Distinction between Network Admin and System Admin

Distinction between Network Admin and System Admin

Post by jab3 » Tue, 14 Sep 2004 14:02:48



[OSOT] = Only Slightly Off Topic  :)

Hello everyone -

I have a question about how you all would distinguish Network Administrators
from System Administrators and the separate duties for each function.  

A quick background - I recently applied for a job to a company that is a
serious networking company and they are looking for another Linux System
Administrator.  I applied, got a call-back, filled out a self-analysis form
and then a questionnaire about my experience with Linux and administration.
I had told them this would be my first job like this - I am mostly
self-taught and professionally inexperienced (which may show soon ;)).
Well, I talked to the IT Human Resources person and she told me that they
had two Network Administrators and one System Administrator, and they were
looking for someone to lessen the burden of the SysAdmin.  Later I received
another call-back, this time with the IT HR person, the Director of Human
Resources, and the SysAdmin himself.  This was supposed to be a 'more
technical' interview.  Well, he then proceeded to question me about my
experience with what, to my mind, are networking admin functions.  He asked
if I had ever set up a box as a router and firewall/masquerading machine,
if I had ever set up a DNS server, if I had ever used any MTAs for mail
servers, if I had used Samba/NFS, etc.  About the only thing he asked that,
to me, was about System Administrating was how I kept up with security
issues and whether I knew Bash and/or Perl scripting.

It seems _to me_ that most of his questions were geared more toward Network
Administration functions, which I would think - having 2 Network Admins -
they had covered.  To me, if you are going to split the jobs (2 Net, 2
Sys), a Network Admin would deal with the DNS, MTA, Firewalling, NFS,
Samba, etc; and the SysAdmin would deal with the updates, patches,
tweaking, maintaining, configuring, installing, monitoring, etc.  Am I way
off in my callowness and ignorance on this?  Or was he interviewing me for
a Network Admin job instead of a SysAdmin job?

I am indeed asking with full knowledge that I have no first-hand knowledge
of this :).   I'm just trying to explain how I see it, based on my reading
and personal experience - and am asking for correction and elucidation from
the experts. :)  Is networking so prevalent these days that the line
between the two jobs has been blurred into an indistinguishable haze?

Thanks for any comments/help -
jab3

 
 
 

Distinction between Network Admin and System Admin

Post by Paul Colquhou » Tue, 14 Sep 2004 20:20:02


| [OSOT] = Only Slightly Off Topic  :)
|
| Hello everyone -
|
| I have a question about how you all would distinguish Network Administrators
| from System Administrators and the separate duties for each function.  
|
| A quick background - I recently applied for a job to a company that is a
| serious networking company and they are looking for another Linux System
| Administrator.  I applied, got a call-back, filled out a self-analysis form
| and then a questionnaire about my experience with Linux and administration.
| I had told them this would be my first job like this - I am mostly
| self-taught and professionally inexperienced (which may show soon ;)).
| Well, I talked to the IT Human Resources person and she told me that they
| had two Network Administrators and one System Administrator, and they were
| looking for someone to lessen the burden of the SysAdmin.  Later I received
| another call-back, this time with the IT HR person, the Director of Human
| Resources, and the SysAdmin himself.  This was supposed to be a 'more
| technical' interview.  Well, he then proceeded to question me about my
| experience with what, to my mind, are networking admin functions.  He asked
| if I had ever set up a box as a router and firewall/masquerading machine,
| if I had ever set up a DNS server, if I had ever used any MTAs for mail
| servers, if I had used Samba/NFS, etc.  About the only thing he asked that,
| to me, was about System Administrating was how I kept up with security
| issues and whether I knew Bash and/or Perl scripting.
|
| It seems _to me_ that most of his questions were geared more toward Network
| Administration functions, which I would think - having 2 Network Admins -
| they had covered.  To me, if you are going to split the jobs (2 Net, 2
| Sys), a Network Admin would deal with the DNS, MTA, Firewalling, NFS,
| Samba, etc; and the SysAdmin would deal with the updates, patches,
| tweaking, maintaining, configuring, installing, monitoring, etc.  Am I way
| off in my callowness and ignorance on this?  Or was he interviewing me for
| a Network Admin job instead of a SysAdmin job?
|
| I am indeed asking with full knowledge that I have no first-hand knowledge
| of this :).   I'm just trying to explain how I see it, based on my reading
| and personal experience - and am asking for correction and elucidation from
| the experts. :)  Is networking so prevalent these days that the line
| between the two jobs has been blurred into an indistinguishable haze?
|
| Thanks for any comments/help -
| jab3

In my experience, if it runs on a computer, it's a Sysadmin's responsibilty.

Network admin guys run the dedicated hardware stuff, routers, switches,
(some) load balancers, dedicated firewalls, etc. They run a lot of cableing
as well.

These aren't hard & fast distinctions, there is a lot of overlap, and both
sides need to talk a lot, so network changes don't stuff up the servers,
and vice versa.

There is also the big overlap that you mentioned, turning a general
purpose computer into a router or a firewall.

--
Reverend Paul Colquhoun, ULC.    http://andor.dropbear.id.au/~paulcol
     Asking for technical help in newsgroups?  Read this first:
        http://catb.org/~esr/faqs/smart-questions.html#intro

 
 
 

Distinction between Network Admin and System Admin

Post by James Knot » Tue, 14 Sep 2004 22:35:06



> It seems _to me_ that most of his questions were geared more toward
> Network Administration functions, which I would think - having 2 Network
> Admins - they had covered.??To?me,?if?you?are?going?to?split?the?jobs?(2
> Net,?2 Sys), a Network Admin would deal with the DNS, MTA, Firewalling,
> NFS, Samba, etc; and the SysAdmin would deal with the updates, patches,
> tweaking, maintaining, configuring, installing, monitoring, etc.??Am?I?way
> off in my callowness and ignorance on this???Or?was?he?interviewing?me?for
> a Network Admin job instead of a SysAdmin job?

> I am indeed asking with full knowledge that I have no first-hand knowledge
> of this :).???I'm?just?trying?to?explain?how?I?see?it,?based?on?my?reading
> and personal experience - and am asking for correction and elucidation
> from the experts. :)??Is?networking?so?prevalent?these?days?that?the?line
> between the two jobs has been blurred into an indistinguishable haze?

Much of what you consider netowork admin are server related.  For example,
why would a network guy be worried about Samba or MTA?  And anyone setting
up a server, had better know about firewalls etc.  It looks like you're
going to have to learn a bit more about what the position entails.

--

(This space intentionally left blank)

 
 
 

Distinction between Network Admin and System Admin

Post by Ian Northeas » Wed, 15 Sep 2004 04:54:52



> He asked if I had ever set up a box as a router and
> firewall/masquerading machine, if I had ever set up a DNS server, if I had
> ever used any MTAs for mail servers, if I had used Samba/NFS, etc.

As a sysadmin I have done all of those things.

Apart from the router/firewall, I consider them all to be firmly in the
sysadmin's field not the network admin's. Nameservers, MTAs and
fileservers are all things which normally run on "general purpose" servers
(there are exceptions).

Network admins look after routers, switches, cables etc. In my book their
responsibility stops where the cable plugs into the NIC in my server. The
NIC is mine. The cable is theirs.

The demarcation isn't all that clear and different shops will draw
the line in different places, often with some overlap. Routers and
especially firewalls are a bit of a grey area in particular as they are
often dedicated devices but also quite frequently run on standard
hardware under general purpose OSs e.g. Linux.

In our shop the routers and firewalls are normally dedicated (Cisco and
Nokia) devices and are looked after by the network admins. But
occasionally we need a temporary one at very short notice and in these
cases we in sysadmin have set them up using Linux on old PCs.

And IMO even if a sysadmin does not look after any network component
directly, he or she still needs a thorough knowledge of networking, in
order to diagnose problems which affect his or her servers. IME the
network admins can try to push their problems onto us if we cannot prove
where the fault is. It probably works the other way too:)

And finally sysadmins and network admins have to work very closely
together. It helps a lot to have an understanding of each others' fields.

So I think the interviewer was rather lenient on you:) He apparantly
didn't ask any detailed questions about network protocols etc. How are you
at interpreting tcpdumps?

Regards, Ian

 
 
 

Distinction between Network Admin and System Admin

Post by Moe Tr » Wed, 15 Sep 2004 07:52:48



>[OSOT] = Only Slightly Off Topic  :)

>I have a question about how you all would distinguish Network Administrators
>from System Administrators

By their job titles in the org chart, and who has 'root' on the routers.

Quote:>He asked if I had ever set up a box as a router and firewall/masquerading
>machine,

In the Linux world, those often are computers, rather than real routers
from Cisco, et.al.

Quote:>if I had ever set up a DNS server, if I had ever used any MTAs for mail
>servers, if I had used Samba/NFS, etc.

All of which are run/setup on computers

Quote:>About the only thing he asked that, to me, was about System Administrating
>was how I kept up with security issues and whether I knew Bash and/or Perl
>scripting.

EVERYONE should be reading Bugtraq, but not many Ciscos run a bash shell
or perl.  ;-)

Quote:>It seems _to me_ that most of his questions were geared more toward Network
>Administration functions,

A lot of this depends on the individual company.  Network admins tend not
to "fix" computers, while sys-admins tend not to be intimate with the real
network hardware like (real) routers, switches, and the like.  But the line
isn't that fine or definitive.  If the router is a clapped out 386 with
four network cards, either or both may have responsibilities. The mail,
DNS, NIS, NFS and print servers are often standard workstations that may
have additional RAM or disks. so who do you think would "own" them? Network
cabling from the wall plug to the computer can be handled by just about
anyone with a few minutes training - but the wiring cabinets and wiring in
the wall/ceiling/floor is another matter entirely. If you are using fiber,
that's also specialized.  But (for example), the DNS server?  It's
probably running the same OS as the rest of the servers and maybe the
workstations - so that's a sys-admin, right?  But it's running bind or
some other DNS application - that's often a network-admin's turf. See
the big gray area?  Some places I've worked split the responsibility
by function - so maybe the DNS server, routers and firewall belong to
the network administrator (it's your box - you fix it) while the file
servers and printer may be the sys-admin's cross.

I can assure you that both Network and System administrators do share
a lot of skill sets - and may actually use them ;-)

       Old guy

 
 
 

Distinction between Network Admin and System Admin

Post by James Knot » Wed, 15 Sep 2004 11:03:25



> In our shop the routers and firewalls are normally dedicated (Cisco and
> Nokia) devices and are looked after by the network admins.

You might also want to run firewalls on all computers, including servers.

--

(This space intentionally left blank)

 
 
 

Distinction between Network Admin and System Admin

Post by jab3 » Thu, 16 Sep 2004 05:22:44


Thanks to everyone who responded.  It's funny, after reading the replies and
explanations (basically the, if it's software running on a computer -
that's SysAdmin; if it's hardware that's not running on a basic computer,
that's NetAdmin - granted, that's an oversimplified summation of the
responses, but you get it :)) - I had one of those 'Ahh, now that makes
sense' experiences.  I think I was confused because I'm reading through
Craig Hunt's TCP/IP Networking Administration, and he keeps referring to
DNS configuration and Sendmail configuration and router configuration as
Network Administration, which I suppose in a sense it is.  But now I see
how it makes more sense to try and divide the line between software (or at
least computer[server|client]) and hardware[wiring|switches|routers|etc]).
I guess I had it in my mind that if it operated over a network (even
something like Samba) or served a network function, it was a NetAdmin
domain.  I suppose it makes more sense the way everyone has described it
based on actual experience :).  

Anyway, thanks for everyone's clarification and guidance.

-jab3

P.S. (Ian) - I'm learning, but I'm certainly no Shimomura at reading
tcpdumps. :)

 
 
 

Distinction between Network Admin and System Admin

Post by Ian Northeas » Thu, 16 Sep 2004 05:54:56



> P.S. (Ian) - I'm learning, but I'm certainly no Shimomura at reading
> tcpdumps. :)

When you have to, you will find ethereal very useful. It can either take
the trace itself or use the output of tcpdump -w; either way, it will
interpret the packets for you.

Regards, Ian

 
 
 

Distinction between Network Admin and System Admin

Post by jab3 » Thu, 16 Sep 2004 11:37:23


Ian Northeast finally wrote on Tue September 14 2004 04:54 pm:


>> P.S. (Ian) - I'm learning, but I'm certainly no Shimomura at reading
tcpdumps. :)

> When you have to, you will find ethereal very useful. It can either take
> the trace itself or use the output of tcpdump -w; either way, it will
> interpret them for you.

> Regards, Ian

You know, I actually have used Ethereal a couple of times.  Felt like I was
taking the easy way out (which is why I didn't mention it in earshot of the
experts ;)) - so I'm glad to see that you at least condone such tools for
learning. (and then perhaps for ease of use once familiar with the packet
headers, etc, through tcpdump)  Of course, if you can read tcpdumps, I
imagine you can use it on virtually any *nix system, which is a good thing.

Cheers -
jab3

 
 
 

Distinction between Network Admin and System Admin

Post by Christopher Brown » Thu, 16 Sep 2004 13:52:21



Quote:> [OSOT] = Only Slightly Off Topic  :)

> Hello everyone -

> I have a question about how you all would distinguish Network Administrators
> from System Administrators and the separate duties for each function.  

Quick answer:

 - System administrators know "Unix" and its services

 - Network administrators need expertise with routers, switches, and
   other such appliances that are quite likely to involve additional
   non-Unix user interfaces.
--

http://www.ntlug.org/~cbbrowne/lsf.html
Rules of  the Evil Overlord  #123. "If I  decide to hold a  contest of
skill  open to  the general  public, contestants  will be  required to
remove their  hooded cloaks and  shave their beards  before entering."
<http://www.eviloverlord.com/>

 
 
 

Distinction between Network Admin and System Admin

Post by Ian Northeas » Fri, 17 Sep 2004 05:09:53



> Ian Northeast finally wrote on Tue September 14 2004 04:54 pm:


>>> P.S. (Ian) - I'm learning, but I'm certainly no Shimomura at reading
> tcpdumps. :)

>> When you have to, you will find ethereal very useful. It can either take
>> the trace itself or use the output of tcpdump -w; either way, it will
>> interpret them for you.

>> Regards, Ian

> You know, I actually have used Ethereal a couple of times.  Felt like I
> was taking the easy way out (which is why I didn't mention it in earshot
> of the experts ;)) - so I'm glad to see that you at least condone such
> tools for learning. (and then perhaps for ease of use once familiar with
> the packet headers, etc, through tcpdump)  Of course, if you can read
> tcpdumps, I imagine you can use it on virtually any *nix system, which is
> a good thing.

I always use ethereal if I need to examine the packets in detail, as
opposed to just checking source and destination IPs and ports etc. It's
much easier. There's nothing "correct" IMO about using old fashioned
cruder tools, you use the most effective tool for the job in hand. E.g. if
you just want to see how much traffic is being exchanged with something
tcpdump is often simplest, if you want to dissect packets bit by bit or
get an easy to understand picture of whole conversations ethereal is the
business. I don't know the detailed structure of an IP or TCP header. I
don't need to, ethereal does. Of course, I do know where to look it up:)
("UNIX Network Programming" by the late W.R.Stevens).

You can use ethereal on virtually any *nix system too. Even if it's not
included in the base OS, it's often available on a "bonus" or some such
CD, and can be compiled if it's not. The only exception I have found is on
IBM's AIX, where, while ethereal is provided on one of their additional
CDs, using it in packet capture mode can crash the server. So it's safest
not to have it installed. On AIX I tcpdump to a file, ship the file to a
Linux machine and load it into ethereal. You could do the same on any
system (if any such exists) which has tcpdump but cannot for some reason
run ethereal. An IP packet is an IP packet, it makes no difference what
system it was captured on.

Regards, Ian