Skip to main content

The following document is designed to guide you through preparing for an interview with Aviatrix for the role of Technical Marketing engineer.  For those who are new to the public cloud and public cloud networking, there are also some lab topologies that will help you learn this technology at your own pace. 


Preparing for the Interview 


Examples of Documents and/or Videos from Previous Jobs or Roles 


These can either be sent directly to the interviewer, or links can be provided to the examples if they are publicly accessible.  Examples could be demo or presentation videos, slide decks used for presentations, solution briefs, white papers, how-to articles, or blogs.  


General Networking and TME Interview Topics 


The following networking topics are frequently covered during the interview process.  Topics that are not on this list but are mentioned in your resume may also be covered.  Knowledge of every topic is not necessary, but understanding of at least a few of these topics will be required. 



  • Core layer 2 and layer 3 networking knowledge 




  • Understanding of BGP.  This is the predominant routing protocol in the cloud, so OSPF and EIGRP will not be covered in the interview. 


  • Understanding of IPsec encryption, including design choices.  For example: policy-based versus route-based VPN 


  • On-prem DC to Cloud and/or On-prem Branch to Cloud connectivity options, design choices, pros and cons 


  • Traffic flows and packet walk 


  • NGFW design and packet flow 




  • Understanding of public cloud networking 



For those who are new to Public Cloud Networking 


Expectations for those who have limited knowledge of or experience with the Public Cloud 



  • Take the ACE Associate Certification training which covers the basic Public Cloud Networking and Security concepts.  Passing the certification exam is optional. 





  • Complete the following two labs in order 



Lab1 – Multi-Cloud Networking 101 


This lab focuses on simplifying your cloud and multi-cloud networking using Aviatrix.  Follow the Lab detailed here using the Aviatrix Sandbox Starter Tool. 


Warning



  • There is a cost associated with running and deploying these labs and that cost is your responsibility 


  • The instances should be shut down or all the resources should be deleted if cost is a concern 


  • A service like ParkMyCloud can be used to schedule automatic shutdown of your lab



Lab2 – AWS Networking 101 


It is not required to focus on AWS if you have previous familiarity with another cloud.  Knowing one cloud is enough for the interview.  AWS is recommended because it is currently the leader in Public Cloud and hosts the most deployments.  During the interview process, the focus is on Networking and Security aspects.  Storage and other application layer services are not covered. 


This is a complex lab and can take a lot of time.  It is not expected that you will finish the entire lab, but this should provide a lot of information about what topics are relevant and are likely to be brought up in the interview process.  This may give you some ideas for what to research in preparation for your interviews. 


Lab2 Objectives 



  1. Create 5 VPCs in an AWS Region (the diagram shows the us-west2/Oregon Region, but the VPCs can be created in any Region) 




  1. Create an instance of one of the smallest types (t2.micro for example) in the Prod, Shared, and Dev VPCs 




  1. Use native VPC peering to connect those VPCs 




  1. Verify that these VMs can ping each other’s private IPs 




  1. Deploy a Palo Alto firewall VM in the Transit VPC 




  1. Verify access from your desktop/laptop to the Palo Alto VM using the public IP assigned to the VM 




  1. Verify that the three instances deployed in step 2 can ping the Palo Alto VM’s private IP 




  1. Verify that the three instances deployed in step 2 can ping any internet site using the Palo Alto Firewall 




  1. Deploy an instance of one of the smallest types in the Management VPC and verify that this instance can ping any internet site using the AWS Internet Gateway (IGW) deployed inside the Management VPC



Example Cloud Networking and Security-related Interview Questions 


The following questions assume that your preferred cloud is AWS, and the expectation is that provided you have worked through the labs, you could answer these questions. 



  • What is the difference between a public and private subnet? 




  • How do you associate a subnet to a route table? 


  • What is an IGW? 


  • How can an EC2 instance in AWS have an elastic IP (EIP) and a private IP?  How does this work? 


  • Explain the Ingress packet walk 


  • What is the AWS Transit Gateway (TGW)?  Does it belong to a VPC or is it a global resource? 




  • How could you connect 10 VPCs without using an AWS TGW? 


  • How can you add a NGFW in the data path between two EC2 instances for inspection? 


  • How would you secure the Apps in a VPC?  What are the options? 


  • Is encryption needed in the public cloud?  If yes, how could end-to-end encryption be achieved in the cloud?  What about on-prem resources? 


  • How can overlapping IPs be handled in the public cloud?  What NAT options are available? 




  • And more… 



For the purposes of the interview, the expectation is that you will answer based on native cloud options, not what is possible using the Aviatrix solution. 


Example TME-related Interview Questions 



  • Based on your current role, present your “elevator pitch” for or a brief description of one of the products you are currently working on. 


  • When creating collateral (could be a document such as a whitepaper or blog, a slide deck for presentations, or a video), what is your approach to creating this content?  How do you take this process from concept to product? 


  • When creating content, what are the most important elements to make this content (again, could be written or video) resonate with readers/viewers? 


  • When having to present a complex subject to an audience in a way that the audience can understand, what is the most effective way you have found to accomplish this? 




  • Assume that you are speaking to an entry-level network engineer.  Explain what BGP is, how it works from a protocol perspective (no need for configuration or debug commands), and why it is important. 



Misc. Hints about the Interview Process 



  • The majority of the interview will be based on the resume that was submitted. 




  • Candidates are allowed to quickly look (take a minute or so) things up during the interview to find the answer.  Cramming for the interview is not expected, there is a reason why we write things down. J 


  • Sometimes the interviewer may confuse you.  Do not feel that you cannot ask for clarification.  Sometimes the best reply is to ask questions in response. 


  • The interviewer will try to simulate a real-world scenario to check your communication and confidence. 


  • It is acceptable for you to prepare a few Cloud Networking and Security topics for the interview.  If you mention that you want to stay within these areas, the interviewer will try to stay mostly within that area.  For example: 




  • AWS Direct Connect concepts and deployment details 




  • GCP Shared VPC concepts and routing details 


  • Azure transit concepts and deployment using a Firewall Network Virtual Appliance (NVA) 




  • The interview focuses on architecture aspects and communication/presentation of these concepts. 


  • Routing and Security in the Cloud is an important topic. 


  • On-prem connectivity from the Cloud is another important topic. 




  • You can pick a Cloud Service Provider (CSP) of your choice to explain the networking and security features in detail. 



 

Be the first to reply!

Reply


Terms & Conditions