Your browser failed to load CSS style sheets. Your browser or web proxy might not support elliptic-curve TLS

Building network automation solutions

6 week online course

reserve a seat
back to overview

Does CCIE still make sense?

A reader of my blog sent me this question:

I am a Telecommunication Engineer currently preparing for the CCIE exam. Do you think that in a near future it will be worth to be a CCIE, due to the recent developments like Nicira? What will be the future of Cisco IOS, and protocols like OSPF or BGP? I am totally disoriented about my career.

Well, although I wholeheartedly agree with recent post from Derick Winkworth, the sky is not falling (yet):

  • Derick, Amazon and Google are years ahead of (almost) everyone else.
  • Technology changes are never abrupt. It took SNA decades to die (and it’s still kicking).
  • TCP/IP will not disappear in the foreseeable future. One would hope to see IPv4 disappear, but even there I’m not an optimist.
  • Nicira NVP is a point solution for huge IaaS clouds. It will be years before something similar will take hold in mid-range data centers. Most of them don’t need more than what VLANs offer today.
  • Data centers are not the only environment where we need networking (although they are the fastest evolving one).
  • CCIE gives you a lot of knowledge you’ll need in the future – regardless of whether you’ll be configuring routers or virtual appliances from Cisco, Juniper, Vyatta or someone else. The same applies to firewalls, load balancers etc.
  • The never-ending layers of abstractions, facades and glass panes don’t make the technology less complex – they’re just hiding the exploding complexity and zillions of hastily thrown together moving parts. Someone will have great fun fixing the whole enchilada once it breaks down (and you can’t reformat a network like a laptop).

On the other hand, do remember that networking is just plumbing – it works best when you don’t know it’s there – and CCIE, while indubitably being the most prestigious certification in this space, is no longer The Top Gun it was when it was introduced.

To summarize: Go for your CCIE, but focus on knowledge not typing skills and memorized configuration commands ... and never expect your CCIE certification to be a final step to a lifelong nirvana. If you decide to work in a data center environment, you’ll have to learn a lot more about virtualization, servers, storage, and emerging technologies – but that’s what makes it so much fun.

Finally a snarky thought on the OpenFlow versus OSPF/BGP conundrum. Although the OpenFlow pundits like to tell us how OSPF, BGP, and the rest of the protocols we use today are broken (and I somewhat agree with their “having a separate protocol for each problem is stupid” mantra – I would just use BGP+MPLS :D ), we’ve seen wide-area systems with centralized management and control planes before – they were called SDH, Frame Relay and ATM networks. Do I have to say more?


  1. Interesting article as always, but it makes me doubt my current certification goals. If I want to specialize in Data Center, it seems that a CCIE is not the way to go anymore... And OpenFlow/vSwitch/VXLAN/... technologies are learned mostly on experience it seems.

  2. Some of these technologies are so new and/or niche (even though the niche might be huge) that you won't find them in any certification training. Some others are well-covered in training programs of other vendors (VMware/Citrix).

  3. Ten+ years ago we threw out Newbridge (LAN) ATM because the Route Servers (central mgmt) couldn't scale enough PVC's to support our rapidly expanding Data Center network. Before we threw it out we had to cut the domain in half to support a Trading Floor (big flow pain). Gen1 6500's saved the day. OFN/SDN looks interesting but as you stated it will take years before we see the stability needed for mid-range (Enterprise) DC's. By then I suspect Cisco will have an evolved flavor with pertinent technologies that are tested in future versions the CCIE lab. Personally I love the OFN/SDN concepts, but I'm staying on track for getting my (not as relevant as before) CCIE.

  4. BGP+MPLS/VPN support in vswitch and ToR switches would be a dream come true.

  5. There was a time when I wanted to get a CCIE. Eventually one gets to a point where experience trumps certificates. Just having a CCIE is no guarantee that Facebook or Google will hire you. I'm sure they have interviewed CCIEs and then rejected them for even a junior engineer position.

    If you are new to the field, a CCIE it is a nice challenge to shoot for, but even better is to get a job in the field. IMHO, don't waste time at home alone in a lab preparing for a CCIE if you have zero job experience. Once you have that base level of knowledge that gets you in the door at a job that gets you near a router, go for it.

    I started out as the tech guy at a pair of private high schools. I had to teach secretaries how to do mail merges. I had to manage exchange servers. I also got to manage their 2501 router and Cat 5K/RSM "core" router. I was lucky to find a great mentor who inspired me. I've interviewed way to many people with a CCIE who haven't worked in the field.

    Openflow and all the other wizbang new networking technologies are not going to take of the world tomorrow. There are way too many devices out there running ospf and bgp to even consider saying that the skills you need to pass the CCIE won't stay relevant. I love our field. We have awesomely interesting problems to solve. If you bring that hunger for knowledge and a proven ability to dive deep into core protocols (including TCP/IP), Google, Facebook, Amazon, etc will find you.

    1. Really inspired by your words. I need such thoughts at this point of time. Thanks Peter

  6. email from recruiter just received today:

    "I have been in the recruiting industry for over 15 years, and I can honestly tell you, CCIE's are in a hot demand, regardless of what is going on in the economy."

  7. Alexandra Stanovska28 February, 2012 22:36

    Do not worry about reconsidering your certification goals, if you are on your track for CCIE stick to it. People say it's just a beginning of very long learning. And judging from Ivan's words I'd say technologies revolve rather than evolve, 12 years from SDN successfully conquering whole world someone may come with wonderful idea of standalone fully-intelligent box that would operate on it's own and communicate with other similarly intelligent boxes using some arcane protocols ...

  8. So....what? Become a service provider network engineer or start focusing on being a VMWare engineer(with a minor in WAN routing)?

    1. Hmm...VM Salary wont match CCIE Salary...also VMs are boring (no rich logic) and Coding is nausating for CCIEs..

  9. Always easy to say, bah I don't need it. Perseverance to continue challenging ones self in our industry is vital, especially as the life cycles of technology shorten and the need to re-invent increases. As Ivan has pointed out many times over, technology is cyclic. Ex. IPX is a dead technology but the understanding of how dead protocols work still add value. IPv(X) keeps it relevant whether delivered via legacy protocols or decoupled control planes.

    Second we stop learning is the second we become irrelevant. Proof of discipline and goals accomplishment. I hope to knuckle down someday and work on a PHD, not necessarily for the relevancy to network architecture but the process of learning and achieving goals. Or I just need a hobby outside of work. More credentials never hurt especially when economies decrease.

    A primary value prop IMO of SDN in general is lowering OPeX. Technology fundamentally is to do more with less. There will always be a need for high level engineers/architect/developers regardless of the technology. Integrating basic understandings business is becoming just as vital as tech IQ. Our intellect is our currency. Cisco may fade at some point (partnership value lowered), but the age old debate over vendor certs is anything that still has integrity and a vicious lab should hold value (I think :)

    Hell, like Marc pointed out, go look at Monster. Thanks for the read.!/CCIE11972

  10. Yep, lots of good stuff in there. "Second we stop learning is the second we become irrelevant."

    Self-directed learning is one of the key skills I look for in interviews. Particularly between phone screens and in person interviews. If you missed a question in a screen and didn't spend some time figuring it out before an in-house... you'd better be a rockstar.

    What bugs me about CCIE is afaik, it requires learning EIGRP. I'm sorry, I am not going to spend time learning EIGRP. I don't ever want to work on a network that uses it. I'm sure it is a fine protocol and Cisco gives it a lot of love. It just isn't for me.


    1. But in a MPLS environment if your customer doesn't want BGP, EIGRP will be much better than OSPF because you don't need to run another process for every customers. Also it's super easy if you have a backdoor link because EIGRP metric will be encoded into BGP and you simple increase the backdoor link's metric and the job is done.

  11. "I'm not going to sped time learning EIGRP" - while I totally understand your sentiment, it's like saying "I won't go for a Computer Engineering degree because there's that stupid mandatory class on computational theory" 8-)

  12. Good to hear people wants to move away from CCIE. That will keep CCIE salaries at the top of IT salary range.
    Good luck paying your mortgage as a sysadmin!

  13. I totally agree with Peter that experiance tops all certs.

    That said, I think that most people dislikes the CCIE cert because its so hard and demanding to achieve.
    From what I gather here and there the CCIE is still extremely valuable and I have not yet encountered
    a industry certification that matches in regards to acknowledgement.

  14. Ivan, Thanks a lot for your answer. Actually I was who put you this question. After reading your post and all the comments I have made my decision, I going to stick for the CCIE challenge, hopefully for summer it will be done ;). Of course, because the future is on virtualization, I will be aware of all novelties on that field. Greetings from Spain (and sorry for my English, it should be improved for sure).

  15. I've seen the experience v.s certs argument all the time and I've never understood it. The two are not mutually exclusive, you can do both.

  16. I don't think the CCIE is that relevant today but the status it gets is still warranted. Its hard. It requires focus, dedication and a huge commitment. Not to mention the ability to stay calm and do complex stuff for 8 hours under lots of pressure.

    All of the above are excellent skills for any engineer, regardless of what they are working on.

    Most CCIE's will happily admit they forgot how to configure feature X that was on the blueprint 5 years ago. However throw a book at them, ask them to learn something new for that important customer meeting next week, and more often than not they will deliver.

    My 2p.

  17. I did read the argument "CCIE no longer relevant or worthed" written by a known author back in 2002. Somehow I followed that advice and that just delayed by career for few years. Thanks God years I became older, more mature and I realized that people writing may be as a smart or - dumb - as anyone else. As long as the CCIE program remains serious as is, yes it is relevant.

    I pursued and achieved the CCIE R&S and I am very happy with it. Yes, experience of course is key, but one has to realize that often the credentials will open the doors to let you take more experience. As far as relevance goes, I can see cloud computing, initially as a hybrid model then years later as a more full utility computing platform, would likely contain or even reduce the number of data centers maintained by individual corporations. That said, I can see CCIEs (which also have degrees and other attributes that make them attractive to service providers) finding more opportunities with development companies and service providers. In corporations, I believe security teams responsible to audit and validate the service provider networks have not been breached will still be needed but I imagine that business analysts could execute that task. Also, I can see database functions still needed in corporations to do SQL queries, data mining, etc.

  18. There is no such experience where you can do so many configuration and topology changes as you can do in labs. Nowdays experience is overestimated.Of course it is importanrt ,but what kind of experience? I know some people,they have been working for 5 years ,but they only configure firewall rules,add vlans and static routes... Procedure in many companies will not alow you to make experiments with devices in real enviroment. Of course, you will improve what you do,but as i said in many comnpanies you don't have contact to all technologies.It depends where you work..Everything is important..I met some people with exprience in at&t wich know how to configure smtg,but they don't understand the concept at all ...The concept in books is not in vain,it teachs you to predict issues in real enviroment..

  19. If SDN technology is to promote, as a network engineer, do i need to learn software development ?

  20. Ivan Pepelnjak04 May, 2012 19:15

    That would be a good idea regardless of SDN. The more you know about other parts of the application stack the better you'll be able to understand their viewpoints and requirements.

  21. I'm currently pursuing CCIE RS, I wrote the CCIE DC Beta a few weeks ago, because at $50 a CCIE exam, it was worth it just to see what it is about and where they see the qualification going. It was a great eye-opener, but it was far less "demanding" than I thought it would be. Theory only granted, but still it was stuff I actually knew. And then I thought how did I know so much of that stuff without actually "using" that tech every day? Day to Day experience.

    I too, like many others here, have been in IT for over 10 years. Started out as a MCSE, then Compaq ASE, then Cisco wannabe. Been after my CCIE for 10 years. Became a PADI instructor somewhere in between. :) Back in IT now. Can honestly tell you, CCIE RS ... it is the stepping stone to everything else. Consulting, deep-dive technical, design ... the works. Whatever you are after ... it can get you there.

    The IT world is full of "the-next-big" thing technologies. Now more than ever. I follow a lot of technology. I spend an hour each day, at least, reading the likes of VentureBeat,, Ivan's articles, Wired, and more. Following what Apple, Google, Microsoft, all the big players are doing. New technology, where it is going, what people are doing with their time, what new applications are being developed, where mobile is heading. And it excites me more every day. The world is opening up to soooo much potential. But, I can promise you one thing .... they may all be running datacentres, and fancy virtualisation, but, and for me in Africa this is more relevant than anything else, without connectivity .... who is going to be able to use those apps? Connectivity is what makes it all happen ... and who makes the connectivity happen? The CCIE's of the world that's who. Security, SP, R&S ... they're the guys making these things become reality. And how did they get there? Experience, experience, experience. CCIE RS is not going away any time soon. If anything ... it might just get a shed-load harder.

    To finish off ... who gets the opportunity to play with all the new kit first? Not typically the NA's or even the NP's. Nope, it's usually the big guys. Here, you know networking, figure this out. One of our customers wants something called a Nexus 7000! ;)

  22. And what you think about this news

    "Chambers: Cisco will be more of a software and services company"

    Does it mean that Cisco take serious efforts to OpenFlow/SDN paradigm? I think it's a sign that in near future networking world will greatly change.

  23. Half-way through the CCIE journey , i can say that it has become a hobby to play with routers in GNS3 and what an experience. Although i have been a CCNA since 2004, the urge to go for the big shot developed just six months ago. Now i regret having started it so late.Whatever be the outcome it has been an experience of a lifetime.

  24. well.. experience matter..but without ccie security lab exam.. u won't get idea of real life.. even while working they won't give u every device to work on.. and while preparing ccie security v4 i find out version 3 is very easy..and still workers who passed out security v3.. have no idea about dot1x and ISE.. so knowledge

    travis k

  25. I'm curious if these opinions still hold true just a few years later? Ashamed to admit but I've also been straddling the CCIE fence for way too long.

    1. I guess they still do. Understanding fundamentals is becoming even more important.

  26. Hmm sorry just have to say getting a CCIE is a great achievement but also it should be understood that often a lot of CCIE are like ducks out of water when thrown against another vendor or field even within Cisco. Being able to configure IOS does not mean that you can configure a JUNOS box of Alcatel Lucent SR OS ...sorry it doesn't it also constrains you if you just stick to only one vendors path. Nor does it make you an expert on NX OS its quirks or setting up Dial Peers Call Manager etc. etc.
    Im not talking of being a jack of all trades but being a specialist in multiple vendors is most likely the future.
    Problem with Cisco at the moment is an CCIE R+S does not necessarily know how to configure NX OS vpc or otv or the MDS and FCoE systems... and forget often vendor interop...its just not there only Cisco press version of it. So Cisco portfolio grows as they aquire more companies and in fact can clash with methods. Think Meraki WiFi methods and management setup to Aironet all Cisco..
    Go for the CCIE sure. R+S will help get aligned to a channel partner of course but does not mean they can configure and setup your VOIP (SIP or Cisco Call Manager Dial peers et all ) and or Cisco Data Centre Environment.
    My point is being a CCIE will not guarantee that you will be able to sort out all problems in a mixed vendor stoke vendor interop environment.
    But often other vendors are overlooked or not understood even by Cisco CCIE when tackling issues as they only know one way...

    1. Well, speaking as a CCIE, I can say that 1) You're pretty well spot on, but 2) Anyone going for their IE is well aware the scope xD.

      That said, there's a TON of carry over. While the syntax changes been vendors (and platforms for that matter as you pointed out with NX-OS, or IOS-XR) the concepts don't. After passing the R/S, I went to a cloud vendor who ran 0 IOS devices. All NX-OS, IOS-XR, and ASA. I had no problems adjusting.


You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.