What hardware and software for my studies?

Some time in the next six months I plan to take a course for the CCNA-Security certification. In anticipation of that I'm doing some research on what kind of hardware, real or simulated, I'd need to best prepare for the exam.

What I have now in Cisco hardware is close to a dozen 2500 series routers, two 2620 routers, two 2950 series switches, and a 3550 switch. I have some other Cisco stuff but I think that stuff is too old to be concerned about, the stuff I listed is already digging pretty deep in the layers of time. In software I have Boson NetSim 8.0. I haven't taken the time to really dig into it but it was recommended by the people running my training and they got it for me.

I guess I need to give some background on where I am to give a better idea on what I'm looking for. I'm in a program through Veteran Affairs to help me find a better job in IT. They've paid for my training and certifications so far and they have already agreed to pay for what I need to get a CCNA-Security certification. They've paid for most of the hardware I listed and all the software. They will pay for classroom training but it's not likely they will buy videos or online training. They might buy some books but as I understand it the books have to go along with the classroom training.

Paying for the materials needed out of my own pocket is something I'm willing to do but I'd have to be convinced that it's worth my money, just like how the VA has to be convinced that what they are paying for is worth the taxpayers' money. I bought all the Cisco hardware myself not expecting anything from the VA to reimburse me, it was months after that I was told I could apply for reimbursement. They paid for most of it only because I could not find the paperwork for one order I made. Better than nothing since I was expecting nothing.

Experience tells me that I learn best when given some hands on time before class to get an idea of what I'm getting into and what I don't know. After the class I'll need more hands on time to get the information to "stick" in my head for the test. This method is not foolproof since I have not yet passed the ICND2 exam. I'll be studying for that as well.

I realize I'm getting a bit wordy here so I'll wrap up with my questions.

What hardware and software do you recommend adding to what I have to study for the IINS exam? Preference will be for what's worked for me in the past and what the VA will pay for.

I've already had some recommendations on some hardware but I'll keep that to myself to avoid confirmation bias and, honestly, because I don't recall them right now. I have a head cold and the medicine I took is fogging my memory right now.

Are there some other things besides hardware and software, and the classroom training, that you might recommend? This stuff I'd likely have to pay for myself so it will be a harder sell. I'll get it if I'm convinced it's a value add.

Thanks so much. Everyone here has been so helpful in the past and I really appreciate that.

Find more posts tagged with

Comments

YFZblu

As someone who purchased an ASA 5505 for the CCNA: Security certification I can confidently say this: Your CCNA lab will do just fine. You do not need to toss more money at the situation. GNS3 will simulate the ASA appliance.

My lesson learned from CCNA: Sec - Pay close attention to the Cisco exam objectives and you will quickly see what Cisco wants you to know how to configure in a lab simulator. Spending too much time figuring out how to obtain an Access Control Server, IDS/IPS device, etc. is just a waste of time.

Now if we were talking CCNP: Sec, you would need deep-dive hands-on experience with everything. But in my experience CCNA: Sec is just an introduction. Good luck, it's a fun little track.

MacGuffin

Does GNS3 emulate the ASA appliance without a ROM image? I know that getting a ROM enters into a legal gray area so I won't ask how you did your simulations. I just recall issues with GNS3 and loading the ROMs before. I don't recall the conversation exactly that led to the Boson Netsim software but I do recall a mention of hardware limitations and simulator issues leading to that purchase. That software also lead to the purchase of a new laptop to run it, Windows 7, 16GB RAM, and quad core Intel i7.

Running GNS3 is an option, I certainly have a computer capable of running the software and emulating a sufficient number of devices. I'm not sure I'll be able to emulate the right kind of devices. Perhaps you could provide some links to places that can walk me through this some?

I do intend to continue my studies through up to the CCNP level at some point. I think I need to get my foot in the door at some network engineer position for that to happen. I took the CCNP coursework before I realized that it was intended for people with years of Cisco experience. It's possible, I suppose, that I could get enough hands on experience with self study but I think I'd want real hardware for that. Simulations can only go so far, some stuff takes real hardware.

Anything besides the ASA5505 that comes to mind that might be helpful?

YFZblu

Ah, I almost forgot - You will definitely want to download Cisco Configuration Professional (CCP) which is freely available on their website. CCP is the replacement for Security Device Manager (SDM). It is important to note not all devices are compatible with all CCP features, especially the older stuff typically found in Student labs. I found that my Cisco 871 router was fully compatible however.

MacGuffin

YFZblu wrote: »

Ah, I almost forgot - You will definitely want to download Cisco Configuration Professional (CCP) which is freely available on their website.

It appears one needs a service contract to download this software and I don't have one. Perhaps I'm missing something. Maybe I should stop searching for this stuff after taking cold medicine. My cold is getting better, perhaps I won't need it tomorrow.

Looking a bit closer at my hardware, and doing some more searches, I've come to some conclusions and have more questions. First thing is that I neglected to mention before that I have a 2610XM router. My 2610XM and my two 2620 routers all have 64MB RAM. I think that's right, I've also concluded I spent too much time away from my Cisco rack. Is this enough RAM? What version of OS should I have as a minimum?

My 3550 switch has 64MB RAM and my two 2950 switches appear to have 20MB RAM. Same questions here, is this enough RAM and what OS should I have?

I'm thinking that for the IINS test I can ignore my 2500 series equipment. They are just too old. Well, I might use them for some stuff but they are not going to be critical parts of the network.

I've seen many posts on this site and elsewhere that recommend an ASA 5505, others that claim it's required, and others that claim it's unnecessary. Some will claim that the ASA 5505 (or its big brother the 5510) is the ONLY piece of Cisco gear needed. I'm so confused. Part of the confusion is from the change in the topics on the new version of the IINS exam, some people are still talking about the old exam. There's also the cold medicine adding to the confusion.

I'll try to sum it up here and get some sleep. What I have and plan to use:
- one 2610XM router, 64MB RAM
- two 2620 routers, 64MB RAM
- one 3550 switch
- two 2950 switches

What I might need or want:
- one ASA 5505
- Cisco Configuration Professional

I'm pretty confident I have what I need. I just want to verify that the OS on the routers is sufficient, what should I look for?

Diggs

You don't need a service contract to download CCP - just need to log in I'm pretty sure.

I know I was able to download it and get it working fine without a service contract.

You'll want to download version 2.6 (the PC version) from their site, not 2.7

Cisco Systems

MacGuffin

Diggs wrote: »

You don't need a service contract to download CCP - just need to log in I'm pretty sure.

I know I was able to download it and get it working fine without a service contract.

I believe I created an account some time ago. I'll have to track that down and download it then.

Diggs wrote: »

You'll want to download version 2.6 (the PC version) from their site, not 2.7

Cisco Systems

Why version 2.6? Something wrong with version 2.7?

Looking at the documentation for CCP I see that my routers are not supported, should that concern me?

MacGuffin

Let's not forget I have Boson NetSim for CCNP 8.0 available to me. Here's the list of emulated devices:

What devices are supported by NetSim 8?
NetSim 8 simulates the following 54 devices.

5 different computers:
- PC Workstation
- Traffic Generator - TFTP server
- VPN Client - AAA Server

7 different Cisco switches:
- 1912
- 2950
- 2960-48TT-L - 2960-24TT-L
- 2960-8TC-L
- 3550 - 7961 IP Phone

42 different Cisco routers:
-801 -802 -803 -804 -805 -806
-1003 -1004 -1005 -1601 -1602 -1603
-1604 -1605 -1710 -1720 -1721 -1750
-1751 -1760 -2501 -2502 -2503 -2504
-2505 -2507 -2509 -2513 -2514 -2515
-2516 -2520 -2521 -2522 -2523 -2620
-2621 -2610 -2611 -2811 -3620 -3640

Which devices in the list above would be suitable for a CCNA Security lab? Which one's are unsuitable? Is there something missing from the list that would make this software unsuitable for a CCNA Security lab?

Perhaps a better question, how can I tell if the emulated devices in NetSim support the features I need to do CCNA Security labs? The devices in NetSim are not the real thing, they are approximations of Cisco devices that Boson created.