Spring 2004 update: Survey of vendor-specific security certs

An updated look at the numerous vendor-specific security certifications available.

This Content Component encountered an error

Despite the array of vendor-specific security certifications, identifying which best suits your educational needs is a fairly straightforward process. In this update to the semi-annual vendor-specific certification survey, you'll find an alphabetized list of security certification programs from various vendors, a brief description of each cert and pointers to further details. We also give you some tips on choosing the right cert.

When it comes to choosing vendor-specific security certifications, the process is much simpler than it is for vendor-neutral ones. Whereas in the vendor-neutral landscape you must evaluate the pros and cons of various programs to select a viable candidate, on the vendor side it's usually only necessary to address three issues:

  • You must inventory your security infrastructure and identify which vendors' products or services play a role.
  • You'll want to check this tip (and vendor Web sites for items that don't appear here) to see if certification applies to products or services in your organization.
  • You'll have to decide if spending the money to obtain such credentials (or to fund them for your employees) is worth the resulting benefits.

In an IT environment where security is almost unique in its continuing growth in demand, security certification appears to be good for both employees and employers. Recent surveys continue to support this contention in publications that range from the tightly focused Information Security magazine, to the broader, less security-specific Certification Magazine.

In an environment where numerous jobs exist for every qualified IT security professional, benefits to individuals are hard to overstate. Perhaps this explains why so many employer-funded certification arrangements include payback clauses if employees leave sooner than a specified time after completion -- it's really a ploy for employee development and retention, as well as a boost to an organization's in-house expertise.

Changes since our last vendor-specific survey include the addition of two previously overlooked credentials -- CCIE Security and Sun Certified Security Administrator for the Solaris Operating System -- plus the four newly minted Microsoft security specializations for MCSA and MCSE on Windows 2000 and Windows Server 2003. We also added a 2004 version of the IBM/Tivoli Security Management credential for which a 2003 version already appeared in this list (we consider that an update, more than a new addition). In the same vein, the name for the Tivoli Certified Consultant credential changed to reflect the product's new IBM name (Access Manager for Business Integration V3.8.1). Finally, we dropped the Tivoli Solutions Expert credential on the SecureWay Firewall because it is no longer available.

Now we're ready to dive into a big bowl of alphabet soup by exposing all the vendor-specific security-related certification programs -- and their inevitable acronyms -- that occupy this landscape.

  • CCIE Security
    Arguably one of the most coveted certifications around, the CCIE is in a league of its own. Although the CCIE Security track has been around since 2002, we accidentally omitted mention of it in recent surveys, much to our own astonishment and dismay. That said, the CCIE Security is nonpareil for those interested in dealing with information security topics, tools and technologies in networks built using or around Cisco products and platforms. Definitely a serious, useful credential!
    Source: Cisco Systems

  • CCMSE -- Check Point Certified Managed Security Expert
    The CCMSE aims to identify individuals who work with Check Point's VPN-1/Firewall-1 and Provider-1 Internet security solutions. The credential covers implementation of VPN-1/Firewall-1 as an enterprise security solution and working with Provider-1 in a network operating center environment to provide centralized security policy implementation and management.
    Source: Check Point Software Technologies

  • CCSA -- Check Point Certified Security Administrator
    Check Point's foundation-level credential, this program prepares individuals to manage basic installations of Check Point's VPN-1/FireWall-1 product. Topics covered include working with security policy, deployment and management of security gateways, tuning VPN-1/FireWall-1 performance with security policy, log management, intruder blocking, working with user, client and session authentication, and managing network address translation.
    Source: Check Point Software Technologies

  • CCSE -- Check Point Certified Security Expert
    This is an intermediate-level credential aimed at VPN and firewall concepts, policies, strategies and the VPN-1/Firewall product. It covers:
    • Installing and configuring VPNs
    • Managing post-install procedures
    • Working with the SMARTClient packaging tool
    • Configuring and testing SecuRemote tools for remote access VPNs
    • Creating VPN desktop policies
    • Setting up NAT
    • Installing CheckPoint NG with Application Intelligence software
    • Managing context security to block Java and viruses or filter URLs
    • Working with digital certificates and trusts on VPNs
    • Implementing gateway-to-gateway encryption
    Prerequisite: CCSA.
    Source: Check Point Software Technologies

  • CCSE Plus -- Check Point Certified Security Expert Plus
    The CCSE Plus addresses advanced VPN-1/FireWall-1 technical topics and expertise. Topics covered include:
    • Risk assessments, network diagramming and security policy design and development
    • Placing security components in a network using VPN-1/FireWall-1, LDAP and CVP/UFP servers
    • Configuring rule bases for traffic management and encryption
    • Configuring multiple and single entry-point (MEP and SEP) VPNs with ClusterXL
    • Installing an LDAP server and integrating UserAuthority
    • Using Malicious Activity Detection on suspicious network traffic
    • Working with debugging tools and protocol analyzers, and troubleshooting various VPN-1/FireWall-1 issues

    Source: Check Point Software Technologies

  • CCSP -- Cisco Certified Security Professional
    An intermediate-level Cisco professional certification (requires CCNA or CCIP as a prerequisite), the CCSP must understand key aspects, components and systems relevant to Cisco's security products and platforms. Required topics among the five exams include securing IOS networks, working with the Cisco Secure PIX Firewall, the Cisco Secure Intrusion Detection System and the Cisco Secure VPN. Candidate must also take an exam on Cisco's SAFE implementation (a general security framework for small- and mid-size operations or infrastructures).
    Source: Cisco Systems

  • CCSPA -- Check Point Certified Security Principles Associate
    An entry-level certification, the CCSPA focuses on security fundamentals, concepts and best practices, and incorporating network and systems security with business needs. This credential covers the Information Security Triad, threat and vulnerability assessments, security policies, business-continuity plans, safeguards and countermeasures, security and network architecture, encryption algorithms and access control technologies.
    Source: Check Point Software Technologies

  • Cisco Qualified Specialist Program
    Cisco Qualified Specialists can pursue mid-level certification across a broad array of subjects and technologies. This program includes several credentials with strong -- if not exclusive -- security components, including the following:

  • EnCE -- EnCase Certified Examiner
    Aimed at both private- and public-sector computer forensic specialists, this certification permits individuals to become certified in the use of Guidance Software's EnCase computer forensics tools and software. Prerequisites include a combination of software licenses, training and field experience, and a formal application process, as well as passing a related certification exam.
    Source: Guidance Software

  • FCSS -- Field Certified Security Specialist
    Still under development, this set of performance-based certifications permits individuals to specialize in Cisco, CheckPoint or cross-platform topics, which is why we list it in both the vendor-specific and vendor-neutral surveys (although the parent organization points out that these certs are "vendor-independent"). Check the Web site for more information on this emerging program, which is scheduled for release some time in 2004.
    Source: Field Certified Security Specialist (FCSS) Certification Information

  • IBM Certified Advanced Deployment Professional -- Tivoli Security Management Solutions 2003
    One of IBM's Advanced Deployment Professional credentials, this certification covers a broad range of higher-level security topics. Advanced Deployment Professionals must have a strong background in and knowledge of the following as they relate to security: communications, infrastructure, cryptography, access control, authentication, external attacks and organizational issues. Four exams are required to obtain this certification, including CompTIA's Security+.
    Source: IBM

  • IBM Certified Advanced Deployment Professional -- Tivoli Security Management Solutions 2004
    Another of IBM's Advanced Deployment Professional credentials, this certification covers a broad range of higher-level security topics updated for 2004 topics and platforms. Advanced Deployment Professionals must have a strong background in and knowledge of the following as they relate to security: communications, infrastructure, cryptography, access control, authentication, external attacks and organizational issues. Four exams are required to obtain this certification, including CompTIA's Security+.
    Source: IBM

  • MCSA: Security -- Microsoft Certified Systems Administrator Security Specializations
    These two credentials take the standard MCSA for Windows 2000 and Windows Server 2003 respectively and transform elective exams into security specialization exams (and add one exam to the total count required so that this credential requires passing five exams instead of four). The idea is to let MCSAs demonstrate their interest in and focus on Microsoft-related security topics, tools and technologies.
    Source: Microsoft (MCSA: Security on Windows Server 2003; MCSA: Security on Windows 2000)

  • MCSE: Security -- Microsoft Certified Systems Engineer Security Specializations
    These two credentials take the standard MCSE for Windows 2000 and Windows Server 2003 respectively and transform elective exams into security specialization exams (and add one exam to the total count required so that this credential requires passing eight exams instead of seven for Windows Server 2003; and seven exams instead of six for Windows Server 2000). The idea is to let MCSEs demonstrate their interest in and focus on Microsoft-related security topics, tools and technologies (all MCSA requirements also carry over to the MCSE for security specializations, too).
    Source: Microsoft (MCSE: Security on Windows Server 2003; MCSE: Security on Windows 2000)

  • RSA SecurID CA -- RSA SecurID Certified Administrator
    This certification is designed for security professionals who manage and maintain enterprise security systems based on RSA SecureID products. RSA SecurID CAs can operate and maintain RSA SecureID components within the context of their operational systems and environments, troubleshoot security and implementation problems, and deal with updates, patches and fixes.
    Source: RSA SecurID Certified Administrator

  • RSA/CI -- RSA Certified Instructor
    This cert is designed for security professionals who wish to teach others how to design, deploy and maintain solutions built around RSA SecureID products. Candidates must attend RSA SecureID courses they wish to teach, attain RSA/CSE and RSA/CA certification, attend an RSA/CI workshop and demonstrate their ability to teach the material in the classroom.
    Source: RSA SecurID Certified Instructor

  • RSA/CSE -- RSA Certified Systems Engineer
    The RSA/CSE is designed for security professionals who install and configure enterprise security solutions built around RSA SecureID, ClearTrust and KEO PKI Core products (three separate credentials, one for each product family). Candidates must be able to design client solutions based on analysis of business needs, match implementations to client environments and infrastructures, and carry a solution from design, through prototyping, pilot and full-scale deployment phases.
    Source: RSA Certified Systems Engineer

  • SAINT
    SAINT certification requires attending a two-day course geared toward information security professionals and system administrators, and passing one exam. The course focuses on TCP/IP and security fundamentals, and installing, configuring and using SAINT and SAINTwriter.
    Source: SAINT Corp.

  • SCSE -- Symantec Certified Security Engineer
    The SCSE cert requires passing all technology exams within a specific technology focus, as well as a security solutions exam for that same focus. Three or four exams are required in total, depending on the chosen technology focus. Security solutions topics are: virus protection and content filtering, intrusion detection, vulnerability management, and firewall and VPN technologies.
    Source: Symantec Corp.

  • Sun Certified Security Administrator for the Solaris Operating System
    This credential aims to identify experienced Solaris administrators with security interest and experience. It's a mid-range credential that focuses on system lockdown, best security practices and a good understanding of file and system resources protection, and encryption and authentication methods. A single exam, 310-301, is required to obtain this credential.
    Source: Sun Microsystems

  • Symantec Certified Security Practitioner
    This is a cumulative certification that requires individuals to pass all of Symantec's nine technology and four security solutions exams. Security solutions topics include: virus protection and content filtering, intrusion detection, vulnerability management, and firewall and VPN technologies.
    Source: Symantec Corp.

  • Symantec Product Specialist
    A single-product focused and entry-level credential, Symantec Product Specialists must pass any one of a number of technology exams. Topics and products covered include Symantec AntiVirus, WebSecurity, Intruder Alert, NetProwler, Enterprise Security Manager, NetRecon, Symantec Enterprise Firewall and Firewall Advanced Concepts.
    Source: Symantec Corp.

  • Symantec Technology Architect
    A single-product focused and entry-level credential, Symantec Technology Architects must pass any one of the security solutions exams. Security solutions topics include: virus protection and content filtering, intrusion detection, vulnerability management, and firewall and VPN technologies.
    Source: Symantec Corp.

  • Tivoli Certified Consultant
    Part of the IBM family of companies, one of Tivoli's Certified Consultant credentials covers security topics -- the IBM Tivoli Access Manager for Business Integration V3.8.1 (formerly Tivoli Policy Director). Certified consultants must have a strong working knowledge of infosec concepts, tools and technologies, and understand how to design, deploy, manage, maintain and troubleshoot Access Manager environments.
    Source: IBM

    Remember, when it comes to selecting vendor-specific security certifications, your product choices will probably dictate your options. If your security infrastructure includes products from vendors not mentioned here, be sure to check with them to determine if training or certification on such products is available. Please let us know if our revised survey of this landscape has missed anything. We can't claim to know, see or be able to find everything, so all feedback -- especially if it adds to this list -- will be gratefully acknowledged. As always, feel free to e-mail us with comments or questions.

    About the authors
    Ed Tittel is Vice President of Content Development and E-publishing for the Austin division of Capstar LLC. Ed has been working in the computing industry for more than 20 years and has worked as a software developer, manager, writer and trainer. As an expert on SearchSecurity.com, he answers your infosec training and certification questions in our Ask the Expert feature.

    Kim Lindros has more than 10 years of experience in the computer industry, from technical support specialist to network administrator to project manager in the Austin division of Capstar LLC. She has edited more than 25 books, and co-authored two certification books and numerous online articles with Ed.


  • This was first published in June 2004

    Dig deeper on Security Resources

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close