My Certification Journey
Share and learn from real life stories of those who are on the path to become Juniper Certified

Recertification of JNCIA and JNCIS – A Path Well-Trodden

by ‎12-01-2011 05:30 AM - edited ‎01-24-2012 04:24 AM

This is a guest blog post. Views expressed in this post are original thoughts posted by Glen Kemp, Solutions Consultant at SecureData Europe. These views are his own and in no way do they represent the views of the company he works for.


At the end of the 2011 I find myself staring at no fewer than five expired JNCIA certifications and one JNCIS. Most of them actually expired in the middle of the year and my first task is to figure out where to go from here. I was vaguely aware that many of the certs have been changed or updated since my last flurry of activity in 2009. So, my first job is to work out what goes where.


Glen Kemp Juniper Networks Certifications Program


Starting from the Top


The JNCIA-EX exam has now been replaced with the JNCIA-Junos exam; which kind of makes sense given that across all the Junos platforms, EX, SRX, MX, et al. the base platform is identical; it’s mostly down to platform specialisations (switching, security, routing) as you go deeper into the tracks. My first step was to take the practice exam online, now in my defence, whilst I do work with EX and SRX a reasonable amount I’d be first to admit that I’m far from expert in the platform.  First result was a sobering 45%; sounds like I need to hit the study guides before I go any further on that one.




JN0-520 has now been updated to JN0-522.  I’ve realised that I first took and passed this exam in early 2003; this was the first “proper” Network/Security certification I did post my MSCE (NT4) in 1999. I don’t recall much apart from the hammer drill outside the central London testing centre. If my math is correct, this will be the fifth time I will have taken a version of this test. ScreenOS may no longer be front and centre, but I will be supporting SSG and ISG platforms for many moons to come;  it makes sense to retake one last time if only for nostalgia purposes. The update will likely include post 6.0 features as from my notes from JN0-520 focused on version 5.4 and earlier. I also have the option of taking the JNCIS-FMV, which I’ve started to study for on a couple of occasions before life, but mostly work, intervened.




I hold the peculiar distinction of being the first nerd to pass this certification; I took the JNCIA-SSL exam in 2005, taking it very early on a Tuesday morning in a local test centre after it was “released” on the Monday; the time-zone advantage of being in the UK definitely helped in that. I didn’t stay the only certified associate for long. Retaking the JNCIS-SSL will re-qualify me for the JNCIA-SSL so that is the logical course of action here.


Glen Kemp SSL Certification Track Progress


The SA devices and MAG counterparts are still something that I use daily so my knowledge is very much up to date although I will revisit my notes as I recall there were some obscure questions on CRLs and the old Central Manager license which vexed me last time.




The Infranet Controller exam apparently has been updated, from JN0-140 to JN0-141. Whilst the UAC is a sister product to the Secure Access SSL devices, there are details in IEEE 802.1X which I don’t have memorised.  Whilst this is an important one to do from portfolio point of view, it’s going to take a reasonable amount of study to prepare for.




This exam also has been updated to JN0-311 since last I took it. We use WX internally and I have a couple of customers with very large deployments so this may well be a quick win for me as the product hasn’t changed fundamentally for several years. I’ve also got very good notes so I shall have a skim through those before booking the exam.


In order to progress through certification I’m going to do the quick-wins first to get me back into the habit of studying.  I’m then going to attack the Junos based exams, as they are strategically the most important and are first step to preparing for the JNCIE-ENT, which I’m planning to start working in earnest 2012.  My current plan is as follows:


  1. JNCIS-SSL – Late November 2011
  2. JNCIA-WX – Early December 2011
  3. JNCIA-Junos – December 2011
  4. JNCIS-FWV (Depending on how Junos goes, I may just recertify as JNCIA) - January 2012
  5. JNCIA-AC February 2012


Added to all that, I’ve also got to find time to do the pre-sales exams as well, and I know that I’m going to be asked to do the Junos Security track as well at some point.


Exam Update: First Exam Passed


After studying my notes and digging through the admin guide (PDF) to brush upon the more arcane elements of OCSP I booked in at a local test centre. I only needed about 30 of the allotted 90 minutes as the questions were mostly short with one word answers.  Several questions hark back to much older versions of the IVE; anyone not intimately acquainted with 5.x versions may struggle to pick up some points.  Conspicuous by its absence was Pulse; possibly not even a twinkle in the eye of PLM when this exam was put together. The JNCIA-SSL exam has been more recently updated.


My next blog will probably be mid-plan as I’m studying in earnest for the JNCIA-Junos exam.


Exam Update 2: My next steps


You can read about my progress in the next blog post "Study Techniques for JNCIS - Make a plan"


So, in conclusion, I’ve got a lot of work to do and will be spending a lot of time on the inside of a Prometric test centre! Would be interested to hear from anyone who has re-certified in any of the tracks more than once and how they keep fresh knowledge, which they don’t necessarily use every day (i.e. OCSP!).  

About the Author
  • Senior Systems Engineer for NEC NZ. Focused on Juniper Networking equipment, SDN and NEC compute platforms. Busy studying for the JNCIP-SP and ENT. Outside of work I enjoy the great outdoors: Mountaineering, Bouldering, Rock or Ice climbing, Tramping (hiking to non-Kiwis) and Snowboarding.
  • I'm a Network Security Engineer working with Vodafone in their Cloud and Hosting Services team based in Leeds, UK. My role is to implement, test and deliver secure cloud based solutions to external customers.
  • I am one of a small team of Network Engineers working for Lumison Ltd, a UK ISP/MSP based in Edinburgh, Scotland. I have been with the company for almost 6 years moving from frontline support to the Managed Services team dealing with customer network design and implementation before talking up the role of Network Engineer. As well as the JNCIE-ENT certification.
  • Triple CCIE #21946 (R&S / Service Provider / Storage), JNCIE-SP #851, Technical Consultant at Telindus-ISIT
  • Networking & Security nerd (geek overall), Hockey fanatic, and Junos junkie! Born and raised in Grand Rapids, MI, with a few years of my life out in MN. Been in the IT field since I got out of High School. I've used Juniper products since around 2007, and really enjoy working with them. I currently work for a large retailer based in MI, with a footprint all across the Midwest.
  • Steve Puluka is a Senior IP Engineer with DQE Communications in Pittsburgh, PA. He holds a BSEET along with the professional level certification in Junos Security & Security Support Professional and specialist level in ScreenOS and SSL VPN, JNCDA Design Associate and his original associates in ER & EX. He holds the Palo Alto ACE certification in PanOS 6. He also has certification and extensive experience in Microsoft Windows server, along with strong Vmware skills starting with with version two. He has enjoyed supporting networks for more 20 years.
  • Senior Network Engineer / Architect working for a large ISP in New Zealand. JNCIE-SP#2204, JNCIE-ENT#458.
Copyright© 1999-2015 Juniper Networks, Inc. All rights reserved.