I have my CCNP and MCP. Now I want to specialize in information security. What certifications do I go for? Where can I find the best training to obtain these certs? I am also interested in wireless communications.
When it comes to pursuing security certifications, you
have two basic paths you can follow, or mix and match as you
1. Vendor-neutral security certifications -- See my Landscape Survey on this topic.
2. Vendor-specfic security certifications -- See http://www.gocertify.com/security/, and check the vendor programs (Check Point, Cisco, Entrust, RSA Security, Symantec and Tivoli); see also offerings from Internet Security Systems (www.iss.com).
As far as training goes, with so many options available, I'd rather have you quiz me again when you've picked a program or two you might want to pursue. To answer this question in general would require me to write you a book!
As for recommended certs, the hottest tickets around right now on the vendor-neutral side are the ISC-squared's CISSP, the SANS GIAC and the Trusecure ISCA Certified Security Associate. The CISSP remains the security certification most often mentioned by name in job postings and classified ads, but the other two are gaining market and mind share rapidly.
As for vendor-specific certs, your choices will be guided by the systems and equipment used where you work (or want to work). Here, Cisco and Checkpoint are probably the most popular.
As for wireless certifications, check out http://www.gocertify.com/wireless/ for a decent list of what's currently out there.
For more information on this topic, visit these other searchSecurity resources:
Best Web Links: Security Training
Best Web Links: Vendor Training
Career Tip: Security Certification: CISSP
This was first published in February 2002