In the spring of 1998, Cisco Systems announced the Cisco Career Certifications program. The program provides two paths— network support and network design—to the Cisco Certified Internetwork Expert (CCIE) certification, Cisco's highest certification level. Taking a cue from Microsoft's successful MCSE certification program, Cisco has created a stepping-stone approach to pursuing CCIE certification that lets you attain various certifications on your way to the CCIE. In this article, I describe Cisco's approach to certification. I explain why Cisco certification can be a valuable addition to your career qualifications, and I walk you through some of the subject areas you need to master to pass the certification exams. Finally, I suggest some strategies you can employ to achieve Cisco certification.
Why Earn Cisco Certification?
In 1997, Cisco and Microsoft announced a strategic alliance to integrate directory services that resulted in the Directory Enabled Networks (DEN) initiative. DEN is a specification for a directory schema that will extend existing x.500 and Lightweight Directory Access Protocol (LDAP) specifications to include Cisco routers and switches. Eventually, DEN will let organizations extend not only Active Directory's (AD's) schema but also many LDAP-accessible directories' schemas to include information about users, applications, networks, and networking equipment. (For more information about the DEN initiative, see Dave Champine, "Directory Enabled Networks," February 1999.)
Because AD will eventually let you administer your routers and switches, you'll have more control over your users and their interactions with the physical network. For example, when you implement security in your NT network today, you first create physical boundaries, either with routers or with switches and Virtual LANs (VLANs). Currently, you base security policies on your source workstations' hardware and logical addresses. In the future, you'll be able to base security policies on users and groups.
Your users move around, and the domain knows how to find and follow them; DEN will take this facility one step further and teach the network how to recognize your users, no matter where they go. If you take this capability forward another step—to gain control of end-to-end network services and application management—you can store information about network services and applications in the directory.
What does all this have to do with you and Cisco certification? Plenty, when you consider that DEN and Cisco Networking Services for Active Directory (CNS/AD), in combination with LDAP, will create complex configurations. Who will design, install, and maintain these new databases of network services? Perhaps you—if you add the new Cisco certifications to your MCSE.
Cisco is creating CNS/AD, specifications to let APIs and Java APIs (JAPIs) communicate through the Cisco integrated office system to AD. By running CNS/AD on your Cisco devices, you'll be able to manage relationships between all network resources and use inheritance within AD's tree structure to control how AD applies policies stored in the directory to other objects. You'll be able to create a policy within the AD tree structure, then give users and groups rights to that policy. The policy will define the type of traffic and bandwidth that users and groups can use on the network—traffic that might include audio and video in addition to general data.
The New Cisco Certifications
The foundation of Cisco's network support path is the Cisco Certified Network Associate (CCNA) certification. To achieve your CCNA, you need to pass one Sylvan Prometric test that includes approximately 70 multiple-choice questions. This requirement sounds simple; however, the CCNA certification exam is more difficult than any Microsoft exam because it requires knowledge of advanced internetworking concepts. After you pass the CCNA exam, you can continue on to achieve the Cisco Certified Network Professional (CCNP) designation by passing four additional exams. Having a CCNP puts you one step away from the CCIE certification, Cisco's highest certification level. Let's look more closely at the CCNA and CCNP certification exams.
The CCNA Exam
To pass CCNA 1.0, Cisco Certified Network Associate, you must demonstrate proficiency in networking concepts. Four of these concepts are of particular importance. (Always check with Cisco for the latest test objectives before you take a certification exam. You can learn about the exam objectives for all Cisco exams at Cisco's Certification and Training Web site: http://www.cisco.com/warp/ public/10/wwtraining/certprog/ testing/exam_objective.htm.)
The OSI model. The CCNA exam's questions about the specifications of the Open Systems Interconnection (OSI) model are the most difficult I've ever seen. You need to know more than the names of the OSI model's seven layers. You must know the specifics of each layer. For example, you must know that the application layer identifies and establishes the availability of intended communication partners and identifies what resources are necessary to communicate. Study all OSI layers thoroughly before you register to take this exam.
Internet protocols. The CCNA exam grills you on your understanding of the different protocols and their functions at each layer of the Internet protocol stack. For example, you must know how to use the Address Resolution Protocol (ARP) to find a hardware address from a known IP address, and how to use Reverse Address Resolution Protocol (RARP) to find an IP address from a known media access control (MAC) address. In addition, you must know how TCP and UDP work at the transport layer, which includes knowing how to set up a reliable session, and you must understand how IP works at the network layer. You must also be able to determine how a frame, packet, and segment work together to send data across an internetwork.
IP addressing and subnetting. Unlike the Novell or Microsoft exams, the CCNA exam presents you with difficult, in-depth questions about IP addressing and subnetting. If you can't subnet well, or if you need a calculator, don't bother taking this exam until you've developed your skill. This test requires you to quickly find the valid hosts and broadcast address of a subnet, and you aren't allowed to use the Windows calculator. You needn't have variable-length subnet mask (VLSM) or supernetting experience to pass this exam.
Cisco router interface. You must be able to log in to user mode and privilege mode, use the Help screens, and configure passwords and banners. You must also know how to configure an Ethernet interface with IP and IPX, create access lists, save and restore your router configurations, perform Distance Vector routing with Routing Information Protocol (RIP) and Interior Gateway Routing Protocol (IGRP), and be able to use ISDN and Frame Relay to connect a WAN to the router.
The CCNP Exams
After you achieve your CCNA, you can continue to the CCNP certification. You must pass four exams beyond the CCNA exam to earn your CCNP, but you
needn't attend courses before you take the exams, and you can take them in any order.
ACRC 11.3, Advanced Cisco Router Configuration. This exam takes off where the CCNA exam ended. You must be able to scale large internetworks with the Cisco Internetwork Operating System (IOS), understand IP traffic control, and manage router performance. Make certain you're familiar with advanced TCP/IP routing protocols, IPX routing and traffic control, AppleTalk, bridging, WAN scalability, and bandwidth on demand.
CLSC 1.0, Cisco LAN Switch Configuration. This exam tests your understanding of Cisco switches and the architecture of the 1900, 2800, 3000, and 5000 Catalyst series switches. To pass, you must be able to use Ethernet, Fast Ethernet, Fiber Distributed Data Interface (FDDI), and asynchronous transfer mode (ATM) LAN Emulation (LANE) to place, configure, and maintain Catalyst LAN switches. Cisco might replace this exam with Building Cisco Multilayer Switching Networks. Be certain you understand which exam is the current requirement before you register to take the CCNP exams.
CMTD 8.0, Configuring, Monitoring, and Troubleshooting Dial-up Services. Be prepared to install, configure, monitor, and troubleshoot Cisco access and ISDN dial-up services. Cisco might replace this exam with Building Cisco Remote Access Networks. Again, be certain which exam you need to take before registering.
CIT 4.0, Cisco Internetwork Troubleshooting. This exam tests your knowledge of using multiprotocol hosts and servers running Ethernet, Fast Ethernet, Token Ring, frame relay, Serial Lines, and ISDN to baseline and troubleshoot Cisco routed and switched environments.
If you really hate taking tests, you're in luck. You can take fewer exams and still earn your CCNP by passing the CCNA exam, the CIT 4.0 exam, and the Foundation Routing and Switching exam (FRS 1.0). Be warned, however, that the FRS 1.0 exam merely consolidates the ACRC 11.3, CLSC 1.0, and CMTD 8.0 exams. However, the Foundation Routing and Switching exam saves you $100 over the cost of taking the three exams separately and lets you take one long exam rather than three shorter ones.
Network Design Certification
For professionals who want to design networks, in addition to installing and troubleshooting them, Cisco has created the Cisco Network Design Career Certification track. You can attain two certifications on this track: Cisco Certified Design Associate (CCDA) and Cisco Certified Design Professional (CCDP). You need to pass only one exam to achieve a CCDA: DCN 1.0, Designing Cisco Networks. To earn the CCDP, you must pass Advanced Cisco Router Configuration; Cisco LAN Switch Configuration; Configuring, Monitoring, and Troubleshooting Dial-up Services; and CID 3.0, Cisco Internetwork Design. If you already have your CCNP, you need to pass Designing Cisco Networks to achieve your CCDA; you must pass only Cisco Internetwork Design to earn your CCDP.
Your Cisco Certification Battle Plan
The Cisco exams are tough—particularly if you've never worked with a router. Passing the CCNP or CCDP exams without a reasonable amount of experience is difficult. A good plan of attack is to begin by studying for the CCNA, because you can do so by hitting the books. A wide assortment of CCNA study material is currently available. However, don't try to replace hands-on experience with only bookwork. To gain valuable hands-on experience that will supplement your text study, you can take the Introduction to Cisco Router Configuration (ICRC) course at any Cisco authorized training center. In addition, many unauthorized Cisco training centers offer CCNA seminars that prepare students to take the CCNA 1.0 exam. Two good sources of online training that focus on Cisco certification are NetCerts (http://www.netcerts.com) and Network Study Guides.com (http://www. networkstudyguides.com).
One of your greatest challenges in preparing for Cisco certification might be finding equipment for a home study lab. Cisco isn't like Microsoft, which offers free evaluation software that lets you build experience as long as you have access to a PC. Cisco routers are expensive—even used equipment is at a premium because of the Cisco certifications' popularity. You'll need to spend approximately $2500 for two used Cisco 2501 routers. You'll need a more complicated lab setup to adequately study for the CCNP and CCIE exams than you need to study for the CCNA exam. To get around this investment, investigate the online labs option (e.g., http://www.virtualrack.com, http://www.mentorlabs.com). In addition, track down a Cisco IOS simulator—a product that simulates a Cisco IOS environment at a fraction of the cost of the real environment. An IOS simulator is a viable alternative to using online labs or purchas- ing equipment, and it lets you use your PC at home and avoid the cost of setting up a home lab. For information about how to track down an IOS simulator, go to http://www.routersim.com.
