About two and a half years ago, I set out to obtain a new certification. This certification wasn’t only new to me, it was new to everyone. The name of the certification was the WCNA, or Wireshark Certified Network Analyst. I had a handful of people ask me why I would pursue such a certification. My consistent response was that I wanted to be a better engineer. In my opinion, understanding actual protocol behavior from the perspective of the wire was, and still is, the best way to gain a holistic understanding of today’s modern networks.
The certification focuses on Wireshark, the default tool engineers use to look at raw network traffic. That’s not to say that there aren’t other great tools that compete with Wireshark, but its free and open nature has led to widespread use and adoption. The certification also focuses on protocol analysis and protocol characteristics. Knowing that I was going to be tested on that type of material, I poured through every chapter of Laura Chappell’s unbelievably well written book. After passing the exam, I wrote an article that outlined my opinion on the Certification Process as well as the value of the certification. At that point in time, the certification was new and not even that well known.
Over the couple of years following my Certification, I’ve had a few inquiries as to what I felt the value of it. Many question it would ever be a certification that is important to employers. There are actually a couple of ways that this could be answered. Before I get into the position of a typical employer, let me state that I did use the certification as a way to demonstrate some knowledge of protocol analysis in a job interview. I ultimately accepted another position before this job materialized, but the interview went well. I didn’t really use the WCNA as a crutch or a prop, but mentioned it alongside my experiences doing protocol analysis. I’m certain that part of the interview went well because the employer later told me they’d struggled to find someone with protocol analysis experience like I had.
On a more typical note, many job seekers would look at the value of a certification by how regularly it turns up as a job requirement. If this is used as the criteria to gauge the value of the WCNA program, I’d have to state the value is quite low. I cannot recall ever seeing a job posting that stated Wireshark Certification was “required” or “highly desired”. Sometimes you will happen upon a listing that is seeking a “working knowledge” of Wireshark. In comparison to well-known industry certifications, searching for postings that contain Wireshark Certification (and derivative acronyms) requirements still returns very few results.
The fact that employers aren’t actively seeking WCNA’s doesn’t make it a bad certification. It also doesn’t mean it doesn’t offer value to the candidate. The value is in the knowledge, and the application of the knowledge, that is received through the certification process. At best, the certification process would have introduced the candidate to new ways to understand their networks and troubleshoot real-world problems. Even an experienced protocol analyst would likely learn new tips and tricks about the Wireshark interface while studying for the exam. Unlike other certifications, there are no vendor requirements or partner levels that require WCNA certified employees. Therefore, employment listings don’t typically list this certification as a requirement.
In conclusion, I think the Wireshark program is valuable. However, the value seems to be in the knowledge and how the knowledge is applied. The certification itself isn’t typical requirement. I’m sure some readers would say they would just study and not spend the money on the exam. I believe this would be a logical approach, especially for those on a tight budget. With that being said, I tend to study more judiciously if I use an exam as accountability.
Do you possess the Wireshark Certification? If so, post comment your view below on the value of the certification to your career.