May be not GET but I can definitely build a IPSec site-to-site or
remote-access VPN pretty fast. My experience has been developing perimeter
security and VPN solutions for the enterprise at work from scratch, so I am
very comfortable with the ASA5500s. I have not implemented each and every
security and VPN feature available but I am confident that I can find the
reference and configure them. It is true that I dont have exposure to
enterprise security in terms of compliance, policies and exploits.
Steve, you are on the spot with your advice, I appreciate the candid
information.
Cheers,
Omkar Tambalkar
CCIE #24892
On Tue, Aug 4, 2009 at 7:44 AM, Darby Weaver <ccie.weaver_at_gmail.com> wrote:
> Well said Steve.
>
> However, while it is nice to be a specialist in security, it seems to me
> that mostly everyone is expected to have a decent level of knowledge of
> security for day-to-day operations of mostly any network.
>
> Maybe my experience is limited to my work experience, but so far it is
> batting a 1000.
>
> Given the network size Omar is responsible for, I'd definately recommend
> Firewall and VPN experiences (training or otherwise), however if the goal is
> the CCIE, then spending time on the lower order tracks may just be a
> diversion from the ultimate goal.
>
> On Tue, Aug 4, 2009 at 10:02 AM, Steve Means <smeans_at_ccbootcamp.com>wrote:
>
>> The CCSP touches on most of the subjects needed for the lab, but there
>> is a
>> lot of material to get through that doesn't apply. I'd say the cisco CCSP
>> curriculum (supplemented with the internet) is a good thing to go through
>> if
>> you lack baseline knowledge of all the blueprint topics. It can really
>> help
>> fill in knowledge gaps.
>>
>> If you can go through the blueprint and write a short paragraph on each
>> bullet
>> point and think you can lab them up with some level of competancy you
>> probably
>> don't need the CCSP.
>>
>> Either way you go its worth noting that if you plan on moving into a
>> security
>> role the CCSP and the CCIE aren't 100% of what you need to be effective.
>> They
>> are very technology focused, but are light on some very important things a
>> security person needs to know. Things like policy, laws, host based
>> defense,
>> up to date exploits, wireless, proper tuning and probably some other
>> things I
>> don't have off the top of my head.
>>
>> The point of that is that if you want to do security the CCSP as a start
>> and
>> then branching out into other security topics might be of more practical
>> use
>> than getting *REALLY* fast at configuring active/active failover or GET
>> VPN.
>> ;)
>>
>> Steve Means
>> Security Instructor/Consultant
>> smeans_at_ccbootcamp.com
>> CCBOOTCAMP - A Cisco Learning Partner
>> 877.654.2243 Toll Free
>> +1.702.968.5100 Direct Outside the USA
>> +1.702.446.0357 Fax
>> YES! We take Cisco Learning Credits
>>
>> ________________________________
>>
>> From: nobody_at_groupstudy.com on behalf of Omkar Tambalkar
>> Sent: Mon 8/3/2009 3:50 PM
>> To: CCIE Lab
>> Subject: OT: Advice regarding CCIE Security
>>
>>
>>
>> Hello All,
>>
>> I finished CCIE (R&S) last month and after a couple of weeks of no
>> studying
>> I realized that I was so used to the activity of studying for R&S for the
>> past 7-8 months that now I need to keep studying or I will while away time
>> every day after work doing useless stuff like surfing and watching TV (I
>> am
>> single so no kids to amuse everyday). I have decided to succumb to the
>> addiction of studying so I am planning to take the challange of CCIE
>> Security.
>> I have configured ASA5500s for NAT, security access-groups, IPSec
>> site-to-site and remote-access VPNs and have configured ACS for TACACS and
>> RADIUS authentication; in a nutshell basic security rules and IPSec
>> connectivity for a medium sized enterprise. I have no experience with IPS
>> and MARS.
>> I am torn between 2 approaches for the CCIE Security track:
>> Approach 1: Start studying for CCIE Security written (2 months) ---> Pass
>> written ----> study 6-7 months for Lab ----> hope to pass the Lab
>> Approach 2: Start studying for CCSP (2-3 months) ----> Pass CCSP ---->
>> Start
>> studying for CCIE Security written (1 month) ---> Pass written ----> study
>> 6-7 months for Lab ----> hope to pass the Lab
>>
>> Any suggestions/advice are more than welcome.
>> Omkar Tambalkar
>> CCIE #24892
>>
>>
>> Blogs and organic groups at http://www.ccie.net <http://www.ccie.net/>
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Aug 04 2009 - 17:04:04 ART
This archive was generated by hypermail 2.2.0 : Tue Sep 01 2009 - 05:43:56 ART