Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


Cisco Certified Network Professional Enterprise

Sep. 23, 2021
Johnny Bass

A Comprehensive Guide to Cisco Certifications and the CCNP Enterprise

The Cisco Certified Network Professional Enterprise is built on the longstanding and well-recognized CCNP Routing and Switching. With the addition of evolving technologies, this makes the certification current and relevant. Having a vendor certification can be hit or miss, depending on the vendor, but with Cisco holding a major percentages of market share in the different technologies and implementations in the networking industry, having a CCNP Enterprise on your resume offers several advantages.

The process of obtaining the certification itself will make you a better network technician or engineer. Forcing you to examine topics that you not normally deal with in your day-to-day job. Obtaining the CCNP Enterprise is a major milestone in most networking individuals professional lives. The certification is a way to validate and quantify you skills to others.

The Cisco certified network professional enterprise is a certification for those network technicians and engineers that are mid-level to senior staff that support medium to large enterprise style network infrastructures. Corporate, value added reseller, contractor or government personnel that typically have two to five years’ experience with Cisco network technologies.

This article is for those network technicians and engineers that intend on pursuing the Cisco Certified Network Professional Enterprise. We will look at a little historical context of this certification. Where did this certification come from and a little bit of the “whys”. For those that started their process before Cisco changed their programs in February 2020, the difference between the legacy routing & switching and the current Enterprise certification. We will then look at the process to obtain and maintain the certification.


Cisco Certification History

Here’s a little excerpt from an article I wrote a while back on Cisco Certification:

In 1993, Cisco launched the Cisco Certified Internetwork Expert (CCIE) certification program. The idea was to certify those in the “top echelon of internetworking experts.” The program turned out to be far more popular than anyone at Cisco expected.

In 1998, Cisco launched the Career Certification program, which included the Cisco Certified Network Associate (CCNA) and Cisco Certified Network Professional (CCNP). This new Career Certification track had a different target audience: CCNA for entry-level network technicians and CCNP for the more seasoned technicians. The CCIE was still looked at for the most senior and, theoretically, most skilled technicians and engineers. The certification pyramid was born.

Over the years, the certifications have been modified and updated, and additional Career Certification tracks and pyramids have been added. The original track is considered to be Routing and Switching. Tracks have been added for design, service provider, service provider operations, security, voice (now becoming collaboration), data center, and wireless. Others have come and gone over the years. CCIE is still sought after and still considered the pinnacle of certifications within the networking industry. Today’s certification tracks have four or five certification levels: Entry, Associate, Professional, Expert, and Architect (for the design track).

In 2019, at Cisco Live in San Diego, Cisco announced the largest change to Cisco certification and training ever. Virtually all certifications and most certified courses taught by Cisco Learning Partners would change on Feb. 24, 2020. The intent of the change was to replace certification that were either no longer relevant or to add current technologies, standards and/or industry best practices and trends to the certifications. The certifications include evolving technologies and the exams themselves would be modified more frequently to adjust to changes in the industry. The goal to keep the certifications relevant and fresh.

As that deadline approached, information started to become available for what the new Cisco certifications would look like.


What Changed?

It turns out not all certifications would change dramatically. The Cisco Certified Network Associate CyberOps was not going to change initially. The Cisco Certified Technician was not going to change. Also, the Cisco Certified Internetwork Expert (CCIE) change date was sliding to April 27, 2020. All other CCNA certifications for the different tracks would be combined into one CCNA, which was to cover topics from all the tracks.

There was an addition of DevNet certification track for those doing network programmability (an associate and professional level). The tracks now started at the professional level, except the Routing & Switching track. The track that started all the Cisco certifications, Routing & Switching, was being replaced by the Enterprise track.

The CCIE Routing & Switching (CCIE R&S) was split into two different disciplines: CCIE Enterprise Infrastructure and CCIE Enterprise Wireless. All those that the CCIE R&S were converted to CCIE Enterprise Infrastructure. Those that had the CCNP R&S, gained the CCNP Enterprise.

After the Feb. 24, 2020, date passed, not all classes had been replaced, though most legacy classes where no longer available to attend. Certifications were updated or added depending on status on Feb. 24.

Additional changes have been made to the Cisco certifications. The CyberOps Associate replaced the CCNA CyberOps. The Cisco Certified Network Architect retired, as well as others.


Here is a list of retired certifications:

Date Certifications
March 1, 2021 Cisco Certified Architect
Cisco Business Architecture Analyst
December 31, 2020 Cisco Business Architecture Specialist
Cisco Business Architecture Practitioner
December 18, 2020 Cisco Industrial Networking Specialist
May 28, 2020 CCNA Cyber Ops
April 30, 2020 Cisco TelePresence Solutions Specialist
February 24, 2020 Cisco Video Network Specialist
February 24, 2020 Cisco IOS XR Specialist
February 23, 2020 Cisco Service Provider Mobility CDMA to LTE Specialist
February 23, 2020 Cisco Service Provider Mobility UMTS to LTE Specialist
February 23, 2020

CCNA Cloud
CCNA Collaboration
CCNA Data Center

CCNA Industrial
CCNA Routing and Switching
CCNA Security
CCNA Service Provider
CCNA Wireless
CCNP Cloud
CCNP Routing and Switching
CCNP Wireless


Cisco Current Certification

What the current Cisco Certification looks like:



Use this as a starting point if you’re interested in a career as a networking professional.


Master the essentials needed to launch a rewarding career as a networking professional and realize your potential with the latest technologies.


Select a core technology track and a focused concentration exam to customize your professional-level certification.


Become an expert in your field by earning the most prestigious certification in the technology industry.

Collaboration CCT Collaboration   CCNP Collaboration CCIE Collaboration
CyberOps   CyberOps Associate CyberOps Professional  
Data Center CCT Data Center   CCNP Data Center CCIE Data Center
(Dev and Automation)
  DevNet Associate DevNet Professional  
Design       CCDE
Enterprise CCT Routing & Switching CCNA CCNP Enterprise CCIE Enteprise Infrastructure
CCIE Enterprise Wireless
Security     CCNP Security CCIE Security
Service Provider     CCNP Service Provider CCIE Service Provider



Cisco Certified Network Professional Enterprise

What’s Different or New

As stated, the Enterprise track is basically a replacement of the Routing and Switching track. With that said, there are differences.

From the legacy certification, there was a requirement to pass the CCNA R&S and three additional professional-level exams to obtain the CCNP R&S certification.

The CCNP Enterprise does not require the CCNA at all. There are two exams that need to be passed to obtain the CCNP Enterprise certification: the Enterprise Core (ENCOR) and one elective technical concentration exam. Looking at the blueprints for the CCNP Enterprise, we can identify addition changes from the legacy CCNP R&S. First looking at the Enterprise Core exam:

Additions to CCNP R&S are in bold and Blue


1.0 Architecture

1.1 Explain the different design principles used in an enterprise network

  • 1.1.a Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
  • 1.1.b High availability techniques such as redundancy, FHRP, and SSO

1.2 Analyze design principles of a WLAN deployment

  • 1.2.a Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
  • 1.2.b Location services in a WLAN design

1.3 Differentiate between on-premises and cloud infrastructure deployments

1.4 Explain the working principles of the Cisco SD-WAN solution

  • 1.4.a SD-WAN control and data planes elements
  • 1.4.b Traditional WAN and SD-WAN solutions

1.5 Explain the working principles of the Cisco SD-Access solution

  • 1.5.a SD-Access control and data planes elements
  • 1.5.b Traditional campus interoperating with SD-Access

1.6 Describe concepts of wired and wireless QoS

  • 1.6.a QoS components
  • 1.6.b QoS policy

1.7 Differentiate hardware and software switching mechanisms

  • 1.7.a Process and CEF
  • 1.7.b MAC address table and TCAM
  • 1.7.c FIB vs. RIB

2.0 Virtualization

2.1 Describe device virtualization technologies

  • 2.1.a Hypervisor type 1 and 2
  • 2.1.b Virtual machine
  • 2.1.c Virtual switching

2.2 Configure and verify data path virtualization technologies

  • 2.2.a VRF
  • 2.2.b GRE and IPsec tunneling

2.3 Describe network virtualization concepts

  • 2.3.a LISP
  • 2.3.b VXLAN

3.0 Infrastructure

3.1 Layer 2

  • 3.1.a Troubleshoot static and dynamic 802.1q trunking protocols
  • 3.1.b Troubleshoot static and dynamic EtherChannels
  • 3.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST)

3.2 Layer 3

  • 3.2.a Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
  • 3.2.b Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
  • 3.2.c Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)

3.3 Wireless

  • 3.3.a Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
  • 3.3.b Describe AP modes and antenna types
  • 3.3.c Describe access point discovery and join process (discovery algorithms, WLC selection process)
  • 3.3.d Describe the main principles and use cases for Layer 2 and Layer 3 roaming
  • 3.3.e Troubleshoot WLAN configuration and wireless client connectivity issues

3.4 IP Services

  • 3.4.a Describe Network Time Protocol (NTP)
  • 3.4.b Configure and verify NAT/PAT
  • 3.4.c Configure first hop redundancy protocols, such as HSRP and VRRP
  • 3.4.d Describe multicast protocols, such as PIM and IGMP v2/v3

4.0 Network Assurance

4.1 Diagnose network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog

4.2 Configure and verify device monitoring using syslog for remote logging

4.3 Configure and verify NetFlow and Flexible NetFlow

4.4 Configure and verify SPAN/RSPAN/ERSPAN

4.5 Configure and verify IPSLA

4.6 Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management

4.7 Configure and verify NETCONF and RESTCONF

5.0 Security

5.1 Configure and verify device access control

  • 5.1.a Lines and password protection
  • 5.1.b Authentication and authorization using AAA

5.2 Configure and verify infrastructure security features

  • 5.2.a ACLs
  • 5.2.b CoPP

5.3 Describe REST API security

5.4 Configure and verify wireless security features

  • 5.4.a EAP
  • 5.4.b WebAuth
  • 5.4.c PSK

5.5 Describe the components of network security design

  • 5.5.a Threat defense
  • 5.5.b Endpoint security
  • 5.5.c Next-generation firewall
  • 5.5.d TrustSec, MACsec
  • 5.5.e Network access control with 802.1X, MAB, and WebAuth

6.0 Automation

6.1 Interpret basic Python components and scripts

6.2 Construct valid JSON encoded file

6.3 Describe the high-level principles and benefits of a data modeling language, such as YANG

6.4 Describe APIs for Cisco DNA Center and vManage

6.5 Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF

6.6 Construct EEM applet to automate configuration, troubleshooting, or data collection

6.7 Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack


The concentration exams include:

300-410 ENARSI - Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)

300-415 ENSDWI - Implementing Cisco SD-WAN Solutions (ENSDWI)

300-420 ENSLD - Designing Cisco Enterprise Networks (ENSLD)

300-425 ENWLSD - Designing Cisco Enterprise Wireless Networks (ENWLSD)

300-430 ENWLSI - Implementing Cisco Enterprise Wireless Networks (ENWLSI)

300-435 ENAUTO - Implementing Automation for Cisco Enterprise Solutions (ENAUI)

The “Implementing Cisco Enterprise Advanced Routing and Services” would be the closest to the legacy CCNP R&S, with the addition of:

2.3 Configure and verify DMVPN (single hub)

2.3.a GRE/mGRE

2.3.b NHRP

2.3.c IPsec

2.3.d Dynamic neighbor

2.3.e Spoke-to-spoke

4.6 Troubleshoot NetFlow (v5, v9, flexible NetFlow)

4.7 Troubleshoot network problems using Cisco DNA Center assurance (connectivity, monitoring, device health, network health)


The other concentration exams either came from legacy tracks like wireless or design or are new.


Where do I start?

One of the biggest challenges I see in pursuing the CCNP Enterprise for most are the additional topics that were added to the CCNP R&S. If you have been supporting networks for years or if your journey started after the changeover date for Cisco certifications, most technicians or engineers supporting networks in the enterprise or government spaces primarily use the route/switch skills in your day-to-day jobs. Some may be required to support the wireless networks as well, but the evolving technologies may be foreign to you. If you are coming from a system support or programing background and are now supporting the network infrastructure, the issue may be reversed.

First thing to do is find where you’re deficient. Look at the blueprints for all the exams. Start with the Enterprise Core (ENCOR), it is required for the professional-level certification. Check off those items you feel comfortable with on the blueprint.

The remaining items you need to study. This gives you a good starting point as to what you need to work on. Depending on the scope of what you need, you may want or need to attend a certified course.

  • If you feel that little to none of the blueprint seems comfortable, you may need to start with the CCNA Bootcamp from Global Knowledge to build the foundation.
  • If you feel that the foundation is strong, but you need more detail, then the ENCOR class may be the ticket.
  • If you feel more than half the topics are solid, then using configuration guides and/or training videos may fit the bill.

Once you feel comfortable with the majority of the blueprint, then it’s time to schedule an exam. The exams are through PearsonVUE and can be done in person or virtually, depending on region.


Then what?

Once you pass the ENCOR, then it’s time to start looking at the concentration exams, pick your low hanging fruit — the exam that covers topics you feel the most comfortable with. Looking at that blueprint, perform the same exercise you did with the ENCOR.


Now That You Are Certified, Now What?

Now that you have your certification, you're not done. All Cisco certifications have to be re-certified every three years.

There are multiple ways to be able to recertify:

  • Exam only
  • Continuing education
  • Or a combination of both

The process of recertification gives those an opportunity to delve into other techonolgies or disciplines related to the enterprise, such as: Data Center, Service Provider, Security, CyberOps, Collaboration or DevNet. The process of recertification could also allow those to become certified in other tracks of Cisco certifican.


Exam only

With the exam-only technique, you need to either take and pass a core exam, but keep in mind once you pass an exam you cannot retake the same exam for 180 days. The core exam does not have to be in the same track as your certification.

The other option is to take two concentration exams, any concentration from any track will re-certify your certification.


Continuing Education

With the addition of continuing education as an option for the associate and professional-level certifications, we can now use courses and attendance to Cisco Live as ways to recertify. The professional-level certifications require 80 credits to recertify. The 80 credits can be made up from multiple sources, Cisco has more information about the continuing education program and a catalog of eligible items on their web site: Cisco Continuing Education Program


Combination of Exams and Continuing Education

Your third option for recertification is a combination of exams and continuing education credits. With this option you can take one concentration exam — again, it doesn't have to be part of the same track that you're certified in — and 40 continuing education credits.

For some this might be a better option than attempting to take a core exam again or having to take two different concentration exams. This may also be a better option for those that can't get away from work for multiple courses to achieve enough continue education credits on its own.