Author: Brandon

Monday – back to work. Yesterday I fit a good 3 or so hours of studying in between the coffee shop and common area on the first floor of our apartment building. Later in the day, after finishing the Study Guide for Fortinet Azure Cloud and beginning to pull up the newly released SD-WAN Core 7.6 guide, I realized I’m at the point where I’m going to begin reading material I’ve already studied. Time for my first pivot (there’s going to be a lot of these, it’s part of my personality).

I’ve decided to take a break from reading and taking notes on the study guides, and instead do the same for the FortiGate 7.2.11 Admin Guide. There’s a couple of reasons for this:

First, this better aligns with my current project at work, which is building out branch FortiGate configs from scratch while implementing Fortinet best practices. At the same time I plan on using this knowledge as a baseline for the MOPs (Method of Procedures) I will create a bit later in my process. I will create MOPs to both assist in my studying process (learning via teaching) and aid our help desk in support of the enterprise network at work.

Second, I don’t want to go and study the Study Guides for technologies such as FortiMail, FortiADC, FortiSandbox, or any of the software that I don’t currently have experience in, until I get closer to having a lab fully set up for these. The timing of the lab setup is going to be a big limiting factor in regard to progress in these, and many other, areas of study. I only expect to receive complimentary lab licenses for many of these products for a span of 3-8 months, so I want to make the absolute most of my time with them and time it right in terms of when I take both the written and practical exams.

This all leads to a more overarching point that I’ve realized. I should focus on what I’m using now at work (and what I have access to at in my homelab) before I move to the technologies I need trial licenses for. What does this mean practically? I will be spending at least the next 2-4 months focusing primarily on the FortiGate, FortiSwitch, FortiAP, FortiManager, and FortiAnalyzer platforms. Narrowing my focus will allow me to do deep learning on subjects such as best practices implementation, SD-WAN design, routing, and advanced troubleshooting. These are all skills that I can always get better at and will directly improve my quality of work. Once I’ve exhausted these base products, I will begin to shift in the direction of the products I haven’t, or don’t often, work with.

I’ll end with what’s been on my mind. Reading about peoples’ FCX/CCIE/JNCIE study experiences, I understand that it’s necessary to complete anywhere from 1000-3000 hours of studying. How does the math work out to completion in roughly 2 years, as many report? That averages to somewhere around 20 hours a week, or 3 hours a day. How will I rearrange my life to allow for 3 hours of studying a day? Will I do 90 minutes a day on weeknights and 6+ hours on both Saturday and Sunday? Or will I start doing an hour in the morning as well as the usual 90 minutes a weeknight? Lots to consider, but certainly the most important thing is keeping up with my current routine of studying every single day.

It’s a Saturday, which is usually a study day. I’d like to get all of the background information for this blog out of the way pretty quickly so I can focus on simply documenting my daily/weekly steps and progress.

Let’s start with what I have so far in terms of discovery of resources. Here’s the summary: there isn’t much. The best that I’ve found so far is actually another blog called fcxstudy.group. I will be using his tracking spreadsheet and a fair amount of his advice is being followed in terms of my lab structure, or what will eventually be my lab structure. The most important pieces are is his FCX Study Tracker, which can be found here: FCXStudy.group Study Tracker and his lab topology and resource chart, here: FCXStudy.group Lab Exam Part 2

I read through his whole blog (there’s only about 6 or so articles that pertain to the FCX exam). I then downloaded the study tracker and started marking off some of the topics, based on what I’ve studied either in preparation for the FCP and FCSS, or simply while do independent studying. Here’s what I have today:

As you can clearly see, I’m just about starting from zero. I was a bit strict with myself in terms of what I considered to be reviewed thus far, but we’re still I’d estimate somewhere in the low single digits in terms of percentage of confidence and readiness for the written exam (there’s a whole other spreadsheet page for the lab/practical exam).

If anything, I think being in this position is favorable. It means I have a lot of options in terms of what I can focus on first. I don’t have to start with topics that I have little practical interest in and can have some fun with these first few months. I’ve marked each of the topics in the chart above as 50%, rather than 100%. These are the topics that I’ve spent a fair amount of time covering in preparation for previous exam, or topics that I regularly work with in my day job.

Yes, my day job, I’ve yet to mention this. I currently work for an MSP (Managed Service Provider), wearing a network engineer’s shoes. I primarily work with a single customer, who has a medium-sized enterprise network, utilizing Fortinet equipment almost all the way up their stack, from Datacenter and Azure FortiGate firewalls, to site/branch FortiGate firewalls, edge and access FortiSwitches, and FortiAPs. We also utilize FortiManager, FortiAnalyzer, FortiClient EMS, and we’re now introducing FortiExtenders. The FortiGates are currently running in the 7.2 FortiOS series.

Back to exam prep. My current phase of studying is working through all of the Fortinet Training Institute’s Study Guides. At this time I’m just reading though them and taking notes, occasionally testing out new learnings either in my homelab stack or in the work stack. I plan on continuing this until I run out of Study Guides to take notes on. I’m really just trying to get a grasp of high level concepts and “laying eyes” on more detailed or advanced topics that I’ve yet to touch in a practical environment. Here is a full list of the lessons currently available within the Fortinet Training Portal, that I find applicable to the FCX:

FortiGate 7.4 – Completed during FCP study
FortiManager 7.4 – Completed during FCP study
FortiAnalyzer 7.4 – Completed between FCP and FCSS study
FortiSwitch 7.2 – Completed in preparation for a NAC implementation project at work
FortiClient EMS 7.2 – Completed in preparation for work tasks and troubleshooting
Enterprise Firewall 7.4 – Completed during FCSS study
Network Security Support Engineer – Completed during FCSS study
SD-WAN 7.2 – Completed
Secure Wireless LAN 7.4 – Completed
Secure LAN Edge 7.6 – Completed
Azure Cloud Security 7.4 – In progress
FortiAuthenticator 6.5
FortiNAC 7.2
FortiMail 7.4
FortiWeb 7.4
FortiSIEM 7.2
FortiSandbox 5.0
FortiSOAR 7.3
FortiEDR 5.0
SD-WAN Core Operations 7.6
SD-WAN Large Deployment 7.6
Public Cloud Security Architect 7.2/7.6
FortiSASE 25
Security Operations 7.4

Now that I’ve typed all of those out I’ve realized how much time I’ve spent writing this post, which is valuable time I could use for studying. I’m off to the coffee stop to keep pushing through the Study Guides.