Symantec Offers Solutions-Based Certification
No single product in security is going to solve all customer issues, said Graeme Johnston, senior director of global learning and certification, Symantec. Nor can one product line and its accompanying certifications (of which there are many) point with any certainty to an IT professional’s competency in the security industry. But Symantec has created a solutions-based training and certification program that focuses on the design, development and execution of holistic, integrated security strategies, removing some of the guesswork from the myriad of certification options out there by pointing at a few worthwhile classifications that can meet customer’s varied needs.
“We took a step back and said, ‘What is it we need to do in order to better reflect what’s happening in the market, particularly in security?’” said Johnston. “How do we make sure that our customers and our partners have the best skills and are best prepared for what’s happening in the industry? It was clear from our research and a variety of sources that the product-specific certification path that we’ve all been following for years is getting out of hand—security on different platforms, technologies and networking environments—it’s far too complex for someone to walk in and be certified to any great depth in each and every product. It was clear to us that we need to make sure that our partners in particular understood what were the issues that they were going to face, and solve their customers’ problems with the right solution. Partners are dealing with a dozen or more vendors and having to prove their product-specific skills to each and every one of those vendors. The security industry has a number of certifications that provide a solid foundation around the key issues of security.”
Johnston identified three core vendor-neutral certifications around which Symantec has based its program and a dozen or so others that Symantec would support as proof of core competency in security. They include Security+ from CompTIA, the SANS GIAC (Global Information Assurance Certification) and (ISC)2’s Certified Information Systems Security Professional (CISSP) certifications. “We can use those as the basis to prove somebody’s core competency in security. In the case of partners, we can have them look at our solutions, make sure that they can prove that they understand how our solutions can solve the customers problems and build on top of those vendor-neutral certifications instead of us expecting our partners and potentially our customers to continue to prove the same skills over and over again.”
“That doesn’t mean that we’ve made it easier,” Johnston added. “None of those are necessarily easy exams. We didn’t set out to make it easier for someone to pass; we made it easier for someone to go through the process.”
Symantec has been transitioning and progressively rolling out the new exams since the end of 2003. There are four solutions exams, based on the key security segments, that replace the old product certification exams. They include: virus protection and integrated client security, intrusion protection, security management and firewall and integrated security appliances. Feedback from Symantec’s partner community, a number of channel specific publications and exam takers has been positive.
For more information, visit http://www.symantec.com.