Vendor Information Security Certification Guide

This guide provides an overview of the many vendor-specific security certifications available to value-added resellers, systems integrators and consultants.

This Content Component encountered an error

By Ed Tittel and Kim Lindros


In today's marketplace, particularly for small- to medium-sized organizations, outside expertise is often required to address information security needs. Be it for performing security audits, designing and implementing security policy or maintaining current, safe systems and networks, technology partners such as consultants, service providers and resellers often step in to supply capabilities and services that their customers can't supply internally. In this information security certification guide, we address those credentials that are tied to specific vendor products, platforms and environments. Because at some point, all security implementations invariably involve choosing and implementing specific security solutions, this is where the rubber really meets the road in runtime environments. By demonstrating current, applicable skills and knowledge regarding specific information security tools and technologies, vendor-specific certifications let outside organizations position themselves to help customers choose, implement, and manage solutions built around vendor relationships. Read on to get a sense of what's out there, and what kinds of competencies and relationships these credentials permit partners to promise.

 

TABLE OF CONTENTS
   Basic certifications
   Intermediate certifications
   Advanced certifications
   More security certification resources

 

  Basic certifications  Return to Table of Contents
  • Check Point Certified Security Administrator NGX (CCSA NGX)
    Prerequisite: Knowledge of TCP/IP and routing fundamentals
    Check Point's foundation-level credential, this program prepares individuals to manage basic installations of Check Point's VPN-1/FireWall-1 product. Topics covered include working with security policy, deployment and management of security gateways, tuning VPN-1/FireWall-1 performance with security policy, log management, intruder blocking, working with user, client and session authentication and managing network address translation.
    Source: Check Point Software Technologies

     

  • Check Point Certified Security Principles Associate (CCSPA)
    An entry-level certification, the CCSPA focuses on security fundamentals, concepts and best practices, and incorporating network and systems security with business needs. This credential covers the Information Security Triad, threat and vulnerability assessments, security policies, business continuity plans, safeguards and countermeasures, security and network architecture, encryption algorithms and access control technologies.
    Source: Check Point Software Technologies

     

  • Microsoft Certified Systems Administrator Security Specializations (MCSA: Security)
    These two credentials take the standard MCSA for Windows 2000 and Windows Server 2003 and transform elective exams into security specialization exams (and add one exam to the total count required so that this credential requires passing five exams instead of four). The idea is to let MCSAs demonstrate their interest in and focus on Microsoft-related security topics, tools and technologies.
    Source: Microsoft (MCSA: Security on Windows Server 2003; MCSA: Security on Windows 2000)

     

  • Symantec Certified Technology Architect (SCTA)
    An entry-level certification, Symantec Technology Architects must pass any one of the Symantec Solutions exams and a vendor-neutral exam such as GIAC Security Essentials, Security+, CISSP, CPP, and so on. Security solutions topics include: firewall and integrated security appliances, intrusion protection, security management and virus protection and integrated client security. A candidate can obtain multiple SCTA certifications, depending on their area(s) of expertise.
    Source: Symantec Corp.

 

  Intermediate certifications  Return to Table of Contents
  •  

  • Check Point Certified Managed Security Expert NG with AI (CCMSE NG with AI)
    Prerequisite: CCSE NG with AI
    The CCMSE aims to identify individuals who work with Check Point's VPN-1/Firewall-1 and Provider-1 Internet security solutions. The credential covers implementation of VPN-1/Firewall-1 as an enterprise security solution and working with Provider-1 in a network operating center environment to provide centralized security policy implementation and management.
    Source: Check Point Software Technologies

     

  • Check Point Certified Security Expert NGX (CCSE NGX)
    Prerequisite: CCSA NGX
    This is an intermediate-level credential aimed at VPN and firewall concepts, policies, strategies and the NGX product. It covers:
    • NGX installation and configuration
    • Upgrade to NGX from VPN-1/FireWall-1 NG or VPN-1 NG with Application Intelligence
    • Post-install procedure management
    • The SmartDefense global protection system
    • Configuration and testing of SecuRemote and SecureClient tools
    • Creation of VPN desktop policies
    • Context security management to block Java and viruses or filter URLs
    Source: Check Point Software Technologies

     

  • Accelerated Check Point Certified Security Expert NGX (Accelerated CCSE NGX)
    Prerequisite: CCSE NG with AI
    This is an intermediate-level credential that covers the same curriculum as the CCSE NGX in an accelerated form. It covers VPN-1, SmartCenter, SmartConsole, SmartDefense, and cluster XL, and includes upgrading from NG to NGX platform, dynamic VPN routing, Check Point QoS, SmartDirectory, and other NGX topics, tools, and technologies.
    Source: Check Point Software Technologies

     

  • Cisco Certified Security Professional (CCSP)
    Prerequisite: CCNA
    An intermediate-level Cisco professional certification, CCSPs must understand key aspects, components, and systems relevant to Cisco's security products and platforms. Required topics among the five exams include securing IOS networks and working with the Cisco Secure PIX and ASA Security Appliance products, Cisco IPS and HIPS, Cisco Security Agent and Cisco Secure VPN.
    Source: Cisco Systems

     

  • Cisco Qualified Specialist Program
    Cisco Qualified Specialists can pursue mid-level certification across a broad array of subjects and technologies. This program includes several credentials with strong -- if not exclusive -- security components, including: Source: Cisco Systems

     

  • EnCase Certified Examiner (EnCE)
    Aimed at both private- and public-sector computer forensic specialists, this certification permits individuals to become certified in the use of Guidance Software's EnCase computer forensics tools and software. Prerequisites include a combination of software licenses, training and field experience and a formal application process. Individuals gain certification by passing a two-phase exam -- a computer-based component and a practical component.
    Source: Guidance Software

     

  • Microsoft Certified Systems Engineer Security Specializations (MCSE: Security)
    These two credentials take the standard MCSE for Windows 2000 and Windows Server 2003 and transform elective exams into security specialization exams (and add one exam to the total count required so that this credential requires passing eight exams instead of seven for Windows Server 2003; and seven exams instead of six for Windows Server 2000). The idea is to allow MCSEs to demonstrate their interest in and focus on Microsoft-related security topics, tools and technologies (all MCSA requirements also carry over to the MCSE for security specializations).
    Source: Microsoft (MCSE: Security on Windows Server 2003; MCSE: Security on Windows 2000)

     

  • Nortel Networks Certified Technology Expert (NCTE)
    This certification track consists of one certification -- Converged IP Networks. Candidates have intermediate to advanced knowledge of designing and engineering Nortel Networks' product solutions, including security aspects. The credentials can be obtained by passing one exam.
    Source: Nortel Networks

     

  • RSA SecurID Certified Administrator (RSA SecurID CA)
    This certification is designed for security professionals who manage and maintain enterprise security systems based on RSA SecureID products. RSA SecurID CAs can operate and maintain RSA SecureID components within the context of their operational systems and environments, troubleshoot security and implementation problems, and work with updates, patches and fixes.
    Source: RSA Security

     

  • SAINT
    SAINT certification requires attending a two-day course geared toward information security professionals and system administrators, and passing one exam. The course focuses on TCP/IP and security fundamentals, and installing, configuring and using SAINT and SAINTwriter.
    Source: SAINT Corp.

     

  • Snort Certified Professional (SnortCP)
    The SnortCP is provided by Sourcefire Inc. The exam covers Snort IDS/IPS technology theory, installation and deployment, Snort configuration and usage, Snort tuning techniques, Snort rules language and syntax, advanced rule options and usage, effective and performance-oriented rule writing, rule set management and maintenance and implementation of supporting tools and applications.
    Source: Sourcefire Inc.

     

  • Sourcefire Certified Professional (SFCP)
    The SFCP identifies individuals who demonstrate a thorough knowledge of Sourcefire products and their underlying technical concepts. Candidates are assessed on their knowledge of Intrusion Management System, intrusion sensors, Defense Center, RNA Sensor, installation and deployment, administration and management, and more.
    Source: Sourcefire Inc.

     

  • Sun Certified Security Administrator for the Solaris Operating System
    This credential aims to identify experienced Solaris administrators with security interest and experience. It's a mid-range credential that focuses on system lockdown, best security practices and a good understanding of file and system resources protection, and encryption and authentication methods. A single exam, 310-301, is required to obtain this credential.
    Source: Sun Microsystems

     

  • Symantec Certified Security Engineer (SCSE)
    The SCSE cert requires passing a SANS GIAC technology exam for a specific technology focus, as well as a Symantec Solutions exam for that same focus. Two exams are required in total, depending on the chosen technology focus. Security solutions topics are: firewall and integrated security appliances, intrusion protection, security management and virus protection and integrated client security.
    Source: Symantec Corp.

     

  • Symantec Certified Security Practitioner (SCSP)
    This is a cumulative certification that requires individuals to pass three exams: two Symantec Solutions exams for chosen security topics and the (ISC)² CISSP or a SANS GIAC exam (one of four exams on security topics). Security solutions topics include: firewall and integrated security appliances, intrusion protection, security management and virus protection and integrated client security.
    Source: Symantec Corp.

     

  • Windows Server 2003 Security Certified Professional
    This credential recognizes individuals with thorough knowledge of managing and configuring a Windows Server 2003 environment, deploying local and network security, configuring Active Directory to manage organization-wide security, administering patch management and vulnerability scans, and creating and enforcing security policies and procedures.
    Source: Learning Tree International

 

  Advanced certifications  Return to Table of Contents
  • CCIE Security
    Arguably one of the most coveted certifications around, the CCIE is in a league of its own. Having been around since 2002, the CCIE Security track is nonpareil for those interested in dealing with information security topics, tools and technologies in networks built using or around Cisco products and platforms. Definitely a serious, useful credential!
    Source: Cisco Systems

     

  • Check Point Certified Managed Security Expert NGX (CCMSE NGX)
    Prerequisite: CCSE NGX
    The CCMSE is aimed at security professionals who manage multiple Check Point VPN-1 implementations using Check Point's Provider 1 Internet security platform. This certification attests to its holders' abilities to implement, deploy and manage multiple VPN-1 installations, using Provider-1 to supply centralized policy management capabilities.
    Source: Check Point Software Technologies

     

  • Check Point Certified Security Expert Plus NGX (CCSE Plus NGX)
    Prerequisite: CCSE NGX
    The CCSE Plus NGX attests to thorough expertise in working with Check Point VPN-1 NGX, including network planning, route-based VPN, troubleshooting, and in-depth security administration training and experience.
    Source: Check Point Software Technologies

     

  • Check Point Certified Managed Security Expert NG with AI Plus VSX (CCMSE NG AI Plus VSX)
    Prerequisite: CCMSE NG with AI
    The CCMSE aims at security professionals who manage multiple Check Point VPN-1 implementations using Check Point's Provider 1 Internet security platform. This certification attests to its holders' abilities to implement, deploy and manage multiple VPN-1 installations, using VSX as an enterprise security solution, along with Provider-1 to supply centralized policy management capabilities.
    Source: Check Point Software Technologies

     

  • Check Point Certified Security Expert Plus NG with AI (CCSE Plus NG with AI)
    Prerequisite: CCSA NG with AI
    The CCSE Plus NG with AI addresses advanced VPN-1/FireWall-1 technical topics and expertise. Topics covered include:
    • Risk assessments, network diagramming and security policy design and development
    • Placing security components in a network using VPN-1/FireWall-1, LDAP and CVP/UFP servers
    • Configuring rule bases for traffic management and encryption
    • Configuring multiple and single entry-point VPNs with ClusterXL
    • LDAP server installation and UserAuthority integration
    • Using Malicious Activity Detection on suspicious network traffic
    • Working with debugging tools and protocol analyzers, and troubleshooting various VPN-1/FireWall-1 issues
  • Source: Check Point Software Technologies

     

  • Check Point Integrity Specialist (CPIS)
    Prerequisite: None
    The CPIS seeks to identify security professionals who focus on Check Point's Integrity Advanced Server platform and are intimately familiar with its installation, configuration and maintenance, enforcement of desktop security policies, and Integrity client management for access control and protection.
    Source: Check Point Software Technologies

     

  • IBM Certified Advanced Deployment Professional -- Tivoli Security Management Solutions 20045 and 20056
    These certifications cover a broad range of higher-level security topics updated for 20045 and 20056 topics and platforms. Advanced Deployment Professionals must have a strong background in and knowledge of the following as they relate to security: communications, infrastructure, cryptography, access control, authentication, external attacks and organizational issues. Three exams are required to obtain these certifications. Candidates may substitute CompTIA Security+ or (ISC)² SSCP, or CISSP for one of the required exams.
    Source: IBM (Advanced Deployment Professional 2005;  Advanced Deployment Professional 2006)

     

  • Nortel Networks Certified Design Expert (NCDE)
    This certification track consists of six certifications, four of which include security components: Alteon Security, Contivity Security, Ethernet Switching and Wireless LAN. Candidates have intermediate to advanced knowledge of planning, designing and engineering Nortel Networks' product solutions, including security aspects. The credentials can be obtained by passing one exam.
    Source: Nortel Networks

     

  • Nortel Networks Certified Support Expert (NCSE)
    This certification track consists of seven certifications, six of which include security components: Alteon Security, CallPilot Rls 4.0 Unified Messaging, Contivity Security, Ethernet Switching, IP Convergence Succession 1000/1000M Rls. 34.0 and Wireless LAN. Candidates have intermediate to advanced knowledge of administering, maintaining and troubleshooting Nortel Networks' product solutions, including security aspects. The credentials can be obtained by passing one or two exams.
    Source: Nortel Networks

     

  • RSA Certified Instructor (RSA/CI)
    This cert is designed for security professionals who wish to teach others how to design, deploy and maintain solutions built around RSA SecureID products. Candidates must attend RSA SecureID courses they wish to teach, attain RSA/CSE and RSA/CA certification, attend an RSA/CI workshop and demonstrate their ability to teach the material in the classroom.
    Source: RSA Security

     

  • RSA Certified Systems Engineer (RSA/CSE)
    The RSA/CSE is designed for security professionals who install and configure enterprise security solutions built around the RSA SecureID product. Candidates must be able to design client solutions based on analysis of business needs, match implementations to client environments and infrastructures and carry a solution from design, through prototyping, pilot and full-scale deployment phases.
    Specialized credentials in this program are available for RSA Access Manager, RSA Digital Certificate Management Solutions and RSA Sign-On Manager.
    Source: RSA Security

     

  • Sourcefire Certified Expert (SFCE)
    The SFCE identifies individuals with mastery over the content of both the Snort Certified Professional and the Sourcefire Certified Professional. Candidates are assessed against more advanced material.
    Source: Sourcefire Inc.

     

  • Tivoli Certified Solution Advisor – Tivoli Security
    Part of the IBM family of companies, one of Tivoli's Solutions Advisor credentials covers security topics in the context of available Tivoli security tools and technologies. Certified consultants must have a strong working knowledge of infosec concepts and ITIL, related tools and technologies, and understand how to design, deploy, manage, maintain and troubleshoot Tivoli security components and capabilities.
    Source: IBM

     

  • IBM Certified Specialist – Tivoli Identity Manager Express V4.6
    Those who attain this certification can plan for, install, configure, troubleshoot, administer, and maintain an IBM Tivoli Identity Manager Express V4.6 environment. While earning this certification requires passing only a single exam, the background and knowledge requirements span a broad range from basic business processes, to system administration, to Java, JavaScript and DSML, plus working knowledge of LDAP, IBM Tivoli Directory Integrator and more.
    Source: IBM

 

  More security certification resources  Return to Table of Contents

About the authors
Ed Tittel is a full-time freelance writer, trainer and consultant who has written more than 130 books, including his latest (with lead author, Laura Chappell), Guide To TCP/IP, third edition, (Course Technology, 2006, ISBN: 1418837555). He has been active in the computing industry for more than 20 years and has worked as a software developer, manager, writer and trainer.

Kim Lindros has more than 15 years of experience in the computer industry, from technical support specialist to network administrator to book and course content manager. She has edited and developed more than 150 IT-related books and online courses, and co-authored two certification books and numerous online articles with Ed. Kim runs Gracie Editorial, a content development company.

This was first published in September 2006

Dig deeper on Information Security Training and Certification

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close