New CCNP Security

Existing CCSP Information

Currently for an engineer to begin their journey towards achieving CCSP certification, they would need to start by acquiring their CCNA Security certification. The CCNA Security is comprised of a valid CCNA while also passing exam 640-553. The information needed to pass exam 640-553 is attained in the IINS training course (Implementing Cisco IOS Network Security).

Once a valid CCNA Security is completed, the next steps for CCSP would be to attend and pass the associated exams for the following three courses (SNRS, SNAF, and IPS) and one of the elective courses (CANAC, MARS, or SNAA).

If you are currently working towards your CCSP and have already started your training, here are some test dates that you will need to be aware of. Last day to test for following exams: SNRS 642-504 is April 8, 2011; IPS v6.0 – 642-533 is May 31, 2011; SNAF 642-524 is April 8, 2011; SNAA 642-515 is April 8, 2011. Please call us at Sunset Learning if you have any questions regarding how to combine the new courses into your existing training to complete the security certification.

New CCNP Security Details

Security engineers today are faced with many challenges associated with such dynamic environments from complex networks, virtualization, mobility, and increased threats. Cisco has redesigned the security track to help engineers get the training they need to meet ongoing and evolving demands for security.

To begin down the path of CCNP Security, and engineer will need to start with CCNA Security which is described in detail above (no changes to this certification and learning path).

With the new curriculum for the professional level, there are four mandatory courses (SECURE, IPS 7.0, FIREWALL, and VPN). CANAC and MARS are no longer elective courses needed for CCNP Security certification but are available if there is a need for specific product knowledge or to achieve a specialist certification.

Here are brief details of the new courses.

SECURE – Securing Networks with Cisco Routers and Switches v1.0
This course teaches engineers to develop the knowledge and skills needed to secure Cisco IOS Software router and switched-based networks, and proved security services base on Cisco IOS Software.


IPS – Implementing Cisco Intrusion Prevention System v7.0
This course teaches engineers to develop the knowledge and skills needed to deploy, maintain, and troubleshoot Cisco IPS-based security solutions.


VPN – Deploying Cisco ASA VPN Solutions v1.0
Provides network security engineers with the knowledge and skills needed to deploy Cisco ASA based on VPN solutions.


FIREWALL – Deploying Cisco ASA Firewall Features v1.0
Provides network security engineers with the knowledge and skills needed to implement and maintain Cisco ASA-based perimeter solutions.