Can't Wait!!

For those who recognize my handle, you probably already know that I'm studying for my CCNP, and on the side knocking out small entry level certifications like sales certifications or field technician certifications.

I come from a security background, I studied security college, and am an active member of my college's cyber club.
I goto security conferences and compete in local cyber defense competitions.

As I'm trying to keep myself awake through CCNP and some CCDA, I keep thinking about security.

That being said I CAN'T WAIT until I start studying for CCNP Security!!

My Teacher Mike Crane who has 5 CCIE's, has told me that I'm so passionate about it, maybe I should just skip and go straight for it, since I already have my CCNA Security.

I've been told to go for my CEH and CISSP before, but I don't think I'm ready for anything like that. Those are for after CCNP Security.

I already purchased my CCNP Security OCG off Amazon, including the latest IPS that was recently released.

I own a IPS4240 already, (long story), and am about to purchase an ASA5505.

If you guys have any recommendations for me on which test to take first, or what other hardware I should pick up, that would be GREAT, and much appreciated!

For now this was merely an introduction... I'll be popping in these threads to take my mind off of CCNP or CCDA stuff.

again... CANT WAIT!

Find more posts tagged with

Comments

Bl8ckr0uter

First, I have to ask about the IDS 4200.....:)

I think you should do FIREWALL first. SECURE is pretty boring imo and FIREWALL and VPN seem to be more exciting. CEH studies might make you CCNP:S more interesting since you will be able to tell the "why" and "hows" of implementing security which (imo) a big part of the problem with security vendors. They say, well do this and you don't get a slow path dos attack. My first question is how are people doing a slow path dos attack and what does it look like on the network? A lot of that comes with self study but I wish vendors would teach that kind of stuff.

In my studies so far there have only been a few things that I did not know from my CCNA studies (cef being the main one). I think it is entirely possible to do CCNP:S before CCNP (I am going this route). I think the main reason why people say do CCNP before is building your networking foundation. You can only provide a security solution that is as deep as your understanding of the technology you are trying to secure so just keep that in mind (the same thing goes for Design which is why I would do that last after CCNP:S and CCNP).

xirtlook

well if you must know...

about a year ago, my school participated in a Cyber Defense Competition down in Chantilly, VA.
It comprised of 4 colleges that were invited, that seemed impressive in another Cyber Defense Competition.

So we showed up almost 2 hours late, but we were quick to defend our network. I immediately hopped on the ASA5505 Firewall and went to town on the ACLs via CLI. (not a big fan of GUI). So we were actually in first for a while. I even started negotiating with other schools to show them the correct syntax for access-lists if they showed us how to some things in vmware esx. Anyways, I got a lil too fancy with the egress filtering so another school beat us, and we took second place. In anycase, all the participants got to keep the laptops we were working on. What a pleasant surprise! New Dell Vostro laptops.

Heading back home my Instructor offered me a trade, because I had mentioned that I wasn't sure what I was going to do with the laptop. He said he has a few switches and routers. I said that I already had switches and routers. He said what about a Cisco 4240?'. "Hmmmm... Cisco 4240?" I said. I wasn't sure what he was talking about at first. He said yeah, a Cisco IPS 4240. I told him I would think about it. (this gave me time to google it on my iphone on the way home). After realizing what it was, I was like "wait a second, you want to trade a laptop for an intrusion prevention system!?!?" He said yeah... he had no use for it. It was given to him as a gift, and he couldn't sell it, and wasn't going to do anything with it, it's collecting dust.

He said he knows that I'm really into security, I really showed skills with the firewall, and think it would be in good hands, just had to promise to never sell it. He could really use an extra laptop. So I definitely made the trade. I upgraded the memory and installed all the updates and added a few extra programs tho, just so I didn't feel so guilty trading a little 400-500 laptop for a $6k+ Cisco IPS, LOL.

So when I went to pick it up, he also gave me an extra 2621 Router he had laying around as well. I am only just now starting to play with my IPS. Learning how to navigate through the different modes. I changed the hostname to SkyNet lol.

I have the latest IOS and Signatures downloaded via Cisco with my CCO account, so I'll be uploading that when I have time. My instructor even let me borrow an ASA firewall for almost a year. BTW- I learned how to configure ASA firewall by using NSA's Security Guidelines, and google.

Wasn't until I took a Firewalls course at my school that I learned how to better my ACLs and establish NAT on them.

Before I returned my ASA before the next semester of Firewalls course, I was working on spanning/mirroring traffic and sending into to a syslog server and wireshark box. I tried to get my Snort to work, but I was just learning snort at the time, and most of which we learned was Post-Analysis f pcaps,

I plan on purchasing 2 ASA5505's here at work, so that I can try to do failover (if its capable.. never looked into it), and get it to work with my IPS, if I ever get that up and running. I dont have a smartnet contract for it, or a PAK.

I want to learn how to write my own signatures for the Cisco IPS anyways. All this is going to be a year or two down the line tho. No rush.

At the very least, Since this isn't going to be in production and is just a home lab/experiment, I can try to download Snort rules, try to write a script that converts them into a Cisco syntax? theoretically possible right?

that requires I learn how to script, so I picked a bunch of books up on Python. I have a lil bit of a programming common sense, but I dropped the course before I could even finish. (C++). I did really well at Shell Scripting in my Linux class tho.

I do agree tho, I think CEH could only help my understanding of what I'm protecting. I also think seeing what actually runs in the real world environment helps too... CCNP has opened my eyes to so much already. BGP, Route-Maps and Redistribution. I think the only thing that is feeding my drive right now is Prefix Lists, Distribution Lists, its kinda like security, in that it filters out routing updates.

So yea, I'm a lil bit of a security nerd... will I fit in here?

alan2308

xirtlook wrote: »

So yea, I'm a lil bit of a security nerd... will I fit in here?

Yea, I'd say so.

Bl8ckr0uter

Cool. I don't think 5505 will do it without a license. Oh and yea I hear you on the R/S studies.

Maced129

xirtlook, i sent u a PM

Turgon

xirtlook wrote: »

For those who recognize my handle, you probably already know that I'm studying for my CCNP, and on the side knocking out small entry level certifications like sales certifications or field technician certifications.

I come from a security background, I studied security college, and am an active member of my college's cyber club.
I goto security conferences and compete in local cyber defense competitions.

As I'm trying to keep myself awake through CCNP and some CCDA, I keep thinking about security.

That being said I CAN'T WAIT until I start studying for CCNP Security!!

My Teacher Mike Crane who has 5 CCIE's, has told me that I'm so passionate about it, maybe I should just skip and go straight for it, since I already have my CCNA Security.

I've been told to go for my CEH and CISSP before, but I don't think I'm ready for anything like that. Those are for after CCNP Security.

I already purchased my CCNP Security OCG off Amazon, including the latest IPS that was recently released.

I own a IPS4240 already, (long story), and am about to purchase an ASA5505.

If you guys have any recommendations for me on which test to take first, or what other hardware I should pick up, that would be GREAT, and much appreciated!

For now this was merely an introduction... I'll be popping in these threads to take my mind off of CCNP or CCDA stuff.

again... CANT WAIT!

Why not go straight to CCIE security? If you are lucky enough to have Mike Crane as a mentor then with your desire to learn this stuff you have a lot going for you. Invest in the INE CCIE security workbook, grab some racktime and start configuring INE scenarios. If you do that for a year and pass the CCIE security written test you will learn a great deal. It would make you an attractive hire for busy people like me who need people to take care hands on of firewall elements in our infrastructure.

After a year of CCIE security studying you will be very employable. You can then either cakewalk the CCNP in security or press on to CCIE security lab in 2013.

xirtlook

Turgon wrote: »

Why not go straight to CCIE security?

I feel like this is one of those learn how to crawl before walking, and you think I should try running lol...

I did talk to a gentleman that is studying for his CCNP Security, and he picked up CCIE Sec books. He said it has helped him out alot.

Might have to look into this... but for now I think I'm going to keep CCIE up the pedestal lol.

Bl8ckr0uter

I love the way Turgon makes it sound like going to the store. Honey bring me back a stick of butter and a CCIE Security. Oh and maybe some cream soda. lol.

I keep battling with the same thought. I want to work in security so why not? I talked to Ahriakin‎ privately in the past and he seems to think it is possible (hell, he did it: http://www.techexams.net/forums/ccie/36057-ccie-sec-lab-diary-how-make-ahriakins-brain-implode.html).

After CCNP:S I do want to look at the CCIE Written and see how close I am to passing it.

xirtlook

Turgon wrote: »

Why not go straight to CCIE security?

My coworker just came walking by and saw that I have my CCNP Security books, and that I'm studying CCNP R/S... and asked me why dont I just go for CCIE Security?

I was like huh? He was like yeah you know theres no pre-req that says you cant... it makes more sense to just skip it.

he was tellin me about a previous employee who picked up a job here after he got his CCNA, and then left to do a nighttime NOC job, where he had all the time in the world to study and play with a security rack/equipment. he self-taught and went straight for his CCIE R/S, left there to goto another company, went for his CCIE Sec, then came back here, became the director of our security dept, and now he works for cisco's security team or something.

pretty inspiring... who knows. for now, I just want to get CCNP R/S out of the way lol but yeah.. can't wait

Bl8ckr0uter

So he went from CCNA to CCIE:R/S? That's hardcore.

xirtlook

indeed it is, they called him doogie howser around here. wish I knew the guy, seems inspiring.

but he went from working from a noc, to a cisco partner to another cisco partner, then back to a cisco partner, and now works for cisco.

so I think he had all the right resources and opportunity to succeed.

nicklauscombs

xirtlook wrote: »

My coworker just came walking by and saw that I have my CCNP Security books, and that I'm studying CCNP R/S... and asked me why dont I just go for CCIE Security?

i considered bypassing the CCNP: Security and going right into CCIE studies but the four exams will give my studying structure, i'll have to learn all of the CCNP level material anyways, and it nets me another professional level certification along the way. doesn't make much sense to me to skip it unless you have lots and lots of experience.