Network Security Path

Madmd5

I want to get more involved in network security and I see myself in a career in network security long-term, possibly in either intrusion detection or analysis. I plan on enrolling at WGU in the fall of 2013 in B.S. IT - Network Administration. I also plan on obtaining a few certs in the meantime so I can get accepted. Is this major the correct plan for careers in network security? or would the B.S. IT - Security be more beneficial to me? Any advice or input is greatly appreciated thanks!

f0rgiv3n

In order to really understand network security you need to understand networking in general. My advice would be to build your foundation in networking and keep your end-goal with network security. This is exactly what I've been doing and you have the same goals that I do.

There's different ways of getting there but I chose to get a big picture of what's going on in the network world before diving into the nitty gritty of security. By doing this I feel that it gives me an advantage over those who only know the key words (examples: brute force, VPN, AES256, etc...) If you build that foundation you see how all these things fit in place and it influences any decisions you make in your job. It could also help you obtain a job faster. Getting a "beginner's" job in 100% infosec is EXTREMELY difficult (the proof of that is the number of inquiries on this forum of how to "get into infosec").

In my mind, I would start out with pursuing your CCNA and go from there.

Madmd5

Thanks for the advice forgiven, would you also recommend N+? or just dive into CCNA? CCNA is offered in both degrees at WGU I'm considering, but N+ is not so i'm debating on obtaining it on my own time.

YuckTheFankees

I would study for the CCENT/CCNA and JNCIA, study Linux (all of my networking jobs have asked Linux cmd questions), get a NOC tech position (work there for 1-3 years), and at this time you will have a "decent" foundation to start applying for security jobs. <--- This is the exact path I took and I just landed a security job last week.

f0rgiv3n

Some people have strong opinions regarding N+ but I actually think it's beneficial. The most beneficial part is the knowledge you gain not necessarily the credentials it gives you. N+ would give you a good solid understanding of the hardware involved and a high level view of networking. It could be a good way to start out since it won't take you very long. I recommend, going for it!

Madmd5

So focus on Linux and obviously vanetworking certs. what about Microsoft? any value to them too?

xza

I just got the CCENT last month and I have until June 16th to use my ICND 2 voucher. I am starting a desktop support job the first of March so I figured I'd try to get my S+ prior to actually starting the job. Is this a good idea? I can nab it for like $220 with a voucher. (I read a few different linux books in my free time since the job runs red hat on their servers)

docrice

Depending on the organization and the scope of the role you get into, network security requires more than just the traditional routing / switching / traffic analysis skills, but also increasingly additional related context, especially when it comes to intrusion detection. That includes an understanding of operating systems, user behavior, how applications function, and a lot of other generalized IT knowledge.

I work as a network security engineer and if I didn't have both a Windows and Linux background as well as other network admin-centric experience to draw upon, I would find it much harder to frame my analysis of events within a practical perspective.

Certs are fine as goals since studying for the exams provide a good learning structure, but you really need to go above and beyond what's outlined in the textbooks. In my opinion, there's too much emphasis on passing the exams and getting a few letters behind your name rather than digging deeper on your own and applying the knowledge, reaping the wisdom that comes with it.

xza

Thank you!

Madmd5

Do you suggest Juniper before or after the Cisco certs? Since I'm receiving the certs via my degree program and that's being paid for, I think it would make sense to wait until after I graduate until I start looking into the Juniper certs?

Xyro

I would go for the B.S. IT - Security & cover the N+ and CCNA material to be certain I had a firm foundation on Networking, itself. I would hold off on the Juniper certs.

Madmd5

You're saying go for the N+ on my own? cuz idt security emphasis offers N+ as a cert in the program. only the regular IT does correct me if I'm wrong

YFZblu

docrice wrote: »

Depending on the organization and the scope of the role you get into, network security requires more than just the traditional routing / switching / traffic analysis skills, but also increasingly additional related context, especially when it comes to intrusion detection. That includes an understanding of operating systems, user behavior, how applications function, and a lot of other generalized IT knowledge. I work as a network security engineer and if I didn't have both a Windows and Linux background as well as other network admin-centric experience to draw upon, I would find it much harder to frame my analysis of events within a practical perspective. Certs are fine as goals since studying for the exams provide a good learning structure, but you really need to go above and beyond what's outlined in the textbooks. In my opinion, there's too much emphasis on passing the exams and getting a few letters behind your name rather than digging deeper on your own and applying the knowledge, reaping the wisdom that comes with it.

This. I recently started as a Security Analyst and in a thread I made several weeks ago I made the point that none of my security-related certs really helped me in my current position (Sec+, CCNA: Sec). In my position, which is primarily SIEM monitoring, it is important to understand standardized security methodologies, web application communication, incident handling, reporting, etc. That being said, TCP/IP is a great place to start. Cisco does a pretty good job of introducing TCP/IP, so that can be an option. Good luck.

Xyro

I'm saying know the material for a firm foundation in & understanding of Networking itself. That's why I recommend studying the N+ & CCNA material.

The understanding is what's crucial here.

You could then opt to not take the N+ exam (although it's a good resume "pad") ... but I would highly advise you do get the CCNA cert.

TheCudder

Madmd5 wrote: »

You're saying go for the N+ on my own? cuz idt security emphasis offers N+ as a cert in the program. only the regular IT does correct me if I'm wrong

I'm currently in Desktop Support and I'm considering breaking off into Information Assurance / Information Security Analyst work (assuming these are interchangeable titles??) I figured you would need to focus on certs like CISSP, CEH, GIAC? Not CCNA???

YFZblu

TheCudder wrote: »

I'm currently in Desktop Support and I'm considering breaking off into Information Assurance / Information Security Analyst work (assuming these are interchangeable titles??) I figured you would need to focus on certs like CISSP, CEH, GIAC? Not CCNA???

The above are good certs, but CCNA will introduce you to TCP/IP at a deeper level which is vital in InfoSec.

pinkydapimp

YFZblu wrote: »

The above are good certs, but CCNA will introduce you to TCP/IP at a deeper level which is vital in InfoSec.

Right. Also certs like CISSP are for later in your career when you have a few years of experience. CCNA is definitely a good way to gain a foundation of knowledge to build from. I would also agree a microsoft and linux cert would provide some additional foundational knowledge. Then once you get some experience start to look at the other certs like CISSP, CEH....

docrice

I don't think the CCNA really covers TCP/IP very deeply at all. It's a good foundation of material to understand how routing, switching, NATing, ACLs, and other network device management activities function which all technical infosec analysts should have baseline knowledge of, but when you get into security (at least in an area which has a network-centric focus) you should understand how to read raw packets.

I've interviewed / worked with a number of CCNA-holders who couldn't explain to me how a TCP handshake really works or wireless network admins who couldn't describe the 802.11 association process. This distinguishes between people who merely know which buttons to push verses those who grasp what really happens on the wire.

YFZblu

docrice wrote: »

I don't think the CCNA really covers TCP/IP very deeply at all.

I was saying it in relation to the other certs listed by that poster - CISSP and CEH. The other poster did mention GIAC but how many people unassociated with InfoSec are getting GIAC certified?

docrice wrote: »

I've interviewed / worked with a number of CCNA-holders who couldn't explain to me how a TCP handshake really works

Well, that's really disappointing considering the CCNA covers and tests on that material.

impelse

I saw a lot security jobs asking for GIACS certifications, also CISSP.

I got a phone calls that specific said: do you have CEH? Yes or not and when I said not an also I mention I have training they said not, lol

In security CEH had low reputation but not for HR