From CCIE to CWSP: The best network security certifications
Network security professionals with proven skills can almost write their own job description. A shortage of networking professionals combined with increased demand for enterprise security expertise leaves us with a career field in dire need of qualified practitioners. If you’re interested in proving your qualifications to administer network security, you may wish to consider earning a professional certification that will serve you well for years to come.
Organizations around the world require network security teams with a wide variety of experience. Firewall administrators install and configure perimeter security to create boundaries that malicious individuals can’t breach. Wireless security experts protect the communications flying around open airspace from prying eyes. Network engineers with security backgrounds configure routers, switches and other network devices with an eye toward creating a hardened network. Security is at the heart of all networking activities and this need creates many lucrative professional opportunities on enterprise networking teams, with information security staffs and with network and security consulting firms.
If you’re looking to prove your networking security prowess to a potential employer, there is a wide range of certifications available to help you down that road. Let’s take a look at seven of the top network security certifications that can help you build your resume as a network security expert.
Cisco Systems continues to dominate the networking industry and their professional certifications rise to the top of the heap, even among businesses that aren’t pure Cisco shops. The Cisco Certified Internetworking Expert (CCIE) Security credential is the cream of the crop for network security experts. Earning the credential requires undertaking a grueling ordeal. Candidates must first pass a rigorous two-hour written exam to earn the right to attempt an eight-hour hands-on exam under the watchful eye of Cisco network security experts.
These CCIE Security exams are not for the faint of heart — they’re incredibly difficult and rumored to have an extremely high failure rate. If you’re able to pass through this gauntlet, however, you’ll receive one of the most coveted certificates in computing to hang on your wall. Earning the CCIE Security credential is a major accomplishment and holders of this credential can find employment in almost any organization.
If you’re seeking a slightly less ambitious start to your network security certification path, you may wish to consider the Cisco Certified Network Associate (CCNA) Security credential. The CCNA Security program is Cisco’s entry level security certification and requires that candidates have some networking background prior to attempting the security exam. You must already hold one of Cisco’s entry-level networking certifications: either the CCNA Routing & Switching or the Cisco Certified Entry Networking Technician (CCENT). Holders of those credentials may sit for the Implementing Cisco IOS Network Security exam: a 90-minute electronic exam containing between 55-65 questions. You may schedule the exam through Pearson VUE and take it at any of their examination centers worldwide.
The CCNA Security credential is a generalist certification that demonstrates the candidate’s familiarity with network security topics. Those seeking a more advanced certification may attempt the Cisco Certified Network Professional (CCNP) Security credential. Candidates must first possess the CCNA Security certification and then pass a series of four examinations:
• Implementing Cisco Secure Access Solutions
• Implementing Cisco Edge Network Security Solutions
• Implementing Cisco Secure Mobility Solutions
• Implementing Cisco Threat Control Solutions
Each of these examinations is 90 minutes long and contains between 65-75 questions similar in format to those on the CCNA Security examination, but covering more advanced content. Passing these exams requires knowledge and experience configuring and managing Cisco routers, switches, firewalls, intrusion detection and prevention systems, and virtual private networks (VPNs). While not approaching the rigor of the CCIE Security credential, the CCNP Security certification is a clear signal to potential employers that you are a network security expert.
While not a network security-specific certification, the Certified Information Systems Security Professional (CISSP) offered by (ISC)² does include coverage of network security topics. This credential is not widely held among networking professionals but it is the premier certification among information security professionals. The fact that it is not common among network engineers makes it an ideal way to stand out from the crowd in a job search. CISSP holders demonstrate a broad knowledge of the information security field and are conversant on each of the 10 domains of information security.
If you’re already a qualified networking professional with experience and education and wish to branch out into security, the CISSP credential may be just the path for you. Earning this credential requires passing a comprehensive information security exam and demonstrating five years of experience in two of the 10 domains. Networking professionals will have no trouble qualifying as these domains include telecommunications & network security, access control, cryptography, physical security and other fields that intersect with the professional interests of network engineers.
The SANS Institute’s Global Information Assurance Certification (GIAC) program offers the GIAC Certified Perimeter Protection Analyst (CPPA) designed for network security professionals. Candidates seeking this credential should have a solid understanding of firewalls, routers, VPNs and intrusion detection and prevention. This credential, formerly known as the GIAC Certified Firewall Analyst (GCFW), now has a broader focus and includes coverage of emerging network security issues including cloud computing, virtualization and mobile networking. Candidates seeking the CPPA credential must pass a two-hour exam by answering at least 52 of 75 questions correctly. As with all GIAC exams, Pearson VUE handles exam scheduling and administration at their test centers worldwide.
The SANS Institute certification program also includes a credential focused on wireless network security: the GIAC Accessing and Auditing Wireless Networks (GAWN) credential. This program offers a technical deep-dive into the world of wireless security. Passing the GAWN examination requires that candidates possess a deep knowledge of wireless networking security, including attack techniques and vulnerability identification and remediation.
Pearson VUE offers the GAWN examination and candidates must answer 71 percent of the 75 questions correctly within a two-hour time limit. The SANS Institute certifies GAWN credential holders for a four-year period. During that period, credential holders must either retake the exam or complete continuing professional education to qualify for GAWN certification renewal.
The Certified Wireless Security Professional (CWSP) credential is another alternative for individuals seeking to specialize in wireless network security. Candidates seeking this credential must first demonstrate their expertise in wireless networking by earning the Certified Wireless Networking Professional (CWNP) certification. Only after passing that exam may candidates attempt the detailed CWSP security examination.
The CWSP exam, offered through Pearson VUE testing centers, consists of 60 multiple choice questions administered over a 90 minute period. Candidates must answer 70 percent of the questions correctly to earn the CWSP credential. Individuals who wish to become CWSP instructors must meet a higher bar, achieving an 80 percent score on the exam.
Networking security certifications offer a wonderful career-enhancing opportunity for both current and aspiring information technology professionals. Earning any of the certifications described in this article will give you a leg up during a job search, demonstrating to employers that you are not only passionate about network security but also have the proven skills required to work in this exciting field. As cyberattacks continue to make headlines, the demand for skilled network security professionals will only continue to rise and these certifications will position you well to ride the wave of network security.