For security reasons I wanted to post this here, moderators please do not move it to the public area. As some of you may know I have been struggling for a while to pass my CCIE Security lab, it took 3 attempts but I finally nailed recently. I feel a great relief for this is has been on my mind for years now, I have done pretty much a lot of things to get it and in past years gave up to the idea and kept putting it on hold until lately. My end goal is to be Dual CCIE, second one being RS, I opted to do Security after trying RS for a while because I felt I was better at it and found more sense as I practiced more advanced labs. My advice/technique:
1. I feel that it's a very important thing to keep focus and convey a plan early on your path to the CCIE certification, as someone said before set it as a project, that's a great idea and it was what actually put me in the right path and made the difference from my first attempts to this last one. Do not start to study until you have a clear plan of what you will do, set a reasonable timetable and do not dwell on things, move on as you go and make sure you understand everything thoroughly, for this I always went to the blueprint and back to the workbook as needed. At this point gather the information needed to pursue your plan, note that I said what's needed, not just EVERYTHING you can find on the subject, believe me, you will not be able to grasp it all if you do.
2. Stick to one workbook provider, don't jump around, it will not matter how much you know about those 10000 tricks that vendors like Internetwork Expert and NMC use in their workbooks, what will matter is that you got "the basics" down, if you keep moving to different workbooks you will over study, but most likely you will not be able to retain all the information, and in the end it becomes useless anyways. So keep it simple, use a workbook from a vendor that is as close to the blueprint as possible, forget about studying anything that is outside of it, literally, unless you have a photographic memory and can learn all the crap the workbook vendors make on top of what's really needed. BTW, I use Netmetric Solutions, it's plain, simple and down to the point, it covers everything on the official blueprint, not less, not more, exactly what's needed. I looked at Internetwork Expert only to clarify some exercises that I could not understand from the Netmetric Solutions material, again, not to look for more stuff, just to look at it from a different point of view and make sure I understood what they were both talking about.
3. I strongly advice you to put together your own lab, do not rely on rentals for anything unless you absolutely have to, it is priceless you be able to have the flexibility to study when you actually have the time or can actually concentrate, if you like myself have a family and a job that keeps you busy like crazy it will be an unnecessary hassle to be worrying about time slots, that router or firewall or switch will break when you have your 8 hour session booked, and you will come home too tired to be able to study. Also, at times you will be stressed with life, it's not easy on your family the kind of sacrifice you are doing, so if you keep it under your control by making your own lab it will be easier to handle with your beloved ones, trust me on that. Yes, it will cost some money to get a reasonable lab, but keep it simple, after two attempts and spending about $1100 in rack rentals I had to think about getting me a lab, so I got started as follows:
- Took 2 old P4 computers from my office that were not doing anything and put 4GB on each (cost $0)
- On one PC I installed Ubuntu and GNS3 to run the 6 main routers in my workbook, everyone says it runs better than in Windows XP, for sure I can tell you 3640s run smoother than other platforms
- On the other PC I installed Windows and VMWare Workstation, made a VM for the ACS and Windows XP client and installed GNS3 to run the PIX
- Took 2 switches from the spare inventory from the office (we have plenty, again $0)
- Took 3 routers (you guessed it, $0)
- Got 6 Quad Port NICs (ebay, $50), I used all of these bridged in both VMware and GNS3, I had no problems of any kind running it this way
- Took 1 ASA 5520 from the production cluster ( I don't recommend this unless your boss know nothing about networking and will not find out and fire you, again $0), no you do not need 2 and yes if you can get a 5510, just make sure your license can run multicontext, the only feature that requires 2 is failover, and believe me, it's the least to worry about, you have bigger fish to fry with the rest of the blueprint to worry about a simple task that can be read from the documentation
- A friend had a VPN 3000 and IPS 4215 and loaned them to me (this was plain luck, but on ebay I could have got the VPN for less than $500 and the IPS can be done with vmware)
4. If you can afford it, I recommend you do a bootcamp, I did, and it made a huge difference in setting up the strategy and overall learning path and all. Some say it's better to do this at the end of your study plan but I believe it's much more productive if you do so in the beginning.
5. Make sure you have a strategy for the exam, I can't stress this enough, before you attempt your lab you must be able to do any mock lab from your workbook in no more than 6 hours if not less than 5. The significance of this is that you make sure that you can complete everything or most of the tasks without even having to look at the freaking documentation, yeah, there's no need to look at the documentation if you practiced the right stuff, however, if you over study you will find out that you will need the documentation more and more because the retention rate as I discussed above. I was done with 75% of the exam before lunch, when back I was done in about an hour, that ended up giving me nearly 4 hours to check for mistakes, which otherwise would have ended costing me valuable points, I had 2 tasks that I could not figure out on my own, those I left until the very end, I ended up figuring out the two tasks in the last 30 minutes of the exam. So it's very important to leave more than enough time to thoroughly check for your solutions, read questions and verify your answers more than once if you can, make sure outputs match to what they are asking and that you don't put any typos on ACL, interface names and such, they will grade you for these even if your solution works, in a nutshell, outside is not the same at Outside, and access-list 101 is not the same as access-list BLOCK, make 100% sure you are doing exactly and only exactly what they are asking for.