Renew CCNA:R&S or go to CCNP:R&S?
TechGuru80
Senior MemberMember Posts: 1,539 ■■■■■■□□□□
in CCNP
Here's an interesting situation...so I originally got my CCNA:R&S in 2013 (version 2) and renewed with CCNA:Security in 2015 but primarily I have been in InfoSec / compliance roles so I haven't used much Cisco with the exception of studying and minimal labbing.
I really enjoy networking but overall I want to be in network security. I watched a CBT Nuggets clip on YouTube where Keith Barker recommended network+, security+, CCENT, CCNA, CCNA:Security, CCNP:R&S, then getting certified with Palo Alto or Checkpoint.
Since most network related jobs want at least CCNP...should I renew my CCNA first since I haven't touched it in a while, or will the CCNP give me enough refresh and avoid backtracking?
I really enjoy networking but overall I want to be in network security. I watched a CBT Nuggets clip on YouTube where Keith Barker recommended network+, security+, CCENT, CCNA, CCNA:Security, CCNP:R&S, then getting certified with Palo Alto or Checkpoint.
Since most network related jobs want at least CCNP...should I renew my CCNA first since I haven't touched it in a while, or will the CCNP give me enough refresh and avoid backtracking?
Comments
CCNP will give you enough of a refresh that you don't need to do CCNA again since you're still certified.
If Security is going to be your focus, I'm not sure going for CCNP R&S makes sense. Does Keith recommend that even for people who want to work in Security?
Seems like CCNP Security or some other Security cert should be your focus since you already have the CCNA R&S/Security as a foundation. I mean, how much does knowing EIGRP K timers, OSPF stub areas and route redistribution really benefit a security person day to day?
CCNP TShoot - 3/7/2018
CCNP Route - 1/31/2018
CCNP Switch - 12/10/2015
CCNA R/S - 1/14/2015
That said too you shouldn't need to back track all the way into CCNA. Get your NP R/S and build from there for sure. Being a strong network security engineer requires that you understand networks, it would only make sense to nail down the R/S cert before moving on to the next stuff.
My ultimate career goal: To climb to the top of the computer network industry food chain.
"Winning means you're willing to go longer, work harder, and give more than anyone else." - Vince Lombardi
Palo Alto firewalls are pretty good. I'd say they are better than the cisco firewall of old, but the NextGen Cisco ASA with FirePower) look real nice.
I am in a similar situation as you. I want to focus on Network Security, so I'm studying for CCNP Security. I do have my CCNP R&S, but I'd recommend leaning towards the CCNP Security instead. Like Daniel said having a strong R&S foundation is important, but you can always learn the CCNP R&S topics without taking the exams.
Btw, Keith has a great course on learning Palo Alto firewalls, so does RouteHub.net. The problem is Palo does not like giving free trial licenses.
Are you looking to change jobs?
I work with plenty who have let their Cisco certs lapse, while several there are CISSP. It was quite odd, before I started working here I wanted to be in the security field and the CCNA was a step towards that goal. It has since branched out into a multitude of areas and I find myself going back to the Cisco certifications and knowledge to make my security focus that much more streamlined. Mainly because, sometimes that dropped packet ain't the firewall's fault, but you gotta prove it. Once I finish the CP certs and the Cisco NP R&S track, I'm going to cycle back to the security related aspects.
I can see where this UToob vid would suggest the certification path as you have outlined above would be beneficial, but to be totally honest with you places like Check Point and Palo Alto will see it as being overly qualified for their entry-level programs. There are the occasional exceptions, and I've seen maybe 5 or 6 out of 100+ that have done so. Companies that utilize or support CP/PAN should be beating down your doors with both Cisco and CP/PAN certs (a local company is headhunting and a few of us got the same offer of six figures plus a crazy bonus.....tempting.....)
The Check Point firewall is a ridiculously awesome product (we do not speak of PAN lol), but it is also ridiculously complex. I wish you an abundance of luck should you go the CCSA/E route, VMWare will be your friend, and try to get the current study materials if you can.
/rant
― Ellen Johnson Sirleaf
The one benefit of PAN, it is really straight forward. Personally, I was going the CheckPoint /CCSA route before I was offered my current job. We're all PAN. I'll still probably do it, as it is widely used. They make a really good product.
Being that your Cisco certification expires in 2018, why not go for CCSA or PCNSE for a 2016/early 2017 goal, then renew your Cisco certs by taking a higher exam (I'd suggest starting with SWITCH, if going the CCNP R&S route)
I've not been exposed to much of PAN, just Checkpoint, and my opinion of PAN (or lack thereof) is more tongue-in-cheek than anything else because of how they got started. I've heard plenty of positives about PAN, several friends have since gone on to work there, not trying to bag on em at all.
I've already have the CCSA and am currently working on CCSE/CCSM since I passed SWITCH last month. After the CP certs are done, I'm getting ROUTE and TSHOOT by the end of 2017 if I can make the time for it all. After that...something with a Security focus.
― Ellen Johnson Sirleaf
LOL...that's funny, good point. Do you work for CP?
My suggestion was for the OP, I was suggesting instead of him going straight for CCNP, why not get a cert from one of these other firewall vendors in the meantime, and then focus back on an NP.
― Ellen Johnson Sirleaf
Well actually you'd be surprised to find EIGRP is running on plenty of places running cisco based networks in these environments OSPF would not be beneficial in the workplace.