Problem solve Get help with specific problems with your technologies, process and projects.

Update: Survey of vendor-specific security certs, spring 2003

Ed Tittel gives us an update on vendor-specific security certifications.

By agreement with, I now update my security certification tips every six months, including this...

vendor-specific survey and a vendor neutral survey. Here, you'll find an alphabetized list of security certification programs from various vendors, with a brief description of each one, plus pointers to details for each credential.

When it comes to choosing vendor-specific security certifications, the process is much simpler than it is for vendor-neutral ones. Whereas in the vendor-neutral landscape you must evaluate the pros and cons of various programs so as to be able to compare and contrast them, and select a viable candidate, on the vendor side it's only necessary to address three issues:

  • You must inventory your security infrastructure and identify which vendors' products or services play a role.
  • You'll want to check this tip (and vendor Web sites for items that don't appear here) to see if certification applies to products or services in your organization.
  • You'll have to decide if spending the money to obtain such credentials (or to fund them for your employees) is worth the resulting benefits.

In an IT environment where security is almost unique in its continuing growth in demand, security certification appears to be good for both employees and employers. A January 2003 survey at Certification Magazine indicates that 45% of all certifications are still paid by employers, so they still find such investments worthwhile. Other recent studies from Foote Partners (released March 27, 2003, from suggest that security certifications are not only among the best-paying IT certifications, but that companies find such credentials worth paying for because of the even higher costs of hiring qualified security consultants.

In an environment where numerous jobs exist for every qualified IT security professional, benefits to individuals are hard to overstate. Perhaps this explains why so many employer-funded certification arrangements include payback clauses if employees leave sooner than a specified time after completion -- it's really a ploy for employee development and retention, as well as a boost to an organization's in-house expertise.

Changes since my last vendor-specific survey include the removal of the Check Point Certified Addressing Expert and the retirement of the Cisco Security Specialist 1 credential. I've also added coverage of the Check Point CCMSE, the Cisco CISSP and three Cisco Qualified Specialist credentials with strong security coverage to this list. Not a huge volume of changes, but enough to keep things interesting!

To begin, let's dive into a big bowl of alphabet soup by exposing all the vendor-specific security-related certification programs -- and their inevitable acronyms -- that occupy this landscape.

CCSA -- Check Point Certified Security Administrator
Check Point's foundation-level credential, this program prepares individuals to manage basic installations of Check Point's VPN-1/FireWall-1 product. Topics covered include working with security policy, deployment and management of security gateways, tuning VPN-1/FireWall-1 performance with security policy, log management, intruder blocking, working with user, client and session authentication, and managing network address translation.
Source: Check Point Software Technologies

CCMSE -- Check Point Certified Managed Security Expert
The CCMSE aims to identify individuals who work with Check Point's VPN-1/Firewall-1 and Provider-1 Internet security solutions. The credential covers implementing VPN-1/Firewall-1 as an enterprise security solution and working with Provider-1 in a Network Operating Center environment to provide centralized security policy implementation and management.
Source: Check Point Software Technologies

CCSE -- Check Point Certified Security Expert
This is an intermediate-level credential aimed at VPN and firewall concepts, policies, strategies and the VPN-1/Firewall product. It covers installing and configuring VPNs; managing post-install procedures; working with the SecureClient packaging tool; configuring and testing SecuRemote and SecureClient tools for remote access VPNs; creating VPN desktop policies and Security Configuration Verification tool; managing context security to block Java and viruses or filter URLs; using SYNDefender to foil denial-of-service attempts; working with digital certificates and trusts on VPNs; and implementing gateway-to-gateway encryption. Prerequisite: CCSA.
Source: Check Point Software Technologies

CCSE Plus -- Check Point Certified Security Expert Plus
The CCSE Plus addresses advanced VPN-1/FireWall-1 technical topics and expertise. Topics covered include risk assessments, network diagramming, and security policy design and development; placing security components in a network using VPN-1/FireWall-1, LDAP and CVP/UFP servers; configuring rule bases for traffic management and encryption; configuring multiple and single entry-point (MEP and SEP) VPNs with ClusterXL; installing an LDAP server and integrating UserAuthority; using Malicious Activity Detection on suspicious network traffic; working with debugging tools and protocol analyzers; and troubleshooting various VPN-1/FireWall-1 issues.
Source: Check Point Software Technologies

CCSP -- Cisco Certified Security Professional
An intermediate-level Cisco professional certification (requires CCNA or CCIP as a prerequisite), the CCSP must understand key aspects, components and systems relevant to Cisco's security products and platforms. Required topics among the five exams include securing IOS networks, working with the Cisco Secure PIX Firewall, the Cisco Secure Intrusion-Detection System and the Cisco Secure VPN. Candidate must also take an exam on Cisco's SAFE implementation (a general security framework for small- and mid-sized operations or infrastructures).
Source: Cisco Systems

Cisco Qualified Specialist Program
Cisco Qualified Specialists can pursue mid-level certification across a broad array of subjects and technologies. This program includes several credentials with strong, if not exclusive, security components, including the following:

Please note that as of February 28, 2003, the Cisco Security Specialist 1 program has been cancelled, replaced by the CCSP credential.

EnCE -- EnCase Certified Examiner
Aimed at both private- and public-sector computer forensic specialists, this certification permits individuals to become certified in the use of Guidance Software's EnCase computer forensics tools and software. Prerequisites include a combination of software licenses, training and field experience, and a formal application process, as well as passing a related certification exam.
Source: EnCase Certified Examiner

FCSS -- Field Certified Security Specialist
Still under development, this set of performance-based certifications permits individuals to specialize in Cisco, CheckPoint or cross-platform topics (which is why we list it in both the vendor-specific -- though the parent organization points out that these certs are "vendor-independent" -- and vendor-neutral surveys). Check the Web site for more information on this emerging program, which is scheduled for release in 2003.
Source: Field Certified Security Specialist (FCSS) Certification Information

IBM Solutions Expert
A cognate program with the Tivoli Solutions Expert program also mentioned here, this credential covers all topics related to the Tivoli programs -- namely, IBM SecureWay Firewall for Windows NT, the IBM SecureWay Firewall for AIX and Tivoli SecureWay Public Key Infrastructure -- but also SecureWay Policy Director and SecureWay Trust Authority. For each area of focus, certified Solutions Experts must have a strong understanding of general infosec concepts, tools and technologies, and understand how to manage and maintain solutions around the products specific to each specialty.
Source: IBM, Inc.

IBM Specialist
This program covers implementations of the IBM SecureWay Communications Servers for AIX, OS/2 Warp and Windows NT. Individuals must be familiar with the installation, configuration, deployment, management and maintenance of such systems, and understand how they fit into overall organizational security policy and communication requirements.
Source: IBM, Inc.

Novell Security Specialist
Part of a series of single-examination credentials aimed at specific Novell products, individuals who pass Novell's 50-650 Internet Security Management with BorderManager, become certified as Novell specialists focused on security matters who understand network security, firewall components and technologies, and BorderManager installation, configuration, filters, routing, licensing, NAT, proxy services and more.
Source: Internet Security Management 050-650

RSA SecurID CA -- RSA SecurID Certified Administrator
This certification is designed for security professionals who manage and maintain enterprise security systems based on RSA SecureID products. RSA SecurID CAs can operate and maintain RSA SecureID components within the context of their operational systems and environments, troubleshoot security and implementation problems, and deal with updates, patches and fixes.
Source: RSA SecurID Certified Administrator

RSA/CI -- RSA Certified Instructor
This is designed for security professionals who wish to teach others how to design, deploy and maintain solutions built around RSA SecureID products. Candidates must attend RSA SecureID courses they wish to teach, attain RSA/CSE and RSA/CA certification, attend an RSA/CI workshop and demonstrate their ability to teach the material in the classroom.
Source: RSA SecurID Certified Instructor

RSA/CSE -- RSA Certified Systems Engineer
The RSA/CSE is designed for security professionals who install and configure enterprise security solutions built around RSA SecureID, ClearTrust and KEO PKI Core products (three separate credentials, one for each product family). Candidates must be able to design client solutions based on analysis of business needs, match implementations to client environments and infrastructures, and carry a solution from design, through prototyping, pilot and full-scale deployment phases.
Source: RSA Certified Systems Engineer

Symantec Product Specialist
A single-product focused credential, Symantec Product Specialists must pass any one of a number of technology exams to attain this entry-level credential. Topics and products covered include Norton AntiVirus, WebSecurity, Intruder Alert, NetPowler, Enterprise Security Manager, NetRecon, Symantec Enterprise Firewall and Firewall Advanced Concepts.
Source: Symantec Corporation

SCSE -- Symantec Certified Security Engineer
The SCSE requires passing all technology exams within a specific technology focus, as well as a security awareness exam for that same focus. Three exams are required in total, since each technology focus has two associated technology exams. Security-focused topics are: virus protection and content filtering, intrusion detection, vulnerability management, and firewall and VPN technologies.
Source: Symantec Corporation

Symantec Certified Security Practitioner
This is a cumulative certification that requires individuals to pass all of Symantec's eight technology exams and its four security awareness exams. Security topics include: virus protection and content filtering, intrusion detection, vulnerability management, and firewall and VPN technologies (two technology exams and one security awareness exam for each topic).
Source: Symantec Corporation

Tivoli Certified Consultant
Part of the IBM family of companies, several of Tivoli's Certified Consultant credentials cover security topics. These include the Tivoli Policy Director, Tivoli Public Key Infrastructure, Tivoli SecureWay User Administration and Tivoli SecureWay Security Manager products. For each area of focus, certified consultants must have a strong working knowledge of infosec concepts, tools and technologies, and understand how to design, deploy, manage, maintain and troubleshoot systems and environments built around the products specific to each specialty.
Source: Tivoli Systems Inc.

Tivoli Certified Solutions Expert
Part of the IBM family of companies, several of Tivoli's Certified Solutions Expert credentials cover security topics. These include the IBM SecureWay Firewall for Windows NT, the IBM SecureWay Firewall for AIX and Tivoli SecureWay Public Key Infrastructure. For each area of focus, certified solutions experts must have a strong understanding of general infosec concepts, tools and technologies, and understand how to manage and maintain solutions around the products specific to each specialty.
Source: Tivoli Systems Inc.

Remember, when it comes to selecting vendor-specific security certifications, your product choices will probably dictate your options. If your security infrastructure includes products from vendors not mentioned here, be sure to check with them to determine if training or certification on such products is available.

Please let me know if my revised survey of this landscape has missed anything. I can't claim to know, see, or be able to find everything, so all feedback -- especially if it adds to this list -- will be gratefully acknowledged. As always, feel free to e-mail me with comments or questions at

About the author
Ed Tittel is the president of LANWrights, Inc., a wholly-owned subsidiary of Ed has been working in the computing industry for 20 years and has worked as a software developer, manager, writer and trainer. As an expert on, he answers your infosec training and certification questions in our Ask the Expert feature.

Read Ed's spring 2003 update on vendor-neutral certifications.

With sponsorship from Certification Magazine (, contributing editor and regular columnist (and regular TechTarget contributor and expert) Ed Tittel has prepared a survey for IT professionals interested in that intensive form of certification training often called the "boot camp." The results of this survey will supply the focus for a feature story on boot camps in the September issue of Certification Magazine. All interested IT professionals -- especially those who've attended one or more boot camps -- are invited to take this survey. Three winners will be selected from the pool of people surveyed who also supply an e-mail address; winners can select 3-5 titles of their choice from Tittel's and Certification Magazine's extensive collection of IT and certification books. Please help us out, and take this survey!

This was last published in May 2003

Dig Deeper on Microsoft Windows security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.