Download Full Course Plan Enquire Now


 CCIE Security v6.0 Training in Mumbai, India

Being the most reliable CCIE Security v6.0 training in Mumbai, Octa Networks takes great pride in providing world-class training facilities and infrastructure for CCIE aspirants. CCIE Security v6.0 Boot Camp, CCIE Security Rack Rentals and CCIE Security v6.0 Online training are some of the noteworthy ingredients of CCIE Security training practice at Octa Networks. Highly experienced and certified coaches powered by 24x7 availability and access to Cisco hardware devices prepare the students at Octa Networks not only for their certification exams but also for their career success. Octa Networks has a proven track record of training CCIE Security aspirants to achieve their certification goals followed by growth-oriented and prosperous careers.

CCIE Security v6.0 certification is an embodiment of core knowledge and practical skills in handling the most complex scenarios of the entire IT Security aspect of the network lifecycle (Designing, Deploying, Operating & Optimizing). CCIE Security v6.0 training at Octa Networks revolves around acquiring a broader range of skills and a deeper focus in critical technology areas as per the course content prescribed by the CISCO CCIE Security certification blueprint. In other words, CCIE Security is the evidence of the knowledge and skillsets acquired by an individual to architect, engineer, implement, troubleshoot and support complex security solutions and technologies.

The best CCIE V6.0 Security training institute in India, Octa Networks provides expert training and robust infrastructure for developing your Cisco specific technology and deployment skillsets supplemented with vendor-neutral industry knowledge. Octa Networks makes sure that you have real-world security implementation and troubleshooting experience/skills that the market demands and differentiates you from the rest of the crowd.

Our training methodology is completely based on reference exam blueprints, equipment list and recommended study resources which are used to enhance security skillsets such as Security Theory, Problem Solving, Configuration, Monitoring, and Troubleshooting.

CCIE Security certification blueprint is changing from 24th Feb 2020. Cisco has planned a smooth transition from CCIE Security v5.0 to CCIE Security v6.0. Students and Professionals who are currently preparing for CCIE Security v5.0 can appear for the written exam (400-251 Last date to test 23rdFeb 2020) and the CCIE Security lab exam v5.0 (Last date to test 23rdFeb 2020). From 24thFeb 2020, onwards, CCIE Security certification will need passing two exams, a qualifying exam (SCOR 300-701) and a lab exam (CCIE Security v6.0). If you have already started preparing for the CCIE Security certification and pass CCIE Security v5.0 written exam (400-251) before 24th Feb 2020, you can appear for the new CCIE Security lab exam v6.0 after Feb 24, 2020. If you complete the entire CCIE security v5.0 certification before 24thFeb 2020, you will maintain the CCIE Security certificate for the next three years as per the CISCO guidelines and you will also be awarded Cisco Certified Specialist – Security Core Certification.

CCIE Security v6.0 Course Training at Octa Networks: KEY FEATURES

  • Guaranteed training and access @ Cisco hardware Devices.
  • Explanation of CCIE Security Concepts (theoretically & practically) on the Cisco hardware Devices.
  • 24*7 Access to CCIE Security Lab for students
  • 120+ hours of training in the classroom with interactive whiteboard and projector.
  • Candidates can attend repeat classes till they get their doubts cleared.
  • Classrooms equipped with projectors, Wi-Fi connectivity, and Digital Pads.
  • Pre-Certification and Post-Certification Support and Guidance
  • Convenient availability of batches from early morning to late night.
  • 24×7 access trainers/Mentors.
  • Highly experienced, motivated, passionate and Cisco certified trainers

Devices to be used during the CCIE Security v6 Training Program:

Physical Devices

  • Cisco 3850 Catalyst Switch
  • Cisco 5512-X & 5515-X Adaptive Security Appliance
  • Cisco 2504 Wireless Controller
  • Cisco 1602E & 3700 Access Point
  • Cisco 7965 Unified IP Phone

Virtual Machines:

  • Security Appliances
    • Cisco Identity Services Engine (ISE): 2.1.0
    • Cisco Secure Access Control System (ACS):
    • Cisco Web Security Appliance (WSA): 9.2.0
    • Cisco Email Security Appliance (ESA): 9.7.1
    • Cisco Wireless Controller (WLC): 8.0.133
    • Cisco Firepower Management Center Virtual Appliance: 6.0.1 and/or 6.1
    • Cisco Firepower NGIPSv: 6.0.1
    • Cisco Firepower Threat Defense: 6.0.1
  • Core Devices
    • IOSv L2: 15.2
    • IOSv L3: 15.5(2)T
    • Cisco CSR 1000V Series Cloud Services Router: 3.16.02.S
    • Cisco Adaptive Security Virtual Appliance (ASAv): 9.6.1


  • Test PC: Microsoft Windows 7
  • Active Directory: Microsoft Windows Server 2008
  • Cisco Application Policy Infrastructure Controller Enterprise Module: 1.2
  • Cisco Unified Communications Manager: 8.6.(1)
  • FireAMP Private Cloud
  • AnyConnect 4.2

CCIE SECURITY v6.0 Course Details

Target Audience:

  • Network engineers with Core exam - Implementing and Operating Cisco Security Core Technologies (SCOR 300- 701).
  • Network engineer with at least five to seven years of professional experience with designing, deploying, operating and optimizing enterprise security technologies.
  • Network engineers need to use an expert-level problem-solving process that includes options analysis to support complex network technologies and topologies.
  • Network designers that design and support complex network technologies and topologies.
  • Students and professionals in the IT and Technologies sector who wish to enhance their knowledge and acquire an internationally recognized professional certification which can improve their job prospects.


  • There are no formal prerequisites for taking the CCIE Security v6.0 lab exam but should have a thorough understanding of the exam topics before taking the exam.
  • SCOR 300-701 (Implementing and Operating Cisco Security Core Technologies) is the qualifying exam for CCIE Security certifications. Please refer to the CCNP Security certification page for ENCOR 300-701 exam details.

    1.1 Deployment modes on Cisco ASA and Cisco FTD

  • 1.1.a Routed
  • 1.1.b Transparent
  • 1.1.c Single
  • 1.1.d Multi-Context
  • 1.1.e Multi-Instance
  • 1.2 Firewall features on Cisco ASA and Cisco FTD

  • 1.2.a NAT
  • 1.2.b Application inspection
  • 1.2.c Traffic zones
  • 1.2.d Policy-based routing
  • 1.2.e Traffic redirection to service modules
  • 1.2.f Identity firewall
  • 1.3 Security features on Cisco IOS/IOS-XE

  • 1.3.a Application awareness
  • 1.3.b Zone-Based Firewall (ZBFW)
  • 1.3.c NAT
  • 1.4 Cisco Firepower Management Center (FMC) features

  • 1.4.a Alerting
  • 1.4.b Logging
  • 1.4.c Reporting
  • 1.5 NGIPS deployment modes

  • 1.5.a In-Line
  • 1.5.b Passive
  • 1.5.c TAP
  • 1.6 Next-Generation Firewall (NGFW) features

  • 1.6.a SSL inspection
  • 1.6.b user identity
  • 1.6.c geolocation
  • 1.6.d AVC
  • 1.7 Detect and mitigate common types of attacks

  • 1.7.a DoS/DDoS
  • 1.7.b Evasion Techniques
  • 1.7.c Spoofing
  • 1.7.d Man-In-The-Middle
  • 1.7.e Botnet
  • 1.8 Clustering/HA features on Cisco ASA and Cisco FTD

    1.9 Policies and rules for traffic control on Cisco ASA and Cisco FTD

    1.10 Routing protocols security on Cisco IOS, Cisco ASA and Cisco FTD

    1.11 Network connectivity through Cisco ASA and Cisco FTD

    1.12 Correlation and remediation rules on Cisco FMC

    2.1 AnyConnect client-based remote access VPN technologies on Cisco ASA, Cisco FTD, and Cisco Routers.

    2.2 Cisco IOS CA for VPN authentication

    2.3 FlexVPN, DMVPN, and IPsec L2L Tunnels

    2.4 Uplink and downlink MACsec (802.1AE)

    2.5 VPN high availability using

  • 2.5.a Cisco ASA VPN clustering
  • 2.5.b Dual-Hub DMVPN deployments
  • 2.6 Infrastructure segmentation methods

  • 2.6.a VLAN
  • 2.6.b PVLAN
  • 2.6.c GRE
  • 2.6.d VRF-Lite
  • 2.7 Micro-segmentation with Cisco TrustSec using SGT and SXP

    3.1 Device hardening techniques and control plane protection methods

  • 3.1.a CoPP
  • 3.1.b IP Source routing
  • 3.1.c iACLs
  • 3.2 Management plane protection techniques

  • 3.2.a CPU
  • 3.2.b Memory thresholding
  • 3.2.c Securing device access
  • 3.3 Data plane protection techniques

    3.3.a uRPF

    3.3.b QoS

    3.3.c RTBH

    3.4 Layer 2 security techniques

  • 3.4.a DAI
  • 3.4.b IPDT
  • 3.4.c STP security
  • 3.4.d Port security
  • 3.4.e DHCP snooping
  • 3.4.f RA Guard
  • 3.4.g VACL
  • 3.5 Wireless security technologies

  • 3.5.a WPA
  • 3.5.b WPA2
  • 3.5.c WPA3
  • 3.5.d TKIP
  • 3.5.e AES
  • 3.6 Monitoring protocols

  • 3.6.a NetFlow/IPFIX/NSEL
  • 3.6.b SNMP
  • 3.6.c SYSLOG
  • 3.6.d RMON
  • 3.6.e eStreamer
  • 3.7 Security features to comply with organizational security policies, procedures, and standards BCP 38

  • 3.7.a ISO 27001
  • 3.7.b RFC 2827
  • 3.7.c PCI-DSS
  • 3.8 Cisco SAFE model to validate network security design and to identify threats to different places in the Network (PINs)

    3.9 Interaction with network devices through APIs using basic Python scripts

  • 3.9.a REST API requests and responses
  • 3.9.a i HTTP action verbs, error codes, cookies, headers
  • 3.9.a ii JSON or XML payload
  • 3.9.a iii Authentication
  • 3.9.b Data encoding formats
  • 3.9.b I JSON
  • 3.9.b ii XML
  • 3.9.b iii YAML
  • 3.10 Cisco DNAC Northbound APIs use cases

  • 3.10.a. Authentication/Authorization
  • 3.10.b. Network Discovery
  • 3.10.c. Network Device
  • 3.10.d. Network Hos

    4.1 ISE scalability using multiple nodes and personas.

    4.2 Cisco switches and Cisco Wireless LAN Controllers for network access AAA with ISE.

    4.3 Cisco devices for administrative access with ISE

    4.4 AAA for network access with 802.1X and MAB using ISE.

    4.5 Guest lifecycle management using ISE and Cisco Wireless LAN controllers

    4.6 BYOD on-boarding and network access flows

    4.7 ISE integration with external identity sources

  • 4.7.a LDAP
  • 4.7.b AD
  • 4.7.c External RADIUS
  • 4.8 Provisioning of AnyConnect with ISE and ASA

    4.9 Posture assessment with ISE

    4.10 Endpoint profiling using ISE and Cisco network infrastructure including device sensor

    4.11 Integration of MDM with ISE

    4.12 Certificate-based authentication using ISE

    4.13 Authentication methods

  • 4.13.a EAP Chaining
  • 4.13.b Machine Access Restriction (MAR)
  • 4.14 Identity mapping on ASA, ISE, WSA, and FTD

    4.15 pxGrid integration between security devices WSA, ISE, and Cisco FMC

    4.16 Integration of ISE with multi-factor authentication

    4.17 Access control and single sign-on using Cisco DUO security technology4.1 ISE scalability using multiple nodes and personas.

    5.1 AMP for networks, AMP for endpoints, and AMP for content security (ESA, and WSA)

    5.2 Detect, analyze, and mitigate malware incidents

    5.3 Perform packet capture and analysis using Wireshark, tcpdump, SPAN, ERSPAN, and RSPAN

    5.4 DNS layer security, intelligent proxy, and user identification using Cisco Umbrella

    5.5 Web filtering, user identification, and Application Visibility and Control (AVC) on Cisco FTD and WSA.

    5.6 WCCP redirection on Cisco devices

    5.7 Email security features

  • 5.7.a Mail policies
  • 5.7.b DLP
  • 5.7.c Quarantine
  • 5.7.d Authentication
  • 5.7.e Encryption
  • 5.8 HTTPS decryption and inspection on Cisco FTD, WSA, and Umbrella

    5.9 SMA for centralized content security management

    5.10 Cisco advanced threat solutions and their integration: Stealthwatch, FMC, AMP, Cognitive Threat Analytics (CTA), Threat Grid, Encrypted Traffic Analytics (ETA), WSA, SMA, CTR, and Umbrella


Description Duration: Fees Registration:

The 8 hours practical exam consists of 2 modules that are fixed in time and will be delivered in a fixed sequence.

Automation and Network Programmability skills are an integral part of modules.

Module 1: Design (3 Hours)

Module 2: Deploy, Operate and Optimize

(5 Hours)

$$ Pearson VUE

Upon completion of this course, candidates will have the skills and knowledge to:

  • (In the first section of 3 hours) Create, analyze, validate and optimize network designs, which is the base for all deployment activities.
  • Understand the capabilities of different technologies, solutions, and services.
  • Translate customer requirements into solutions.
  • Assess readiness to support proposed solutions.
  • (In the second section of 5 hours) deploying, operating and optimizing network technologies and solutions.
  • Deploy:  In this phase, Candidates will have to build the network according to the design specifications, customer requirements and restrictions. All the steps required for a successful network implementation needs to be covered, including configuring, integrating and troubleshooting the commissioning of technologies and solutions, as per Exam Topics.
  • Operate and Optimize: Candidates will have to showcase skills to operate and optimize network technologies and solutions. This includes monitoring network health, network performance, configure the network to improve service quality, reduce disruptions, mitigate outages, reduce operating costs, and maintain high availability, reliability, and security, as well as diagnose potential issues and adjust configurations to align to changing business goals and/or technical requirements.
  • As a CCIE (Cisco Certified Internetwork Expert), you can position yourself as a technical leader in the dynamic world of enterprise networks.
  • With the CCIE Enterprise Infrastructure certification, you get to combine technical expertise with design skills which can add tremendous value to your skillsets.
  • CCIE certification enhances your skills across the lifecycle of the enterprise infrastructure right from design, deploy, operate and optimize stages.
  • New age technological needs of networking automation and network programmability are part of the CCIE certification. CCIE acquires these essential skillsets in the form of CCIE certification.
  • Incremental recognition is an attractive feature of CCIE certification revamps. You need to clear the qualifying exam and CCIE lab. Passing qualifying exams (SCOR 300-701) entitles you to a specialist certification. It means, after clearing the qualifying exam and lab exam, you get CCIE certificate and specialist certification.
  • Adding the CCIE certification badge on your social media platforms gives you instant recognition and increases the visibility of your profiles.

Frequently Asked Question

You need to pass one core exam (Implementing and Operating Cisco Security Core Technologies SCOR 300-701) and the corresponding lab exam CCIE Security v6.0 to achieve your CCIE Security certificate.
Yes. The same technology core exam will serve as the core exam for the CCNP      and CCIE certification.

The CCIE Security program designed to cover core technology areas and validate end-to-end lifecycle skills in complex security technologies and solutions from planning and design to operating and optimizing. Automation and programmability aspects are an integral part of the CCIE Security blueprint.

You can select weekdays or weekend batches as per your convenience. You can opt for an onsite or online course. Regular weekday (Mon – Fri) classroom training takes 8 weeks or 120 hours while Weekend (Sat-Sun) classroom training takes 2 months or 120 hours. Please get in touch with us for the schedule, fees and other details.

According to the CISCO procedures, printed CCIE Security Certification takes 6-8 weeks to reach you by mail after results get declared. Check the status of your certificate in your Certification Tracking System.

Date with a “Mailed” status implies the dispatch of your certificate on the specific date. In case, No status found or 8 weeks are over, you can register a case with the Certification & Communities Online Support team at

The typical study material for CCIE security training is Cisco press books, latest workbooks prepared & revised regularly by experts.

Fresher may earn between 6,00,000 – 7,00,000 INR which may increase significantly with work experience, improved hands-on skills, and other related factors.

We provide lab training facility in Asia with 24×7 Lab access with rack and lab administrator guide along with CCIE certified faculties. Additionally, we offer great value for money to all our candidates through Personality development sessions. We are the best CCIE training institute in Mumbai.

Yes. Please refer to the Training Plan section or get in touch with Octa Networks team for further details.


Following are some of the roles offered to CCIE Security candidates:

Network Engineer

Senior Network Engineer

Network Administrator

Network Security Engineer

Network Security Administrator

Network Security Specialist

CCIE certificates are valid for 36 months. After these initial 36-months CCIEs have the flexibility and option to recertify using one of the options below before the certification expiration date:

  • Through the Cisco Continuing Education Program only :

Earn the required 120 CE credits, or


  • Through Examination and Continuing Education :

1. Pass one technology core exam and earn 40 CE credits or

2. Pass any two professional concentration exams and earn 40 CE credits or

3. Pass any one professional concentration exam and earn 80 CE credits


  • Examination Only :

1. Pass any one expert-level certification exam or

2. Pass any one CCIE lab exam or

3. Pass any three professional concentration exams or

4. Pass one technology core exam and pass anyone professional concentration exam. (This is also a CCNP certification if done in the same track.)


You need to pass one core exam and the corresponding lab in the same technology to achieve your CCIE certificate.


Yes. The same technology core exam will serve as the core exam for the CCNP and CCIE certification in the same track.

Once you clear the technology core exam (SCOR 300-701), you can clear the CCIE lab exam within 3 years of passing the qualifying technology core exam. Plus if you can pass the corresponding technology concentration exam, you will get CCNP certificate too.

Having a CCNA or CCNP certificate is not necessary before appearing for the CCIE technology core exam and the corresponding lab exam. You can directly appear for the technology core exam and then attempt the CCIE lab after clearing the technology core exam provided necessary concepts and knowledge of the exam topics are understood clearly.

All the current certificates will be valid for the full three years from the date of certification. After 24th Feb 2020, you will get the new corresponding certificate too which will have the same validity as that of your original certificate. For example, if you have an active CCIE Wireless v3.1 on Feb 24th, 2020, you will be granted the new CCIE Enterprise Wireless v1.0 certification. The important thing to note here is that when you are granted the updated certification, your certification validity will remain unchanged.

If you clear the lab exam on or before 23rd Feb 2020 or you are an active CCIE, your suspended year will be converted to an active year. For example, if your active CCIE would have been suspended beginning April 21st, 2020, you will have your status activated until April 21st, 2021.


Training Plan & Schedule / Schedule & Price


Training Plan

Training Schedule
  Weekdays (Mon-Fri) Weekend (Sat-Sun)
Duration 2 Months 3 Months
Hours 4 Hours / Day 8 Hours / Day
Fees Ask For Quote Ask For Quote
Training Mode Online/Onsite Online/Onsite


Group Discount

  • In a Group of 2 discount will be 10% per head
  • In a Group of 3 discount will be 15% per head
  • In a Group of 4 discount will be 20% per head

Trainer's Profile

Free Resources

CCNA R&S Interview Questions Guide
CCNA Resume Samples in Word Format

Post Your Valuable Comments

Seema Lachhani
Subscribe to our Newsletter.

Student Reviews

training exam
Get 20% Discount