CCIE Security v5 Lab Predictions

The current version of the CCIE Security lab exam (v4) came in 2012. It is now 2016, so after three to four years, it’s probably due for an update shortly.

In fact there are rumours and mentions that there will be an announcement at the Berlin Cisco Live event on the 15th February.

So, what could go out, and what could be in?

This is the current list of software versions:

  • Cisco ISR Series running IOS Software Version 15.1(x)T and 15.2(x)T
  • Cisco Catalyst 3560/3750 Series Switches running Cisco IOS Software Release 12.2SE/15.0(x)SE
  • Cisco ASA 5500 Series Adaptive Security Appliances OS Software Versions 8.2x, 8.4x, 8.6x
  • Cisco IPS Software Release 7.x
  • Cisco VPN Client Software for Windows, Release 5.x
  • Cisco Secure ACS System software version 5.3x
  • Cisco WLC 2500 Series software 7.2x
  • Cisco Aironet 1200 series AP Cisco IOS Software Release 12.4J(x)
  • Cisco WSA S-series software version 7.1x
  • Cisco ISE 3300 series software version 1.1x
  • Cisco NAC Posture Agent v4.X
  • Cisco AnyConnect Client v3.0X

Let’s break it down and see what could be likely contenders! note – this is just my guesses!

Cisco ISR 15.1(x)T and 15.2(x)T

These are still relatively new. The latest version is 16.01, released in November 2015. 15.1 and 15.2 have been around for over a year, so we might see a jump to a newer version.

Probability/Impact: Low-Medium

Cisco Catalyst 3560/3750 Series Switches 12.2SE/15.0(x)SE

The 3560 and 3750’s had an announcement in 2013 that they would be End-of-Life starting mid-2016.

The later versions of these (3560-X and 3750-X) had an EOL in October 2015, and shipping these stops in October 2016, however, support does not end until 2021. Support (in terms of patches) does not stop till 2017.

It it more likely that these will move to 3650s. These do MACSec and TrustSec, among other things, or 3850s.

Probability/Impact: Medium

Cisco ASA 5500 (8.2x, 8.4x, 8.6x)

I think there will be big changes here. The majority of the ASAs will move to the ASAv, which makes sense as there will be much more virtualization within the new lab exam. Expect more ASA 9.x and less 8.2.

Probability/Impact: High

Cisco IPS 7.x

Again, there will be big changes here. EOL was announced in 2013! Support will stop in 2019. Therefore it is highly likely that this will be replaced with FirePower/SourceFire.

Probability/Impact: High

Cisco VPN Client 5.x

EOL as of mid-2011, EOS (End-of-Support) mid-2012. Another contender for complete removal, with more focus on AnyConnect.

Probability/Impact: High

Cisco Secure ACS System 5.3x

5.3 went had an EOL (End-of-Life) announcement back in 2014. With the last day to order it being January 31st 2014, and it will no longer be supported by 31st January 2017. Similarly 5.7 is now EOL as well, as of 2nd November 2015. Looks very likely for complete removal.

This will be replaced with ISE 2.0

Probability/Impact: High

Cisco WLC 2500 Series software 7.2x

The 2500 series line is still going strong, but changes are that the software used will be 8.x (8.2 being the latest).

However, the current trend is to make more use of virtualization, so this may switch to the vWLC, which is also version 8.

Probability/Impact: Medium

Cisco Aironet 1200 series AP 12.4J(x)

This is EOL, so it’ll probably move to the 1700 series.

Probability/Impact: High

Cisco WSA S-series software version 7.1x

These are still going strong, so it will stay in the exam, in one form or another. Most likely switching to the vWSA (virtual). Version 7.1 will not be supported beyond August 31st 2016, so expect the version to move to 9.0 (as per the vWSA).

Probability/Impact: High

Cisco ISE 3300 series software version 1.1x

Totally EOL. It’ll be ISE 2.0

Probability/Impact: High

Cisco NAC Posture Agent v4.X

4.9 is still going strong, so there probably won’t be any change.

Probability/Impact: Low

Cisco AnyConnect Client v3.0X

3.0 will be out and 4.0 will be in.

Probability/Impact: Low


  1. Anonymous February 20, 2016
  2. Stuart Fordham February 20, 2016
  3. Sander Magnin February 21, 2016
  4. Unknown February 22, 2016
  5. Sander Magnin February 22, 2016
  6. Unknown June 14, 2016
  7. Stuart Fordham June 14, 2016
  8. BELHADJ August 13, 2016