I have been studying for my CCIE Security since late last year, with a short hiatus after Cisco Live due to health issues – more on that in a later post. When I saw that Natalie Timms – former manager for the CCIE Security exam program, was writing a book focused on practical labs for the exam, I was thrilled! I had to get my hands on a copy.

I had met Natalie a few years ago in San Diego at Cisco Live, and she is simply an awesome lady. Sharp, funny and very talented; needless to say I had high expectations of her book.

I did not get a copy of the book in time for it to help much with my lab studies for an attempt in mid-June, but walking out of the lab and then reading this book was eye opening.

All CCIE Security candidates want to read this book. It provides a focus on the scope and types of tasks you will face on the real lab, without going anywhere near actually teaching the exam. You cannot memorize this book and pass the lab – you WILL fail if you try. It is a very fine line to walk and the author nailed it!

The book itself is easily consumed as an e-book resource with great formatting. My pdf comes in at 448 pages, neatly segmented into four sections.

Part I: Lab Topology Components, Cabling, and Routing and Switching Configuration

One can easily surmise the focus of this section, but may not expect the full 17 pages of detail provided. This section is a veritable treasure trove for a CCIE Security candidate, and nearly worth the price of the book alone in my opinion.

•    General guidelines to be followed within the labs, and some tips
•    Multiple topology diagrams of various focus
•    IP addressing scheme
•    IP routing details
•    Hardware models and suggested software revisions
•    VPN diagrams
•    Additional study tips for written and lab, also lab approach advic

I mention all of this because it represents the type of collateral you may find beneficial to create during one’s studies and within the CCIE Lab as well. Quick and dirty diagrams can be a candidates’ best friend during their lab attempt.

Part II: Practice Lab 1 & Solutions

Practice Lab 1 focuses on more foundation concepts and tasks. A candidate needs to be able to execute on these types of tasks without thought or hesitation. If you cannot knock these out quickly and effortlessly, I would warn anyone against taking the lab until they can.

You can map the tasks against the blueprint fairly well. A short list of tasks you can expect are device initialization, basic routing and connectivity configuration, entry level features of the various technologies, and troubleshooting scenarios on specific technologies.

If the reader is familiar with speed labs from training vendors, this section works very similarly. The lab candidate will not dive into the weeds during this section, quite the opposite.

Part III: Practice Lab 2 & Solutions

Practice Lab 2 takes the foundation laid by Lab 1 and builds upon them. The complexity and degree of detail increases significantly, while staying true to the scope of the CCIE lab exam.

For example, in Lab 1 the reader may be asked to initialize an IPS, define interesting traffic, and secure management access. In Lab 2 it would start there and move into advanced threat signatures, tuning, or other advanced technologies. I have found throughout multiple vendor’s materials that custom signatures is a big IPS focus, for whatever that is worth.

The reader will also face advanced feature requirements of the WSA, ISE, Firewalls, and VPNs. This section is the bread and butter of passing the lab in my opinion, for without these points you simply cannot succeed. Of course the foundation is important, but that should be a generally accepted fact at this point!

Part IV: Appendices

This is broken up into a few separate appendices. First one covers basics of zeroing the devices and initializing them. Second one covers details around studying for a CCIE and how the written and lab exam work – from a candidate experience perspective. Third appendix provides example test questions for the written exam.


The speed, confidence and competency developed via the process of studying for the lab is crucial to success. Despite only two labs being included, a candidate will quickly realize there are only so many ways to execute on these tasks.

I would recommend this resource to anyone looking for a detailed yet focused map to studying for the lab. Thanks for reading as always, please leave any questions within the comments.

*I received a promotional copy of this book from Cisco Press for review, with no expectation for publicity or endorsement in return. My opinion stated here is mine alone. I am far too obstinate and outspoken to have my opinion bought. 😀


Travis Newshott

Security Architect