Update: Survey of vendor-specific security certs, October 2002

Certification guru Ed Tittel takes a look at vendor-specific security certifications.

By agreement with SearchSecurity.com, I now update my security certification tips every six months, including this vendor-specific survey and a vendor neutral survey. Here, you'll find an alphabetized list of security certification programs from various vendors, with a brief description of each one, plus pointers to details for each credential.

When it comes to choosing vendor-specific security certifications, the process is much simpler than it is for vendor-neutral ones. Whereas in the vendor-neutral landscape you must evaluate the pros and cons of various programs so as to be able to compare and contrast them, and select a viable candidate, on the vendor side it's only necessary to address three issues:

  • You must inventory your security infrastructure and identify which vendors' products or services play a role.
  • You'll want to check this tip (and vendor Web sites for items that don't appear here) to see if certification applies to products or services in your organization.
  • You'll have to decide if spending the money to obtain such credentials (or to fund them for your employees) is worth the resulting benefits.

In an IT environment where security is almost unique in its continuing growth in demand, security certification appears to be good for both employees and employers. A January 2002 survey at Certification Magazine indicates that 47% of all certifications are still paid by employers, so they still find such investments worthwhile. Another study from David Foote (released March 12, 2002 from www.footepartners.com) suggests that security certifications are not only among the best-paying IT certifications, but that companies find such credentials worth paying for because of the even higher costs of hiring qualified security consultants.

In an environment where more than 10 jobs exist for every qualified IT security professional, benefits to individuals are hard to overstate. Perhaps this explains why so many employer-funded certification arrangements include payback clauses if employees leave sooner than a specified time after completion -- it's really a ploy for employee development and retention, as well as a boost to an organization's in-house expertise.

Changes since my last vendor-specific survey include the removal of the various certifications from the Entrust Technologies Web site -- namely, the Entrust Certified Consultant (ECC) and Entrust Certified RA (ECRA) specialist credentials. I've also added coverage of the EnCase computer forensics, the forthcoming Field Certified Security Specialist (FCSS) and the Novell Security Specialist credentials to this list. Not a huge volume of changes, but enough to keep things interesting!

To begin, let's dive into a big bowl of alphabet soup by exposing all the vendor-specific security-related certification programs -- and their inevitable acronyms -- that occupy this landscape.

CCAE -- Check Point Certified Addressing Expert
Aims to identify individuals with strong skills in working with Check Point's Meta IP to create and manage IP addresses and name space. Credential covers deployment, basic network topology design, installation in LAN and WAN environments, working with users and groups, managing DNS, Dynamic, DNS and DHCP servers, working with name resolution, load balancing, troubleshooting and network performance optimization.
Source: Check Point Software Technologies

CCSA -- Check Point Certified Security Administrator
Check Point's foundation-level credential, this program prepares individuals to manage basic installations of Check Point's VPN-1/FireWall-1 product. Topics covered include working with security policy, deployment and management of security gateways, tuning VPN-1/FireWall-1 performance with security policy, log management, intruder blocking, working with user, client and session authentication, and managing network address translation.
Source: Check Point Software Technologies

CCSE -- Check Point Certified Security Expert
Intermediate-level credential aimed at VPN and firewall concepts, policies, strategies and the VPN-1/Firewall product. Covers installing and configuring VPNs; managing post-install procedures; working with the SecureClient packaging tool; configuring and testing SecuRemote and SecureClient tools for remote access VPNs; creating VPN desktop policies and Security Configuration Verification tool; managing context security to block Java and viruses or filter URLs; using SYNDefender to foil denial-of-service attempts; working with digital certificates and trusts on VPNs; and implementing gateway-to-gateway encryption. Prerequisite: CCSA.
Source: Check Point Software Technologies

CCSE Plus -- Check Point Certified Security Expert Plus
Addresses advanced VPN-1/FireWall-1 technical topics and expertise. Topics covered include risk assessments, network diagramming and security policy design and development; placing security components in a network using VPN-1/FireWall-1, LDAP and CVP/UFP servers; configuring rule bases for traffic management and encryption; configuring multiple and single entry-point (MEP and SEP) VPNs with ClusterXL; installing an LDAP server and integrating UserAuthority; using Malicious Activity Detection on suspicious network traffic; working with debugging tools and protocol analyzers; and troubleshooting various VPN-1/FireWall-1 issues.
Source: Check Point Software Technologies

Cisco Security Specialist
One of Cisco's specialist certifications, this program focuses on network security, where Cisco Security Specialists can design and install implementations and support Cisco security solutions. Topics cover the foundations of Cisco network security, plus working with the Cisco PIX Firewall, Cisco intrusion-detection systems and Cisco Secure VPN.
Source: Cisco Systems

EnCE -- EnCase Certified Examiner
Aimed at both private and public sector computer forensic specialists, this certification permits individuals to become certified in the use of Guidance Software's EnCase computer forensics tools and software. Prerequisites include a combination of software licenses, training and field experience, and a formal application process, as well as passing a related certification exam.
Source: EnCase Certified Examiner

FCSS -- Field Certified Security Specialist
Still under development, this set of performance-based certifications permits individuals to specialize in Cisco, CheckPoint or cross-platform topics (which is why we list it in both the vendor-specific -- though the parent organization points out that these certs are "vendor-independent" -- and vendor-neutral surveys). Check the Web site for more information on this emerging program, which is scheduled for release in 2003.
Source: Field Certified Security Specialist (FCSS) Certification Information

IBM Solutions Expert
A cognate program with the Tivoli Solutions Expert program also mentioned here, this credential covers all topics related to the Tivoli programs -- namely, IBM SecureWay Firewall for Windows NT, the IBM SecureWay Firewall for AIX and Tivoli SecureWay Public Key Infrastructure -- but also SecureWay Policy Director and SecureWay Trust Authority. For each area of focus, certified solutions experts must have a strong understanding of general infosec concepts, tools and technologies, and understand how to manage and maintain solutions around the products specific to each specialty.
Source: IBM, Inc.

IBM Specialist
This program covers implementations of the IBM SecureWay Communications Servers for AIX, OS/2 Warp and Windows NT. Individuals must be familiar with the installation, configuration, deployment, management and maintenance of such systems, and understand how they fit into overall organizational security policy and communication requirements.
Source: IBM, Inc.

Novell Security Specialist
Part of a series of single-examination credentials aimed at specific Novell products, individuals who pass Novell's 50-650 Internet Security Management with BorderManager, become certified as Novell specialists focused on security matters and understand network security, firewall components and technologies, and BorderManager installation, configuration, filters, routing, licensing, NAT, proxy services and more.
Source: Internet Security Management 050-650

RSA SecurID CA -- RSA SecurID Certified Administrator
Designed for security professionals who manage and maintain enterprise security systems based on RSA SecureID products. They can operate and maintain RSA SecureID components within the context of their operational systems and environments, troubleshoot security and implementation problems, and deal with updates, patches and fixes.
Source: RSA SecurID Certified Administrator

RSA/CI -- RSA Certified Instructor
Designed for security professionals who wish to teach others how to design, deploy and maintain solutions built around RSA SecureID products. Candidates must attend RSA SecureID courses they wish to teach, attain RSA/CSE and RSA/CA certification, attend an RSA/CI workshop and demonstrate their ability to teach the material in the classroom.
Source: RSA SecurID Certified Instructor

RSA/CSE -- RSA Certified Systems Engineer
Designed for security professionals who install and configure enterprise security solutions built around RSA SecureID, ClearTrust and KEO PKI Core products (three separate credentials, one for each product family). Candidates must be able to design client solutions based on analysis of business needs, be able to match implementations to client environments and infrastructures, and be able to carry a solution all the way from design, through prototyping, pilot and full-scale deployment phases.
Source: RSA Certified Systems Engineer

Symantec Product Specialist
A single-product focused credential, Symantec Product Specialists must pass any one of a number of technology exams to attain this entry-level credential. Topics and products covered include Norton AntiVirus, WebSecurity, Intruder Alert, NetPowler, Enterprise Security Manager, NetRecon, Symantec Enterprise Firewall and Firewall Advanced Concepts.
Source: Symantec Corporation

SCSE -- Symantec Certified Security Engineer
The SCSE requires passing all technology exams within a specific technology focus, as well as a security awareness exam for that same focus. Three exams are required in total, since each technology focus has two associated technology exams. Security focus topics are: virus protection and content filtering, intrusion detection, vulnerability management, and firewall and VPN technologies.
Source: Symantec Corporation

Symantec Certified Security Practitioner
This is a cumulative certification that requires individuals to pass all of Symantec's eight technology exams and its four security awareness exams. Security topics include: virus protection and content filtering, intrusion detection, vulnerability management, and firewall and VPN technologies (two technology exams and one security awareness exam for each topic).
Source: Symantec Corporation

Tivoli Certified Consultant
Part of the IBM family of companies, several of Tivoli's Certified Consultant credentials cover security topics. These include the Tivoli Policy Director, Tivoli Public Key Infrastructure, Tivoli SecureWay User Administration and Tivoli SecureWay Security Manager products. For each area of focus, certified consultants must have a strong working knowledge of infosec concepts, tools and technologies, and understand how to design, deploy, manage, maintain and troubleshoot systems and environments built around the products specific to each specialty.
Source: Tivoli Systems Inc.

Tivoli Certified Solutions Expert
Part of the IBM family of companies, several of Tivoli's Certified Solutions Expert credentials cover security topics. These include the IBM SecureWay Firewall for Windows NT, the IBM SecureWay Firewall for AIX and Tivoli SecureWay Public Key Infrastructure. For each area of focus, certified solutions experts must have a strong understanding of general infosec concepts, tools and technologies, and understand how to manage and maintain solutions around the products specific to each specialty.
Source: Tivoli Systems Inc.

Remember, when it comes to selecting vendor-specific security certifications, your product choices will probably dictate your options. If your security infrastructure includes products from vendors not mentioned here, be sure to check with them to determine if training or certification on such products is available.

Please let me know if my revised survey of this landscape has missed anything. I can't claim to know, see, or be able to find everything, so all feedback -- especially if it adds to this list -- will be gratefully acknowledged. As always, feel free to e-mail me with comments or questions at etittel@lanw.com.

About the author
Ed Tittel is the president of LANWrights, Inc., a wholly-owned subsidiary of iLearning.com. Tittel has been working in the computing industry for 20 years and has worked as a software developer, manager, writer and trainer. As an expert on SearchSecurity.com, he answers your infosec training and certification questions in our Ask the Expert feature.


This was first published in October 2002

Dig deeper on Security Industry Certifications

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close