SANS: Sounds very cool

mistervince

I've heard about SANS... but I really dont know what it entails. COuld someone like give me a brief overview... I know it is security related... and very in-depth. But like who offers this course and what benefits are of getting the certification?

janmike

SAN=Storage Area Network

A SAN is a network by itself, or maybe a subnetwork. It can have its own security. The primary purpose is redundancy of data. SANs are a basic unit of Enterprise Networks.

Look here http://searchstorage.techtarget.com/sDefinition/0,,sid5_gci212937,00.html

I believe that any certification involved with SANs, would be vendor related. These SANs are generally designed as separate entities to serve data storage purposes, are quite complex, and are unique to the particular enterprise system for which they are designed.

A remotely related device or device combination is NAS, Network Attached Storage. This involves a separate device or device cluster. It too assures reduncancy of data, but it's not a network by itself. See here, http://www.webopedia.com/TERM/N/network-attached_storage.html

Hope this helps!

/usr

SANS is an organization. I wasn't aware of any certification, but there may be one. Go to www.sans.org for more info.

Webmaster

I think you are looking for www.giac.org

janmike

Holy cow! That's the way I bowl too--I get some pins down but I hit 3 lanes over!

Excellent info gentlemen.

Incidently, did a search on SAN(storage) certification. HP offers certification that they claim is vendor-neutral. If anyone is interested, look here.
http://education.hp.com/storage_san_snia.htm

440A

SANS (www.sans.org) is a security training organization which offers a number of certifications under the GIAC moniker. Some tracks are more managerial but most are technical.

I've done three:
GSEC - general security, different OSes
GCIH - incident handling and different types of attacks
GCFW - network design with firewalls

SANS events are run a number of times per year in a number of countries.
Each training event offers 3-10 courses.
A SANS course is a few days to a week long. It's full days of lecture and often a hands-on lab, plus special labs and BOFs and so on. In many of the tracks you need to bring a laptop loaded with multiple OSes.

You do not have to take a SANS course for certification but they're expensive so you might as well. It's a lot of work. You take the course, then write a paper and if the paper passes, take an online exam. You get six months to do it and I needed most of that time. It is a big investment of your time. You can also take the lecture on line. But still a lot of work.

The teachers are quite good. They work in the field and are known, like Ed Skoudis and Chris Brenton.

I do not have experience with other organizations like this so I'm not making comparisons. You can look at passing papers on the SANS web site. The certs helped me some professionally, but the learning is the main thing. I learned a lot. Plus got to network with a bunch of people. The events are pretty intense, people are there to work. It's not fluff. But it can be fun. There were about 400 people at the last one I went to.

Oh yeah and you have to re-certify (another exam) every 2 or 3 years depending on the cert. There's some master cert you can get by doing 5 individual ones and then some exam. How someone does that and holds down a job is beyond me.

These don't compare to product-specific certs like Cisco. They're all-around security courses. One exception: They have just started a new course called LAMP (Linux Apache MySQL PHP) which is about configuring that kind of setup securely. The emphasis is on security.

HTH

mistervince

thnx guys. that was a lot of help. im excited... som e of these certs will really help me specialize the way that I want to.

Ten9t6

mistervince wrote:

thnx guys. that was a lot of help. im excited... som e of these certs will really help me specialize the way that I want to.

good luck...these should be a lot of fun. I know an instructor for them...he is a very smart guy.