CCIE Security v5: More (Fire)Power!

The CCIE Security v5 has just been announced. Coming as no surprise, it now follows the new format, and is broken down into a troubleshooting section (2 hours), diagnostic section (30 minutes) and the configuration section (5 hours).

So, naturally, as soon as I heard this, I went and booked the v4 lab exam for the end of September, which still gives me a chance to re-sit in December if I do not pass. Now my goal for readiness has been reduced from six months to three months.

What’s new in the CCIE Security v5?

FirePOWER, FirePOWER and more FirePOWER. I did a word count and it mentions “FirePower” six times, and FTD (FirePOWER Threat Defense) eight times.

CCIE Security v5

I won’t just copy and paste the whole list of topics here, you can find it here instead. Instead, I’ll do a few bullet points of the salient topics:

  • FirePOWER
  • NAT for IPv6
  • IOS-XE
  • CWS (Content Web Security)
  • ESA (Email Security Appliance)
  • Proxying
  • DLP (Data Loss Prevention)
  • OpenDNS
  • SMA (Security Management Appliance)
  • Lancope
  • FlexVPN
  • ASA VPN Clustering
  • VRF-Lite / VRF-Aware VPN
  • VSG (Virtual Security Gateway)
  • NetFlow and IPFIX
  • REST / Python
Then you have the “evolving technologies” section, which is all about the Cloud, SDN, and IoT.

The v5 is a natural progression, and the changes within are a natural progression. We still have a few old favourites, and I am surprised that ACS is still listed.

More virtualization?

There does seem to be a greater emphasis on virtualized technologies with the v5.  It’s easier and cheaper to run these for the lab then having racks of equipment. ASAv, WSAv, ESAv, and NGIPSv are all listed. This may mean that we see support for them in VIRL (ASAv is already supported), which means that it would be MUCH easier to study them, currently, it’s hard(er) to do this with the v4.

Here is a list of the hardware and software for the new v5:

Virtual Machines:
Security Appliances
Cisco Identity Services Engine (ISE): 2.1.0
Cisco Secure Access Control System (ACS):
Cisco Web Security Appliance (WSA): 9.2.0
Cisco Email Security Appliance (ESA): 9.7.1
Cisco Wireless Controller (WLC): 8.0.133
Cisco Firepower Management Center Virtual Appliance: 6.0.1 and/or 6.1
Cisco Firepower NGIPSv: 6.0.1
Cisco Firepower Threat Defense: 6.0.1
Core Devices
IOSv L2: 15.2
IOSv L3: 15.5(2)T
Cisco CSR 1000V Series Cloud Services Router: 3.16.02.S
Cisco Adaptive Security Virtual Appliance (ASAv): 9.6.1
Test PC: Microsoft Windows 7
Active Directory: Microsoft Windows Server 2008
Cisco Application Policy Infrastructure Controller Enterprise Module : 1.2
Cisco Unified Communications Manager: 8.6.(1)
FireAMP Private Cloud
AnyConnect 4.2

Physical Devices
Cisco Catalyst Switch
C3850-12S: 16.2.1
Cisco Adaptive Security Appliance
5512-X: 9.6.1
Cisco 2504 Wireless Controller
Cisco Aironet
1602E: 15.3.3-JC
Cisco Unified IP Phone
7965: 9.2(3)

CCIE Security v5 Study material

Ignore their book list! It really needs updating, they still list v3 books on there! I will do a separate post with the up-to-date books on it, but don’t rush out and buy all the books they have listed just yet.

When does the v5 start?

January 31st, 2017 is the start date for the new written and lab exams.
The last day for the written exam (350-018) is July 24th, 2016. As of July 25th, 2016 the written exam will be using the new 4.1 topics, which includes the evolving technologies stuff.
The last day for the lab exam is January 30th, 2017.


  1. Carlos Ibarra June 16, 2016
  2. Jon Major June 17, 2016
  3. Stuart Fordham June 17, 2016
  4. Prabhu Anandhan September 9, 2016
  5. prabhu January 9, 2017
  6. Abraham Albert April 3, 2017