The new blueprint is upon us and all I want to say to anyone studying for CCIE R&S at the moment is – DON’T PANIC. Before I address that “don’t panic”, part, please allow me to say a thing or two about the new blueprint. Nothing there is unexpected, out of the blue, scary or unusual. In fact, of all the CCIE tracks that have been recently updated, this one is by far the best. Why? Because it’s relevant!
Brief History Lesson
CCIE has for the longest time been considered a golden standard in IT certification. It was always considered to be difficult, challenging and has been a kind of a “holy grail” for IT and network professionals. One thing that we always kept saying about the CCIE in the past was – “yeah, but it does not replicate the real life”. This has been true for many, many years. Now, we have the latest and greatest incarnation of the CCIE R&S – the “grandaddy” of all CCIEs. How and why is it any different than what we’ve had before? Well… because it is.
In the previous blueprints for example, content covered by the CCIE R&S blueprint was hardly relevant for real-life engineers. We had things like Frame Relay (including FR switching!), OER/PfR and WCCP in there, that were, at best, fringe cases of relevance for most enterprises and engineers. On the other hand, more relevant topics were not covered at depth that would test the deep understanding. The troubleshooting section, while fantastic at its core, failed to deliver much relevance, as we never had to explain our actions in any way. We just “did” things, fixed the issues and moved on. Not anymore, as things will change with version 5. For the better, in my opinion.
With the new blueprint, topics have been trimmed considerably and not only that, we now know how much each topic will be covered in terms of the percentage of the entire test! This has never been known before. Modern and relevant topics, like IPv6 are more tightly integrated with other exam content, but the biggest and the best change of all in my opinion is the change in the format of the lab exam.
Exam Format Change – Really, Don’t Panic
There are two changes of importance here. One is the exam format and the other one is the grading modification.
CCIE R&S lab exam now consists of three sections:
- Troubleshooting Section (TS)
- Diagnostic Section (DIAG)
- Configuration Section (CFG)
Troubleshooting section remains mostly unchanged from the previous version, with one major difference. Candidates now have the option to borrow up to 30 minutes of time from the configuration section, should they need to! So this section can now be up to 150 minutes long! It consists of independent incidents (tickets), delivered in a virtual environment. A predefined minimum score in this section is needed in order to have a successful lab attempt. This score has traditionally been 80% of the available points. This time around, this is not explicitly stated, but if I was a betting man, I’d say it will be around that mark.
Diagnostic Section is the new kid on the block in the CCIE lab world. It takes old and (very!) broken idea attempted in the past with the open ended questions (also known as core knowledge section or “a massive failure section”, if you ask me) to a new and actually pretty cool and interesting level. It is going to be a scenario driven section in which candidates will have to analyze data supplied from simulated e-mail threads, diagrams, command outputs, packet captures, etc. and asses the possible root cause of the simulated problem. Unlike the actual troubleshooting section, there will be no access to any equipment in this section. This section will be fixed 30 minutes long and predefined minimum score is required to be successful.
Since this section is new, let me spend few more words on it, since I’m sure most students will be concerned about it. One of the major concerns Cisco had in the past with the CCIE candidates is inadequate understanding of the underlying technology. Candidates knew how to configure things (since they were trained to think about commands), but they didn’t know why they were typing certain commands. Also, in the more recent past, “recipe-based” troubleshooting training helped candidates pass the test without actually understanding what was wrong in the first place. With this section, Cisco is trying to ensure not only that candidates know how to solve certain problems, but also to understand why these problems existed in the first place, without actually applying the learned recipe to get the desired result. Deep understanding of the topics will be more relevant than ever, but that’s why you want to be a CCIE in the first place, isn’t it?
Configuration Section
The old friend is still there, the configuration section. This section has also gone through some changes. First of all, it’s also virtual, just like the Troubleshooting Section. It can be maximum of 330 minutes long, but beware that borrowed time from troubleshooting can make it shorter. However, if your troubleshooting skills are excellent and you’re faster than 120 minutes, unused troubleshooting time will carry over to the configuration section. Just like with the other two sections, a predefined minimum score is required to be successful. Traditionally, this used to be 80% of the score, but it may or may not be so this time around.
I did mention earlier changes in regard to the grading. If you read the description of the three sections so far, you’d probably be thinking how’s this different than what we had before. There is one more thing Cisco added for the version 5 – a minimum overall cut-score! So not only do we have to score a predefined minimum in each section, the overall score needs to be above a confidential cut-score. That sounds bad… but actually, isn’t! This simply allows Cisco to declare that, say, 20% of the top scores in the particular exam (or as they call it – test form) will be considered success. Now, that may actually mean 50% of the overall point value and not an arbitrary 80% like before! In my opinion, this is probably the best change in CCIE grading in years. It will create more balanced testing experience for everyone.
What’s New and What’s Gone
First of all, let me say that the best place to get this answer is Cisco Learning Network and the official “delta” document. This document details changes between the blueprints in excruciating detail (true story). Here is the link: http://www.cisco.com/web/learning/certifications/expert/ccie_rs/docs/ccieRS_examUpdates4-5.pdf.
In short, there have been several “movement areas”. Some topics that were covered by v4 blueprint are now going to be covered only in the written exam, some have been removed and yes, some topics have been added.
Topics that are completely gone from the version 5 are:
- Flexlink, ISL, Layer 2 Protocol Tunneling
- Frame-Relay (LFI, FR Traffic Shaping)
- WCCP
- IOS Firewall and IPS
- RITE, RMON
- RGMP
- RSVP QoS, WRR/SRR
Perfect. We no longer have to worry about those. Now, some things are not going to be on the lab, but will be on the written exam. Some topics have simply been moved to the written status, while others have been added.
- Topics Added to the Written Exam
- Describe basic software architecture differences between IOS and IOS XE
- Identify Cisco Express Forwarding Concepts
- Explain General Network Challenges
- Explain IP, TCP and UDP Operations
- Describe Chassis Virtualization and Aggregation Technologies
- Explain PIM Snooping
- Describe WAN Rate-based Ethernet Circuits
- Describe BGP Fast Convergence Features
- ISIS (for IPv4 and IPv6)
- Describe Basic Layer 2 VPN – Wireline
- Describe Basic L2VPN – LAN Services
- Describe GET VPN
- Describe IPv6 Network Address Translation
- Use IOS Troubleshooting Tools
- Apply Troubleshooting Methodologies
- Interpret Packet Capture
- Implement and Troubleshoot Bidirectional Forwarding Detection
- Implement EIGRP (multi-address) Named Mode
- Implement, Troubleshoot and Optimize EIGRP and OSPF Convergence and Scalability
- Implement and Troubleshoot DMVPN (single hub)
- Implement and Troubleshoot IPsec with pre-shared key
- Implement and Troubleshoot IPv6 First Hop Security
- Topics Moved from the Lab to the Written Exam
- Describe IPv6 Multicast
- Describe RIPv6 (RIPng)
- Describe IPv6 Tunneling Techniques
- Describe Device Security using IOS AAA with TACACS+ and RADIUS
- Describe 802.1x
- Describe Layer 2 QoS
- Identify Performance Routing (PfR)
Finally, some topics have been added to the lab exam as well. These topics are also covered in the written part and I have included them in the list above, but here is the list.
- Use IOS Troubleshooting Tools
- Apply Troubleshooting Methodologies
- Interpret Packet Capture
- Implement and Troubleshoot Bidirectional Forwarding Detection
- Implement EIGRP (multi-address) Named Mode
- Implement, Troubleshoot and Optimize EIGRP and OSPF Convergence and Scalability
- Implement and Troubleshoot DMVPN (single hub)
- Implement and Troubleshoot IPsec with pre-shared key
- Implement and Troubleshoot IPv6 First Hop Security
Let’s analyze this a little bit. First of all, there is nothing “insane” here. It all makes sense. The addition of “packet captures” may not mean you need to know how to operate embedded packet capture, as remember – there is DIAG section of the lab, where Wireshark captures may be provided for analysis. The addition of BFD is a welcome change, as it was notably absent for, say a decade, from the CCIE exam. EIGRP named mode is a new way of configuring EIGRP added in IOS 15.x, so nothing spectacular there, either and optimizing EIGRP and OSPF – as far as I’m concerned, that was already covered.
The real change is more emphasis on the VPN. If we take a look at the actual breakdown of the topics into sections, VPN has its own section even, but again, look at the notes. Pre-shared keys, single hub, etc. This is not a CCIE Security test! They want to make the security part of those technologies fairly easy and basic and focus on routing issues involved. Since in this day and age almost any enterprise uses some form of VPN, it’s an excellent skill to have in our engineering toolboxes. See what I meant by “relevant”?
How Much of Each Will I See?
The question that we as candidates always had to answer in our CCIE studies was – how much of each technology will I see on the exam? That was always an unknown and a lot of guesswork was involved.
With the version 5 – it just got easier! Cisco published the percentage associated with each major technology area. Here it is for the Written exam:
- Network Principles – 10%
- Layer 2 Technologies – 15%
- Layer 3 Technologies – 40%
- VPN Technologies – 15%
- Infrastructure Security – 5%
- Infrastructure Services – 15%
For the Lab exam, it’s very similar.
- Network Principles – 0% (arguably, 100% if you ask me!)
- Layer 2 Technologies – 20%
- Layer 3 Technologies – 40%
- VPN Technologies – 20%
- Infrastructure Security – 5%
- Infrastructure Services – 15%
One thing is clear – ROUTING is back into CCIE Routing and Switching! Combined with VPN technologies, this makes up whopping 60% of the exam! If we take a look at the infrastructure security and services, that makes up 20% and 20% is for Layer 2, it’s clear where the major focus of the study should be! See – I told you not to panic.
What is iPexpert’s Plan
Where does iPexpert stand in all this? Well, to answer those questions, I’m going to pass the pen to iPexpert’s CEO, Wayne to answer that. Here’s what he has to say:
We are still working out timelines that will actually be met. We will be focused on quality versus rushing a product to market. When we have timelines that our students can bank on, we will make them available to students. For now, I can provide you with the strategy that we’ve mapped out internally.
Self Study
Self-study materials such as our new high-definition Video on Demand, and our self-study CCIE Workbooks will be the initial products we will be releasing. Once content has been created, tech edited and beta tested, it will be made available to our clients. Also, I would like to mention – we will be making several major announcements in the upcoming months relating to our self-study strategy and some new features we will be rolling out. We will be rolling these new V5 products out at the same time we make this announcement.
Proctor Labs / Rack Rental
We have been testing, scripting and understanding Cisco’s strategy as it relates to their virtual software. We’re awaiting a response from my contacts @ Cisco regarding the potential direction(s) we may pursue as it relates to making IOS / topologies available to you. We have tested 2 of the 3 solutions we are considering offering, but the 3rd has not yet been tested. Personally, I’d prefer the 3rd option – and I’m expecting an announcement from Cisco (this month or next) on a technology we may be using. Once we have made a definitive decision, we will release an official announcement as to what virtual environment we will be creating as well as what potential hardware we may still be using within the Proctor Labs rack rental system. The goal @ iPexpert is to have unlimited rental capability, which is entirely on demand, while also utilizing the Proctor Labs scripting interface (with some additional features we have on our development schedule).
Bootcamps
Our V5 courses will go live in the April – June time frame. In all honesty, we aren’t anticipating Cisco releasing their topology details, or anything other than what’s been announced until on or around the new exam launch date. Therefore to ensure that our training is sufficient, we will very cautious as to when we will conducting our V5 class. We also want to ensure that students cramming for the V4 lab have ample seats available prior to the new lab being launched. I am working closely with my VP of Sales to ensure that our student’s needs are met.
Upgrade / Retake Policy
It’s very simple. All V4 students / clients will receive V5 self-study updates free of charge. We don’t want to hold up your preparation, and as Marko has outlined – a vast majority of our V4 content is still applicable. Your R&S vRack Vouchers will all work on our new V5 solution. In regards to our classes, all V4 students who have not passed the lab or used their retake are eligible for a retake in one of our V5 classes.
Back to Marko
What can I say – wow! I wish I could take this test tomorrow. It sounds like great fun, but I will do second best thing – I will be there to work with you to help YOU become a CCIE R&S with this new blueprint!
Happy studies!
–
Marko Milivojevic – CCIE #18427
Senior CCIE Instructor / Managing Partner – iPexpert