Demand for CCNA: Security

SephStorm

Hi All,

Before I go blow money on training for CCNA:Security I wanted to get some opinions about it. Around the forum I see a number of people who have it, seen a few people who are not fans of it. Currently do you think there is/will be a demand for this certification? Is it really worth it? In my personal situation, I was planning a move to networking and network security before I eventually moved to IT Security. Well, I was blessed to jump up to IT Sec early, but I still like networking and the the thought of doing work with firewalls, VPN's IDS and IPS. But on the other hand, if I leave this job in a few years, unless something changes, I may be leaving with a CCENT and a CCNA:Security, (along with years of security experience and hopefully a GIAC cert or two) but no network admin/eng experience. So what do you guys think? Should I get some knowledge from the resources I have, but relegate the cert to the backburner, while focusing on skills directly usable on the job today?

Khaos1911

I'm right there with ya, Seph. I personally thoroughly enjoy the Security realm and I'm not interested in the Network admin, OSPF this, EIGRP that stuff. Bores me to tears. But I am interested in the CCNA security, I found the access List info while studying for the CCENT to be interesting and looked into the CCNA:SEC topics and found alot of it familiar and just more interesting the learning the normal Cisco Network Admin stuff.

Don't get me wrong, knowing how a network operates is vital to security, I just don't care about configuring routing protocols on routers and all that other network admin/engineering stuff....It seems the CCNA Sec is frowned upon around this site unless it is accompanied by a full CCNA, but my question to that is...What If I don't want to be a "network" guy? It would be a waste of time and effort studying for all that and never using it in my work environment to retain it, I'm in the security field as well so I'm gonna have to say the hell with the status quo, CCENT to CCNA Sec seems like a much bigger pay off in where I'm at in my career. I work for a huge Fortune 100 and we have a network Security team (my team) and a separate networking team that deal with the switches/routers and all that. So my experience may be a bit different from everyone else's. I'm working on going from CCENT to CCNA SEC, trying to get it in before GSEC and GCIH in a few months.

SephStorm

My company has a seperate security team as well, but the guys who work firewall, IDT most of them have a cert like CCNA: Security. I think one or two have a cert specific to the FW product they work with, but only one guy is the resident networking expert. If anything has to be dont on the routers and switches, it goes to the networking team.

I just came back from a brief search on dice.com, (really quick) only two of the jobs I looked at specifically requested the CCNA:S. don't know if that is indicative of anything or not.

YFZblu

It's a nice awareness certification, but that's about it for me. I'm on the analysis side of security, I don't do much engineering; the small amount of engineering I do (firewall changes, proxy changes, host isolation, etc.) already has controls in place so I either run a script or ask someone on another team to complete the task for me.

RouteMyPacket

If you consider it "blowing" your money away then I believe you have your answer. The certification is a supplement to your knowledge. "Is it worth it?" I guess that depends on the person, is a CCNA security worth it to someone who can't perform any configurations to increase the security posture of an environment versus the CCNA/CCNP Security who can and have demonstrated the ability?

If the CCNA Security gets you an interview but you blow it because well, you don't have a clue then it won't be worth it now will it? If it gets you to the table and you demonstrate solid CCNA Security principles and you get the job, I would dare say it was worth it.

CCNA is a stepping stone, a door opener but once in the door it's all on you. Only YOU can answer is it worth it or not.

Look at it this way, there is always going to be demand for competent Engineers because IT is infested with wannabes and egotistical morons.

SephStorm

In my case the certification should give me the opportunity to learn and work in an arena i'm interested in. I want to learn and work on the subjects covered by the CCNA:S syllabus. What do you think?

gc8dc95

I think that is your answer. It fits your interests and could add value.

bermovick

I'd pretty much agree with YFZ. I doubt it's ever been a factor in me getting calls for jobs, but it does let me bring a bit extra to the table.

down77

As a hiring manager I would rather see an individual with hands on experience rather than an entry level certification. While this certification does have its place in a well rounded candidate portfolio, I would recommend taking it a step further and show KSA (knowledge/skills/abilities) with Firewall, IDS/IPS, NGFW, VPN, etc. technologies.

It's great to have the certification, but better to have the experience with the technology. Save as much money as you can and gain hands on experience with ASA/Fire Eye/Juniper/Palo Alto, etc. You would be surprised what a $50 book and a little experience with ASDM/IOS security can lead to.

Just my 0.02

Master Of Puppets

When it comes to market value, the CCNA Security will be of little value to you. Use it as you already mentioned - to learn more. It is generally viewed as a stepping stone towards the NP in security which does make a difference when you are job hunting. Bear in mind that CCNA Security is entry level network security cert and serves as kind of an introduction.

docrice

If your only knowledge about networking was based on the CCNA material, for example, then the CCNA: Security isn't a bad thing to raise awareness of certain technologies. That said, when I studied for the exam there was a lot of emphasis on leveraging the SDM (prior to Cisco emphasizing the CCP) and IOS zone-based firewalls, both of which I've yet to use or really see being used commonly. When it comes to Cisco firewalls, it's virtually always ASA.

Read the Cisco Press books. I probably wouldn't bother with an official training course. Your money is better spent on a used 5505 for home, an 850 series router or two, and a couple of 2950 switches and using it for your home network.

networker050184

The only reason I see for getting the CCNA Security is if you plan on going for the CCNP Security. If not I'd just go for the regular CCNA. The CCNA is well know and sought after certification.

RouteMyPacket

networker050184 wrote: »

The only reason I see for getting the CCNA Security is if you plan on going for the CCNP Security. If not I'd just go for the regular CCNA. The CCNA is well know and sought after certification.

I would see that as a no brainer but unfortunately it must be said as you just did. I would NEVER go for a CCNA unless I was shooting for NP. When I did the NA Security, it was only a stepping stone to NP and I never gave it much thought.

Legacy User

Only reason I took the ccna sec was that I was using the material along with ccnp sec vpn/firewall info to learn the in and outs for a project I had at work. I didn't have any interest in getting it but figured since I knew the material I should just knock it out and renew my ccna at the same time. In all honesty I can't say I really seen any jobs requesting specifically the ccna sec but mainly ASA/VPN knowledge.

SephStorm

Thanks all. I'll probably end up going through the material I have as time permits, paying attention to the sections on firewalls, ASA and VPN. Of note, the CCNA: Security is now 8570, would have been preferred over retaking Security+, but whats done is done. I'll focus on some other things I have in mind along with the above.

JockVSJock

RouteMyPacket wrote: »

Look at it this way, there is always going to be demand for competent Engineers because IT is infested with wannabes and egotistical morons.

I like the way your worded this.

+1

jjs1234

My two cents: the 200-120 was easy. It gives you the full ccna so why do people go with the ICND only?

ramrunner800

jjs1234 wrote: »

My two cents: the 200-120 was easy. It gives you the full ccna so why do people go with the ICND only?

Because no matter how easy or difficult something is, many people find that breaking it in half and focusing on a smaller portion of the material is beneficial to their learning process. Also, many folks have no need to know anything about the Routing & Switching protocols, so taking 1 exam gives you a better route into material that is either interesting to you or relevant to your work. For someone working in security, like the OP, CCNA R&S may be neither interesting nor useful.

discount81

This is simply my opinion.

From the looks of it, CCNA Security is basically a Cisco ASA certification.
I personally wouldn't want to have a job that deals with Cisco ASA firewalls on a daily basis, I find a lot of firewall guys look down on ASA as a bit of a low end firewall, any place I've worked that had an ASA, it's been an ongoing joke how bad they are.

I'd specialize in a firewall brand that is actually deployed by companies who take security serious, like Checkpoint.

docrice

The ASAs have never really been a serious firewall contender until Cisco acquired Sourcefire. I have much higher hopes now that Marty Roesch is helping lead the show. When I studied for the CCNA Security exam some years ago, it didn't cover ASA at all. I think the material for the exam goes over some good foundations, but generally job postings don't list the CCNA Security specifically (usually mentioning instead the CCNP Security ... or if the employer isn't quite up to date on the parlance they'll refer to it as the CCSP).

kurosaki00

I plan to take CCNA Sec but it's because I got some ASA experience.. so why not.
If you like security in general, like FWs in general and not just cisco, just read the book and move along. Get a more neutral cert.

the_Grinch

You have to take it for the CCNP-Security so that makes it worth doing if you are going that route. Other then that, if your plan is to just get it and not move further down the track then I would probably think long and hard about it.

Dakinggamer87

I'm enjoying the security topics and Cisco ASA firewall knowledge personally. However, I am only taking my cert as it's required by WGU for my degree.

E Double U

docrice wrote: »

When I studied for the CCNA Security exam some years ago, it didn't cover ASA at all. .

I felt the same way. Didn't get heavy on the ASA until I studied for the CCNP Security Firewall exam.

Edificer

I can see this cert becoming competitive with the NGFWs in work now and with the high profile cyber attacks. I wonder when cisco will update the NA:Sec and NP:Sec.

IIIMaster

Yeah I have to pass this exam to graduate. I did a quarter of it and it's basic material but I have zero interest in security. But I guess for network guy it can be a plus on your resume.

Hawaiiwaterboy

Just finished my CCNA Security. For me it was the right certification. First, it recertifies my security+, I work for a federal enterprise network so we all know that 8570 requirement.
Second, any CCNA will take you from a junior networking tier to a mid in the DOD / military market.
Third, I want to move from networking to cyber security so I'm keeping my certifications aligned as such.
Basically the CCNA Security was the right certification to go for.