IT professionals tend to think of the CCIE program as a single certification, but there are actually three types of CCIE certifications, or "tracks:”
- · Routing and Switching (R&S)
- · Communications and Services (C&S)
- · Security
The R&S track has always been the most popular. When people refer to the CCIE program, they typically mean the CCIE R&S. The C&S track is primarily for those who work on or for high-end telephone companies (telcos) or Internet service providers. The Security track is quickly gaining in popularity. Given the current emphasis on IT security, that certification could help you land a high-level security position.
Many candidates I have spoken to are hoping to get a “double CCIE” by earning both the R&S and the Security certs. I'll concentrate on the Security program here, but you'll find an overview of all three tracks in this sidebar.
The CCIE Security program
The CCIE Security track specializes in the hottest and newest security features available. CCIE Security candidates need to master the following topics:
- · Configuration of multiple methods of IPSec encryption
- · VPN features and configuration
- · Intrusion detection (IDS)
- · Methods of fending off denial of service (DoS) attacks
- · Complex firewall configuration
- · Security vulnerabilities in the functionality of application protocols (such as DNS, LDAP, SMTP, and SNMP)
- · IP network content filtering (such as a router filtering traffic to look for the signature of a virus)
After passing a computerized test, CCIE Security candidates must prove that they can pass a rigorous one-day lab examination by configuring routers, firewalls, and switches for these types of features.
Other security cert contenders
Many IT pros wonder how the CCIE Security certification compares to all the other security certifications out there. Here's a rundown of just a few.
In the Cisco line of certifications, you have the Cisco Security Specialist 1 (CSS1). This is a good Cisco-based certification to prepare you for the CCIE Security. It covers both general network security and the technical configuration of security features on Cisco routers, switches, and other devices.
Another popular security certification is (ISC)²'s Certified Information Systems Security Professional (CISSP). This is a vendor-neutral, in-depth certification that covers the “10 domains of security” but does not test any specific vendor security device configuration. It’s ideal for a corporate security officer or a security consultant. To learn more about this program, read "CISSP tests more than systems security expertise."
CompTIA is currently developing its Security+ certification, and it's rumored that Microsoft may be coming out with a security-specific certification.
None of these security certs requires a hands-on lab test the way the CCIE Security certification does. Like the CCIE R&S, that is what ultimately sets it apart from other certifications because it makes the certification more difficult to obtain and more valuable to possess.
Over time, the people on the Cisco CCIE team have managed to keep the CCIE program challenging, unique, exclusive, and valuable. While the R&S track has been the most popular, the CCIE Security track is gaining ground and is proving to be an important measure of expertise and an asset for IT professionals who aspire to a high-level security job.