CCSA Opinions

xaxxax Member Posts: 41 ■■□□□□□□□□
Hi, i would like some opinions about CCSA. I've not experience with CheckPoint devices but I would like work into network/security field, such as firewall, VPN, IDS/IPS configuration and monitoring.

If after sec+ I'll take a CCSA, is a good thing or are there better certifications for put a food in a door?

Sorry for my english :)


  • netstatnetstat Member Posts: 65 ■■□□□□□□□□
    IMHO if you would like to have solid security foundations, I would recommend you get your hands dirty with some old Cisco gear first, given you have your CCNA. Start by turning a router into a stealth firewall (which is what a PIX is more or less). Once done, move on by setting up a DMZ for your router (now firewall). You can also try setup a site to site VPN with the router or grab a couple of old PIXs from ebay (if you get the right PIX model, you should also be able to upgraded it to an ASA version 8 equivalant - not the latest but it works very well for learning)

    You should also try some Linux distributions in your home lab and try setup Snort. If you are entering the security world from a networking world, ensure you know your networking basics very well or else you will not survive in a real environment.

    Once you have obtanined a solid foundation in network security, CCSA would be fun as you will appreciate what check point is all about. It also depends on what your firm uses though. Either or, it is always best to move along with what your firm uses.
  • xaxxax Member Posts: 41 ■■□□□□□□□□
    I've not a real experience in networking. I am a software developer and I would like change...In my lab I already setup Snort and played with it.
    Study, practise...Study, practise in home lab and -> CCSA. And get a job as network/security technician :)
    Even the CCNA Security is an option, but I see more requests for CheckPoint in firewall/vpn ecc. field.
  • sojournsojourn Member Posts: 61 ■■□□□□□□□□
    I think a CCNA Security exam will be more beneficial than the CCSA.

    The CCSA is an odd exam. It does not reflect the real-world use of Check Point products, in my experience in using Check Point for 5+ years. It is targeted at people who may work for a small company and run the whole IT infrastructure, part of which may include a Check Point firewall or two. It isn't relevant for someone who works in a larger team for an enterprise running clustered setups, or at least wants to work in an environment like this.

    I would recommend using Cisco equipment to understand how a firewall works. Building a VPN between Cisco routers or firewalls, and running the debug commands associated, will help you gain a much better understanding of IPSec / IKE config and negotiations.
  • xaxxax Member Posts: 41 ■■□□□□□□□□
    Very useful informations. Thanks.
    As first certification in security field I decided for security+, I think will take it in the first week of November.
    I did not like it, no much technique.

    At this point I am undecided between CCNA Security and eCPPT (as a preparation to OSCP).
    Very different certs...I know.
  • SephStormSephStorm Member Posts: 1,732
    Depends where you want to go. It sounds like you are heading down a netdefense path, where the CCNA Sec would be more beneficial. If you want to do penetration testing then you can work towards OSCP.
  • xaxxax Member Posts: 41 ■■□□□□□□□□
    Thanks for your reply.
Sign In or Register to comment.