ccie security and Unix?

Unanswered Question
Feb 28th, 2009

Is it normal for someone with ccie security and have absolutely no clue with Linux and Solaris OS?

I interviewed someone a few days ago for a network position in our company. This person has ccie security but when I asked him how to troubleshoot tacacs and radius running on Linux and Solaris, simple things like running tcpdump, he has no idea how to do it. He could not even interpret the output of tcpdump.

I learned Linux and Solaris during my freshman year in college ten years ago so I assumed that everyone in the neworking industry should have some knowledge about Unix with some shell/perl/expect programming.

Wonder if this is normal of a typical ccie security.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
tperrier Mon, 03/02/2009 - 01:21

Well, the guy didn't have a Redhat or Sun certification, right? ;)

His resume should show you if he ever had server administration experience. Some people, especially in large companies, work in tighly compartmentalized departments, and so he may have never touched a Unix server in his whole life, but is still an expert when dealing with firewalls and IPS devices...

cisco24x7 Mon, 03/02/2009 - 16:02

If a person has a ccie security but does not know how to read tcpdump output or know nothing about Unix, I would have deep reservation about bringing him on-board. How can you be an expert in dealing with firewalls and IPS devices if you do not know these things.

scottmac Mon, 03/02/2009 - 18:00

I agree. Even if the person didn't know specifically how to do a tcpdump or what the command was, any network security person that can't read a packet decode would not inspire much confidence.

IMO, If there's anywhere you need to know bits & bytes outside of the programming environment, firewalls & security would be it.

kdaramola Tue, 03/03/2009 - 06:43

Some big company only allow you to work on a specific project even though you have CCNP or CCie. You may only allow to focus on layer 2 or layer 3 or firewall. I don't think you can be master of all.

cisco24x7 Tue, 03/03/2009 - 08:11

If a person is a CCIE and but knows nothing about Unix, I have deep reservation about hiring that person. Just about everything you do with network these days are Unix related. This is especially true when you talk about network monitoring such as AAA servers, NMIS, Nagios, smokeping, syslog-ng, and netflow tools. Not to mention scripting tools such as perl and expect.

You do not have to be an expert but you should know how to make modifications to the existing systems. This is especially true in this time of budget cost cutting.

yuri_slobodyanyuk Tue, 03/03/2009 - 10:27

Speaking from my experience (Service Provider) it would be hard to be CCIE AND have

commensurate experience without intermediate knowledge of Linux. In my day-to-day

work there is no way I deal with Cisco security only. By the mere fact that Cisco is not major player in security field as is in networking one you are faced with

lots of other vendors, many (most?) of them building their products based on Linux

(Esafe - RedHat, Checkpoint VPN NG/NGX- Redhat, Juniper = FreeBSD.

So tcpdump is like debug icmp trace in ASA :) - you have to know and use it.

At the same time I am yet to see Radius/Tacacs implemented in production on non-Windows

so with 'debugging these on Solaris' I'd have problem too .

srue Wed, 03/04/2009 - 06:24

There are really several questions (or answers) here:

1. is this normal

2. is this acceptable

3. is it right/wrong

here's my 3cents.

1. It's probably not normal (hopefully) given the nature of a ccie. i expect engineers at this level to be intellectually curious about things outside of their comfort zone. in this case, that is clearly *nix. I would find this lack of intellectual curiosity troubling.

2. in your case, it's clearly not

3. i personally don't see this as a right/wrong issue.

ccannon88567 Wed, 03/04/2009 - 07:17

I agree - Very strange, I would be cautious too.

Personally, I don't see how anyone can claim to be an "expert" in Security without even knowing basic UNIX and pen testing methods.

You need to know how to hack, write scripts, exploit vulnerabilities in software before claiming to be an expert in the security field.

Just configuring firewalls to best practices is by no way "Security Expert" by a long shot.

tperrier Thu, 03/05/2009 - 00:41

Well, in defense of the guy, the CCIE Security doesn't claim to make people IT security experts in the broad way you seem to think it implies. The tagline straight from Cisco's site:

Certifies expertise with specific security protocols and components, as well as IP and IP routing.

Like Steven and you, I also think a CCIE Sec should have at least some knowledge outside of his specific field, and clearly the guy isn't suited for your job opening, but that doesn't mean he doesn't deserve a good job somewhere where he'll only need Cisco skills.

Eddy Michael Ac... Thu, 03/05/2009 - 14:48

Well the way i see it, i dont think A CCIE Sec, wouldn`t know the stuff related to tcpdump,Unix admin and related Subjects.


This Discussion