CCIE Security home lab , help me plz

Hi all ,

 

I built lab for ccnp , ccnp-sec , and i want ask if i can  use my lab for ccie-sec.

My lab :

 

4x 2621xm routers

2x ASA 5510 FIREWALL

2X 3560

2X 3550 EMI

1X IPS 4240

 

Does 21621xm enogh for ccie-sec ??

Ii will add 2x 1841 routers instead of 2811 , does 1841 support features that i need in ccie sec ??

 

Thanks

Comments

  • Hi Yousif,

    Below is a list of devices that INE uses for their CCIE Sec topology and I think it'll give you an idea when building your topology, not which devices you've on your home lab you need to make sure that they support the technologies/features that you'll be tested on the exam.


    Six routers running 12.4T ADV. SECURITY or ADV. ENTERPRISE SERVICES IOS
    Two Catalyst 3550 or 3560 series switches with IOS 12.2(50)SE
    Two ASA 5510 firewalls running software version 8.0(4)
    One IPS 4235 running software version 6.0
    One Windows 2000 server running Cisco Secure ACS version 4.x and Certificate Authority
    One Windows PC running Cisco VPN Client Release 4.8.x




    Hi all ,

     

    I built lab for ccnp , ccnp-sec , and i want ask if i can  use my lab for ccie-sec.

    My lab :

     

    4x 2621xm routers

    2x ASA 5510 FIREWALL

    2X 3560

    2X 3550 EMI

    1X IPS 4240

     

    Does 21621xm enogh for ccie-sec ??

    Ii will add 2x 1841 routers instead of 2811 , does 1841 support features that i need in ccie sec ??

     

    Thanks


     

  • There is different between 2611xm and 2621xm ??

    Does 2621xm enogh for ccie-sec

    And i will add 2 routers to my lab , i am looking for 1841 , it's good to my lab ?

  • Up Up
    Plz i need answer 

  • There is different between 2611xm and 2621xm ??


     

    from this link

    https://supportforums.cisco.com/thread/139041

    "


    Hi,

     

    If you are considering buying on somewhere like eBay, the best bargains seem to be 2611XM.  As far as I can see, the main difference between 2611XM and 2621XM is processor performance, which you normally don't really care about in the lab.  Functionally they can do the same tricks.

     

    The series without XM they tend to be cheaper but the memory is smaller.  You can run 12.2T in a 2611 by jumping through some elaborate hoops, but they will never run 12.4.

     

    There are models with one or with two ethernets, depending on the fourth digit.  Thus, a 2610 has one ethernet, but a 2611 has two.

     

    Final point: the XM series are all FastEthernet.  For the non-XM series, the third digit tells you.  So 2610 and 2611 are 10 Mbps, whereas 2620 and 2621 are FastEthernet 100 Mbps"

     

    HTH


  • Does 2621xm enogh for ccie-sec

    And i will add 2 routers to my lab , i am looking for 1841 , it's good to my lab ?


     

    Please check this INE blog link for full detail of CCIE security..

     

    http://blog.ine.com/2009/03/21/ine-security-v30-hardware-list/

     

     

  • So i can use 2621xm instead of 2611xm router for ccie-sec lab !? 

  • If it does support all the technologies required on SEC track then you can, me and Phoenix gave hints and resources where you can find more information and compare it with your current topology or devices.

    Also try http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp to see more what is supported with the 2521xm and IOS version that you're using.

    So i can use 2621xm instead of 2611xm router for ccie-sec lab !? 

     

  • plz , are these features will help me to practice lab on 2621xm

     

    http://tools.cisco.com/ITDIT/CFN/Dispatch?showAllSoftware=true

  • 2621xm router doesn't support SSL VPN , it's not big deal i think when i add 1841 router to my lab !

  • 2621xm supports :

    Zone based firewall , IOS IDS , Easy VPN and so on

     

    Thanks all,

  • Hi Yousif,

    I can see that there are technologies from the blueprint that your router support and others that don't, I would suggest you also having enough memory on your router for the 12.4t IOS.

    2621xm supports :

    Zone based firewall , IOS IDS , Easy VPN and so on

     

    Thanks all,

     

  • Why you don't try with GNS3? It can simulate most of Security lab and for switches you can use break out switch or usb NICs.

    Just my few bytes.

  • I know about this method , but actually i built a lab before for ccp , ccnp-sec and i want use it for ccie-sec

     

    thanks all

  • If you have/can afford Lab then it is better choice. May i ask how much you have studied for CCIE SEC or when you are planning for a CCIE lab?

  • I didn't start yet , i am planning to start after 3 months !! because i i study ccnp-sec cource.

  • I am also interested in CCIE Security but still i am not able to start when to start this track. I am quite inclined towards it, but still.............. I pm you if got plz reply.

  • Cisco 2621xm router supoorts the following features :

    Cisco IOS Firewall feature sets provide support for advanced security features such as Context-Based Access Control (CBAC), Java blocking, denial-of-service protection, intrusion prevention, and audit trails.

    • Network Admission Control (NAC) support provides Anti-virus protection and is available with an optional upgrade to a Cisco IOS Security image.

    • The high-performance architecture helps enable security features such as data encryption, tunneling, and user authentication and authorization for VPN access.

    • The Cisco 2600 Series supports the Advanced Encryption Standard (AES).

    • The Cisco 2600 Series offers optional encryption AIMs, providing up to 80 Mbps of encryption performance.

    • URL filtering is available onboard with an optional content-engine network module or externally with a PC server running URL filtering software working in conjunction with IOS.

    • Support for the Cisco Router and Security Device Manager (SDM) provides support faster and easier deployment of security and WAN access features.

    • An optional IDS network module is available that is capable of monitoring up to.

    • 45 Mbps of traffic and has support for over 1000 intrusion prevention signatures.
Sign In or Register to comment.