not only is general Linux knowledge valuable on cloud engagements, I have a soft spot for Linux and I use it for all of my homelabbing endeavors and personal PCs. Back in the day (circa 2004-2006) I studied Systems Programming for Unix and have setup SOE environments with RHEL in the cloud. Nevertheless getting a refresher course from the linux foundation was both interesting and enjoyable.