CCIE Warm-Up Advice and Learning Labs

One of my goals in pursuing the CCIE was to be able to write a book about how to prepare for the CCIE Lab. This is the book, with practical advice and practice scenarios meant to impart to the reader many of the important lessons I learned during CCIE Lab preparation.

The intended audience is CCIE candidates in the first six months or so of focused preparation for the CCIE Lab exam. The CCIE Lab I took was in the Routing and
Switching Track, but many of the central lessons I learned should be useful in other tracks. The labs in this book focus heavily on therouting protocols BGP, IS-IS, OSPF, EIGRP, and RIP version 2, and covers numerous Quality of Service features such as priority queueing, custom queueing, class-based weighted-fair queueing, frame-relay traffic-shaping, PPP multilink fragmentation and interleaving, and rate-limiting. The scenarios also address IP Multicast, IPSEC, IOS firewall, and basic DLSW+. The reader will configure a Catalyst 3550-EMI as a switch and as a router, but the labs focus more onrouting than on switching.

The advice and scenarios emphasize lessons that candidates preparing for the CCIE Lab Exam need to learn. This book is not intended for use in preparation for the CCIE written qualifier exam, which is a very different test, covering much material that Cisco has expressly and publicly removed from the CCIE Lab Exam, such as IPX, ATM LAN Emulation, and Token Ring.

As of the release of this Lulu Press edition, Cisco has announced that ISDN is soon no longer going to be tested on the Lab. I am sorry that I do not have the time now to rewrite the Scenarios to take out all reference to ISDN.

The scenarios would, incidentally, serve as excellent lab material for the student preparing for the Building Scalable Cisco Internetworks (BSCI) Exam, which is required for the CCNP, CCDP, and CCIP certifications, as well as for theRouting and Switching Specialization for Cisco Partner resellers. The student could simply ignore the QOS tasks and other tasks that are obviously beyond the scope of the BSCI Exam, and enjoy some very challengingrouting labs.

I designed the five practice scenarios in this book to teach crucial CCIE lessons, not to resemble the CCIE Lab Exam. Since I use an affordable lab topology that includes only one Catalyst 3550-EMI, it will never be said of any of these labs that, “it was just like the real lab exam.” I want readers to know this up front so that they will not expect scenarios that are “dry runs” of the Lab exam. My tasks involve very little cryptic language, so you will usually know what you need to do. You just may not know how to do it until you do some research or read my solution configuration scripts and explanations. Much of the value of this book lies in the explanations of the tasks that require explanations.

The lessons run the gamut from efficient CLI practices, diagramming techniques, and technology-specific tricks and traps, to subtleties of route redistribution. I am obsessed with route redistribution. I found it challenging while preparing for the CCIE Lab Exam, and still find things to learn about it.

CCIE Warm-Up Advice and Learning Labs .Pdf  | Download

Cisco Revising CCIE R&S Certification (V4.0 351-001)

The upcoming Version 4.0 of Cisco CCIE® Routing and Switching certification will test hands-on troubleshooting, Multiprotocol Label Switching (MPLS), and VPN networking

To reflect the growth of the network as a service platform, Cisco is revising the certification requirements for CCIE Routing & Switching (CCIE R&S)–the expert level certification for network engineers. The new requirements were developed with assistance from Cisco enterprise customers and reflect the expectations of employers across industries.

The competencies required for CCIE R&S v4.0 certification were released on May 5, 2009, and are available on the Cisco Learning Network under the CCIE R&S v4.0 Written Exam topics and CCIE R&S v4.0 Lab Exam topics. Exams based on the new requirements are scheduled for release on October 18, 2009, and will immediately replace the currently available v3.0 exams. Candidates who plan to take their exams on October 18, 2009, or later should prepare usingthe new v4.0 exam topics.

Both the written and lab exams will be refreshed with new questions and will cover MPLS and VPN networking. The written exam will add scenario-based questions to the multiple choice questions, and the lab will now require hands-on troubleshooting of preconfigured networks, in addition to configuration. Exam duration and pricing will remain the same, with the two-hour written exam at USD$350 and the eight-hour lab at USD$1400.

A beta version of the new CCIE R&S v4.0 written exam (351-001) will be available to all customers in the July–August 2009 timeframe at a discounted price of USD$50. An announcement will be made when scheduling begins.

Frequently Asked Questions

1  -  Q: What exactly is being changed on the CCIE R&S written exam?

A: The CCIE R&S v4.0 written exam will be refreshed with new questions to reflect the current job role expectations of employers. Scenario-based questions will be added to the multiple choice questions. New topics include the skills associated with planning and evaluating network changes, implementing MPLS, Layer 3 VPN, IPv6, EIGRP and multicast; and configuring performance-basedrouting.  More information is available on the CCIE Written Exam Overview page.

2  -  Q: What exactly is being changed on the CCIE R&S lab exam?

A: The CCIE R&S v4.0 lab exam will be refreshed with new questions to reflect the current job role expectations of employers. The equipment in the testing lab will be updated with Cisco 1800 and 3800 Series Integrated Services Routers running Cisco IOS® Software Version 12.4(T) and Cisco Catalyst® 3560 Series Switches running Cisco IOS Version 12.2 Advanced IP Services. The biggest change will be the testing of hands-on troubleshooting for the first two hoursof the eight-hour exam. Candidates will be presented with a series of trouble tickets for preconfigured networks, and they will need to diagnose and resolve the network fault or faults—a realistic and challenging job task. Candidates who finish the troubleshooting section early can move on to the configuration section, but they will not be allowed to go back to the troubleshooting section, since their equipment will need to be reinitialized for the configuration portionof the exam.

To make time for new material, CCIE R&S v4.0 exams will put less emphasis on equipment operation and concepts generally understood at the professional level. These skills are still assumed, but will not be the sole objective of CCIE test questions. Go to the Lab Exam Study/Learn section for more information.

3  -  Q: Now that the CCIE R&S v4.0 has been announced, can I still take the CCIE R&S v3.0 exam? How long will it be valid?

A: The CCIE R&S v3.0 written exam will be available through October 17, 2009, at all Pearson VUE testing centers. Passing the v3.0 written exam qualifies a candidate to take any available version of the CCIE R&S lab exam. As with all CCIE written exams, a passing score on v3.0 written exam will remain valid for three years, as long as the candidate attempts the lab exam once within the first 18 months. If the lab is not attempted, thewritten exam becomes invalid and the candidate will have to retest using whatever written exam is available at that time.

4  -  Q: If I take the CCIE R&S written beta test in July or August 2009, will I still be able to schedule the CCIE R&S v3.0 lab exam?

A: Scores on CCIE written beta tests are not available until 4 to 6 weeks after the close of the beta period. At this time, there is no guarantee the CCIE R&S v3.0 lab exam will still be available when a beta test candidate receives his or her score. Beta testers should plan on taking the CCIE R&S v4.0 lab test to achieve certification.

5  -  Q: If I don’t pass the CCIE R&S v4.0 written beta exam, can I take it again in five days?

A: No, a candidate can only take a CCIE written beta test once during the beta testing period.

6  -  Q: Will there be any changes to the recently-added Core Knowledge portion of the exam, the part with the short-answer questions?

A: The questions in the Core Knowledge section of the lab exam may cover any area on the CCIE R&S v4.0 Lab Exam topics.

7  -  Q: What can a candidate expect in the troubleshooting portion of the lab exam?

A: Troubleshooting is allotted two of the eight hours required for the CCIE lab exam. Candidates will be presented with a series of trouble tickets for preconfigured networks and will need to diagnose and resolve the fault or faults. As with previous CCIE labs, the network will need to be up and running for the candidate to receive credit.  Candidates who finish the troubleshooting section early can move on to the configuration section, but they will not be allowed to go back to the troubleshooting section.

8  -  Q: Does a candidate have to pass both the troubleshooting and configuration sections in order to pass the entire CCIE R&S v4.0 lab exam and earn a CCIE?

A: Candidates will receive a single pass/fail grade on the entire exam, including both configuration and troubleshooting. Failing score reports will give an indication of where the candidate scored lower, to help the candidate prepare for another attempt.

9  -  Q: Will the CCIE R&S mobile lab exam also be updated?

A: Yes, CCIE R&S mobile labs use the same lab version as Cisco office locations, and they will switch to the v4.0 lab exam on October 18, 2009 as well.

10  -  Q: Which exam will be used for recertification?

A: As of October 18, 2009, CCIEs who take the CCIE R&S written exam for recertification will be given the v4.0 exam and should prepare using the exam topics found on the Cisco Learning Network.

11  -  Q: Are the previous Cisco 360 components applicable to the CCIE R&S v4.0 exams? Should candidates studying for CCIE R&S v4.0 exams wait forthe new Cisco 360 materials to begin work?

A: The learning components available at first launch of Cisco 360 are still relevant to candidates studying for the CCIE R&S v4.0 certification exams. No Cisco 360 Learning Program components are being retired.  There is no need for candidates to wait for revised Cisco 360 material to begin their study and practice. The subscription model ensures that Cisco 360 customers can take advantage of all new content as it is released and do not need to wait.

Troubleshooting and its Role in the new CCIE Blueprints

Troubleshooting has always been a part of the CCIE lab in one form or another. Whether we look back to the days when the lab was a 2-day lab and the 2nd half of the 2nd day was entirely set aside for troubleshooting, or moving to the 1-day format where your own careless mistakes could mean you were in for a world of debugging to see what you did wrong, or even more recently up until now where Cisco began building small inherent errors into your initial configurations and then giving you a heads up with a task and points associated to fixing it. By the way, for you conspiracy theorists out there, they put the errors in before you get to your lab – and NO, they do not perform any ‘live’ error introduction while you are inside of your 8 hours, thus my word “inherent”.

Well moving on from those days till now, we come up against a new blueprint change recently for Voice and Security. This past year at Cisco Live! Networkers ‘08, we got to talking with a fewof the Cisco Content Managers for various tracks (mainly Voice and Security) and also listening to their presentations and Q&A time with the crowds after the Techtorials. What we very solidly came to understand was that it is Cisco’s goal moving forward with the CCIE program to largely increase the amount of troubleshooting they request the candidate to perform, hoping to increase the amount of expertise they garner from said candidate while they have them captive in the lab. I mean let’s face it, configuration is absolutely necessary and fundamental – no one is contesting that – but without a solid understanding and ability to troubleshoot, that knowledge only goes so far in the field.

Simply put, the ability for an engineer to be able to troubleshoot effectively in the field is paramount. So now Cisco hopes to certify you ability not only to configure well, but also troubleshoot errors that they might have put there for you. Just the same as if you walked into a situation with a client on a network that you had never seen – you would need to be able to perform there as well.

This is the reason behind our decisions to not only mirror the new v3 blueprints for both Voice and Security, but to breakout each section into sub-sections – A & B. The A part of any given section deals with the configuration of a given technology, but the B partof the given section deals with troubleshooting that technology.

For more of a convincing argument simply take a look at the new v3 Voice blueprint and take a look at every section header. Notice that every section begins with “Implement and Troubleshoot”.

Now candidates may ask themselves if they really have time to debug protocols and look at traces (in the case of Voice) while in the CCIE lab. Many candidates that have gone before and ultimately passed have argued in favor of both views, some that there is time enough, and others that there simply isn’t. The argument for not having enough time has been loudest argued (at least that I have heard) by Voice candidates who, up until now, have had so many menial building-block tasks to accomplish to get to the stage to be able to configure the more complex technologies. While I believe that there was very little time in the previous lab for such a thing, I still think there was in fact time, but believe that in the new formatof the lab where much more emphasis (and points) are placed on troubleshooting, that you will be given more time to do so. This might mean that the proctors have prepared a lab for you in which many of the more menial tasks that take up a great deal of time, but don’t necessarily prove expertise (registering phones, assigning line text labels, etc), are already configured for you and built into the “Initial” configuration when you go to sit down and begin the lab. How much time you have fortroubleshooting also largely depends on your familiarity and comfort level with debugging and trace output. So if you haven’t found that “comfort” (oxymoron?) with them yet, time to dig in and get comfortable – you’re going to need to be!

Source

12 Ways To Get The Most Out Of Lab Time

Often times you may have rack time only to find that much of it is wasted away. At the end of the session you sit asking yourself where all your time went. Here are  12 Ways to Get the Most out of Lab Time:

  1. Download the pre-configuration files from whatever vendor you are using ahead of time.  There is no reason why you shouldn’t have them prior to starting you lab.
  2. Choose the scenario you want to work on prior to the start of your lab time.
  3. Once you have the scenario selected look at the default (pre-) configurations for that lab.  Add things to them like the “no shut” command on interfaces you need to use or the “enable” and “config t” commands at the beginning of the configuration file.  This makes it faster when you past the configurations into an empty router.
  4. Write a perl or expect script. You can quickly write a perl or expect script to log in and load a configuration.  This automates much of the initial process.  More lab time for you!
  5. Don’t waste your lab time reading the lab. You should have already done this.  Lab time is Lab time.
  6. Put it on the calendar and set a reminder. If its in writing and you are reminded about it you are more likely to start on time.  You are committed.
  7. Shut the door. If you study at home let your family know that you will be busy for a while and shut the door.
  8. Go to a coffee shop: This gets you away from the demands of the family.
  9. If you study at Work then put a sign up that tells people you are busy.
  10. Shut off your phone.
  11. Turn off your email.
  12. If you are using a Mac you can download “Isolatorto block out distracting windows.  This brings focus to just your terminal window.  If you are using Windows try DropCloth.

So – What do you think?  How do you make lab time more effective?

10 CCIE LAB TIPS

1. Read the entire exam – now I know everyone is saying that and even Cisco it advising that in there site, but this is one of the important things you need to do before you start configuring as when you start configuring, your mind is set to different mode and you will miss important details.

2. Take Notes – In addition to step 1 you must know to take notes, what I mean you ask yourself?! Well when you read the exam you will probably be thinking “am I wasting my time reading when other are typing and almost finishing their exam” I say NO you are not but because you all stress and your brain is speeding in almost 200mph you will not remember if you will not take notes.

3. Work Your Way UP – After first two steps are done you are probably 30 min – 40 min into your exam do not panic, work in a step by step layer 2 to layer 3… 4. Ask The Proctor – there was in my lab a real nice person that I am sorry I didn’t ask for his name but for me his name was Mr. Proctor and whenever I had a question about something that I didn’t understand or I thought that it is not well asked then I got up from my seat and went to his desk and ASKED, no shame, If you do not understand ASK that is one of his jobs, Accept for escorting you to the dining room.

5. Don’t ASK Dumb Questions – The Proctor will not give you an answer to your lab question, he will only answer “yes” or “no” format and only if he understand from your question that you know what you are talking about, so do not go and ask “question 1.1 what do you want me to do here” (In CCIE Routing and Switching Practice Labs, Cisco Press book you can see a lot of questions / Answers like that).

6. Be Polite – the proctor doesn’t work for you so be nice, that is the end of proctor candidate relation advice.

7. You Can Jump Back and FWD – the exam is open to your judgment you can say I will do first security then multicast or I will do IPv6 last

8. Keep Track – the exam have a lot of questions and sections, you need to write down questions and/or sections you finished, I myself written every question and its points, when done I have marked with “ok” when skipped marked with “later” when I have finished I looked on my paper and made sure I didn’t left any question without “ok”

9. Know How to check – after every question I did a check to make sure that what they want to work dose work, it is not always sufficient to put the commands as some time one section is relaying on another and putting the command relating to that question will not work until you add or remove other commands, I hope that is not to confusing, but most of the exam time went in my exam to verification. Also once you go to sections like security that may brake other sections, I would go back and verify the sections all over again and if they don’t work I know where is the problem, if I didn’t check every step it would be hard and more stressful when something would not work at the end.

10. Do not panic – that is important and for some it is more for other it is less, when you see the exam for the first time do not panic take it and brake it to small pieces, and do it one step at a time, if you face a problem skip ahead do not try to solve it for 2hr you can come back to it later.

Become CCIE with Simulator FAQ

Should I use emulator like dynamips or buy real lab?
Well, it depends. Dynamips is an emulator that somehow “tricks” the real IOS image so it will boot and run on standard PC. So far it can run IOS for 7200 routers, 3600, 3700 and 2600 series. So if you need to practice features outside those IOS, then you can’t do it with dynamips and must go with real lab.

What does exactly dynamips lack of?
Performance, even it doesn’t matter for CCIE practice lab, features that must be run in hardware such as certain QoS, and all the features outside the supported IOS for example L2 and switching features from a normal 3550 or 3560 switch. And we need to be aware that if there is any issue, we need to be able to identify if the issue is from wrong config, IOS bugs, or bug from the dynamips itself. With real lab, it’s just wrong config and IOS bugs.

Which CCIE track do you think can be done with emulator only?
For Service Provider track, you can practice almost 100% of the topic. The focus of the lab is on SP infrastructure so personally I don’t think you need to spend much time to practice L2 switch features. For Routing & Switching I think dynamips can still be used to cover almost 90%. Despite it has support Ethernet module but it still can’t be used to test real L2 switch features such as VTP and STP. But all L3 features from 3550/3560 switch can be tested or will have the same behavior just as if we use normal router. For Security track the emulator can be used to test IOS FW, IOS IPS, VPN between routers and security features in routers (NAT, ACL, RTBH etc). But more than half of the features for this track require Firewall, VPN, IDS and Cisco Secure ACS. For the rest of tracks, I would say the emulator won’t help that much. Check the CCIE lab blueprint and CCIE lab equipments to give you the idea.

What would I miss from the real lab?
Using real lab we would be able to test all the features required in CCIE lab, real router with real performance, capable to test hardware-dependent features, ability to sell it back when we are done and last but not least, the noise I guess. I used to sleep next to my lab for months so sometime I feel that I can still hear the noise inside my head until now.

What would be your suggestion to cover the lacks from dynamips?
There are several options. You may invest and buy a complete real lab. The challenge to have real lab is we need to replicate as close as possible to the lab equipments. It means, it can be expensive. But the good thing is, if our lab is still in decent condition after we are done, we may be able to sell it again (to another CCIE candidates) without losing a penny at all. Another option is to rent an online rack. It has advantage since we can connect to it as long we have Internet and we don’t need to invest big pile of money in the beginning, but obviously the money won’t go back after we are done. The option that you may want to consider is using dynamips to practice and cover as many features as possible (such as R&S and Security) then go to online rack rental a couple of weeks before the exam. For track like security, you may want toinvest in Firewall and VPN hardware, then connect them to dynamips. To practice IDS and for final preparation before taking the exam, you can use online rack for several days. List down all your options then make the pros and cons from each of them before you decide.

Do you know people who passed using dynamips only?
Yes, I know many people have passed CCIE lab using dynamips/emulator. In fact, for my third lab which is Service Provider track I practiced only using the emulator similar like dynamips. And no, I won’t tell you what it is nor I would discuss about it in this blog.

Do you think the people who passed using dynamips/emulator only are not real CCIE, since they never touch real routers?
No, there is no such thing. Passing CCIE lab just means you pass a lab exam. What makes a difference later on is your experience and expertise in real life. So someone may pass CCIE using only emulator and never touch the real routers, and he is still a CCIE. Later on he can gain experience and expertise with real routers. That’s what matter at the end of the day.

Will you teach me how to configure dynamips/other emulator?
No. RTFM. Googling.

Will you send IOS for me to use in emulator?
No. It’s actually illegal to run IOS software without license, but for practice lab at home I don’t think Cisco would bother chasing you. But I won’t send any IOS.

How to find info if I have issue with dynamips?
Again, RTFM and googling. And you should join the forum and become active member to discuss it. As I mentioned above, if there is any issue when you practice CCIE with emulator, it may come from wrong config, IOS bugs or bug in dynamips. So by becoming active member in the forum, and if you are willing to use the emulator heavily, you can contribute if you think the issue is from dynamips itself. Help the community to maintain and develop this wonderful emulator.

So should I use emulator or buy real lab to practice CCIE?
[email protected]#$%^&* Scroll up and read again from beginning.

How to Pass CCIE Lab Insider’s Tips

Himawan Nugroho, CCIE #8171

Just another guy who wishes to be an expert one day. Discovers the future one day at a time. His greatest fear is becoming a guy without specialties.
The first and the only Indonesian Triple CCIE till date.

◆ Triple CCIE #8171 in Routing & Switching, Security and Service Provider track
◆ 8+ years experience in Networking: SP, Data Center, UC, Wireless, Security
◆ Broad experience within Asia Pacific and Middle East
             2000 – 2001 Schlumberger Omnes, Indonesia
                 NOC Engineer to maintain the internal network within Asia and Australia
             2001 – 2002 IBM Global Services, Indonesia
                 Pre-sales and Network Consultant
             2002 – 2006 Emirates Computers, Dubai, United Arab Emirates
                 Pre-sales, Lead Engineer, Network Consultant, Technical Project Manager
             2006 – now Cisco Advanced Services, Asia Pacific, based in Singapore
                 Network Consulting Engineer
◆ Currently working in several projects in different countries for Petronas (Malaysia), CAT (Thailand), Starhub Cable Vision (Singapore), VDC (Vietnam) and Telkomsel (Indonesia)

More Detail: How to Pass CCIE Lab Insider’s Tips |  PDF

How to Become a CCIE v2

Passing the elite level and world’s toughest certification from Cisco Systems, tips from someone who has done it three times
By Himawan Nugroho, CCIE#8171 (R&S, Security, SP)

I was digging through my own blog archive and found that my first post about How to Become a CCIE is quite old and need to get updated. In fact, I’m thinking to modify it in such a way so the same principle should be applied to any CCIE tracks, and even to any top level certification from other vendor. Without any intention to re-invent my own writing, I just put the updates and I tried to make it short this time. So if you’d like to read more about my experience taking the lab 3 times, I suggest you to read the original version and all related posts, starting with the summary of my journey. Btw, in case you haven’t noticed I’m trying to learn how to sell by using marketing hypes, hence the words “elite level”, “world’s toughest” and “from someone who has done it three times” yeah, right.

1. You still need to ask yourself “what’s the point?”

It’s still a very tough challenge. It’s still a long and tiring process. You will spend lots of efforts and money to get it. You still need to sacrifice your spare time and social life. So you should have at least one good reason why you want to do CCIE. And don’t try to fake the reason. No one can give you the answer and I bet no one other than you really cares what it is. But it’s important for you because this might be the only thing that can keep you going, that can wake you up from your laziness, that can make you come out from your frustration in the middle of your journey.
Once you know and believe in your reason, then decide which track you want to pursuit. Follow your heart, do only the track you like. Continue with collecting the information about that specific track: read the CCIE blueprint for both written and lab exam. Read Networkers slides to get a brief picture about the exam format and sample of the question (Yes they have a session for this, I remember I read and listened to the presentation conducted by CCIE SP proctors).

2. Use the mid-level certification
Now the step for all CCIE tracks are very clear and they all have mid-level certification (except CCIE storage). So if you want to take CCIE in Routing & Swithing you should learn CCNP. For CCIE Service Provider you should start with CCIP. For Voice it’s CCVP. And for Security it’s CCSP (the new Security lab doesn’t require extensive knowledge of routing & switching anymore, you may check its blueprint v2). Remember, using this mid-level certification doesn’t mean you have to pass it.
If you are one of the guys who wrote me email to say that certification is useless, want to take CCIE just to prove how good you are, doesn’t want to waste time with CCNA, CCNP/IP/SP/VP then it’s fine. Don’t take the exam but you can still utilize the resources to plan your study. The base knowledge for CCIE is already covered in the mid-level certification. So do the obvious and follow the flow: read the books for the mid-level of track you want to pursuit even you don’t have to take the exam. Passing the mid-level exam is important just as a review to ensure you have really understood the material covered by the certification. And you may want to get your knowledge to some extend to be certified by Cisco that can be considered a reward in your journey even you haven’t completed it.

3. A new way to build your home lab
Practice extensively in the lab is still the key to pass CCIE. But for certain tracks, R&S and SP, you can practice CCIE lab without having any real equipments. I have built a step-by-step guidance to do this with dynamips. Dynamips is a very popular emulator for Cisco IOS and now some people have released several front-end interface such as dynagen or GNS3 to make it easier to setup and build the topology. It’s an emulator to provide real router environment that can trick the real Cisco IOS so it will boot in normal PC. So it’s still need the real Cisco IOS software, and please don’t ask me to send you this.
Many people still wrote me email asking this question: is it possible to pass CCIE only with dynamips? Yes, it is. I have seen some of my friends did this. In fact, I did all my practice for CCIE SP only with (censored), something similar as dynamips. Censored = internal info to Cisco employees heheh. I’m planning to take the top level certification from other vendor (guess who :) ) using a similar emulator only. I want to do it just to utilize my spare time, to prove my point here, and obviously for fun.
You may still require to build home lab, or rent it online, for other CCIE tracks.

4. Passing written test still doesn’t prove anything
This is still the same point as my original post. You can read the written exam blueprint and compare it with the lab. Take the written test and feel its coverage. Then setup your lab after that, start doing the workbook, and feel the difference. For some tracks, studying for written test doesn’t add any value for the lab preparation.
For me, I don’t count the step to pass written test as part of my checklist to pass the lab. After you pass written exam, you are eligible to register for the lab. And that’s what it’s all about. Passing written test doesn’t mean you are half-CCIE. It doesn’t mean you are 20% or even 10% ready to take the lab. I count it as Step 0. From the written test you should start practicing in the lab and build the percentage of your progress. Use the lab blueprint as your guidance. Once you cover 100% in the list then you may be ready for your first attempt. Well, this is not always the case. I covered only 80% and passed in my first attempt. But don’t count on my experience!
So my point here is: never count passing written test as part of your CCIE lab preparation. Just look at it as administrative step required to register for the lab.

5. Read, read and read, then practice
I won’t list all the books that I read to prepare for all my CCIE labs. They are just so many of them! And sometime you just need to read few chapters from one book. The must-read book list is different for every track and may not updated. But you can start by checking on the book list from CCIE website. If you think it’s still too much, then I suggest you to again use the Lab Exam Blueprint as your guidance. Read about one scope of technology at a time. Read from CCO, since this is Cisco certification so it always makes sense to check the configuration guide and technical tips from their website. Material from Networkers (slides with sound) is still a good resource, and I think you can get this from Networkers Online.
Google is always our best friend. And you may be interested to subscribe for online books library such as Safari Books online. Check the list of their books first before you pay! The benefit of reading from a website like Safari is they provide a google-seach to find specific topic you want toread from several books.

6. Fast and Furious may not the trend anymore
Indeed you still need the speed in typing. I guess it will be difficult to pass CCIE if you still use only two fingers to type and always look at your keyboard when you do so. There is just not enough time! But it was a different experience when I did my R&S and Security with my SP lab. In the first two, there are many independent technology that I can skip to come back later on if I don’t know the answer. So my strategy at that time was to answer all questions that I know the obvious answers first. Then I went back to answer some of the questions that I’m not too sure about it. And the rest of the time was to answer all questions that I have no clue, and I used to depend on Documentation CD or restricted CCO documentation websites to find the answers. So normally I tried to complete 70-80% of the lab before lunch, since I know I need to spend many hours to read from documentation CD.
But in SP, it was a different story. Many topics are connected to another topics, many topics are built based on another topics as underlying protocol, and all decision we make to answer one topic may affect our answer for the topic we build on top of it. So the strategy that works for me at that time was “do it once, and do it right”. I needed to make sure I had answered the question correctly before I moved to the next question (unless it’s independent feature that I can skip). Even I can type IOS command quite fast but at that time I had only 1 hour left to re-check my work. And documentation CD is not our best friend anymore in SP lab. There is no time to read it and actually to be able to build a working topology all topics covered in the lab must be understood thoroughly, unless it’s related to features or enhancements.

7. Join the community
There is no doubt about this. Learn from others’ experience and share your own experience. Check the archive for all previous discussions. Answer the questions in the forum in order to get the answers for your questions to the forum. Build a healthy discussion forum! Respect each other and always think those people who are willing to answer are not getting paid for that so don’t be rude and push to get answers (unless you join a commercial forum or the forum that is created by vendor to answer your questions related to the product/workbook you purchase from them).
Same as what I wrote in my original post, it would be good if you can build a small discussion forum in your area that can meet offline. It’s always better to have someone to share your frustration or listening for someone’s experience to boost the spirit while having coffee together. CCIE is a one-man-journey type of experience but as I said in the original post, I was happy just to know there were others out there who might be doing the same thing and facing the same challenges. You are not the only one, even you are alone who must open the door, Neo.

8. Asking the right question is an art
Try to ask some silly questions or obvious questions that any CCIE lab proctors are not allowed to answer are not recommended. They are there in the lab to clarify the question, and sometime they can provide you hints to the answer. So use this chance wisely because you don’t want the proctors mark your face in his brain as someone who asks him the answer for CCIE lab.
More into that, I think it’s really good to build a culture on how to ask a question effectively. I received many emails asked me how to become a CCIE even now still working on CCNA? That’s easy, pass your CCNA first! Or I have seen some people throw one line question to the forum: how can I configure MPLS VPN? Why don’t you spend a little bit of your time to read the website, use google, RTFM, try it in your lab and when you are really stuck you can send your specific question with all required information such as the config and topology.
Learn how to ask effectively.
We all definitely need this even for the life outside CCIE lab.

9. Understand the lab question
I was not born in english-speaking country. And even I have spent 6 years working overseas, with English as daily business language, it was still difficult for me to understand some of the lab question. For my CCIE SP lab all the questions were straight forward. I went to the proctor only because I found some vague words and since I know how to ask I could even get the hints after I clarified the words with the proctor. So they are there in the lab to help you to clarify the questions. But that’s all.
And I found out when some lab questions are so confusing, it’s better to sit back and look at the topology as a whole and a unit. So try to understand what we are trying to build in the lab from helicopter view, not from the device or configuration perspective. For example, when I did my SP lab I looked at the drawing, read the questions, tried to understand what kind of network I have to build with all traffic flow and policy then it became easier for me when I worked on each question to put the configuration.

10. Skeptical attitude might the one you need the most
Trust no one, trust no solution. Don’t trust the configuration guide in Cisco website. Don’t believe what people say or write in the forum. Don’t trust the configuration and solution written in Ciscopress books. Don’t even trust the solution from the vendor for those CCIE workbooks that you must pay for it!
I’m not saying that all those resources are bad and should not be trusted. What I’m trying to say here is you should not trust any solution unless you prove it in your lab. It may work in the book but not in your case because you use different IOS. You may read it and think you have already understood the technology but then when it doesn’t work in the lab only you realize there is a missing part that you need to discover. And some people either make a typo in their solution or answer it with one way because of some consideration that you may not able to see.
So never stop asking: Why? How come it’s possible? Why the solution use that way? What if I answer it with this way? How to prove the concept really works? What if I add this on top of that? How to answer this question if I modify or add with that requirement? And so on.

11. CCIE is nothing but a mind game
You still need to read lots of books. You still need to practice extensively. You still need to make the strategy and plan your study accordingly. But on top of that, you really need the right mindset and attitude to pass. Other than being skeptical and consistently test the solution in the lab, you must be positive most of the time. You should believe you can achieve your target if you really spend efforts in doing so. Avoid unnecessary discussion and long debate about why you need to become a CCIE (you should do that in Step 1 above). Leave your discussion group if they keep telling you it’s very difficult to pass CCIE and you won’t be able to make it because you don’t have what it takes to pass. Or they say you don’t have same opportunity as the others who can pass. Everyone has the same chance to pass. During my journey I have proved that it’s not a matter of time, nor it’s a matter of support from the company or how many resources you have. It’s all about the mindset.
And other than being positive, you should develop ability to be adaptable as well, to make you ready for any surprises in the lab. You should know how to analyze a problem and use the right approach to solve it. This is required to ensure you can understand the requirements in the lab and choose the right method to answer. You need to be able to make decision and handle situation under pressure within limited amount of time. And you don’t risk your life in taking this CCIE anyway! So relax, try your best to be prepared, extremely prepared, but in the end if you make mistakes and fail, you lose nothing but the cost to take the lab. On the other side you will definitely learn something from your failure and gain more than what you lose.
So again, Everyone has the same chance to pass.
If someone tells you the otherwise, ask him to talk to me.

12. Enjoy every moment of it
What’s the point to do something if you don’t enjoy it? Again, this is the reason why Step 1 is very crucial. It’s very important to follow your heart. Because pursuing CCIE requires you to be focus and consistent, so it will be difficult if you don’t know why you want to do this in the first place. You must sacrifice your spare time and social life so it’s really important for those around who care to you to be part of the game. Discuss your plan with them and try to still make some contact with other human beings when you are not geeking out in the lab. I remember when I did my security I still spent some time with my family to go to the beach, even my mind was in Firewall-ACL-to-allow-BGP-traffic-with-NAT and IDS-fine-tuning-to-send-alert-only-after-certain-hits. I sacrificed my sleep to gain extra time to study. I sacrificed my lunch. I sacrificed my time that I normally used to chit chat with colleagues. But I still had fun doing my lab since at the same time I played the Matrix or the Simpsons next to my hyperterminal. And not to mention all those Linkin Park songs that I used to play over and over continuously.

And when you are preparing for CCIE, be in the moment. Make a 6-months study plan but do one thing at the time. If you haven’t passed the written then do this as Step 0. If you haven’t setup the lab then start reading documentation about the emulator or search for the hardware on ebay. If you must deal with busy schedule at work, try to have fun by read CCIE material in between your busy time or steal some time by locking yourself inside the toilet and read in there (I’m still doing this until now!). Feel every aspect of the journey. Be grateful when you have even a very short time to make progress in your study. And always try to enjoy every moment of it.
Okay, let’s say you pass. You may ask: now what?
Don’t ask me. Ask yourself.

CCIE is just the beginning of a bigger journey. There are several other CCIE tracks to chase or other exciting things to do in life such as working in large scale project where you have to use all your technical skills along with your ability to handle much complex situation. But frankly speaking, until now I still haven’t found another journey that could offer such tense atmosphere, learning experience, wide coverage of technology within short time, and fun all together outside CCIE. All the time was just for me and my lab.
As I wrote in my own post after I passed my 3rd lab:
CCIE was the only time when the world makes sense.
Have fun, everyone.

How to Become a CCIE?

Cracking CCIE Security Lab
By Himawan Nugroho, CCIE #8171 (R&S, Security)
Two weeks ago I passed my CCIE Security lab. It was my 2nd attempt in Brussels. I passed my CCIE Routing & Switching lab 5 years ago in Tokyo on 2nd attempt too. I become double CCIE in R&S and Security without taking any trainings or bootcamp. Only with self-study, countless hours in my home lab, and lots of Starbucks Mocca Frappucino.
Based on my experience taking 4 lab attempts, I try to write down the summary how I did it. This how-to is specific to CCIE Security lab, but the general idea can be applied to any CCIE tracks.
Scott Morris, Quad CCIE, wrote the article ‘So You Want To Be a CCIE?’ and it’s really worth reading. Yusuf Bhaiji, CCIE Security lab program manager and the author of CCIE Security Practice Labs wrote ‘Insider’s Tips on Earning Your CCIE in Security’ in Packet Magazine August 2004 page 18.

I’m not trying to compete with them. They are the masters. I’m just another guy who has just passed CCIE lab recently and willing to share his way.
So here it is, my version of Cracking CCIE Lab:

1. Start with the self-assessment
Are you sure you want to do CCIE? As you may already heard: yes, CCIE is difficult, very rare people can pass in 1st attempt. Yes, CCIE is expensive, only the exam fee is $1250 and you still need to spend money to buildhome lab, buy books and workbooks and other resources. And yes, you certainly will not have your social life during the journey.
But if you really want to do it, if you really want to distinguish yourself and stand out from the crowd, I suggest you to do self-assessment as the first step.
Read CCIE lab blueprint. For Security lab, it’s on here.
CCIE blueprint will tell you the coverage of the lab and areas you need to focus on during your study. Then ask your self: are you familiar with those technology listed in the blueprint? If you have 4-5 years experience working in Cisco partner deploying Cisco security solutions on the field, you should know at least 60 to 70% of the blueprint easily. Then you just need to study for the rest 30%.
But even you don’t have much experience and feel completely lost reading the blueprint, CCIE lab is still achievable. Continue reading.

2. Use other certification as steeping stone
This is optional if you think you need some help for your study. Cisco has created certification career from basic, medium to expert level, which is CCIE.
Read the complete information here.
For CCIE Routing & Switching, CCNP can help you to learn routing, switching, Remote Access technology and troubleshooting skill.
For CCIE Security, you must learn Cisco security technology and you still need to deal with some Routing and Switching because the network in your lab must be built first before you can secure it.
So to learn Firewall, VPN, IDS and Router security at a time, you can use CCSP certification.
And to learn Routing, I recommend to take CCIP.
Why CCIP? Because in CCIP, you will learn about IGP Routing and BGP in advance. And you will learn Quality of Service. QOS is important because there are lots of attack mitigation techniques can be done using QOS. For example, instead of dropping ICMP flood traffic we can just limit the bandwidth, so we still can have legitimate ICMP traffic.
The MPLS exam is not important so you can either skip it or just take it and become CCIP.
Most of the switching part in Security lab is pre-configured. So you can just start by learning the security technology in Cisco 3550 switch. That should be enough for switching part. And this is one of the reasons why I don’t recommend CCNP for CCIE Security lab but CCIP instead.
Taking those certifications give you benefit to learn specific technology at a time and even you are not a CCIE yet, at least you will achieve CCSP and CCIP. Something is better than nothing.

3. Build your home lab
I believe having a home lab is compulsory. You can always rent a rack but you will have a fix schedule with them. With home lab you are the one who controls the schedule. And you can always try in your home lab directly every time you read something interesting or you just want to test the option in some IOS commands.
If you have tight budget, at least you should have few routers at home.
My recommendation for minimum home lab: 5 routers and 1 switch.
The cheapest routers that you still can use for CCIE lab is 2610 series.
They can run IOS Firewall natively and if it’s required you can boot Enterprise software for 2600 XM series with this trick.
You can find Cisco 2610 with less than $200 on eBay.
Don’t go to 2611 or 2620 since they only offer more interfaces or Fast Ethernet but they still run exactly the same software with 2610. You don’t need Fast Ethernet for sure and you can always create trunk to have multiple interfaces.
Buy 1 Cisco 2522 or 2523 as Frame-relay switch. Obviously you need WIC-1T modules and V35 back-to-back cables. Cisco 3550 switch, the one currently in CCIE Lab, is expensive so you can replace it with 2950 model. Cisco 2950 can’t runrouting and all enhance Layer 3 features, but you still can test those with rental lab.
For Security lab, you must have a PIX firewall. Either the smallest series, 506E, or franken PIX.
With 506E you have only 2 interfaces but again, you can make them as trunk to have multiple interfaces.
If you have option to buy either VPN concentrator or IDS, get the VPN.
Or you can rent a rack for several hours only to practice both of them.
So, with 4 Cisco 2610 routers, 1 Cisco 2522 FR switch, 1 Cisco 2950 (without Giga ports), 1 PIX 506E, and several WIC-1T modules and back-to-back cables, yourhome lab should not cost you more than $2000. And all of these can be sold once you pass.
You still need to spend some money to rent a rack, at least to practice VPN, IDS and 3550 features.

4. Passing written exam doesn’t mean anything
Based on my experience so far, I found out that studying written exam can’t help you much in the lab. Most of the time the material covered in written exam is completely different with the lab.
So until Cisco makes the written exam more related to the lab, I suggest to just pass it, even if you have to cram the material or use some practice test.
My suggestion is to read the written exam book just like CCIE Security Exam Certification Guide and then practice the questions using product like from boson.
With one note: don’t trust the answer from any practice test vendor. Find out the answer by yourself from CCO or Internet and this will accelerated your study. This kind of attitude will help you in the lab later on.
Passing CCIE written doesn’t mean you are a half-CCIE. For me, it doesn’t mean anything in fact. It’s only a pre-requisite exam that you must take before you can register for the lab.
Nothing to be proud of even if you score 100 in written. Last time I took the exam the passing score is only 70. Get 71 to pass and register for your lab. That’s what matters.

5. Read a lot
No single source can make you pass CCIE lab. You really need to read a lot from different resources: Cisco website, RFCs, Networkers, Ciscopress books, study forum, CCIE workbooks and any related links on the Internet.
Following is the list of resource I used during my CCIE Security study:
1. Cisco configuration example and TechNotes
2. Cisco technology support
3. Cisco documentation CD (univercd), which is basically the same with product configuration guide
4. Networkers Online presentation, it costs me 200 bucks but provides complete Networkers 2005 presentation in Las Vegas with sound and slide
5. IETF RFC
6. Ciscopress CCIE Security Exam Certification Guide – H. Benyamin
7. Ciscopress Network Security Principles and Practices – Sadat Malik
8. Ciscopress Cisco ASA and PIX Firewall Handbook – Hucaby
9. Ciscopress Cisco Router Firewall Security – Richard Deal
10. Ciscopress CCIE Security Practice Labs – Yusuf Bhaiji
11. CCIE Security Workbook from Trinetnt
I have other CCIE Security workbooks from IP Expert, Internetwork Expert, 6colabs, Hello Computers, and CCBootcamp.
But during the last 4 months before my exam, I had been focusing only with Trinetnt. As per date, they are the most decent workbook and they cover almost everything in CCIE blueprint.
12. CCIE Lab forum: SecurityIE and trinet forum
Just FYI, I have already passed CCSP, CCIP and I have more than 5 years experience with various Cisco security products before I started my CCIE Security journey.

6. Build your speed
Okay, now it’s time to practice and try all the technology listed in CCIE blueprint in your lab. Start slowly. Learn single topic at a time. Try to really understand all possibilities in one technology before move to different topic.
This is where the CCIE workbooks can really help. Good workbook like the one from Trinet provides minilabs to focus on single topic at a time.
I recommend to start slowly because studying CCIE sometime can be really frustrating. Especially when you stuck with one thing and don’t know where to find the answer. That’s why I against the idea to jump directly to complex lab scenarios. Single step at a time.
Once you get used with the lab flow, try to increase your speed.
Practice, practice, practice.
You need to be fast in the real lab. And there is no other way other than practice.
Keep repeating the same thing until your fingers, not only your brain, memorize how to configure any security technology listed in blueprint.
I use only the best workbooks to practice: Trinet and Bhaiji’s book.
I found out if you can complete 1 Trinet superlabs with less than 3 hours time, than your speed should be fine for real lab.
Obviously when you practice with any workbooks, you must understand why and when you should configure with certain way.

7. Join the community
You can’t win this battle by fighting alone. Join the community to meet other CCIE candidates and study together. I found SecurityIE forum is really helpful. There are a lot of security experts in that forum and the discussion is really depth. The forum archive is priceless.
Trinet forum was active when it was started. I was involved from beginning so I enjoyed my time discussing directly with Khawar Butt, the founder. I can see now there is very less response from Khawar anymore in that forum. But I believe you still can discuss with other CCIE candidates. And try to dig the archive to see whether things you are looking for have been discussed in the past.
If possible, try to create small discussion group. I met some wonderful people from those forum and we decided to study together. It’s always good to have somebody else to verify your weak points.
During my journey, I was really happy just to know that there are several people out there that I can discuss with every time I stuck in my lab at 3 am in the morning.

8. Learn how to ask
Make sure you know how to ask questions, to the study forum and during the real lab. Before you send something to the forum, please make sure to check the archive. Try to test it by yourself in your lab, and when you get stuck, copy the related configuration with show and debug output and send it to forum.
With this way, we can build a healthy discussion and most probably you will get positive answers.
This attitude is important when sitting in the real lab too. During my 2nd attempt, my proctor mentioned something like: “if you have any questions you can ask me, but most probably I will not answer”
So you need to know how to ask question to your proctor. Otherwise he will throw his pity look to you and say: I’m sorry I can’t answer that.
I believe if you know all the technology listed in the blueprint, and you already have this attitude, you should be able to ask smart question to the lab proctor. They are there to clarify the lab questions, and that’s the only thing you should try to get from them: clarification.
By asking the right question for sure.

9. Understand the Lab questions
Speed is critical, but you need to know how to answer too. So when you think you already have the speed, you need to dig each topic in more detail. There is no other way other than try any possible scenarios and read more to understand all technology in-depth. Check all the options from each IOS command, test it, run the debug, compare the result, then move to different technology and do the same thing.
During the real exam, don’t overlook and make assumption. Read the question carefully. And if you don’t understand something, you can ask clarification from the proctor.
Yusuf mentioned in his book that most candidates fail not because they don’t understand the technology, but because lack of understanding the question. Make sure you read his book several times to make sure you understand what he expects from the answer.

10. Trust no one, trust no solution
You should not trust any of your resources until you prove it by yourself.
This is the only attitude that can make you pass.
I found a lot of mistakes in Cisco sample configuration and workbook solution. Even Bhaiji’s book contains several errors. Study forum is good because people try to test something together. But are you sure the solution posted really works?
Why you have to bet, just try it by yourself in your lab.
Every time you see some scenarios and the answers, always ask the questions: What if? Why not using this? How if I modify that?
I like Trinet because the workbook provides general idea of the real lab and makes me really fast. But I don’t just believe their solution. I always tried to answer their scenarios with my own way, and then modified the scenarios, put more requirements and restrictions.
I often ended up with my own scenarios, which are much more difficult from the original.

11. It’s all in your mind
CCIE is completely a mind game. I failed 4 years ago in my 1st CCIE R&S attempt in Brussels because no one told me at that time how difficult CCIE lab was. Everyone I know always told me that the CCIE lab is so difficult that only few selected people who can pass it. And I’m certainly not one of them.
I went to my 1st attempt with this feeling, that I was not ready and CCIE questions would always be one step ahead me. It was 2 days exam and I was able to reach troubleshooting section on 2nd day. But I failed with 5 mark away from the passing grade. I felt terrible but I realized one thing: CCIE lab is achievable. If you have spent a lot of time to prepare, then it’s even possible to pass on your 1st attempt.
For my 2nd attempt in Tokyo 1 month later, I woke up in the morning and told myself in front of the mirror that I would become CCIE that day.
CCIE lab is an exam and the proctors are “only human”. I kept telling myself: there is no spoon.
I was able to keep my sense of humor even in Japan I had to use Japanese version of Windows and keyboard.
One and half hour before the troubleshooting section over, I have already walked out Cisco office with my CCIE number.
Indeed I failed in my 1st Security lab attempt last December. But I failed at that time because I was so confident and overlook several things. I was really sure that I would pass that day and made me forget one basic rule in CCIE lab: this is Cisco exam. They make the lab and they expect me to answer as per their solution.

12. The journey must be fun
In the end, CCIE lab is only an exam. Even it’s Goddamn hard to pass but this journey must be fun. Turn all the pressure as a power.
Use any supports around you: your family, friends, working environment.
Manage your time so even you will not have social life at all but at least you should enjoy it.
And If you fail, do the classic: learn from your mistakes.
Try to know exactly what your mistake is and address it once you go back home.
Never think to stop in the middle, no matter how many times you fail.
I always believe that there are 2 kinds of CCIE candidates out there: one who always makes excuses why they should not do it again and quit, and one who just jumps back into their lab and start debugging their mistake.
The second one will pass eventually and join the elite club of experts. The first one will join the club of losers.
Which one do you want to end up? The choice is yours.

Why Become A CCIE?

The CCIE is a very difficult and expensive (potentially VERY expensive) certification. So why in the world would anyone want to spend the time and money necessary to pass the CCIE lab exam and get their digits? While each CCIE candidate has their own reasons for doing this, there are some common benefits:

1 Salary

Oh the vulgarity of chasing filthy lucre! Regardless of your views on the whole “mo’ money, mo’ problems” debate, money is one of the leading motivations for many candidates seeking the CCIE. Because the CCIE is such a difficult and highly respected certification, there is a very competitive market for CCIEs. With high demand and low supply come high salaries. The CCIE has consistently been at or near the top of the certifications with the highest salaries. The current average salary for a CCIE is somewhere in the $93,000 – $111,000 (US dollars) range. I live in the Twin Cities area of Minnesota and I’ve been told that $125,000 is the average salary of a CCIE in this area. Brad Reese has a nice collection of links to various salary surveys. As with any “average” salary you need to take into account that there are likely other variables at play (years of experience, location, specialization, consultant versus permanent employee, etc) but suffice it to say, a CCIE can make a decent living.

While I would love to believe that companies pay high salaries solely based on expert level Cisco knowledge that is only one part of the salary equation when it comes to CCIE pay. Cisco’s Channel Partner Progam rewards companies by branding them as Select, Premier, Silver, or Gold partners. I won’t pretend to know much about the details of this program, but there is a stipulation by Cisco that each partner maintain a certain number of Cisco certified employees in certain technologies.

For instance a Gold partner requires:

12 unique certified individuals and all four of the following Advanced Specializations:

    • Routing & Switching
    • Security
    • Unified Communications
    • Wireless LAN

I think that this number fluctuates based on variables such as specialization and total sales, but I’m not sure. I have also heard that Gold partners (and possibly the other levels as well) need to maintain a certain number of CCIEs on staff in order to maintain their partner status. Cisco has a web page that shows the benefits of hiring a CCIE, one of those benefits is:

Preferred status is given to Cisco partners who employ CCIEs (find out more at Cisco Channel Programs).

On the same page Cisco also warns that losing a CCIE may affect partner status:

The benefits of Gold or Silver Channel Partner status are only available to companies who maintain the required number of certified staff.

So why does this mean more money for CCIEs? One of the benefits that a company receives for becoming a channel partner is a discount on Cisco equipment (I’ve heard that it’s a pretty hefty discount). That means that a partner can save substantial costs on equipment. In turn they can put in lower bids on contracts. If a company can save hundreds of thousands of dollars on equipment and bring in more business by hiring a CCIE, then they certainly can afford to pay that CCIE very well. The fact that a CCIE will be able to give expert level support to their customers may be an afterthought.

2 Accomplishment/Challenge

The CCIE is the most difficult Cisco certification (with the possible exception of the new CCDE program) and becoming a CCIE makes you a member of a pretty exclusive group of network professionals. For many candidates getting their digits is tangible display of their networking abilities. It looks awesome on a resume and effectively ends any networking bragfest:

“I’ve been working in networking since routers came with dip switches and I was the guy that the ARPAnet engineers called when they…”
“That’s adorable. I’m CCIE #12345.”
“Drat. I have been bested.”
“Yes you have, lesser engineer.”

Okay, that’s the way it goes down in my head at least. Becoming a CCIE gives one an air of authority (for better or worse). Does becoming a CCIE automatically make you the best engineer on your team? No. But at the very least it shows a dedication and technical prowess that few engineers can claim.

3 Job Advancement/Job Opportunities

This category ties together both of the previous categories. In some situations you may be happy with your salary and employer, but you want to move up the networking ladder. Or you may be looking for a new position outside of the company. Either way, having a CCIE will definitely set you apart from the crowd. It will also give you an advantage in the job market if you lose your current job (a very real possibility in the US at this time). Another benefit is that you’re more likely to be tasked with playing with the latest and greatest technology if you’re a CCIE. Your boss more likely to give that new CRS-1 or Nexus 7000 to a CCIE to play with….err, “test”.

4 Maintaining An Expert-Level Skillset

This one is not mentioned often and can also be looked at as a disadvantage of being a CCIE. Once you become a CCIE, there is an (unreasonable or not) expectation that you have an expert level knowledge of networking. When there’s a difficult issue or just whenever some smart-ass wants to test your knowledge; you will be expected to answer these questions – especially if you’re being paid handsomely. You’re going to want to remember all of those default timers, subnetting skills, LSA types, BGP commands, etc. that you worked hard to learn for the CCIE exam and lab. Instead of reviewing them before an exam or an interview, you’ll want to have them committed to memory so that you don’t become the CCIE that everyone whispers about (“He’s a CCIE and he doesn’t even know [insert technology here]“). Sure there are going to be cases where you’ll tell your inquisitors that you’ll need to research it and get back to them, but you’ll probably want to be quick with an accurate answer to most questions.

There are a multitude of lesser reasons for getting the CCIE such as Cisco Perks like better TAC service and Networker’s parties, but the ones that I have listed are the ones that I’ve heard most candidates use when asked why they are pursuing the CCIE. In my personal case, I started down the CCIE path mostly as a challenge. I wanted to see if I had what it takes to become a CCIE. While job advancement and salary were not at the top of my list, I would be lying if I said that they weren’t in the mix. I love working in IT because it’s one of those fields where more knowledge generally results in more opportunities and/or better pay.

So we’ve seen what the CCIE entails as well as some of the benefits.

CCIE Exam Policies

Candidates should be familiar with the policies for CCIE program participation, as stated below.

  • Conduct
    Candidates must agree they will not compromise the integrity or confidentiality of any Cisco certification exam or certification program. Prohibited actions are described in the Cisco Career Certifications and Confidentiality Agreement. Remedies for violating the policy can include a lifetime ban on all future exams and voiding of all previous certifications.
  • Confidentiality
    The questions and answers of the certification exams are the exclusive and confidential property of Cisco and are protected by Cisco’s intellectual property rights. Candidates taking Cisco exams must agree they have read and will abide by the terms and conditions of the Cisco Career Certifications and Confidentiality Agreement before beginning each exam.
  • Correspondence
    All official correspondence to certified CCIEs and candidates is sent to the email address in the CCIE database. This database is SEPARATE from the Cisco customer database. Changing

    an email address in the Cisco customer database does not automatically update the CCIE database. CCIEs and candidates must keep their CCIE email address updated in order to ensure they received all official correspondence.

  • Exam Violations
    Disclosure of test content is strictly prohibited. Please report any suspicious activity as described in Cisco’s Exam Violation Rules.
  • Lab Exam: Double Booking
    CCIE candidates are allowed to schedule only a single CCIE lab exam date at any location for each CCIE track. Double booking for lab exams in the same track, at either the same location or different locations, is not permitted by the database. Candidates will be allowed to simultaneously schedule lab exams for different tracks.
  • Lab Exam: Exam Rules
    Candidates for the CCIE written exam or lab exam are not allowed to bring anything into the exam room or take anything out. This includes, but is not limited to: notes, documentation, watches, laptops, keyboards, pagers, PDAs, and mobile phones. DO NOT confer or consult with anyone about the exam while taking the exam or after the exam is completed. During an exam, you may only discuss your exam with the lab engineer.
  • Lab Exam: Payment
    Price not confirmed and is subject to change until full payment is made.
    Types. Lab sites in China and Japan will only accept payment via wire transfer. All other locations accept online credit card payment (American Express, Visa, Mastercard, or Eurocard) See “Lab Exam: Scheduling and Payment” for details. You are responsible for any fees your financial institution may charge to complete the payment transaction.
    Due Date. Full payment must be received at least 90 days before the lab exam date. Only one e-mail notice is sent as a payment reminder. Payments generally take one to seven business days to process, so be sure to initiate payment in advance of the due date. It is important that if payment will be made by wire transfer, that the payment is scheduled well in advance to prevent the lab date being dropped. Exams for which payment is not received by the due date will be automatically dropped from the schedule. If you still wish to take the lab, you must rebook the exam online and complete your payment. There is no guarantee that your original date will still be available once it has been dropped for non-payment. If you bookan exam for a date less than 90 days away, you must complete payment on the day you book the exam or the registration cannot be submitted. Candidates are ultimately responsible for making the lab payment in a timely manner and Cisco will not be held liable for any candidates automatically dropped due to non-payment.
    Processing. Credit card payments entered into the system will be processed on the payment due date, exactly 90 days prior to your lab date, as will invoices for all payment types. Be sure the company name, invoicing address and email address are complete and accurate to ensure proper delivery of your invoice. No invoices will be generated before the lab exam due date.
  • Lab Exam: Rescheduling, Canceling and Postponing
    Prior to Due Date. Cancellations or changes to the exam date, location, or track must be made prior to the payment due date–90 days before the scheduled lab date. To make any changes, you must log into the Lab Scheduling tool and drop your current lab. Then you can reschedule according to preferred date, location and track. You may book an exam for a date less than 90 days away, if you complete payment on the day you book the exam.
    If you need to cancel an exam before the due date, and paid via a wire transfer that has already cleared, you are eligible for a full refund by requesting support via the Certifications Online Support tool.
    After Due Date. Changes and cancellations are not permitted after the payment due date–90 days prior to the scheduled lab date–and no refunds will be issued. If you are not able to attend your scheduled lab date, contact support to let them know the lab seat will not be used. You will still forfeit your payment, but you will be allowed to book another exam date immediately. If you do not contact support, you will be marked as a “no show” for the exam and be barred from booking another exam for 30 days.
    Candidates Requiring Visas. If you require a visa to attend your lab exam, it is strongly recommended you apply 10-12 weeks before your lab date. Candidates who fail to obtain required visas will still be bound by these cancellation policies and must cancel their lab exam before the payment due date to be eligible for a full refund. For more information in requesting a CCIE Invitation Letter, please visit our CCIE: Invitation Letter (Entrance Visa) Instant Answer.
  • Lab Exam: Reevaluation of Lab Results

    Exam results appeals are available for the routing and switching, security, and service provider technology tracks. Only exams with potential to change from fail to pass will have the option to request an appeal, based on years of historical data. Appeals are not available for the voice or storage tracks due to equipment limitations.

    An appeal consists of a second proctor loading your configurations into a rack to recreate the test and re-score the entire exam. This process takes up to three weeks after receipt of payment. Only one appeal per lab attempt is permitted.

    The result of the appeal is a confirmation of the existing fail or an update to a pass.

  • Payment Terms

    Make your request within 14 days following your exam date by using the “Request for Reread” link next to your lab record. Each appeal costs $250.00 USD plus any applicable local taxes. Payment is made online via credit card and your card will be charged upon receipt of the request. You may not cancel the appeal request once the process has been initiated. Refunds are given only when results change from fail to pass.

  • Lab Exam: Retakes
    All candidates must wait 30 days between CCIE lab attempts. Please note the 30 days starts from the day after a failed lab exam.
  • Lab Exam: Scoring
    You must obtain an overall score of at least 80% to pass the lab exam. You can view your lab exam results online (login required), usually within 48 hours. Results are Pass/Fail and failing score reports indicate major topic areas where additional study and preparation may be useful.
  • Lab Exam: Start Times
    Start times for exams are indicated in email can also found on the web page associated with each lab location (for a list, see Lab Exam Locations). Please verify your email address in your candidate profile so we can notify you of any changes. If you have any questions about the start time of your exam, please contact CCIE customer support through the Certifications Online Support tool . If you arrive more than two hours after the start of your exam, you will not be allowed to start. If you arrive less than two hours late, you will be allowed to start but you must finish with the rest of the group.
  • Logo Guidelines
    Certified CCIEs may only use the CCIE logo as provided and in accordance with the published Logo Guidelines.
  • Recertification
    To maintain active CCIE status, CCIEs are required to pass either a CCIE written exam of their choosing from among all of the currently available written exams, or a CCIE lab exam in a new track every 24 months. Candidates can only apply one passed written exam towards recertification for every 24 month recertification period. Certification candidates are responsible for keeping track of their certification expiration dates; your recertification deadline can be viewed online anytime (with login) at Certification Status. Subsequent recertification deadlines are always based on your original certification date, not on when you took your last recertification exam.
    If your CCIE recertification requirements are not completed on or before the certification’s expiration date, your CCIE certification will be suspended for one year. Candidates have one year to recertify their CCIE certification by passing the required written exam. If a candidate does not recertify prior to the one year suspension period, all CCIE certification requirements must be completed again to obtain the certification (pass both the written exam and the lab exam.) Please see Recertification for detailed information.
  • Travel Costs
    Under no circumstances will Cisco reimburse travel costs for CCIE lab exams.
  • Written Exam: Expiration
    Candidates must make an initial attempt of the CCIE lab exam within 18 months of passing the CCIE written exam. Candidates who do not pass must re-attempt the lab exam within 12 months of their last scored attempt in order for their written exam to remain valid. If a candidate does not pass the lab exam within three years of passing the written exam, he or she must retake the written exam before being allowed to attempt the lab exam again.
  • Written Exam: Retakes
    There is no limit to the number of attempts that can be made on the written exam. However, candidates must wait 5 calendar days between exam attempts. Once a candidate passes a particular written exam, he or she may not retake that same exam for at least 180 days. (Though rare, this may occur in certain recertification situations.)
  • Written Exam: Scoring
    Pass marks are set by using statistical analysis and are subject to change. The pass score is given on the Examination Score Sheet at the end of the test. Along with the candidate’s score, there is a notation of either PASS or FAIL. Scores on written exams are automatically downloaded from testing vendors, but may take up to 10 days to appear in the CCIE database.
  • 1 578 579 580 581 582 586