Cisco has updated its security certifications to include new materials about its Network Admission Control devices, and its PIX firewall, and ASA firewall, VPN and intrusion prevention system appliances. It has also added two security specialist certifications: Cisco Network Admission Control Specialist and the Cisco IOS Security Specialist.

To address additions to its security products portfolio, the networking giant has updated two of the five current exams that make up the Cisco Certified Security Professional designation. The updates cover firewall and VPN devices. It has also introduced two exams to the certification’s fifth elective exam.

Exam 642-522 SNPA (Securing Network with PIX and ASA) will be replaced by 642-523 SNPA, which will be available June 1. The final day to test the outgoing exam will be Oct. 13. Candidates taking the older exam will still be able to use it to count toward the overall certification for up to three years, says Cisco.

Exam 642-532 IPS (Implementing Cisco Intrusion Prevention System) will be replaced by 642-533 IPS, which will be available Sept. 4. The last day to test the older exam will be Jan. 16, 2008.

To be awarded the CCSP designation, candidates are required to take four exams titled: Securing Cisco Network Devices (SND), Securing Networks with Cisco Routers and Switches (SNRS), Securing Networks with PIX and ASA (SNPA), and Implementing Cisco Intrusion Prevention System (IPS). There is also a fifth exam and candidates have a choice of topics. Cisco has added two exam topics that candidates can take as the fifth exam. The additions are: 642-591 CANAC (Implementing Cisco NAC Appliance), available May 14, and 642-544 MARS (Implementing Cisco Security Monitoring, Analysis and Response System (MARS), available July 19.

The two specialist certifications: Cisco Network Admission Control Specialist and the Cisco IOS Security Specialist certifications demonstrate the hands-on knowledge and skills required to secure networks install, configure and operate the Cisco NAC Appliance, and use the Cisco IOS security features, respectively.

Two exams are required for the IOS Security Specialist: 642-552 SND (Securing Cisco Network Devices) and the new 642-591 CANAC exam.

The NAC specialist certification also requires two exams, which are currently available: 642-552 SND and 642-503 SNRS (Securing Networks with Cisco Routers and Switches).

Jon Brodkin is senior writer at Network World.