I recently took the JNCIE-ENT Beta exam in Sunnyvale, CA, and have been meaning to post my thoughts on the experience.

Back in September I took the JNCIE-ENT Exam in Herndon, VA. After being involved in several switching projects, and putting in over 200 hours of labs on my own I thought I would be ready to pass this exam. The study materials I had available are listed below:

I began to study and understand the wide world of L2/L3. It was a major change from the Security track that I was so familiar with, but all in all it turned out to be a very exciting and enlightening experience. It also was my first real exposure of IPv6 outside of a HE Tunnel on my SSG at home.

Unfortunately the exam itself was an eye opening experience for me in what I did know, and more importantly what I did not know. I fell short of the requirements needed to pass the exam, and got the unpleasant email that I failed the exam. It was a humbling experience, and after a few months I began to hit the books again for attempt #2.

In the meantime Juniper had put out an announcement for candidates for the JNCIE-ENT Beta exam in February, and they accepted my request to participate in the beta. This was an excellent opportunity to attempt the exam again as well as provide feedback on the exam team. A huge THANK YOU goes out to Liz Burns and her team on providing such an opportunity!

After finding out some of my friends and Internet colleagues were also accepted into the beta we began to collaborate to truly understand some of the techniques needed to understand the objectives of the JNCIE-ENT exams. We were able to provide scenarios/tools used to test many of the requirements needed to pass the JNCIE-ENT. Individuals such as Tim Hoffman were valuable as well as instrumental in leading the collaboration efforts.

February finally rolls around to sit the Beta Exam. It is important to note that these exams are under a very strict NDA so I cannot detail the exam itself. That being said I can say that the topics extremely thorough, and the tasks to configure/troubleshoot each topic would likely be seen in a real-world scenario. That being said even after taking the exam once already I almost got tripped up on a few requirements to get the network up and running. Fortunately Juniper does provide the entire configuration/examples guide, which was instrumental in helping figure the steps necessary to accomplish such tasks. The trick is combining PDF searches with CLI commands such as help apropos or help reference – quick tools to help find that correct command.

All in all I had plenty of time to review my work, and continually test portions of the configuration to ensure that new changes did not break existing functionality. I completed the exam with about an hour to spare, and had plenty of opportunities to review each task to ensure that I understood what was being asked as part of the requirements. It was another great learning experience, and I am hopeful that this time I will earn a passing grade. Since this exam was a beta, I will have to wait for 2 months before I learn the results of the exam.

Those two months give me plenty of time to start working towards JNCIE-SP…

Studying for JNCIE-SEC Exam

Many people have now asked me for advice on how to pass the JNCIE-SEC Exam, which is a great thing as it seems many people are working towards achieving the next level in their certification journey. This post will cover:

  • Exam Objectives
  • Studying Materials
  • Additional Advice

In later posts I will discuss specific methods/techniques from those objectives.

A shout-out and thanks goes to CentraComm supplying many of the study materials/gear, as well as the terrific support and encouragement many coworkers provided throughout this journey!

Exam Objectives

So let’s first talk about what to study in order to prepare for the exam. Since this is a practical exam there is no single resource that covers every single aspect of the test. That being said, there are several books I would strongly recommend reading first in order to address 95% of the exam objectives:

One more important thing to know – be aware of what features are available for the version of Junos you are using! Right now the exam is set for 11.1, so things such as GRE tunnels in chassis clusters are not available. You can find those feature listings in either the Feature Explorer or the Feature Support PDF.

Studying Materials

You will absolutely need to get at least 2 SRX’s of the same model in order to set up chassis clustering and understand all the options for the clusters. In addition one of the units needs to be a High Memory unit in order to test UTM functionality. Obviously, the more the merrier is recommended in this case. The additional benefit of using the branch series is that they are extremely portable. I could fit my equipment into my carryon bag, and with the right cables/powerstrips it was extremely easy to set up a new mock lab anywhere I traveled. My lab was as follows (picture below):

  • 2x SRX-210’s
  • 3x SRX-100’s
  • 1x EX2200-C

Other Advice

The nearest testing site for me was in Herndon, Virginia so that required booking a flight. I actually left two days early to get situated in Herndon, and to get one last day of good studying in before the exam. It turned out to be a blessing in disguise as the plane landed several hours late due to storms! A 4-hour flight turned into an 8-hour ordeal due to the weather. Trying to get through an ordeal like that the day before the exam would have been extremely unpleasant, and add unnecessary stress to an already stressful exam.

In terms of how long to study, I did nothing but read for about a solid month prior to using the lab gear. The books mentioned above provided a good solid background to all the functionality inside the SRX’s. From there I would go through the exam objectives and create scenarios to reinforce understanding of a particular piece of technology. One of the important things to remember here is that building out complicated networks still require fundamental knowledge in the basics. For an example if you do not understand how to create/troubleshoot a simple VPN tunnel or how the SRX’s negotiate both phases of the tunnel, then you will struggle at this exam. If you don’t know how to perform a certain task, then take a look at the vast wealth available on the Internet. Here are a couple of sites that I would refer back to constantly:

Take your time when going through the exam, and make sure you review your configurations after you have completed the exam. Even after reviewing my configs there were still minor errors that would have cost dearly on the final scoring.

Lastly, ask the proctor questions if you’re unsure of what is required on an objective. The proctor will not be able to tell you the answer if you are stuck at a certain point, but they can provide valuable guidance on what needs to be done in your configurations.

Hopefully this will help you in your journey to achieving the JNCIE-SEC certification. Feel free to ask questions here, and stay tuned for more posts on how to configure many of the objectives for this exam.