anjan42anjan42 Member Posts: 5 ■□□□□□□□□□

I am making up my mind for JNCIE Security, Please review my following calculations and provide input .

JNCIA Junos Exam - 100 USD ( 50% Discount apply using FastTrack ) 50 USD Net
JNCIS SEC Exam - 200 USD ( 50% Discount apply using FastTrack ) 100 USD Net
JNCIP SEC Exam - 300 USD ( No Discounts ) 300 USD Net
JNCIE SEC Lab - 1400 USD

vSRX ( Free of Charge )
1x SRX100 ( 350 USD on Ebay )
2x SRX210 ( 400 USD Each on Ebay )

Inetzero workbook with solution ( 620 USD )

PS - I am a CCIE Security with 6 years experience working for system integrators , the market seems down for Cisco here mainly because Cisco is lacking UTM features . Their recent acquisition of Sourcefire has made me think a lot as Cisco already had an IPS yet they went out to buy them rather than making changes to own product . It makes me feel that even Cisco realize the fact that they are a bit behind now in Security area now compared to companies like Palo Alto , Fortinet and others . I guess it all started after introduction of Application Aware Firewalling . Other than that other vendors like Dell Sonicwall , Fortinet are working very aggressively when it comes to price in this region which is now making Cisco firewalls less attractive , the problem now with Cisco is that they are not that concerned with the sales as they already are big in business and they believe it doesn’t make sense to offer greater discounts with small deals . This is my main reason of working towards JNCIE so that I become a bit more flexible with different vendors .

Would the above mentioned lab equipment enough? I got these from a blog post actually, other than that I enrolled in Juniper Authorized Consultant program some time ago and I was wondering if I can order NFR equipment using that which means 70% Off on GPL and not purchasing through ebay . If I cant order them through Consultant program then I might try getting them through my ex-company , can someone please provide me exact SKU/Part Number for all devices .

I can go for base versions of these devices and activate UTM features using trial license however there is a limitation and one can only activate trail license for 4 weeks per year which doesn’t sounds reasonable if I want to practice much . Alternatively I could go for SRX devices loaded with UTM license so all works for life .

Would I be able to work using vSRX if I dont plan to buy hardware devices , I have seen some 30 days trail offerings for vSRX .

Any links for Group studies would be appreciated.



  • Options
    zoidbergzoidberg Member Posts: 365 ■■■■□□□□□□
    Things to keep in mind...

    UTM, IPS, Transparent mode. I'm not sure what level of support vSRX has for these features and you will need to know how to use those for the JNCIE lab exam. I don't know if things like AppTrack, AppFW, AppDoS, etc have been added to the lab exam. I quickly skimmed the description and didn't see mention of them.

    If you need to go with actual SRX hardware, get the high-memory models so you can fully support the advanced features. SRX100H vs SRX100. Hopefully you can get some good deals on NFR equipment.

    For licensing, that can be tough. You may be able to configure and run some of the features without an active license, but may just be unable to update them. That may work for you if you need to go beyond the trial limit. You could also stagger your trial licenses by not getting all licenses at once, but only when you start working with that particular feature set in the your lab prep.

    If you're doing all of that, you may be interested in tacking on the JNCSP-SEC certification as well. You'll cover a lot of that material in your current study plan, and it should be helpful when pursuing the JNCIE lab as well. That will add 2 exams to your list though, Junos Tshooting and the Security Support Professional exam.
  • Options
    nethackernethacker Member Posts: 184 ■■■□□□□□□□
    @anjan42, how is your studies going? I'm also preparing for mine which will hold next year February. How's the workbook and walkthrough for iNetZero? Please share your thoughts
Sign In or Register to comment.