Last month, Cisco introduced the biggest overhaul to its CCNP certification since the program's last major rewrite in 2006. Cisco has reduced the number of exams for the certification from four to three: ROUTE #642-902, SWITCH #642-813, and TSHOOT #642-832. The changes are designed to better reflect a CCNA's real-life job activities, as well as focus on technologies that organizations are deploying today.
To help you prepare for the new exams, Cisco Press has published (or will soon publish, in some cases) a comprehensive portfolio of CCNP self-study resources. I spoke to Cisco Press authors Denise Donohue, Jay Swan, Kevin Wallace, and Sean Wilkins to get a deeper dive into the new exams, and ask why Cisco introduced the changes, and how the changes will affect CCNA students. Also, read my interview on the overall CCNA changes with Cisco Press author Wendell Odom.
Questions About SWITCH
Linda Leung: BCMSN 642-812 is replaced by SWITCH 642-813. What are the major differences between the two? What topics are new and what have been dropped?
Denise Donohue: Security isn't a bigger topic in the CCNP overall, but some of the security topics that were previously in ISCW have been moved to SWITCH, and a few things are now in ROUTE. Likewise, some topics from ONT, such as QoS for voice support, now appear in SWITCH.
The course designers concentrated on what engineers at a CCNP level are typically expected to do in their jobs, and tried to provide the information they would need to accomplish those tasks. So there is a greater emphasis on planning, implementation, documentation, and testing, with less emphasis on marketing (especially in the wireless section). A section on High Availability looks at network design and management, two completely new topics for this course, but important subjects for engineers to understand. IP SLA is also included in this section and its use is extended to HSRP (Hot Standby Router Protocol).
The VLAN, Spanning Tree, and Etherchannel topics are about the same, with a bit more emphasis on planning, verifying, and troubleshooting.
A change I particularly like is in the wireless and QoS sections. In the wireless section, the emphasis now is one you need to know to prepare your LAN to support wireless, and to actually set up a switch to connect to a wireless access point, as opposed to wireless theory. Similarly, the QoS section concentrates more on planning the switch-based quality of service settings to support voice and video, and to implement that.
Sean Wilkins: The majority of changes relate the planning, implementing and documenting a specific solution. This is something that has been overlooked in the past for technical knowledge but is required in most engineering/consulting positions. To replace the topics that have been removed, Cisco has added more depth on planning, troubleshooting, and Layer 3 path control features in IOS.
LL: How do you recommend students should study for this exam. Anything different that they should do for this exam than for previous Cisco exams? How does your new study guide reflect this?
DD: It will be hard to obtain the CCNP certification without a good amount of hands-on experience, either in a practice lab or on-the-job. The new study guide has a lot of configuration examples to help guide your studying, and refresh your memory during the pretest review. The addition of design, planning, and documentation mean that candidates must consider more than just the configuration commands. The study guide contains information on network design, and on implementation planning and documentation for each technology.
SW: There are really two paths to take for Cisco certifications in my opinion. One is based on little previous experience with Cisco equipment and the other is based on completing these certifications after obtaining significant on-the-job training.
If you have little experience the best solution really is to take the course and learn to understand all of the ins and outs of the solution. These courses, along with some of the official certification books, allow a smooth preparation path. This way, you are given a strong foundation which allows you to become an even better engineer/consultant.
The other path is for those who had previous Cisco equipment experience. For those, the best solution is to self-study using the various certification books and references. The big thing that this segment has to remember is to not underestimate the test or you will just be out the money. Take the time to read the materials and highlight those topics which are the least understood and then continue to study them in-depth. This way you will not only be prepared for the test but for real equipment.
Questions About ROUTE
Linda Leung: BSCI 642-901 is replaced by ROUTE 642-902. What are the major differences between the two? What topics are new and what have been dropped?
Kevin Wallace: The primary focus is still on routing protocols (e.g. EIGRP, OSPF, and BGP). BSCI did cover IS-IS, and that has been dropped from ROUTE. Also absent from the 642-902 exam blueprint is multicasting. IPv6 remains on the exam blueprint. Layer 3 path control is a new topic appearing in the blue print, along with a few VPN topics brought over from the soon-to-retire ISCW exam.
Jay Swan: IS-IS remains a widely used and critically important protocol in the service provider market, but it is rare in the SMB and enterprise markets in which most CCNP students work. Similarly, some material has been removed from the BGP coverage that was specific to very large enterprise and service provider networks. The BGP coverage now focuses mostly on issues involved with connecting mid-sized enterprise networks to service providers.
Denise Donohue: Many people are thrown by the addition of MPLS and Ethernet over MPLS (EoMPLS). Candidates aren't required to know how MPLS or EoMPLS work from a service provider's point of view, just how to route EIGRP and OSPF over those types of WAN. I feel it's a good addition, since these are widely used WAN technologies and network engineers need to know how routing works over them.
As with SWITCH and TSHOOT, the course designers concentrated on what engineers at a CCNP level are typically expected to do in their jobs, and tried to provide the information they would need to accomplish those tasks. So there is a greater emphasis on planning, implementation, documentation, and testing. IS-IS and Multicast have been removed, prefix lists have been added, and the IPv6 section has been expanded.
ROUTE now contains a section on mobile workers. It assumes a security specialist will be setting up the firewall for VPNs, but CCNP candidates need a high-level understanding of the VPN types and the network changes needed to provide mobile connectivity.
LL: How do you recommend students should study for the ROUTE exam? Anything different that they should do for this exam than for previous Cisco exams? How does your new study book reflect this?
JS: I don't recommend a different approach: a strong hands-on, troubleshooting-oriented approach combined with a solid theoretical understanding of the protocols is still the way to go. Candidates who may have previously tried to shortcut the study process with rote memorization may find the new exam more difficult due to the increased emphasis on planning and troubleshooting.
Questions About TSHOOT
Linda Leung: TSHOOT is a brand new course with a brand new exam. Wendell Odom wrote in his blog that Cisco had included a troubleshooting exam in the early days of CCNP, but was later dropped. Why do you think it has come back? Does it look the same? How have skills required for troubleshooting changed over the years?
Kevin Wallace: The CCNP courses used to include the Cisco Internetwork Troubleshooting (CIT) course. As Cisco courses go, the course material was very short, with most of classroom time being dedicated to labs rather than lecture. Primarily, the course focused on troubleshooting various routing protocols and Cisco Catalyst 5000 Series switch issues. Cisco then eliminated the CIT course, stating that each of their newer CCNP courses (i.e. the now-retiring BSCI, BCMSN, ISCW, and ONT courses) would integrate troubleshooting methodologies directly into each of the courses.
Now, Cisco appears to have fundamentally re-engineered what the CCNP certification is all about. The focus has been narrowed to ensure basic route/switch competencies for real-world IT professionals. With that in mind, having been in the IT industry for over two decades, I can certainly attest to the fact that troubleshooting is a major component of the day-to-day tasks of a network engineer. So, I'm in complete agreement with Cisco that troubleshooting deserves its own course.
The new TSHOOT course differs significantly from the older CIT course. The TSHOOT course is by no means short on page count. Rather, it's a big course, with students being required to watch hours of additional e-learning content outside of the classroom lecture. Interestingly, topics covered in the TSHOOT course aren't solely based on topics covered in the ROUTE or SWITCH courses. For example, THSOOT addresses the troubleshooting of Cisco IOS firewalls and QoS technologies, even though these are not technologies covered in either the ROUTE or SWITCH courses.
To give you a sense of the breadth of troubleshooting topics covered in the TSHOOT course, here's a sampling:
- Network maintenance defined
- The steps involved in troubleshooting a network
- A collection of troubleshooting features, applications, and Cisco IOS commands
- Strategies for troubleshooting Cisco Catalyst switches
- A generic discussion of troubleshooting routing protocols
- Specific discussions on troubleshooting individual routing protocols, including OSPF, EIGRP, and BGP
- Approaches to troubleshooting route redistribution
- Identifying and resolving router and switch performance issues
- Troubleshooting security features supported in Cisco IOS
- Troubleshooting a collection of Cisco IOS services (e.g. NAT and DHCP)
- IPv6 troubleshooting
- IP communications troubleshooting
- Advanced services troubleshooting
- Strategies for troubleshooting large enterprise networks
You were also asking about how skills required for troubleshooting have changed over the years. One of the biggest shifts we've seen is "data" networks being used to carry more voice and video. With the advent of these converged networks, the number of potential troubleshooting targets has grown. For example, perhaps a Cisco IP Phone is not obtaining an IP address from a Cisco IOS router acting as a DHCP server, or a voice network is not appropriately using quality of service (QoS) mechanisms to prioritize voice traffic over data traffic.
So, overall, I think the new TSHOOT course does an excellent job of exposing CCNP candidates to multiple troubleshooting issues likely to be experienced in the real world, and then equipping those candidates with best-practice strategies for resolving those issues.
LL: Cisco is claiming that 90% of the authorized course is labs. How will this be achieved and how do you advise students to make the most out of lab courses?
KW: Cisco is clearly intent on validating a candidate's troubleshooting skills, rather than validating a candidate's ability to memorize a collection of facts. To accomplish this, Cisco has chosen to challenge exam candidates with multiple troubleshooting scenarios in the exam. These scenarios might be simulation-based questions or multiple choice questions where the exam candidate selects an appropriate answer based on a provided topology and a collection of diagnostic output.
To prevent candidates from merely memorizing a collection of brain dump questions to prepare for the TSHOOT exam, the exam has been designed such that the same question (i.e. trouble ticket) would have different valid answers at different times. For example, a trouble ticket might state that a client is failing to obtain an IP address. The issue could be a connectivity issue. Alternately, the issue could be the configuration of a Cisco IOS DHCP server, or even a misconfiguration of the client's switch port. To determine the correct response, a candidate might need to navigate through a network simulator to determine the appropriate response.
So, TSHOOT exam candidates truly need to understand how things in a network are supposed to behave and how they're supposed to be configured, rather than just memorizing that one issue has a certain cause, and another issue has a different cause.
LL: Cisco in the training description, says students will learn a "systematic ITIL-compliant approach to perform network troubleshooting." First, isn't it unusual for a company to validate a single methodology, and second, what's the difference between an ITIL (Information Technology Infrastructure Library) approach vs. any other?
KW: Since troubleshooting is part art and part science, I can certainly see the need for Cisco to identify some common frame of reference to use when troubleshooting. Having such a common frame of reference, in this case the ITIL, can aid in collaboration efforts. Identifying such methodologies is nothing new. Consider Cisco's Service-Oriented Network Architecture (SONA) design model or the Planning, Designing, Implementing, Operating, and Optimizing (PDIOO) lifecycle.
Also, I think using an ITIL-compliant approach is appropriate because this library of information is incredibly comprehensive, covering just about any aspect of IT management you can imagine: infrastructure, security, business factors, change management, and management of software assets to name a just a few.
LL: How do you recommend students should study for TSHOOT? How does your new study book reflect this?
KW: Without question, before someone can be a successful troubleshooter, they need to understand the underlying technologies. So, I recommend that exam candidates first go through the ROUTE and SWITCH curriculum, and pass the corresponding exams, before moving on to the TSHOOT curriculum. Once they're ready, they need to understand what applications, features, and Cisco IOS commands are available to help them troubleshoot a reported network issue. They also need to be exposed to common troubleshooting targets for various technologies (e.g. neighbors not forming adjacencies as an example of a common OSPF issue) along with best practice recommendations for addressing those issues. Finally, exam candidates need practice in resolving a variety of trouble tickets.
My book, TSHOOT Exam Certification Guide, takes this approach by equipping the reader with a collection of troubleshooting tools, reviewing how various technologies are supposed to operate, identifying common issues with these technologies, and challenging the reader with a collection of trouble tickets. The trouble tickets include a topology, one or more reported symptoms, and a collection of diagnostic output. Armed with this information, the reader is asked to suggest a resolution to the reported issue. Although some issues can be resolved in more than one way, each trouble ticket is accompanied with a suggested solution.
For more visual learners, I have another product coming out from Cisco Press (Network Troubleshooting Video Mentor), which is going to be a component in the upcoming CCNP TSHOOT Cert Kit. This Video Mentor product features over seven hours of troubleshooting videos, where viewers watch while I present and then resolve a variety of trouble tickets on live gear.
General Question About the CCNA Changes
Linda Leung: Wendell Odom said the overarching change that affects all three exams, especially ROUTE and SWITCH, is the testing for planning skills. Engineers needs to be able to develop an implementation plan that tell others working at the weekend what changes need to be made. On top of that, the engineer needs to be able to develop a verification plan that gives other engineers one command that will tell them whether the changes have been successful. Do you agree with this statement and how does an engineer obtain these skills?
Sean Wilkins: One of the weaknesses of these tests in the past was that they focused specifically on the technical details and seemed to leave out the planning, implementation and documentation (unless you took the design certification). These are essential skills and it is better that these aspects of a solution are detailed and well laid out before anything is completed. In the past this was something that was typically learned on the job (if you were lucky) and honed over time. With these now being included in the test individuals will be able to go into a job or project and have a path to follow.
Kevin Wallace: I absolutely agree that an implementation plan is critical. Not only can it help prevent the inadvertent omission of key steps, it can serve as a back out plan in case things don't go as planned. It can also be used as a reference when troubleshooting, because a troubleshooter needs to know how things are supposed to work.
Also, I agree that a verification plan should be a part of any implementation. For example, if an IT staffer swaps out a Cisco Catalyst switch over the weekend, they might consider the operation successful if a client connected to the switch can ping a remote server. However, that staffer might not have considered in-line power requirements for the switch, leaving multiple Cisco IP Phones without power. So, what constitutes a successful operation needs to be clearly articulated prior to the operation.
As to how a network engineer obtains these skills, I'm a big believer in understanding fundamentals. For example, a network engineer shouldn't just know how to configure Spanning Tree Protocol (STP), they also need knowledge of how STP uses Bridge Protocol Data Units (BPDUs) to exchange information between switches, the various STP port states, and how a root bridge is elected. Without a thorough understanding of such fundamentals, network engineers might not correctly interpret what they see happening in a network. Beyond a comprehensive understanding of fundamental concepts, there's no replacement for experience. So, finding a way to get hands-on experience, whether through one's job or via a home lab, adds tremendous value to what a network engineer learns through formalized study.
Jay Swan: I agree with Wendell. One of the best tips I can give for gaining these skills is by classic hypothesis testing: when you're getting ready to set up a network or perform a configuration change, make a prediction about the effect of the change on the output of 1) IOS show commands, 2) IOS debug commands, 3) log output, and 4) active verification tools such and ping and traceroute. When you can predict in advance what the output of these tools will be (and why it will be that way) after a successful or unsuccessful change, you'll be well ahead of the game in this area.
Denise Donohue: I do agree implementation planning and verification are important changes to all three exams, in addition to documentation. I think it's a good change that helps make the certification more relevant to the skills needed in a production network. Verifying the configuration could require multiple commands, however. Candidates need to be able to interpret the results of those commands, also.
It seems tough to study for these skills. Of course, the best way to acquire them is to work in a production network and actually do the planning, verifying, and documenting. Examples of implementation plans and good documentation are available on the Internet. It would help to analyze them to see what they include. In our study guides we have tried to outline important implementation considerations for each technology, also.