Despite the sizable collection of vendor-specific security certifications, identifying which ones best suits your educational or career needs is fairly straightforward. In this latest update to our semi-annual vendor-specific certification survey, you'll find an alphabetized list of security certification programs from various vendors, a brief description of each certification and pointers to further details. We also provide some tips on choosing the right certification for your needs.
The process of choosing vendor-specific security certifications is much simpler than choosing vendor-neutral ones. In the vendor-neutral landscape you must evaluate the pros and cons of various programs to select a viable candidate, but on the vendor side it's only necessary to address three issues:
- Inventory your security infrastructure and identify which vendors' products or services play a role.
- Check this tip (and vendor websites for items that don't appear here) to see if a certification applies to products or services in your organization.
- Decide if spending the money to obtain such credentials or to fund them for your employees is worth the resulting benefits.
In an environment where numerous jobs exist for every qualified IT security professional, individual benefits are hard to overstate. Perhaps this explains why so many employer-funded certification arrangements include payback clauses if employees leave sooner than a specified time after completion -- it's really a ploy for employee development and retention, as well as a boost to an organization's in-house expertise.
As is typical for this survey, which we started in 2001, there've been some changes since our last update in 2007. We're not adding anything new except for updates to some IBM/Tivoli elements to reflect the change in the calendar (which also results in dropping two older counterparts), but we're dropping 9 other elements. These include Symantec credentials SCTA and SCSP, due to the fact that the program has been cancelled; the MCSA and MCSE Security credentials for Windows Server 2000, which are now outmoded or about to be; the NCTE and NCDE, which are insufficient security content or focus; various Learning Tree certifications that are too training oriented and the RSA Certified Instructor, which is only relevant for security trainers.
Now we're ready to dive into a big bowl of alphabet soup by exposing all the vendor-specific security-related certification programs that occupy this landscape.
- Check Point Certified Security Administrator NGX (CCSA NGX)
Prerequisite: Knowledge of TCP/IP and routing fundamentals
Check Point's foundation-level credential prepares individuals to manage basic installations of Check Point's VPN-1 NGX product. Topics covered include working with security policy, deployment and management of security gateways, tuning VPN-1 NGX performance with security policy, log management, intruder blocking, working with user, client and session authentication and managing network address translation.
Source:
Check Point Software Technologies
- Check Point Certified Security Principles Associate (CCSPA)
An entry-level certification, the CCSPA focuses on security fundamentals, concepts, best practices and incorporating network and systems security with business needs. This credential covers the Information Security Triad, threat and vulnerability assessments, security policies, business continuity plans, safeguards and countermeasures, security and network architecture, encryption algorithms and access control technologies.
Source: Check Point Software Technologies
- Microsoft Certified Systems Administrator Security Specialization (MCSA: Security)
This credential takes the standard MCSA for Windows Server 2003 and transforms elective exams into security specialization exams, and adds one exam to the total count required so that this credential requires passing five exams instead of four. The idea is to let MCSAs demonstrate their interest in and focus on Microsoft-related security topics, tools and technologies.
Source: Microsoft MCSA: Security on Windows Server 2003;)
- Check Point Certified Managed Security Expert NG with AI (CCMSE NG with AI)
Prerequisite: CCSE NG with AI
The CCMSE aims to identify individuals who work with Check Point's VPN-1/Firewall-1 and Provider-1 Internet security solutions. The credential covers implementation of VPN-1/Firewall-1 as an enterprise security solution and works with Provider-1 in a network operating center environment to provide centralized security policy implementation and management.
Source: Check Point Software Technologies
- Check Point Certified Security Expert NGX (CCSE NGX)
Prerequisite: CCSA NGX
This is an intermediate-level credential aimed at VPN and firewall concepts, policies, strategies and the NGX product. It covers the following:
- NGX installation and configuration
- Upgrade to NGX from VPN-1/FireWall-1 NG or VPN-1 NG with Application Intelligence
- Post-install procedure management
- The SmartDefense global protection system
- Configuration and testing of SecuRemote and SecureClient tools
- Allocation of bandwidth
- Context security management to block suspicious Web data and filter URLs
Source: Check Point Software Technologies
- Accelerated Check Point Certified Security Expert NGX (Accelerated CCSE NGX)
Prerequisite: CCSE NG with AI
This is an intermediate-level credential that covers the same curriculum as the CCSE NGX in an accelerated form. It covers VPN-1 NGX, SmartCenter, SecuRemote, and SecuClient, and includes upgrading from NG to NGX platform, dynamic VPN routing, Check Point QoS and other NGX topics, tools, and technologies.
Source: Check Point Software Technologies
- Cisco Certified Security Professional (CCSP)
Prerequisite: CCNA
An intermediate-level Cisco professional certification, CCSPs must understand key aspects, components, and systems relevant to Cisco's security products and platforms. Required topics among the five exams include securing Cisco network devices, securing networks with Cisco routers and switches, and working with the Cisco Secure PIX and ASA Security Appliance products, Cisco IPS and HIPS, and Cisco Security Agent and Cisco Secure VPN.
Source: Cisco Systems
- Cisco Qualified Specialist Program
Cisco Qualified Specialists can pursue mid-level certification across a broad array of subjects and technologies. This program includes several credentials with strong -- if not exclusive -- security components, including:
Source: Cisco Systems
- EnCase Certified Examiner (EnCE)
Aimed at both private- and public-sector computer forensic specialists, this certification permits individuals to become certified in the use of Guidance Software's EnCase computer forensics tools and software. Prerequisites include a combination of software licenses, training and field experience and a formal application process. Individuals gain certification by passing a two-phase exam -- a computer-based component and a practical component.
Source: Guidance Software
- Microsoft Certified Systems Engineer Security Specializations (MCSE: Security)
This credential takes the standard MCSE for Windows Server 2003 and transforms elective exams into security specialization exams (and adds one exam to the total count required so that this credential requires passing eight exams instead of seven). The idea is to allow MCSEs to demonstrate their interest in and focus on Microsoft-related security topics, tools and technologies (all MCSA requirements also carry over to the MCSE for security specializations).
Source: Microsoft (MCSE: Security on Windows Server 2003;)
- RSA SecurID Certified Administrator (RSA SecurID CA)
This certification is designed for security professionals who manage and maintain enterprise security systems based on RSA SecureID products. RSA SecurID CAs can operate and maintain RSA SecureID components within the context of their operational systems and environments, troubleshoot security and implementation problems, and work with updates, patches and fixes.
Source: RSA Security
- SAINT
SAINT certification requires attending a two-day course geared toward information security professionals and system administrators, and passing one exam. The course focuses on TCP/IP and security fundamentals, and installing, configuring and using SAINT and SAINTwriter.
Source: SAINT Corp.
- Snort Certified Professional (SnortCP)
The SnortCP is provided by Sourcefire Inc. The exam covers Snort IDS/IPS technology theory, installation and deployment, Snort configuration and usage, Snort tuning techniques, Snort rules language and syntax, advanced rule options and usage, effective and performance-oriented rule writing, rule set management and maintenance and implementation of supporting tools and applications.
Source: Sourcefire Inc.
- Sourcefire Certified Professional (SFCP)
The SFCP identifies individuals who demonstrate a thorough knowledge of Sourcefire products and their underlying technical concepts. Candidates are assessed on their knowledge of Sourcefire IPS, Defense Center, Sourcefire RNA, installation and deployment, administration and management, and more.
Source: Sourcefire Inc.
- Sun Certified Security Administrator (SCSECA)
This credential aims to identify experienced Solaris administrators with security interest and experience. It's a mid-range credential that focuses on system lockdown, best security practices and a good understanding of file and system resources protection, and encryption and authentication methods. A single exam -- geared toward the Solaris 9 or Solaris 10 operating system -- is required to obtain this credential.
Source: Sun Microsystems
- CCIE Security
Arguably one of the most coveted certifications around, the CCIE is in a league of its own. Having been around since 2002, the CCIE Security track is nonpareil for those interested in dealing with information security topics, tools and technologies in networks built using or around Cisco products and platforms. Definitely a serious, useful credential!
Source: Cisco Systems
- Check Point Certified Managed Security Expert NGX (CCMSE NGX)
Prerequisite: CCSE NGX
The CCMSE is aimed at security professionals who manage multiple Check Point VPN-1 implementations using Check Point's Provider 1 Internet security platform. This certification attests to its holders' abilities to implement, deploy and manage multiple VPN-1 installations, using Provider-1 to supply centralized policy management capabilities.
SourceCheck Point Software Technologies
- Check Point Certified Managed Security Expert NGX Plus VSX (CCMSE NGX Plus VSX)
Prerequisite: CCMSE NGX
The CCMSE NGX Plus VSX is aimed at security professionals with expertise in deploying an enterprise VSX solution, managed by the Provider-1 NGX security platform. Four exams are required, which incorporate VSX into all aspects of a Provider-1 NGX infrastructure.
SourceCheck Point Software Technologies
- Check Point Certified Security Expert Plus NGX (CCSE Plus NGX)
Prerequisite: CCSE NGX
The CCSE Plus NGX attests to thorough expertise in working with Check Point VPN-1 NGX, including network planning, route-based VPN, troubleshooting, and in-depth security administration training and experience.
Source: Check Point Software Technologies
- Check Point Certified Managed Security Expert NG with AI Plus VSX (CCMSE NG with AI Plus VSX)
Prerequisite: CCMSE NG with AI
The CCMSE aims at security professionals who manage multiple Check Point VPN-1 implementations using Check Point's Provider-1 Internet security platform. This certification attests to its holders' abilities to implement, deploy and manage multiple VPN-1 installations, using VSX as an enterprise security solution, along with Provider-1 to supply centralized policy management capabilities.
SourceCheck Point Software Technologies
- Check Point Certified Master Architect (CCMA)
Prerequisites: CCSA, CCSE, CCSE+
The CCMA is the pinnacle of Check Point certifications. This credential aims at security professionals who design, implement, manage and troubleshoot multifaceted Check Point security architectures. Candidates must be experts in perimeter, internal, Web and end-point security solutions. To acquire this credential, Check Point recommends at least 5 years of experience, and requires passing a written and hands-on lab exam.
SourceCheck Point Software Technologies
- Check Point Certified Security Expert Plus NG with AI (CCSE Plus NG with AI)
Prerequisite: CCSE NG with AI
The CCSE Plus NG with AI addresses advanced VPN-1/FireWall-1 technical topics and expertise. Topics covered include:
- Setting up intrusion blocking and configuring rule bases for traffic management and encryption
- Describing and defining tracking and load balancing
- Designing and developing risk assessments, network diagramming and security policyies
- Placing security components in a network using VPN-1/FireWall-1, LDAP and CVP/UFP servers
- Configuring multiple and single entry-point VPNs with ClusterXL
- Working with debugging tools and protocol analyzers, and troubleshooting various VPN-1/FireWall-1 issues
Source: Check Point Software Technologies
- Check Point Certified Specializations
Prerequisite: None
These specializations seek to identify security professionals who focus on specific Check Point technologies. Candidates must be intimately familiar with the installation, configuration and maintenance, and client management for access control and protection. This program includes three credentials with strong security components, including:
Source:Check Point Software Technologies
- IBM Certified Advanced Deployment Professional -- Tivoli Security Management Solutions 2008
These certifications cover a broad range of higher-level security topics updated for 2008 topics and platforms. Advanced Deployment Professionals must have a strong background in and knowledge of the following as they relate to security: communications, infrastructure, cryptography, access control, authentication, external attacks and organizational issues. Three exams are required to obtain these certifications. Candidates may substitute CompTIA Security+, (ISC)² SSCP or CISSP, or one of many IBM exams for one of the required exams.
Source:IBM(Advanced Deployment Professional; Advanced Deployment Professional 2008)
- RSA Certified Systems Engineer (RSA/CSE)
The RSA/CSE is designed for security professionals who install and configure enterprise security solutions built around the RSA SecureID product. Candidates must be able to design client solutions based on analysis of business needs, match implementations to client environments and infrastructures and carry a solution from design, through prototyping, pilot and full-scale deployment phases.
Specialized credentials in this program are available for RSA Access Manager, RSA Digital Certificate Management Solutions, and RSA Sign-On Manager.
Source: RSA Security
- Sourcefire Certified Expert (SFCE)
The SFCE identifies individuals with mastery over the content of both the Snort Certified Professional and the Sourcefire Certified Professional. Candidates are assessed against more advanced material.
Source: Sourcefire Inc.
- Tivoli Certified Solution Advisor – Tivoli Security 2007
Part of the IBM family of companies, one of Tivoli's Solutions Advisor credentials covers security topics in the context of available Tivoli security tools and technologies. Certified consultants must have a strong working knowledge of infosec concepts and ITIL, related tools and technologies, and understand how to design, deploy, manage, maintain and troubleshoot Tivoli security components and capabilities.
Source: IBM
- IBM Certified Specialist – Tivoli Identity Manager Express V4.6
Those who attain this certification can plan for, install, configure, troubleshoot, administer, and maintain an IBM Tivoli Identity Manager Express V4.6 environment. While earning this certification requires passing only a single exam, the background and knowledge requirements span a broad range from basic business processes, to system administration, to Java, JavaScript and DSML, plus working knowledge of LDAP, IBM Tivoli Directory Integrator and more.
Source:IBM
- IBM Certified Specialist – Tivoli Monitoring Express V6.1
Those who attain this certification can plan for, install, configure, troubleshoot, administer, and maintain an IBM Tivoli Monitoring Express V6.1 environment. Security-related requirements include basic knowledge of SSL, data encryption and system user accounts.
Source:IBM
Remember, when it comes to selecting vendor-specific security certifications, your planned or existing product choices will probably dictate your options. If your security infrastructure includes products from vendors not mentioned here, be sure to check with them to determine if training or certification on such products is available. Please let us know if our revised survey of this landscape has missed anything. We can't claim to know, see or be able to find everything, so all feedback -- especially if it adds to this list -- will be gratefully acknowledged. As always, feel free to e-mail us with comments or questions.
About the authors:
Ed Tittel is a full-time freelance writer, trainer and consultant who has written more than 140 books including his latest (with lead author, Laura Chappell) Guide To TCP/IP third edition (Course Technology, 2006, ISBN: 1418837555). He has been active in the computing industry for more than 25 years and has worked as a software developer, manager, writer and trainer.
Kim Lindros has more than 20 years of experience in the computer industry, from technical support specialist to network administrator to book and course content manager. She has edited and developed more than 300 IT-related books and online courses, and co-authored two certification books and numerous online articles with Ed. Kim runs Gracie Editorial, a content development company.
Intro: Vendor-specific security certs
