I am halfway towards my CCNP Security and am finally gearing up to finish it. When I completed the 642-618 FIREWALL and 642-648 VPN exams at the beginning of 2014, I was promptly sidetracked by the little things in life. (Such as moving across the country, starting a new job, and finishing my BSIT at WGU.) Knowing that the old CCNP Security exams had cycled out in April of 2014, I used Cisco’s CCNP Security Migration Path tool to validate that I was left with these two exams:

  • 300-207 SITCS (Implementing Cisco Threat Control Solutions)
  • 300-208 SISAS (Implementing Cisco Secure Access Solutions)

I am starting first with the 300-208 SISAS exam as it covers a range of topics, such as 802.1x, Cisco ISE, and Radius, that I am very familiar with. However, from everything I’ve read, it goes into great depth on the minutia of the ISE interface. As I haven’t touched ISE in a production environment in over a year now, I’ve been spending time most evenings in my lab spinning up and down many different scenarios.

My lab for this study is entirely virtual and is a dry run for building my CCIE Security lab. It currently consists of the following, largely coordinated and controlled via GNS3:

  • ISE 1.2 - VMWare Fusion on my MacBook
  • ACS 5.6 - VMWare Fusion on my MacBook
  • CentOS test boxes (x2) - VMWare Fusion on my MacBook
  • IOU L2 Image (x2) - Rackspace Cloud Server
  • IOU L3 Image (x6) - Rackspace Cloud Server
  • ASA 8.4 (x2) - QEMU on a Rackspace Cloud Server

In the weeks to come I’ll be posting more about my exam preparations, including lab scenarios and links.  This is mostly for me, but if anyone else gets some use out of it too, even better.