I got a nice, short phone call from Andy Gremett, Senior Manager of Product Marketing at Cisco Learning yesterday. This morning, the company will announce changes to its CCNA Security and CCNP Security exams, to reflect changes in the technology base and the threat landscape since the last time these credentials were updated in 2009-2010. Andy also informed me that their job task analyses indicate that CCNA Security and CCNP Security holders are migrating from job responsibilities that split their efforts between routine networking (switch, router, infrastructure stuff) and security networking (firewalls, VPNs, security monitor and audit, and other security stuff) to job responsibilities that focus primarily on the security stuff just mentioned. In fact, the ratio has shifted from about 46% security to nearly 80% security in just the last little while.
Home page logos for CCNA Security, CCNP Security, Security Specializations
New technologies and challenges include increasing proliferation of mobile devices and apps, wider use of collaboration and social media, large-scale migration of data into the cloud, nearly ubiquitous use of virtualization, and an ever more pervasive and nasty collection of malware threats and attack vectors. No wonder these credentials were due for a refresh–perhaps it’s not out of line to even call these changes “increased hardening!”
The updated CCNA Security exam (IINS: Implementing Cisco IOS Network Security) will be released today with Exam ID 640-554. Its predecessor, 640-553, will remain live until 9/30/2012, so that those already studying for that particular exam can still take it. The VPN and Firewall exams for CCNP Security will likewise be updated (firewall exam 642-617 is being superseded by exam 642-618, and the former remains live until 5/28/2012; VPN exam 642-647 is being superseded by exam 642-648, and also expires on 5/28/2012). Because these exams are also the focus for the Cisco Firewall Security Specialist and Cisco VPN Security Specialist certifications, respectively, those credentials are also under the same retire-and-replace regime as well.
“Out with the old, and in with the new,” is ever the way it is with technology certs in general, and security certs in particular. That’s because keeping up with the threat landscape and new technologies is an important key to maintaining a proper security posture!