Despite the sizable collection of vendor-specific security certifications, identifying which ones best suit your educational or career needs is fairly straightforward. In this latest update to our vendor-specific IT certification guide,

you'll find an alphabetized list of security certification programs from various vendors, a brief description of each certification and pointers to further details. We also provide some tips on choosing the right certification for your needs.

 

Introduction to vendor-specific security certifications
The process of choosing vendor-specific security certifications is much simpler than choosing vendor-neutral ones. In the vendor-neutral landscape you must evaluate the pros and cons of various programs to select a viable option, but on the vendor side, it's only necessary to address three issues:

• Inventory your security infrastructure and identify which vendors' products or services play a role.
• Check this guide (and vendor websites for items that don't appear here) to see if a certification applies to products or services in your organization.
• Decide if spending the money to obtain such credentials or to fund them for your employees is worth the resulting benefits.

In an environment where numerous jobs exist for every qualified IT security professional, individual benefits are hard to overstate. Perhaps this explains why so many employer-funded certification arrangements include payback clauses if employees leave sooner than a specified time after completion -- it's really a ploy for employee development and retention, as well as a boost to an organization's in-house expertise.

As is typical for this survey, which we started in 2001, there've been some changes since our last update in 2008. We’re adding various elements that have turned up in the meantime, including security-flavored versions of the CCNA and CCNP certifications, a couple of Fortinet Inc. credentials, the new MCTS and MCITP items with security components, some Red Hat items, various Symantec Corp. credentials and an entry-level cert from ecommerce/Web security vendor Websense Inc. If you look at the summary table, you’ll see that the number of vendor certs has jumped by 10% since 2008, with some growth in the basic (+5) and intermediate (+6) categories, offset by a reduction in the advanced category (-7). Overall, it looks like vendors are investing in security-related certifications across the board. Counts May’08 Oct’10 Basic 3 8 Intermediate 15 21 Advanced 16 9 TOTALS 34 38 Table 1: Summary of changes, by the numbers

Now we're ready to dive into a big bowl of alphabet soup by exposing all the vendor-specific security-related certification programs that occupy this landscape.

Basic certifications
Return to Table of Contents

• Check Point Certified Security Administrator (CCSA)
  Prerequisite: CCSA R70/R71 training; six months to one year of experience with Check Point products
  Check Point's foundation-level credential prepares individuals to manage basic installations of Check Point products, such as VPN-1, SmartCenter, SmartConsole and IPS. Topics covered include working with security policy, deployment and management of security gateways, tuning VPN-1 performance with security policy, log management, monitoring suspicious network activity, attack analysis and protecting email and messaging content.
  A CCSA R70/R71 Upgrade certification is under development for persons already holding the CCSA NG certification. Candidates will have to take CCSA R70 or R70/R71 upgrade training and pass at least one exam. Six months to one year of experience with Check Point products will also be required.
  Source: Check Point Software Technologies
  
  
• Cisco Certified Network Associate (CCNA) Security
  Prerequisites: CCNA or any CCIE certification
  This credential recognizes associate-level professionals who can install, troubleshoot and monitor network devices. A person with a CCNA Security certification knows how to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. Successful completion of an exam is required.
  Source: Cisco Systems
  
  
• Fortinet Certified Network Security Administrator (FCNSA)
  This credential recognizes individuals who configure, manage and monitor FortiGate devices, and work with VPNs and firewall policies. Candidates must possess an understanding of the Fortinet line of products and services. To obtain the FCNSA, candidates must pass a single exam. Source: Fortinet Fortinet Certified Network Security Associate (FCNSA)
  
  
• Microsoft Certified Systems Administrator Security Specialization (MCSA: Security)
  The MCSA: Security is a valid (and well-respected) certification; however, most of the exams have been retired. To be certified on newer Microsoft technologies, such as Windows Server 2008, candidates should pursue the Microsoft Certified IT Professional (MCITP) certification. At the moment, however, there is no MCITP credential with an exclusive focus on security (as was the case with MCSA: Security and MCSE: Security), but all of the current Microsoft MCITP credentials (except the Project Management item) include some security
  Source: Microsoft MCSA: Security on Windows Server 2003
  
  
• Microsoft Certified Technology Specialist (MCTS)
  This credential recognizes individuals who implement, build on, troubleshoot and debug a particular Microsoft technology, such as the Windows operating system, Microsoft Exchange Server, Microsoft SQL Server or Microsoft Visual Studio.
  Source: Microsoft MCTS: Microsoft Certified Technology Specialist
  
  
• Red Hat Certified Security Specialist (RHCSS)
  Prerequsite: RHCE This credential recognizes individuals who configure security for Red Hat Enterprise Linux, SELinux and Red Hat Directory Server in an enterprise environment. Candidates must pass three exams in addition to having obtained the Red Hat Certified Engineer credential. Source: Red Hat  Red Hat Certified Security Specialist
  
  
• Symantec Certified Specialist (SCS)
  This security certification program focuses on data protection, high availability and security skills involving Symantec solutions. To become an SCS, candidates must select an area of focus and pass an exam. As of this writing, the following exams are available:
  • Administration of Symantec Backup Exec 2010
  • Administration of Symantec NetBackup 7.0 for Windows
  • Administration of Symantec NetBackup 7.0 for Unix
  • Administration of Symantec Data Loss Prevention 10.5
  • Administration of Symantec Enterprise Vault 9.0 for Exchange
    Source: Symantec Symantec Certified Specialist Overview
    
    
• Websense Web Security Professional (WWSP)
  A WWSP is an experienced IT and Web security practitioner with deep knowledge of networking topologies, operating systems, system administration and enterprise database systems. Candidates must pass one exam that covers four domains.
  Source: Websense  Websense Web Security Professional Overview

 

Intermediate certifications
Return to Table of Contents

• Check Point Certified Managed Security Expert (CCMSE)
  Prerequisites: CCSE R70 certification; six months to one year of experience with Check Point products
  The CCMSE aims to identify individuals who have thorough knowledge of the Check Point Provider-1 R70 product in an enterprise environment. The credential covers implementation, configuration and troubleshooting of Provider-1 R70, advanced logging, policy management and management of multiple sites.
  Source: Check Point Software Technologies
  
  
• Check Point Certified Security Expert (CCSE)
  Prerequisites: CCSA R70/R71 training; six months to one year of experience with Check Point products
  This is an intermediate-level credential aimed at VPN and firewall concepts, policies, data loss prevention, strategies and advanced troubleshooting. The CCSE focuses on Check Point’s VPN-1, SmartCenter, SmartConsole and IPS solutions. It covers the following:
  • Remote management of corporate security gateways.
  • Change request processing with SmartWorkflow.
  • Implementation of provisioning deployment scenarios.
  • Configuration and testing of VPN in a clustered environment.
  • Charting events into meaningful data.
  • Modifying IPS policy to improve bandwidth and protection.
  • Deploying and managing data loss prevention.
  • Applying advanced troubleshooting and debugging techniques.

  A CCSE R70/R71 Upgrade certification is under development for persons already holding the CCSE NGX certification. Candidates will need CCSA R70 or CCSA R70 Upgrade certification, CCSA R70/R71 or CCSA R70/71 Upgrade certification, or a CCSA NGX credential. Six months to one year of experience with Check Point products is also required. Source: Check Point Software Technologies
  
   

• Cisco Certified Network Professional (CCNP) Security
  Prerequisites: CCNA Security or any CCIE certification
  This Cisco credential recognizes professionals who are responsible for router, switch and networking device and appliance security. Candidates must also know how to select, deploy, support and troubleshoot firewalls, VPNs and IDS/IPS products in a networking environment. Successful completion of four exams is required.
  Source: Cisco Systems
  
  
• Cisco Certified Security Professional (CCSP)
  Prerequisite: CCNA Security, CCNA + SND or any CCIE certification
  An intermediate-level Cisco professional certification, CCSPs must understand key aspects, components and systems relevant to Cisco's security products and platforms. Required topics among the four exams include securing networks with Cisco routers and switches, Cisco IPS and Cisco ASA Security Appliance products, as well as implementing Cisco NAC Appliances or Cisco Security Monitoring, Analysis and Response System (MARS).
  Note: Cisco is phasing out the CCSP in favor of the CCNP Security. CCSP exams will be available until April 2011, and individuals can obtain their CCSP credential until October 2011. Source: Cisco Systems
  
  
• Cisco Specialist Program
  Cisco Specialists can pursue mid-level certifications across a broad array of subjects and technologies. This program includes several credentials with strong -- if not exclusive -- security components. The categories of specializations include:
  • Advanced Routing and Switching
  • Data Center
  • Foundation for Channel Partners
  • Unified Communications & Video
  • MeetingPlace
  • VPN and Security
  • Wireless LAN

  Source: Cisco Systems
  
   

• EnCase Certified eDiscovery Practitioner (EnCEP) 
  Aimed at both private- and public-sector computer forensic specialists, this certification permits individuals to become certified in the use of Guidance Software Inc.'s EnCase eDiscovery software, and recognizes their proficiency in eDiscovery planning, project management and best practices in file creation. Prerequisites include authorized training, three months experience in eDiscovery collection, processing and/or project management and a formal application process. Individuals gain certification by passing a two-phase exam: a computer-based component and a scenario component.
  Source: Guidance Software
  
  
• EnCase Certified Examiner (EnCE)
  Aimed at both private- and public-sector computer forensic specialists, this certification permits individuals to become certified in the use of Guidance Software's EnCase computer forensics tools and software. Prerequisites include 64 hours of authorized training or 12 months of computer forensic experience and a formal application process. Individuals gain certification by passing a two-phase exam: a computer-based component and a practical component.
  Source: Guidance Software
  
  
• Fortinet Certified Network Security Professional (FCNSP)
  This credential recognizes individuals who install, configure and troubleshoot FortiGate products in an enterprise environment. Candidates should also have a good working knowledge of FortiAnalyzer, in addition to a basic understanding of the entire Fortinet line of products and services. Candidates must pass two exams. Source: Fortinet Fortinet Certified Network Security Associate (FCNSA)
  
  
• Microsoft Certified IT Professional (MCITP)
  This credential recognizes individuals who deploy, build, design, optimize and operate technologies for a particular job role, such as database administrator or enterprise messaging administrator. The primary certification categories include Windows clients, Windows Server, Microsoft SQL Server, Microsoft Office Project Server and Microsoft Exchange Server. Some of the certs include security components, such as the MCITP: Enterprise Administrator. Candidates must pass two to five exams, depending on their chosen job role.
  Source: Microsoft MCITP: Microsoft Certified IT Professional
  
  
• Microsoft Certified Systems Engineer Security Specializations (MCSE: Security)
  Although the MCSE is still recognized as one of the top credentials in the IT certification arena, most of the exams have been retired. To be certified on newer Microsoft technologies, such as Windows Server 2008, candidates should pursue the Microsoft Certified IT Professional (MCITP) certification. Candidates with the MCSE on Windows Server 2003 certification can upgrade to the Microsoft Certified Technology Specialist (MCTS) and Microsoft Certified IT Professional (MCITP) on Windows Server 2008 certifications.
  Source: Microsoft (MCSE: Security on Windows Server 2003;)
  
  
• RSA SecurID Certified Administrator (RSA SecurID CA)
  This certification is designed for security professionals who manage and maintain enterprise security systems based on RSA SecureID products. RSA SecurID CAs can operate and maintain RSA SecureID components within the context of their operational systems and environments, troubleshoot security and implementation problems, and work with updates, patches and fixes.
  Source: RSA Security
  
  
• SAINT
  SAINT certification requires attending a two-day course geared toward information security professionals and system administrators. The course focuses on TCP/IP and security fundamentals as well as installing, configuring and using SAINT and SAINTwriter.
  Source: SAINT Corp.
  
  
• Snort Certified Professional (SnortCP)
  The SnortCP is provided by Sourcefire Inc. The exam covers Snort IDS/IPS technology theory, installation and deployment, Snort configuration and usage, Snort tuning techniques, Snort rules, language and syntax, rule set management, and maintenance and implementation of supporting tools and applications.
  Source: Sourcefire Inc.
  
  
• Sourcefire Certified Professional (SFCP)
  The SFCP identifies individuals who demonstrate a thorough knowledge of Sourcefire products and their underlying technical concepts. Candidates are assessed on their knowledge of Sourcefire IPS, Defense Center, Sourcefire RNA, installation and deployment, administration and management and more.
  Source: Sourcefire Inc.
  
  
• Oracle Solaris 10 Certified Security Administrator
  This credential aims to identify experienced Solaris 10 administrators with security interest and experience. It's a mid-range credential that focuses on system lockdown, best security practices and a good understanding of file and system resources protection, and encryption and authentication methods. A single exam -- geared toward the Solaris 10 operating system or the OpenSolaris environment -- is required to obtain this credential.
  Source: Oracle

 
 

Advanced certifications
Return to Table of Contents

• CCIE Security
  Arguably one of the most coveted certifications around, the CCIE is in a league of its own. Having been around since 2002, the CCIE Security track is nonpareil for those interested in dealing with information security topics, tools and technologies in networks built using or around Cisco products and platforms.
  Source: Cisco Systems
  
  
• Check Point Certified Endpoint Expert (CCEPE)
  Prerequisites: Endpoint Security – R70 training; six months to one year of experience with Check Point products
  This credential recognizes security professionals who have mastered configuration, troubleshooting, testing and management of Check Point Endpoint Security products. To acquire this credential, candidates must pass an exam.
  Source: Check Point Software Technologies
  
  
• Check Point Certified Master Architect (CCMA)
  Prerequisites: CCSA, CCSE, CCSE+
  The CCMA is the pinnacle of Check Point certifications. This credential aims at security professionals who design, implement, manage and troubleshoot multifaceted Check Point security architectures. Candidates must be experts in perimeter, internal, Web and endpoint security systems. To acquire this credential, Check Point recommends at least five years of experience, and requires passing both a written and hands-on lab exam.
  Source: Check Point Software Technologies
  
  
• IBM Certified Advanced Deployment Professional - IBM Service Management Security and Compliance 2009
  This certification covers a broad range of higher-level security topics updated for 2009 topics and platforms. Advanced Deployment Professionals must have a strong background in and knowledge of the following as they relate to security: communications, infrastructure, cryptography, access control, authentication, external attacks and organizational issues. Three exams are required to obtain this certification. In addition, candidates must have acquired ITIL V3 Foundations, CompTIA Security+ or (ISC)² SSCP or CISSP certification, or have passed one of four designated IBM exams.
  Source: IBM (Advanced Deployment Professional 2009)
  
  
• IBM Certified Advanced Deployment Professional - IBM Service Management Security and Compliance V2
  Individuals pursuing this certification must have a strong background in and knowledge of the following as they relate to security: communications, infrastructure, cryptography, access control, authentication, external attacks and organizational issues. The certification recognizes individuals who demonstrate a higher level of implementation knowledge and skills in the IBM Tivoli Security, Risk and Compliance solutions area. Three exams are required to obtain this certification. In addition, candidates must have acquired ITIL V3 Foundations, CompTIA Security+ or (ISC)², SSCP or CISSP certification, or have passed one of five designated IBM exams.
  Source: IBM (Advanced Deployment Professional V2)
  
  
• RSA Certified Systems Engineer (RSA/CSE)
  The RSA/CSE is designed for security professionals who install and configure enterprise security solutions built around the RSA SecureID product. Candidates must be able to design client solutions based on analysis of business needs, match implementations to client environments and infrastructures and carry a solution from design, through prototyping and pilot and full-scale deployment phases.
  Specialized credentials in this program are available for RSA Access Manager, RSA Digital Certificate Management Solutions, RSA enVision, and RSA DLP Suite.
  Source: RSA Security
  
  
• Sourcefire Certified Expert (SFCE)
  The SFCE identifies individuals with mastery over the content of both the Snort Certified Professional and the Sourcefire Certified Professional. Candidates are assessed against more advanced material.
  Source: Sourcefire Inc.
  
  
• IBM Certified Deployment Professional – Tivoli Identity Manager V5.1
  Those who attain this certification can plan for, install, configure, troubleshoot, administer and maintain an IBM Tivoli Identity Manager V5.1 environment. While earning this certification requires passing only a single exam, the background and knowledge requirements span a broad range from basic business processes, to system administration, to Java, JavaScript and DSML, plus working knowledge of LDAP, IBM Tivoli Directory Integrator and more.
  Source: IBM
  
  
• IBM Certified Administrator – Tivoli Monitoring V6.2
  Those who attain this certification can plan for, install, configure, troubleshoot, administer and maintain an IBM Tivoli Monitoring V6.2 environment. Security-related requirements include basic knowledge of SSL, data encryption and system user accounts.
  Source: IBM

Remember, when it comes to selecting vendor-specific security certifications, your planned or existing product choices will probably dictate your options. If your security infrastructure includes products from vendors not mentioned here, be sure to check with them to determine if training or certification on such products is available. Please let us know if our revised survey of this landscape has missed anything. We can't claim to know, see or be able to find everything, so all feedback -- especially if it adds to this list -- will be gratefully acknowledged. As always, feel free to email us with comments or questions.

About the authors:
Ed Tittel is a full-time freelance writer, trainer and consultant who has written more than 140 books including his latest, the CISSP Study Guide fifth edition with J. Michael Stewart and Mike Chapple (Sybex, due out in Dec 2010/January 2011). He has been active in the computing industry for more than 25 years and has worked as a software developer, manager, writer and trainer.

Kim Lindros has more than 20 years of experience in the computer industry, from technical support specialist to network administrator to book and course content manager. She has edited and developed more than 400 IT-related books and online courses, and co-authored two certification books and numerous online articles with Ed. Kim runs Gracie Editorial, a content development company.