With hundreds of networking and technology partner certifications available, it can be difficult for solution providers to assess what combination of certifications offers the most value. Certifications usually serve two purposes: enabling access to specific vendor products, and educating candidates in the intricacies of a particular technology segment. Vendor-specific certifications obviously focus on a particular vendor's product. At best, those certifications can make an individual an expert on a particular vendor's solution. At worst, vendor-specific training can give an individual a utopian view of a particular product.
In other words, vendor certifications can tend to focus on what is "best" about their products and not on the real-world challenges. Even so, solution providers looking to build expertise in specific technology areas should look to combine product-specific training with real-world examples, and that is where cross-certification can offer partners the biggest bang for the buck.
To define the benefits of cross-certification, solution providers need to shift their focus from a product-specific deployment to a technology-solution view. It all comes down to identifying a profitable market segment and certifying employees to serve that segment. Target market segments should include data center management and network security -- technology areas ripe for outsourced support.
Data center management
Having employees certified in the technologies and products needed for a data center can open up a world of opportunity for solutions providers. With the economic downturn, many corporations are looking to trim internal IT staff and outsource significant portions of their data center operations, but those companies are not willing to hire just anybody to come in and manage their critical IT operations.
For those looking to provide data center management, it will take a verifiable combination of skills, experience, training and certification to meet the needs of a modern data center.
A good starting point is partner certification under one of the primary vendor programs, such as those available from Cisco, Microsoft, Juniper Networks or Hewlett-Packard. Combining those vendor certifications with a few third-party certifications should help to balance out a skill set.
Beyond the basic hardware certifications, solution providers should consider adding training and certifications for virtualization, security, power management, project management, Linux and networking.
An example of certification combos for data center support
|Cisco||Cisco Certified Network Associate (CCNA)||Validates ability to install, configure, operate, and troubleshoot medium-sized route and switched networks, including implementation and verification of connections to remote sites in a WAN|
|Data Center University||Data Center University Associate Certification||Base-level proficiency in the elements of cooling, power, racks, cabling, fire protection, management and physical security|
|(ICS)2||CISSP® - Certified Information Systems Security Professional||Multi-discipline security certification with focus on telecommunications, network, and operations security, as well as system architecture and design|
|VMware||VMware Certified Professional (VCP)||Vendor-specific training and certification on VMware's infrastructure products|
|SAIR Linux||Linux Certified Engineer, Level 2||Level 2 certification for those who are engaged in multiple server installations in a heterogeneous environment|
|PMI||PMP - Project Management Professional||Earning and maintaining PMI certification demonstrates a solid foundation of experience in effectively managing projects|
While gathering all of those certifications can cost tens of thousands for training and testing, a combination such as outlined above can smooth the way for highly profitable contracts maintaining and monitoring corporate data centers.
Security and compliance
More and more organizations are required to meet legislative requirements as new laws for compliance are passed. For solution providers, setting up and maintaining compliance can be a very profitable endeavor, simply because of the complexity of meeting requirements and the expertise needed. Compliance weighs heavily on medical, financial and government organizations, forcing many to seek outside help. Because of the intricacies of compliance, there is no single certification that can provide the peace of mind sought by IT managers looking to ensure that their businesses are compliant with the latest regulations and, more important, avoid the steep fines often levied on businesses that fail to meet the requirements.
Success in the compliance market requires an understanding of how to audit systems, interpret legalese, configure systems and apply security rules, all while documenting the appropriate activities. Here, solution providers looking to demonstrate expertise in those various areas will need to combine several certifications for success -- from technology auditing to security to project management.
An example of certification combinations for security and compliance
|GIAC||GIAC Security Expert Compliance (GSE-Compliance)||In-depth technical education in the area of compliance, including auditing, security, current regulations and presentation skills|
|GIAC||GIAC Certified Forensic Analysts (GCFAs)||Certified to handle advanced incident scenarios, legally collect and secure evidence, conduct investigations, Electronic Evidence Discovery, write forensic reports and legally carry out forensic investigation of computers, networks, and hard drives|
|(ISC)2||Systems Security Certified Practitioner (SSCP)||Educates information systems auditors; application programmers; system, network and database administrators; business unit representatives; and systems analysts in the intricacies of IT security|
|ISACA||Certified Information Security Auditor (CISA)||Educates and certifies information systems (IS) audit, control and security professionals|
Of course, the above is only a small cross-section of the available certifications for compliance and security professionals, and there is overlap between those certifications. The idea here is to combine certifications that give the broadest cross-section of compliance requirements and security skills that appeal to the largest target audience. That said, there are literally hundreds of more specialized compliance certifications, which are offered by many of the compliance information clearing houses and organizations. Much the same can be said about general security certifications. For solution providers, the best move is to pick a particular compliance area, such as HIPPA or SOX, and pursue combinations of certifications that offer the best cross-section of training and information for that specific area.
Summing it up
There is no real magic behind cross-certification. Solution providers will have to approach target markets by researching the opportunities available and then narrowing down certification tracks that are the best fit for those market areas. For many, just one or two vendor-specific certifications may be enough to get a foot in the door, but closing larger deals will require demonstrated expertise and validated certifications that will meet the client's needs. Perhaps the best ally here for a solution provider is simple research and a dose of common sense.
Frank J. Ohlhorst is an award-winning technology journalist and systems professional specializing in testing, deploying and analyzing products and services. He writes for several technology publications. His website can be found at www.ohlhorst.net.
This was first published in August 2009