I started SEC503 in mid-January. It is one of the required courses for the SANS MSISE program and the GSE otherwise I probably would have taken some other courses first. The course was well taught and there was a lot of valuable information information in it regarding packet analysis and IDS tuning, rule writing, etc. There was also a lot of information that will not apply to the average person such as the use of tools such as bro and SiLK...or maybe they just haven't applied to me much. They are both interesting tools but unless you work as an IR consultant or you work for a small company that relies on open source free tools you probably won't use either of them. I found this course difficult to get excited about and therefore hard to get motivated for. It could be that it's just more appealing to me to reverse engineer malware or do pen testing. The actual exam turned out to be a lot easier than I expected. I finished with an hour to spare and scored a 90 so I'm happy with that. I have to take the 2nd test for the Cisco Cyber Ops CCNA in a couple weeks and then I'm hoping to take the GSE multiple choice test. I want to get it over with while this material is still fresh in my head. I don't plan on taking the lab portion until the end of next year.