The CCIE Security v5 has just been announced. Coming as no surprise, it now follows the new format, and is broken down into a troubleshooting section (2 hours), diagnostic section (30 minutes) and the configuration section (5 hours).
So, naturally, as soon as I heard this, I went and booked the v4 lab exam for the end of September, which still gives me a chance to re-sit in December if I do not pass. Now my goal for readiness has been reduced from six months to three months.
What’s new in the CCIE Security v5?
FirePOWER, FirePOWER and more FirePOWER. I did a word count and it mentions “FirePower” six times, and FTD (FirePOWER Threat Defense) eight times.
I won’t just copy and paste the whole list of topics here, you can find it here instead. Instead, I’ll do a few bullet points of the salient topics:
- FirePOWER
- NAT for IPv6
- IOS-XE
- CWS (Content Web Security)
- ESA (Email Security Appliance)
- Proxying
- DLP (Data Loss Prevention)
- OpenDNS
- SMA (Security Management Appliance)
- Lancope
- FlexVPN
- ASA VPN Clustering
- VRF-Lite / VRF-Aware VPN
- VSG (Virtual Security Gateway)
- ACI, EVPN, VXLAN, NVGRE
- NetFlow and IPFIX
- eSTREAMER
- REST / Python
The v5 is a natural progression, and the changes within are a natural progression. We still have a few old favourites, and I am surprised that ACS is still listed.
More virtualization?
There does seem to be a greater emphasis on virtualized technologies with the v5. It’s easier and cheaper to run these for the lab then having racks of equipment. ASAv, WSAv, ESAv, and NGIPSv are all listed. This may mean that we see support for them in VIRL (ASAv is already supported), which means that it would be MUCH easier to study them, currently, it’s hard(er) to do this with the v4.
Here is a list of the hardware and software for the new v5:
Virtual Machines:
Security Appliances
Cisco Identity Services Engine (ISE): 2.1.0
Cisco Secure Access Control System (ACS): 5.8.0.32
Cisco Web Security Appliance (WSA): 9.2.0
Cisco Email Security Appliance (ESA): 9.7.1
Cisco Wireless Controller (WLC): 8.0.133
Cisco Firepower Management Center Virtual Appliance: 6.0.1 and/or 6.1
Cisco Firepower NGIPSv: 6.0.1
Cisco Firepower Threat Defense: 6.0.1
Core Devices
IOSv L2: 15.2
IOSv L3: 15.5(2)T
Cisco CSR 1000V Series Cloud Services Router: 3.16.02.S
Cisco Adaptive Security Virtual Appliance (ASAv): 9.6.1
Others
Test PC: Microsoft Windows 7
Active Directory: Microsoft Windows Server 2008
Cisco Application Policy Infrastructure Controller Enterprise Module : 1.2
Cisco Unified Communications Manager: 8.6.(1)
FireAMP Private Cloud
AnyConnect 4.2
Physical Devices
Cisco Catalyst Switch
C3850-12S: 16.2.1
Cisco Adaptive Security Appliance
5512-X: 9.6.1
Cisco 2504 Wireless Controller
2504: 8.0.133.0
Cisco Aironet
1602E: 15.3.3-JC
Cisco Unified IP Phone
7965: 9.2(3)
Imaginaba que venía, pero no esperaba que fuera tan pronto. También estoy estudiando para presentarlo y por lo visto hay que apurarse
Looks like I'll be switching to the v5 material, are you still aiming for the v4 written?
Hi Jon, yep got my lab booked for September, which gives me time for a resit in December if needed.
Please let me know the Book list
There are a few listed here: https://learningnetwork.cisco.com/community/certifications/ccie_security/written_exam/study-material
sorry.. i am looking for updated Book List…
** Admin Notice: **
Do not post links to dumps on this website.
Do not ask for dumps on this website.
If you attempt to post links to dumps, I will just change any links to point to Cisco website, and publish your name.
If you ask for dumps, I will publish your name.