CCIE-Security or CISSP

TonyATL

My plans were to start the CCIE Security track next year. I was talking to a fellow Network Security Engineer about my goals of stepping into the security side of IT. I was told that there is more of a demand for CISSP than a CCIE-Security. Also from what I read in some other posts, the CISSP is more general and covers greater ground. The CCIE-Security is very Cisco specific and deals mostly with securing the network’s core and distribution layers. I’m now having second thoughts on deciding on which route to go. Any suggestions?

Thanks

keatron

It really depends on what you want to be doing, and what's in demand in your area. CCIE is more technical and more specific to network and telecommunications security, CISSP covers this and 9 other areas of Information Security.

The CISSP domains are:

Access Control Systems and Methodology

Applications and Systems Development Security

Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)

Cryptography

Law, Investigation and Ethics

Operations Security

Physical Security

Security Architecture and Models

Security Management Practices

Telecommunications and Network Security

garv221

I don't know anyone who will frown on a CCIE. A CCIE carrys its own weight and you get a job soley on that Cert. CISSP is top notch cert as well, but I'm not sure if has as much clout as CCIE. My solution....Get them both.

darkuser

I'm a cissp.
I believe it's easier then ccie-s.
most people get the ccie-r&s before ccie-s.
personally I know ccie's who have failed security

Ten9t6

This really depends on what you want to do. If you want to be working with Cisco gear all the time doing security, then go for it. This is a very hands on cert, as is all CCIEs. The CISSP is a security management certification. While the CISSP exam was a very long exam, I don't think it is going to come close to comparing with one of the LABs. So, this all depends on what you want to do with your life. Either way you go, doors will open for you. And both take quite a bit of time to prepare for.

Kenny

keatron

Exactly,

Ten9t6 is confirming what I said. By all means if you have the time, resources, and mental capacity, go for both. A CISSP who's also a CCIE will definantly carry a lot of clout in telecom. But if you're going to be doing Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP), operations security, or security management, or specialize in law, investigation and ethics, I doubt ccie will do you much good at all. If you're an expert witness in a law case concerning misuse, ****, or digital copyrights, who cares if you're a ccie. So again, it's all based on where you're trying to be.

I just hope human resources doesn't start doing their normal song and dance and start helping screw up the validity of CISSP and CCIE. We did a policy audit for a H&R consulting company a few weeks ago. One of the ladies asked me about CISSP and what did it have to do with security policies. After explaining to her the relevance and connection, she says, " I think we're going to put that in the requirements for our PC Technicians" I almost choked!!!! The thing that scares me most is she didn't even bother asking me how to get the CISSP or what the requirements were.

TonyATL

Thanks,

The information given helped alot. I think I'm going to stick with the CCIE-S track since I already have experience in the Cisco WAN enviroment. I guess I have a long road ahead of me.

Ten9t6

keatron wrote:

One of the ladies asked me about CISSP and what did it have to do with security policies. After explaining to her the relevance and connection, she says, " I think we're going to put that in the requirements for our PC Technicians" I almost choked!!!! The thing that scares me most is she didn't even bother asking me how to get the CISSP or what the requirements were.

Haha...did you explain to her how much she was going to be paying her PC Technicians? Tell her I will be a PC Tech for the right price...haha..HR people kill me...

Kenny

darkuser

Ten9t6 wrote:

keatron wrote:

One of the ladies asked me about CISSP and what did it have to do with security policies. After explaining to her the relevance and connection, she says, " I think we're going to put that in the requirements for our PC Technicians" I almost choked!!!! The thing that scares me most is she didn't even bother asking me how to get the CISSP or what the requirements were.

Haha...did you explain to her how much she was going to be paying her PC Technicians? Tell her I will be a PC Tech for the right price...haha..HR people kill me...

Kenny

maybe they'll have an audit as to why they can't hire any "pc techs"
or they'll be paying they're "pc techs" 80-110k

keatron

I agree with both of you guys. I think the problem is these HR people go out and do "surveys" asking what are the top IT Certifications. Often enough the answer ends up being MCSE, CCIE, and CISSP. So they take this for word, and include it in their job ads. It's unfortunate that IT, Infosec, and programming are all still just a big dark cloudy mystery to most IT folks. On the El (Chicago's public transit train) the other day I listened to a lady tell me why us IT Security people are over paid because her son has been a security guard for 3 years and he only makes $13 per hour. Hang on for the ride guys, because as Infosec, auditing, risk management, and physical security continue to integrate more and more these people are only going to become more and more confused.

rossonieri#1

keatron wrote:

I agree with both of you guys. I think the problem is these HR people go out and do "surveys" asking what are the top IT Certifications. Often enough the answer ends up being MCSE, CCIE, and CISSP. So they take this for word, and include it in their job ads. It's unfortunate that IT, Infosec, and programming are all still just a big dark cloudy mystery to most IT folks. On the El (Chicago's public transit train) the other day I listened to a lady tell me why us IT Security people are over paid because her son has been a security guard for 3 years and he only makes $13 per hour. Hang on for the ride guys, because as Infosec, auditing, risk management, and physical security continue to integrate more and more these people are only going to become more and more confused.

thats what happened these days... :P
NEED A NETWORK/SYSTEMS ENGINEER with CCIE, CISSP, MCSE, RHCE etc etc etc etc.
CAN DO THIS,THAT,THESE,THOSE WILL BE AN ADVANTAGE..

Slowhand

You're not kidding. I've even seen web design positions and graphic design say things like "Preferred: CCNA, MCSE, etc. . .". Hell, I even saw one job that was, seriously, just writing HTML and CSS, that required Net+ and asked for Security+, MCSE, and some ridiculous number of years programming C++ as "recommended".

TheSummoningDark

I remember once being beaten out for a web design gig by a person who had sme mediocre skill in PowerPoint. I, to this day, have absolutely no idea why. He wasn't my match in X/HTML, CSS, Graphic Design or any other relevant aspect of web design, nor could he work in a server-side development language. He took 45 minutes longer than me to complete the design exercise and even then what he produced worked only in IE, and broke in any real browser. It totally mystified me. But, then, the thoughts of HR people always have and always will. To understand then I'd have to be one of them, and that's an area I am staying well away from.

crap I forgot my old pwd

wow, this is old but, Keatron, it is funny. I was on the el like 3 days ago and heard the SAME thing. lol

keatron

crap I forgot my old pwd wrote:

wow, this is old but, Keatron, it is funny. I was on the el like 3 days ago and heard the SAME thing. lol

Yeah if you hang out on the El much around the Loop, you'll hear stuff like this all the time. Our corporate headquarters are located at 150 N. Michigan (in the building shaped like a kite at the top), You wouldn't believe some of the crap I hear everyday on my way to and from work. Last month some guy was in our offices hounding my secretary about how easily he could hack any network downtown. After I was finally free she sent him to my office. When he looked on the wall and saw CISSP amongst other certs, it appeared he was about to wet his pants.