6 Replies Latest reply: Jan 24, 2019 3:25 AM by ruslan_lungu RSS

    Architecture path


      Hi guys


      Now I'm officially CCIE and want to move towards architecture and design

      I know that in CCDE there is already a small piece for security but in real world I think is required more than that


      For an architect to be able to succeed - he needs not only Networking but also and Security skills


      Can someone advice what would be the best to proceed with, before CCDE

      I saw a lot of architects have CISSP, but I think this is too vast area and it will not teach you how to design secured networks.

        • 1. Re: Architecture path
          Daniel Dib CCIE #37149 CCDE #20160011

          The largest value of the CCDE is to develop your mindset and to focus on solving business problems instead of just technical ones. It's not heavy on security but the same principles apply to security design as well. Of course you must have some domain knowledge to be useful as an architect but for an architect soft skills are very important.


          There are many paths within security. It depends on what area of security you want to work on. Some work a lot with firewalls. Some work with policy. Some work with penetration testing. They all require different skillsets.


          Good luck.

          • 2. Re: Architecture path

            Thanks Daniel for your reply

            For me was more important to know from design point of view where to place security appliances and which of them to choose.

            My question was not really about what security track to choose.


            For example where in particular cases to place firewalls, IPS'es, IDS'es, Log-collectors, VPN servers etc.

            I know this is very wide area also, but there should be some best practices anyway.


            Working with one or two separate domains in security probably will not add too much value to an Architect. Penetration testing probably will not fit in Architect/Design role at all.

            I think here will fit probably more CISSP certification, but this certificate is also too superficial and includes things that will probably not give to an Architect too much help


            Daniel, because you already got your CCDE number can I ask you for an advice on my design path?

            Where you think would be better to start?


            It is not a regular certificate and unlike CCIE, you don't just start on Layer 2 technologies and go up


            I already collected a lot of material but the main problem is - where to start


            Also, I've read some blogs and saw that architect roles also benefit from such certs (knowledge from TOGAF, CISSP, Cloud architect as AWS, etc). Do you think does it make sense to get them first before CCDE or after?


            Sorry for putting so many questions but I put a very wide goal probably and still want to get there



            • 3. Re: Architecture path
              Daniel Dib CCIE #37149 CCDE #20160011

              CISSP - Not needed for DE.

              TOGAF - Good to understand some concepts but not needed for DE. Personally I feel that ROI on TOGAF is pretty bad and most of it is common sense but that's just me.

              AWS - Get it, but after the DE. I'm preparing for AWS SA now.


              You really just need to cover the blueprint. Being an expert in some areas always helps. Ideal candidate is CCIE RS/SP in my opinion but you can certainly pass it without any CCIE as well. Just need to put more work in.


              Most important thing for CCDE is to collaborate with others. Find some study partners! Good luck!

              • 4. Re: Architecture path

                I've done some research and found out that CISSP actually is one of the choices for Network Architect path and specifically for security part

                In domains Security Architecture and Engineering and Communication and Network Security is pretty a lot covered


                But of course collaboration with others is the key and also interesting projects


                Also what I found was that PMP is also helpful for an Architect, because most likely he will conduct multiple projects at the same time.


                Related to TAGAF and ROI, what you think would be best fit then?


                So for now I put in my list getting next certs


                CCIE RS - done

                JNCIP-SP - done (service provider even not cisco)

                CCDE - in progress

                CISSP - in progress

                PMP - ???

                TOGAF9 - ???



                • 5. Re: Architecture path
                  Marwan Alshawi

                  There are many possible ways that you can look at an architect role and the expectations

                  you need first to identify what type of architect you want to be

                  Network Architect, solutions architect, business architect etc

                  then you need to work on the actual expectations which is not easy as these almost always not clearly defined nor standardized across organizations

                  check out this blog I posted recently addressing some of these aspects which might be helpful


                    again you dont need to be as deep as CISSP in security unless your role will have a lot of security, or you are interested in security in specific

                  the same applies to all the other technologies in terms of the focus and depth of knowledge

                  also myself and Andre, did an discussion hosted by CLN about this topic you can watch it using the link below


                  • 6. Re: Architecture path

                    Thanks a lot Marwan for your reply