For Finding a Job Should I learn ASA or Firepower/FTD?

hfakoor222 · ‎07-25-2022

I'm receiving my CCNP Encor this week or next. I've read the cert guide book 4-5x through so I know I am ready.

I also can configure several devices via Python/Ansible.

I've read about 2 textbooks (multiple read throughs) on the Python subject (Eric Chou 2015, J. Goerzen 2004) and am in process of a 3rd which is a 700 page book that only deals with device configs, which is an online free book that the author compiled and posted.

I have experience in cyber fraud forensics, and in database, some database development,. and some oop programming. I have minimal networking experience.

To help me in trying to get a job as a network engineer I decided to learn firewalls.

I've read Richard Leads ASA (2009) book. I will be re-reading it this week.

So far to me it seems like the heavy lifting in does by inspection class maps.

Now I am deciding on to read Cisco ASA All in one textbook or to move on to FTD textbook?

The Cisco ASA all-in-one textbook covers a wide area of topics including 6500-7600 module management, among other things (it seems like an expanded version or Lead's book from the reviews I've read).

https://www.amazon.com/Cisco-ASA-All-one-Next-Generation/product-reviews/1587143070/ref=cm_cr_dp_d_show_all_btm?ie=UTF8&reviewerType=all_reviews

I read a lot that ASA's still being used widely. I did a job search on indeed and ASA and FTD seem to be 50/50. From forum thread which is 5 years old, everyone basically points to ASA being alive and well and being used in enterprises, and you can find a job as network engineer if you know asa (thread is 5 years old).

https://community.spiceworks.com/topic/2097542-which-firewall-is-better-to-learn-asa-or-palo-alto

So would I be better off learning and making my ASA skills better of learn FTD? I realise FTD is upgraded with the sourcefire code, and includes ASA. However in investing time to learn, is it worth learning FTD for someone in my position or would I be better off conveying I can configure and implement ASA's on a solid level (as opposed to managing various services through a GUI).

For now I have time to read 1 more ASA or a FTD textbook. I will then be working on some thick lab manuals for firewalls (I also found 1 really good site with about 20-25 free labs http://www.techspacekh.com/?s=cisco+asa&searchsubmit=U which includes things like ASA and Pythin

I am then returning to python and maybe a routing book.

So ASA CLI/ASDM or FTD to increase my chances of finding a job??

Marvin Rhoads · ‎07-25-2022

The difference between having read one vs. 100 books on theory is nearly nil in my opinion. Focus instead on finding an entry level job and doing the best possible work in it while building on the skills required there.

You didn't mention your geographic region or any details about your experience at all. Those factor in much more highly than which books you have or have not read. Similarly, communications skills are important.

Leo Laohoo · ‎07-25-2022

Get a job -- No one is going to hire a CCNP/CCIE who has never held a network-related job for more than 6 months.

Philip D'Ath · ‎07-26-2022

At this point in time, ASA is now legacy. Learn FTD.

Marius Gunnerud · ‎07-26-2022

I will agree with Marvin here that geographic location will play a big part in finding a job within networking without much experience. From my experience, Europe seems to have more acceptance for certifications than other parts of the world. By this I mean that employers are more willing to give people without experience a chance so long as they show genuine interest in the job / field they are applying for.

I also know for a fact that some countries require unrealistic experience, i.e. expert level knowledge in networking, security, cloud, server and software development with 15+ years experience in each of these fields and are not willing to pay a salary that such a person would require.

If you struggle getting a job, you could go freelance and look for projects via a recruiting agency or on webpages like upwork.com and freelancer.com.

--
Please remember to select a correct answer and rate helpful posts

hfakoor222 · ‎07-26-2022

Okay I've taken everything into account.

I'm in the Washington DC area by the way. I have experience working at various software companies, the most recent a cybercrime discovery company which subcontracts for the government, and I have good references from all my employment. Before that I was working at a bulk mailer for NGO's. I developed databases, did VB/C coding for machine printers, did the final drafts and coded the mailing pieces. Now I'm being informed I need to get a job/experience- I will be submitting applications starting in about 2 weeks. During this time of job hunting I will be studying still, because my options are to study or not study.

given the road ahead I still have the decision to make of FTD or ASA, and so far I am being directed at FTD.

When I go into these interviews I want to have a certain skillset in hand to convey, and so the last piece I want to include, is some firewall capabilities. Hence should I focus on FTD or ASA?

Leo Laohoo · ‎07-26-2022

@hfakoor222 wrote:
When I go into these interviews I want to have a certain skillset in hand to convey, and so the last piece I want to include, is some firewall capabilities. Hence should I focus on FTD or ASA?

Send your resume to various job recruitment agencies.
Put down FTD and ASA -- Not everyone has upgraded to FTD.

hfakoor222 · ‎07-26-2022

Thank you I appreciate it. I am trying my best, I realize I have almost 0 experience, but I am currently working and I have good references and a decent technology skill set. I have to give it a try.

Any more opinions ~ should I focus on learning both or just ASA or FTD? I'm currently about to start through my second read through of Lead's book, I've learned a good deal including comfortablity in implementing inspection (he devoted 1/3 of the book), transparent insertion into a topology, and various VPN concepts. I will be next moving to another textbook after this second read-through and then to some CCIE lab manuals, 1 manual being devoted to FTD the other to ASA ( I will probably only do one for the time being as it will take a few weeks).

So any more opinions? Learn both or stick to a certain one. I want to know which one would get me a better chance of actually obtaining an entry position in this field.

Leo Laohoo · ‎07-26-2022

When I first started down the networking path, I was introduced to this CCNP at work. This guy, according to a lot of the senior members of the staff was "very intelligent". He really impressed all of the senior network engineers about his in-depth knowledge about OSPF. He could go down to the nitty-gritty of OSPF and was more-than-capable of going into discussions until the cows come home. He claimed to have read volumes of books. He was able to quote lines from the books (what page, what paragraph) he read. Quite impressive.

Then one day, we had a high-severity issue. We, junior staff, investigated the issue and with no result. We escalated to our senior engineers and they discovered it was an OSPF issue. Lo and behold, we got an OSPF master, they exclaimed.

So we got the guy to come in an troubleshoot. He sat down behind the terminal for 30 minutes and typed a few commands in. And he sat there. For the entire 30 minutes. Staring at the computer monitor. At the end of that 30 minutes, he stood up and excused himself, saying, that he has a family medical emergency and left.

He returned two days later.

hfakoor222 · ‎07-26-2022

I'm never going to claim by reading books I would arrive at being an expert or even skillful, especially in a field I haven't been working in. The only thing I can control at this point is the amount of prep I can put in to get a job in this field. I'm glad I learned employers are looking for experience and that reading books may not be what I thought it was. I am going to keep reading and labbing, which is the best I can do, and I actually enjoy reading about networking.

However I still would like to know given everything I've mentioned, what would be the smartest move for me to learn ASA or FTD in order to help me find employment in this field. Even if I learn both it would have to be one after the other ~ after I invest some time into either one I am moving back to Python so I can comfortably convey, and actually be able to do, basic configuring several devices at once. After I start to focus on my next textbook and lab manual I will hopefully be interviewing, so I will be learning and interviewing concurrently which is why I would like to know what to focus on.

Right now I am asking for advice as to given these skills, the cert, references, and basic tech background, what would help me better obtain a job: ASA, or FTD. Whichever one it is I plan on doing my best and reading lot and labbing a lot, which is why I need help before I invest weeks of time doing it.

Marius Gunnerud · ‎07-28-2022

I would say focus on FTD, but also read up on the ASA. Although ASA is on the way out, the FTD uses much of the ASA code. It consists of Lina (ASA) and Snort (Firepower). So although almost all configuration is done through GUI on the FTD, there might be instances where you will need to configure something that is not supported in GUI via FlexConfig and that would mean needing to know some ASA syntax. Not to mention that there are still quite a few companies that still use ASA and others use a mix of ASA and FTD.

So, in summary, focus your primary study on the FTD but also be familiar with the ASA.

--
Please remember to select a correct answer and rate helpful posts