Networking with only firewall experience?

W StewartW Stewart Member Posts: 794 ■■■■□□□□□□
I'm finishing up the ccna security for wgu and it's sparked my interest in networking once again. The problem is that I don't touch routers or managed switches at my current job. Only asa firewalls and unmanaged switches along with web servers. I'd like to go for my ccnp one day but I wonder if it would even be worth it without the hands on routing and switching experience. I don't really count labbing as experience. I was also considering doing the ccnp security instead as another option since I hear it covers asa firewalls in depth. What do you guys think? Is even worth it to sit any of the ccnp exams with no direct routing and switching experience or should I consider the security path. I definitely know that if I'm going to get any more certifications in the near future it would have to be cisco.

Edit: Also do some load balancer stuff if that makes a difference but it's really only linux solutions like keepalived and haproxy. I'm still familiar with the general concepts though.


  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    At least in my role, I find it extremely important to understand the basics of routing and switching (managed devices such as IOS switches). There are organizations where you might only work on ACLs and NATs full-time and a separate networking team handles all the packet-forwarding stuff, but at the end of the day these things go hand-in-hand. Your speciality might lean towards one direction, but knowing how to manage switches and routers makes you more effective as a firewall engineer since you can better visualize how a packet travels from one end of the network to another and how it relates to the firewalls' placement in the topology.

    I think some jobs probably do pigeon-hole you into a narrower role, but that's probably at larger organizations where they have enough head count to compartmentalize staff into specific niches. One of the benefits of working at a smaller business is getting exposure to a lot of different areas and gaining a better holistic understanding of it all.
    Hopefully-useful stuff I've written:
  • W StewartW Stewart Member Posts: 794 ■■■■□□□□□□
    Yeah the company I'm working at now is about as large as any company I've ever worked at although are actual IT staff consists of probably less than 15 people in this city at least. It's not that I don't understand routing and switching, It's just the lack of hands on experience with routing and switching in my day to day job but that's probably due to me currently being in more of a systems role than a networking role. Firewall's and load balancers are just the part that keeps the role from being a narrow server support role. Maybe I should just stick to systems administration for now and consider moving into security later on since I'm currently doing the IT Security degree at wgu anyway.
Sign In or Register to comment.