Thoughts on Cisco security tracks
vinbuck
Member Posts: 785 ■■■■□□□□□□
So i'm flirting with the idea of doing CCNA+NP Security before I start down the lonely CCIE road. Mainly because I'm doing a ton of ASA work now and don't have much background in it other than very plain configs.
The blueprint looks promising to become well versed in the ASA and IOS security. I'm really looking at this as knowledge and experience first and resume fodder a distant second. How would you guys rate the value of these certs?
The blueprint looks promising to become well versed in the ASA and IOS security. I'm really looking at this as knowledge and experience first and resume fodder a distant second. How would you guys rate the value of these certs?
Cisco was my first networking love, but my "other" router is a Mikrotik...
Comments
-
astorrs Member Posts: 3,139 ■■■■■■□□□□Personally I think ASA is crap compared to much of the competitions offerings - but with that said there is an absolute ton of it out there in the wild. Same goes for their IPS line - garbage compared to SourceFire, NitroSecurity, etc. - but hundreds of thousands of sensors in production.
They got lazy in the security market for quite a while and focused R&D elsewhere or had some missteps/slow-to-market problems - now they're playing catch-up. There are however some hopeful signs over the past year or two with changes in BU leadership and renewed R&D (as a result of market share losses).
So while that probably comes across as negative, the reality is from a career path it's worth knowing as you are extremely likely to run into it - especially in environments where Cisco is the choice for R&S (which is still very strong in most Enterprises). -
Mike-Mike Member Posts: 1,860I am currently studying the CCNA Security, and i'm sure it would be easy for you if you're already a CCNP. Pretty short book, doesn't seem to get too deep into stuff reallyCurrently Working On
CWTS, then WireShark -
wave Member Posts: 342I'm in the same boat as you vinbuck. I actually started to studdy for the CCIE R&S but then got a new job where I'm working with the ASA and other security appliances most of the time. Holding off on the IE and going for the NP Security is feeling like a better plan right now. I agree with you about not doing it for the letters. It's great to have a framework like the CCNP Security track to build knowledge from.
ROUTE Passed 1 May 2012
SWITCH Passed 25 September 2012
TSHOOT Passed 23 October 2012
Taking CCNA Security in April 2013 then studying for the CISSP -
bighornsheep Member Posts: 1,506Definitely a good idea to be well rounded, Cisco certs are now very much lined up with the technology tracks, but in the real world, unless you're with a huge organization, you need to know basically RS, Security, and Voice to various extent. It's too bad they got rid of ONT and ISCW in the CCNP track, I think those were great exams to learn the basics of other non-RS topics at the CCNP level.Jack of all trades, master of none
-
chrisone Member Posts: 2,278 ■■■■■■■■■□Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
vinbuck Member Posts: 785 ■■■■□□□□□□Ok, ok....y'all talked me into it
I'm currently reading the OCG for 640-554 for the CCNA Sec and will probably jump on the CCNP Sec VPN exam as soon as the NA is out of the way. I've been on a long break since getting CCNP RS earlier this year and am ready for more Cisco examsCisco was my first networking love, but my "other" router is a Mikrotik... -
dover Member Posts: 184 ■■■■□□□□□□I'm doing the CCNP Security track now. What astorrs says is true - some of the Cisco security devices aren't the best-of-the-best but there are a ton of them out there that need to be managed. Let's face it, most people buy Cisco for the name.
I'm working on the VPN exam myself at the moment - although I enjoyed Secure and Firewall much more...
Also, gotta second Bighorn's thought: In the real world if you have a good general knowledge of R/S, some security and a sprinkling of voice and wireless you will have a solid foundation and be in demand.
I'm actually doing the opposite of your track. Getting CCNP: Security, then going after the CCNP: R/S and then MAYBE CCIE: Something-er-other -
viper75 Member Posts: 726 ■■■■□□□□□□I'm doing the CCNP Security track now. What astorrs says is true - some of the Cisco security devices aren't the best-of-the-best but there are a ton of them out there that need to be managed. Let's face it, most people buy Cisco for the name.
I'm working on the VPN exam myself at the moment - although I enjoyed Secure and Firewall much more...
Also, gotta second Bighorn's thought: In the real world if you have a good general knowledge of R/S, some security and a sprinkling of voice and wireless you will have a solid foundation and be in demand.
I'm actually doing the opposite of your track. Getting CCNP: Security, then going after the CCNP: R/S and then MAYBE CCIE: Something-er-other
Haha...I'm doing the same thing as you. NP Sec 1st then NP R\SCCNP Security - DONE!
CCNP R&S - In Progress...
CCIE Security - Future... -
wintermute000 Banned Posts: 172from skimming the material, if you're going to be knee deep in ASAs then sounds like a good plan.
I have a heavy R&S and voice background but ended up in a few jobs requiring in depth ASA knowledge so had to google-fu or swim lol, it was pretty brutal at times but fortunately I knew IPSEC/vpn back to front on IOS (old environment had a boss who loved IOS and hated ASAOS!) so it was more a case of learning the ASA syntax than anything else. Now going down the CCNP Sec route for this reason.
Yah juniper/palo alto etc. beat the pants off ASA but a lot of this knowledge is transferrable, esp in large environments its usually installed by the vendor then you just manage the damned thing via some GUI like juniper NSM anyway.