A reasonable subtitle for MCSE might be "Building and administering
a network using Windows NT or 2000". As such, it's not an
unreasonable minimum requirement for anyone posing as an expert on
networks using these OSes. [I am somewhat more mystified by
companies that want a not-very-experienced Solaris admin to run and
secure their NT/2K networks....]
Microsoft's "firewall" products are a rarely-chosen MCSE option.
[It happens to be an option that I chose, as part of specialization
in security aspects of networking. No, I have never recommended or
deployed these products in production (an exception to my general
practice of seeking certification only after practical experience) --
although I have occasionally assisted others who were stuck with them
to make the best of the situation.]
MCSEs are certainly not created equal. (Too) Many are the products
of "degree mills" that claim to teach "how to pass the exams" in a
week or two, but these should not be too hard to weed out in the
interview process.
Many more choose to specialize in infrastructure services such as
IIS, Exchange, or SQL Server. If companies have customers asking
them for help administering -- and securing -- these services, then
MCSEs of the appropriate sort will be useful hires.
Finally, not all positions at "Security Companies" are security
positions. Indeed, I recently noticed a position at a "Security
Company" that wanted an MCSE to help administer their internal
NT/Exchange network systems. I'm left in a little doubt how many of
the positions you've noticed were actually for "security
engineers"....
David Gillett
On 1 Jun 2001, at 13:09, Ben Keepper wrote:
> I am still seeing "Security Companies" asking for MCSE, which to me
> speaks volumes about that security company.
>
> I am starting to see some ask for valid certs, like GIAC, CISA, and
> CISSP.
>
> To the security engineers out their- contact your HR department and see
> if they are asking for MCSE certification for their security engineers,
> if so that's probably why your company can't get any real engineers.
>
> Ben
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED]
> Sent: Friday, June 01, 2001 10:26 AM
> To: Paul McNabb; [EMAIL PROTECTED]
> Subject: Re: certifications
>
> Why not..
>
> I was wondering this myself last evening after talking with some folks
> who
> handed me their business cards with about 6 to 7 acronyms after their
> name. After pocketing each card. I wondered was earning a
> certification
> worth it. Does it make one more palatable to employers or does it
> totally
> put a company off when they hire someone with some many credentials,
> that
> two business cards may not say it all.
>
> Ya ya
>
> I am still waiting to be handed a card that says: "XYZZY".. and that's
> it..
>
> /m
>
> At 10:37 AM 6/1/2001 -0500, Paul McNabb wrote:
> I don't want to start a discussion about the pros and cons of
> certification, but I need to get some pointers to different
> companies and organizations that provide certification programs.
>
> I know about SANS, ISC2 (CISSP/SSCP), Microsoft, and Cisco. I was
> looking more to non-product certifications. Can anyone give me any
> URLs or info about individual security certification programs? Does
> IEEE, ACM, USENIX, or any other such organization provide them?
>
> thanks.
> paul
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
