nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Security Path here I come

RouteMyPacket

Hello All,

I've been in the game for years and always held a wide skill set (MS, Virtualization, R/S) but have now landed a focused Cisco role. I have had the good luck of working with ASA 5510's and Cisco gear over the last 5yrs and even in my new role, I am blessed with a massive environment with Active/Active 5510's, WLAN Controller 5508, 2 4507's as my core. Random 3560G, 3560 and 3750's spread throughout and of course CUCM and CCX.

I have decided on Security simply from my experience working with ASA's and my love of them. Now it is time to build a lab for home so I can fill in some grey areas in my knowledge and get prepared for sitting the tests. Even with my experience I think I want to sit the CCENT first to adapt myself to the testing world. Real life scenarios vs the way questions are proposed are quite different as we know so I need to get acquainted with Cisco's testing parameters.

Ok, on to the good stuff. While I plan to go CCENT->CCNA-S->CCNP-S (assuming you don't have to sit CCNA then go CCNA-S?) I want to build a lab that will see me through these goals and here is what I have in mind starting out

**Edit** Per Rougetadhg, looks like I will be going CCENT->CCNA->CCNA-S->CCNP?->CCNP-S (That's alot of tests and i'm crying inside now)

1 x ASA 5510
2 x Cisco 851w Routers *
1 x 3560 48 Port POE
1 x 3560 24 or 48 port non POE
1 x 4325 IDS/IPS (I understand this to perform both roles?)

* I like the 851w for the wireless functionality but at the end of the day i'm thinking two 1800's here would suffice as well.

I don't think I will be digging into the 4325 until after CCNA-S, but know it's a solid device for the Security route so might as well have it racked and ready.

I appreciate any advice moving forward. I'm pretty nervous about sitting the tests but now that I have gone 100% Cisco it's a necessity and that excites me to focus completely on Cisco instead of everything.

Thanks in advance!

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

Roguetadhg

Welcome!

You need a valid CCNA to go CCNA:S.

https://learningnetwork.cisco.com/community/certifications/security_ccna/iins?tab=1

YFZblu

Welcome! Given your experience, you might consider the composite CCNA exam, instead of testing for both CCENT and CCNA.

swild

Take a practice test. If you get a 90+ on the first try, take the combined exam. Anything less, and I would recommend splitting it in two, since it doesn't cost any more. ICND1 is pretty easy, but ICND2 kicked my ass.

RouteMyPacket

Thanks, I really appreciate the insight into the composite exam and that is probably honestly the best option for someone like me but I admit I do have "grey" areas in my Cisco knowledge.

I'd like some opinions on the lab I have chosen because I want to to get it purchased ASAP and start configuring. Then once the lab is up I would like to do as someone else suggested, take some quizzes and see how I fare. Shoot me a link if you have one and I'll try it but you have to promise not to laugh if I bomb it ok?

zrockstar

Hey RMP, scroll to the bottom of this link: How To Build A CCIE Rack | INE That is the topology for INE's CCIE lab. I think the INE lab is very highly regarded in the cert realm. Of course you don't have to start with everything all at once (although there are complete INE packages on ebay for around 2,500 - 3,000 iirc). My suggestion would be to pick and choose a few right now. The 1841's are what is recommended for Security. Obviously you will have to add the track specific items like ASA or IP phones. When I was doing the academy course for CCNA there was a lot of 3 router 3 switch labs. If I was you I would probably start by getting one of the 1841s and two of the 2610s. Then if you can afford the 3560s then go for it, but you can probably get by just fine with some 2950s for quite a while. Hope that helps.

RouteMyPacket

Ok, one last check as I am ready to pull the trigger on the following

Please tell me if I am going overboard and if so tell me how far this will take me or won't take me

3 x 851w Routers
1 x 48 3550
1 x 24 3550
1 x 24 3750

I'll wait on the 5510 for now. I see so many conflicting opinions on lab builds, wish it were clear cut for each cert level

Thing that concerns me is IOS differences, I study and work on 851's and then the CCNA composite test has 2600's or something...could be annoying and I would prefer to avoid that situation if possible so if I just need something completely different than the above, please let me know.

I have found a cheap 1841 router on craigslist so other options are available.

zrockstar

I don't know a whole lot about the 850 series, you don't see them discussed much here. I don't believe they support all IOS commands and protocols... I could be wrong though, but I swear those don't support OSPF or EIGRP or something like that. I would definitely pick up that 1841 though, you can literally use that from CCNA all the way to CCIE and everything in between. Did you check out the link I posted?

RouteMyPacket

I am leaning towards 1800 routers. I did see your link zrockstar and thank you and looking at it, it would be better to just go with the 1841's now and the 3550 and add 3560/3570 later along with the ASA 5510

I've got the following priced on Amazon now

3 x 1841 ISR's
2 x 3550 48 port
1 x On Stage Rack
1 x American DJ PC-100A Rack Mount Power Switcher

Grand Total $890

Not bad eh?

***Edit**

Gear has been ordered and i'm excited to get it all racked in and i'll post a pic once that is done.

RouteMyPacket

OK, I am done for awhile! Just bought 3 x WIC-2T's for these routers and bought assorted Cat6 cables. Someone comfort me and tell me it's ok because this gear will carry me far past CCNA

RouteMyPacket

Starting to piece what has come in together...

IMG_2925.jpg

YFZblu

Looks good! I'm jealous of your 5510

*stares at my corporate credit card*

I'm resisting the urge!

RouteMyPacket

YFZblu wrote: »

Looks good! I'm jealous of your 5510

*stares at my corporate credit card*

I'm resisting the urge!

lol...yeah having an actual 5510 in a home lab is sweet. I am actually bidding on one now and maybe tomorrow I will win it. Other then that my lab is put together now...now what? haha

One of my 1841's is v1 so no mounting holes..no biggie. Still looking to maybe add a layer 2 switch but i'm pretty set to knock the CCNA Composite out then be ready to move onto CCNA-S

So here it is today

3 x 1841's with WIC-2T and one T1 DSU/CSU WIC
2 x 3550

I've got 4 7941's on hand as well for future use and will add the 5510 ASAP or when a deal comes about.

IMG_2952.jpg