According to Cisco’s exam blueprint, the major topics on this new exam will be Voice over IP (VoIP) and Quality of Service (QoS). This exam change is an excellent move on Cisco’s part, since VoIP is one of the fastest-growing network technologies today, and implementing VoIP demands the ability to implement QoS!

Among the QoS topics on the exam will be NBAR, ToS, IP Precedence, DSCP, traffic policing, and traffic shaping. Some of these topics may be familiar to you if you studied for the BCRAN exam, but I feel it’s a safe bet that there will be much more detail on the ONT exam as compared to the BCRAN exam. Wireless LANs (WLANs) are also on the Cisco exam blueprint for ONT, and again I’d expect a lot more detail on that topic than you would have seen on the BCRAN exam.

Cisco’s obviously raising the bar for the new CCNP exams, and that’s a good thing for both you and for Cisco. The CCNP will be harder to get in 2007, but it will also become more valuable - and when you invest time and money into a certification, you want the vendor to protect your investment. Besides, to work with Cisco networks today and in the future, you’ll need to learn VoIP and Qos, so you might as well get the certification while you’re at it!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of over 100 free certification exam tutorials, including CCNA certification training articles. His exclusive CCNA study guide is also available!

Visit his blog and sign up for Cisco Certification Central, a daily newsletter packed with CCNA, Network+, Security+, A+, and CCNP certification exam practice questions! A free 7-part course, “How To Pass The CCNA”, is also available, and you can attend an in-person or online Cisco CCNA training boot camp with The Bryant Advantage!

“An expert has released a proof-of-concept program to show how easy it would be for criminals to eavesdrop on the VoIP-based phone calls of any company using the technology.

Called SIPtap, the software is able to monitor multiple Voice-over-IP (VoIP) call streams, listening in and recording them for remote inspection as .wav files. All that the criminal would need would be to infect a single PC inside the network with a Trojan incorporating these functions, although the hack would work at ISP level as well.”

“End-users and network engineers may not consider the security ramifications of a hacker or any other user using a tool to not only capture but play back VoIP conversations. Higher-end VoIP systems may offer ways to encrypt the data, but lower-end products often do not. You’ll want to consider this before you purchase a solution. Second, VoIP traffic is usually most vulnerable on the LAN since Internet WAN traffic is typically routed through VPNs.”

Although there might be a lot of excitement around SIPTap and the ability to hack VoIP conversations, the problem of unsecured VoIP networks is something our engineers have been addressing for several years with clients. I’m not sure what it is about new technologies, but it seems like people get so pumped up on the benefits that they forget about the security implications (think back to wireless).

So it’s not the SIPTap threat that is the worry, but rather being certain that your networks are adequately secure and conversations encrypted as they leave the network. In good fashion, I have assembled a list of resources for you. Also, if you are really interested in VoIP, Network Performance Daily is doing a series on the soup to nuts on the subject.

The typical enterprise or communications carrier executive has no concept of the risks associated with VoIP services, nor how to address them — other than what they are told by their IT teams. In most cases, executive fears are based on general media coverage that may be questionable in terms of reality and ignore more serious problems. IP telephony is still new with very complex issues.

Voice over IP (VoIP) traffic grew at a 42 percent annual growth rate last year to 45 billion minutes of calls handled by carriers, according to Telegeography (January 2007). The same report also indicated that the rate of growth for wholesale traffic carried by VoIP is double the pace for total voice revenues.