mikej412 wrote: » The old VPN Concentrators are end-of-life, so unless you're supporting existing customers with VPN Concentrators, I'd skip getting one and just stick with the ASA/ISR routers and configure VPNs on those. There is no ASA configuration on the current CCNP, and just a little Router/VPN configuration.
knwminus wrote: » So it probably isn't worth it. The ASAs are not cheap, but I sit next to a ccnp and when I become a ccnp I want to be a better ccnp than him so I was just looking for an edge.
shednik wrote: » VPN Concentrators are terrible....run away I can't wait to retire mine at work. ASAs are awesome and the seem to keep adding all kinds of cool stuff to them. I'm just tired of finding bugs in code since I keep testing newer code:D
btowntech wrote: » I have noticed quite a few jobs (entry to mid level network engineer) asking for ASA experience now, and decided to pick one up to start learning in my spare time. We don't use any of the Cisco ASA 5500 series where I work but it can't hurt to learn.
btowntech wrote: » The CCNA Security and CCNP (ISCW) are only going to test you on router based VPNs. If you want to pick one up and get a little extra knowledge, I would say go for it. Here is a book if you need one: Cisco ASA Configuration
knwminus wrote: » Are you reading/have you read that book? I usually don't get books without reviews. I was thinking about this one Amazon.com: Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance (9781587052095): Omar Santos, Jazib Frahim: Books or this oneAmazon.com: Cisco ASA, PIX, and FWSM Firewall Handbook (2nd Edition) (9781587054570): David Hucaby: Books for my ASA studies.
broc wrote: » I highly recommend the second one from David Hucaby, that was my main source of study for the SNAF and SNAA. It's well written and cover just about everything except VPNs. I used Cisco website for all the VPN stuff, there is loads of configuration guides which explain everything you need. The CCNP wasn't easy but believe me, the CCSP is another major step harder! Very interesting though and I think very "real world". Right, off for my IPS exam to see if I'll be a CCSP by the end of the day
knwminus wrote: » Very cool. How would you rate the difficulty of the ASA specialist exams.
broc wrote: » They are difficult exams, I was well prepared for the SNAF and I'm glad I was! You need to have a very good grasp on the theory AND know how to configure everything with the CLI and ASDM. I passed the SNAA a week later thinking it was going to be even harder but surprisingly, I found it to be very similar (some questions were almost the same) and actually easier. Spend some time learning all the types of NAT/PAT and why/when to use them!
knwminus wrote: » Did you think you needed NP level knowledge of networking before you did the ASA specialist?
broc wrote: » It's difficult to say, it certainly helped a lot but I wouldn't say it is necessary. CCNA level should be fine, you'll just have to work harder
broc wrote: » You need to master ACL, NAT and VPN, I would say that's the three key technologies for the ASA exams.
knwminus wrote: » I am willing to put in the work I am thinking about maybe picking up an ASA (or 2) up (if I can find 1 for cheap ) At my current job, there are 5 CCIEs (1 Voice and the rest R/S), maybe 10 CCNPs, and only 1 CCSP. Since I want to move up from the noc soon, it maybe best to get the CCSP (and asa specialist). My current job allows me to touch (more like very lightly poke) some asas but I would like to get into it a little more. My ultimately goals live in security so CCIE:S RHCSS/RHCA/SCNA/SCSECA and GCUX are on my 4 -5 year goals list. I may throw in a firewall cert (CCSA/CCSE) or more Juniper certs but I am not to sure yet.
broc wrote: » Well that should keep you busy for the next few years I have quite a lot of equipment at home but no ASA as yet... they are a bit expensive and I simulated them on VMWare, a pain to set up but you can't beat the price
knwminus wrote: » You can sim an ASA on Vmware? Did NOT know that! So is it like GNS3 but for the ASA?
broc wrote: » Oh and the latest beta of GNS3 claim to be able to handle an ASA image too but I haven't tried it yet.
ilcram19-2 wrote: » dont get and ASA thet suck get an router ISR
knwminus wrote: » Wouldn't that defeat the purpose of doing the ASA specialist
knwminus wrote: » My company deploys and supports many of these things. I was thinking about for my CCNA:S studies, picking up an ASA (I know this isn't tested but I just want one) and a VPN Appliance. Is this feasible for NA level studies? My company is moving to have everyone CCNA certified and the Tier 2s (me) to have CCNP's (they haven't said it yet but it is coming down the pipe) and Juniper certs. How much ASA/VPN configuration is on the current ccnp and would it be worth while to pick up this gear for that purpose?
