Networking

Getty Images/iStockphoto
VMware has used its virtual VMworld 2021 event to introduce VMware Edge, a portfolio that will cater specifically to help enterprises run, manage, and secure edge-native apps across multiple clouds. According to VMware Edge and Service Provider SVP Sanjay Uppal, the company wants to help address two main problems that organisations face when deploying software stacks. “There’s a challenge of real-time access and there’s a challenge in terms of scale in terms of the number of locations — and we will be addressing both of them,” he told media. He also took the opportunity to define what the “edge” means to VMware, acknowledging the definition in the industry can mean something different to everyone. “The edge is distributed digital infrastructure … for running workloads across a number of locations, and these locations are placed close to endpoints that are producing and consuming data,” Uppal said. Read also: What is edge computing? Here’s why the edge matters and where it’s headed Solutions to help make up the new portfolio will include VMware Edge Compute Stack. Uppal described it as a purpose-built, integrated VM and container-based stack that will enable organisations to run their workloads all the way into the customers’ premise, as well as near the edge. 

VMware Edge Compute Stack will be available in standard, advanced, and enterprise editions. The company added there are plans to develop a lightweight version of Edge Compute Stack to support more lightweight apps at the edge. The company’s VMware Secure Access Service Edge (SASE) offering will also be added. In addition to being the software service that combines SD-WAN with cloud-delivered security, VMware has expanded it to include cloud web security, zero trust network access, and firewalling, which will be delivered as-a-service at the edge.   “Secure access will mean all those endpoints that are coming in without the need for a hardware edge but are coming in and getting terminated at the points of presence, which increases agility and flexibility for the enterprise, but also allows the service provider to migrate away from legacy VPNs,” Uppal said. VMware Edge will also feature VMware Telco Cloud Platform, which has been delivering near edge solutions to telco providers from their 4G/5G core to the radio access network. As part of the latest update, Uppal said, its capabilities will also be extended into the network. “This is where it’s being used for RAN disaggregation, as an example, in 4G and 5G cases where this common software stack using telco cloud platform, is being used,” he said.

More VMWare More

It took about six hours, a new record for Facebook downtime, but Facebook is finally back up. What happened? Here’s what we know so far. The old network troubleshooting saying is, when anything goes wrong, “It’s DNS.” This time Domain Name Server (DNS) appears to be the symptom of the root cause of the Facebook global failure. The true cause is that there are no working Border Gateway Protocol (BGP) routes into Facebook’s sites. BGP is the standardized exterior gateway protocol used to exchange routing and reachability information between the internet top-level autonomous systems (AS). Most people, indeed most network administrators, never need to deal with BGP. 

Many people spotted that Facebook was no longer listed on DNS. Indeed, there were joke posts offering to sell you the Facebook.com domain.   Cloudflare VP Dane Knecht was the first to report the underlying BGP problem. This meant, as Kevin Beaumont, former Microsoft’s Head of Security Operations Centre, tweeted, “By not having BGP announcements for your DNS name servers, DNS falls apart = nobody can find you on the internet. Same with WhatsApp btw. Facebook have basically deplatformed themselves from their own platform.” Whoops. As annoying as this is to you, it may be even more annoying to Facebook employees. There are reports that Facebook employees can’t enter their buildings because their “smart” badges and doors were also disabled by this network failure. If true, Facebook’s people literally can’t enter the building to fix things.  

In the meantime, Reddit user u/ramenporn, who claimed to be a Facebook employee working on bringing the social network back from the dead, reported, before he deleted his account and his messages, that “DNS for FB services has been affected and this is likely a symptom of the actual issue, and that’s that BGP peering with Facebook peering routers has gone down, very likely due to a configuration change that went into effect shortly before the outages happened (started roughly 1540 UTC).” He continued, “There are people now trying to gain access to the peering routers to implement fixes, but the people with physical access is separate from the people with knowledge of how to actually authenticate to the systems and people who know what to actually do, so there is now a logistical challenge with getting all that knowledge unified. Part of this is also due to lower staffing in data centers due to pandemic measures.” Ramenporn also stated that it wasn’t an attack, but a mistaken configuration change made via a web interface. What really stinks — and why Facebook is still down hours later — is that since both BGP and DNS are down, the “connection to the outside world is down, remote access to those tools don’t exist anymore, so the emergency procedure is to gain physical access to the peering routers and do all the configuration locally.” Of course, the technicians on site don’t know how to do that and senior network administrators aren’t on site. This is, in short, one big mess. Facebook was not immediately forthcoming about what had gone wrong and how it was fixed. Hours after Facebook and all its related services went down, Facebook CTO Mike Schroepfer tweeted: “We are experiencing networking issues and teams are working as fast as possible to debug and restore as fast as possible.” Afterward, as Facebook started to come up, he added, “Facebook services coming back online now – may take some time to get to 100%. To every small and large business, family, and individual who depends on us, I’m sorry.” As a former network admin who worked on the internet at this level, I anticipated Facebook would be down for hours. I was also right that it would prove to be Facebook’s longest and most severe failure to date. I do wonder about exactly what went wrong and how it was fixed. Stay tuned. We’ll report on that as soon as know more details. 
Related Stories: More

Facebook blamed its six-hour outage on Monday on a faulty configuration change that affected its vast social media platforms and internal systems. Facebook, alongside WhatsApp and Instagram, suffered a global outage on Monday, October 4 that began at approximately 11:44 EDT and dragged on well into the afternoon.

ZDNet Recommends

The best cloud storage services

Free and cheap personal and small business cloud storage services are everywhere. But, which one is best for you? Let’s look at the top cloud storage options.

Read More

The social media giant’s services were back online as of 17:28 EDT. SEE: A cloud company asked security researchers to look over its systems. Here’s what they found In a subsequent blog post, Facebook’s VP of infrastructure, Santosh Janardhan, said the outage had been caused by a technical issue affecting its Border Gateway Protocol (BCP) routing system, which had “a cascading effect on the way our data centers communicate, bringing our services to a halt.” Monday’s outage also affected internal tools at Facebook that made diagnosing and fixing the problem more difficult, said Janardhan. According to the New York Times, the outage rendered engineers’ access cards useless, meaning staff couldn’t get into the buildings where the affected servers were housed. “Our engineering teams have learned that configuration changes on the backbone routers that coordinate network traffic between our data centers caused issues that interrupted this communication,” said Janardhan.

“Our services are now back online and we’re actively working to fully return them to regular operations. We want to make clear at this time we believe the root cause of this outage was a faulty configuration change.” BGP was originally designed to interconnect internet service providers across the globe. It now forms the routing backbone of the internet. Facebook also uses BGP as a foundation for its data center routing design. In a blog post published in May 2021, Facebook researchers said the routing design was aimed to allow the company to “build our network quickly and provide high availability of our services, while keeping the design itself scalable.” SEE: Why Facebook is the AOL of 2021 However, the researchers also note that BGP “requires tight codesign with the data center topology, configuration, switch software, and data center–wide operational pipeline.” Ironically, Facebook’s data centre routing configuration was designed specifically to minimize the impact of failures. No user data was compromised in Monday’s outage, Facebook said. More

The old network troubleshooting saying is, when anything goes wrong, “It’s DNS.” This time Domain Name Server (DNS) appears to be the symptom of the root cause of the Facebook global failure. The true cause is that there are no working Border Gateway Protocol (BGP) routes into Facebook’s sites. BGP is the standardized exterior gateway protocol used to exchange routing and reachability information between the internet top-level autonomous systems (AS). Most people, indeed most network administrators, never need to deal with BGP. 

Many people spotted that Facebook was no longer listed on DNS. Indeed, there were joke posts offering to sell you the Facebook.com domain.   Cloudflare VP Dane Knecht was the first to report the underlying BGP problem. This meant, as Kevin Beaumont, former Microsoft’s Head of Security Operations Centre, tweeted, “By not having BGP announcements for your DNS name servers, DNS falls apart = nobody can find you on the internet. Same with WhatsApp btw. Facebook have basically deplatformed themselves from their own platform.” Whoops. As annoying as this is to you, it may be even more annoying to Facebook employees. There are reports that Facebook employees can’t enter their buildings because their “smart” badges and doors were also disabled by this network failure. If true, Facebook’s people literally can’t enter the building to fix things.   In the meantime, Reddit user u/ramenporn, who claimed to be a Facebook employee working on bringing the social network back from the dead, reported, before he deleted his account and his messages, that “DNS for FB services has been affected and this is likely a symptom of the actual issue, and that’s that BGP peering with Facebook peering routers has gone down, very likely due to a configuration change that went into effect shortly before the outages happened (started roughly 1540 UTC).”

He continued, “There are people now trying to gain access to the peering routers to implement fixes, but the people with physical access is separate from the people with knowledge of how to actually authenticate to the systems and people who know what to actually do, so there is now a logistical challenge with getting all that knowledge unified. Part of this is also due to lower staffing in data centers due to pandemic measures.” Ramenporn also stated that it wasn’t an attack, but a mistaken configuration change made via a web interface. What really stinks — and why Facebook is still down hours later — is that since both BGP and DNS are down, the “connection to the outside world is down, remote access to those tools don’t exist anymore, so the emergency procedure is to gain physical access to the peering routers and do all the configuration locally.” Of course, the technicians on site don’t know how to do that and senior network administrators aren’t on site. This is, in short, one big mess. As a former network admin who worked on the internet at this level, I anticipate Facebook will be down for hours more. I suspect it will end up being Facebook’s longest and most severe failure to date before it’s fixed. Related Stories: More

Image: Chris Duckett/ZDNet
The parent company of Optus, Singtel, has sold a 70% stake in its Australian tower business, Australia Tower Network (ATN), to AustralianSuper for AU$1.9 billion. The deal will cover 2,312 towers and rooftop sites, with Optus signing a long-term lease with ATN as well as being the anchor tenant for 565 sites to be built over the next three years as part of the telco’s 5G rollout. The initial lease term is 20 years with options thereafter.”The sale of these assets positions Optus well for the future as it provides capital to support core business growth while importantly allowing us to maintain the competitive advantage of our network’s active elements which continue to top independent reports on speed and quality of our network,” Optus CEO Kelly Bayer Rosmarin said. “There has been strong interest from a competitive field of high-quality prospective buyers, and we are pleased with the outcome of the sales process. We very much look forward to a bright future partnering with Aussie Super, an iconic Australian infrastructure investor.” The deal is expected to be completed by the end of October. Telstra recently sold a 49% stake in its InfraCo Towers business for AU$2.8 billion after being approached by a consortium including the Future Fund, Commonwealth Superannuation Corporation, and Sunsuper. That business, now dubbed Amplitel, owns 8,200 towers across Australia. In June, Aware Super along with Macquarie Infrastructure and Real Assets picked up Vocus for AU$3.5 billion.

Update at 11:50am AEST, October 1: Clarified that Singtel is selling the towers, not Optus as originally reported.Related Coverage More

The NSA and CISA have released a detailed guide on how people and organizations should choose virtual private networks (VPN) as both nation-states and cybercriminals ramp up their exploitation of the tools amid a global shift to remote work and schooling. The nine-page fact sheet also includes details on ways to deploy a VPN securely. The NSA said in a statement that the guide would also be helpful to leaders in the Department of Defense, National Security Systems and the Defense Industrial Base so that they can “better understand the risks associated with VPNs.”The NSA said multiple nation-state APT actors have weaponized common vulnerabilities and exposures to gain access to vulnerable VPN devices, allowing them to steal credentials, remotely execute code, weaken encrypted traffic’s cryptography, hijack encrypted traffic sessions and read sensitive data from a device. NSA director Rob Joyce told the Aspen Cybersecurity Summit this week that “multiple nation-state actors are leveraging CVEs to compromise vulnerable Virtual Private Networks devices.”He wrote on Twitter that VPN servers are entry points into protected networks, making them attractive targets. “APT actors have and will exploit VPNs — the latest guidance from NSA and @CISAgov can help shrink your attack surface. Invest in your own protection!” he added. CISA director Jen Easterly echoed Joyce’s remarks, sharing the same message about nation-state exploitation. 

The notice included a list of “tested and validated” VPN products on the National Information Assurance Partnership Product Compliant List, many of which use multi-factor authentication and promptly apply patches and updates. Experts lauded CISA and the NSA for creating the list. Chester Wisniewski, a principal research scientist at Sophos, told ZDNet that for too long, there has not been a trusted voice on VPNs without a vested interest in selling you something. “Combining the knowledge and experience of the NSA with CISA’s remit of helping protect the US private sector puts them in a good position to provide trusted advice on staying safe against criminal actors,” Wisniewski said. He noted that the advice is largely copied from suggestions provided to defense contractors and similar entities. “It is great advice, but incredibly complicated and burdensome for most commercial entities. None of what’s said is wrong, but it requires a lot of forethought and a lot of process to comply with,” Wisniewski added. “Most organizations are incapable of following much of the advice. Doing VPNs right is really hard, as demonstrated in this document, so I would urge organizations to pursue zero trust network access and SD-WAN as a more practical way of achieving similar goals. Rather than rebuild your entire VPN strategy to remain doing it the old way, you may as well spend the same time/resources to modernize your approach to remote access and reap the benefits rather than simply shore up the old way.”Untangle senior vice president Heather Paunet noted that cyberattacks on VPNs are very costly due to potential ransoms or data accessed, as seen with the Pulse Secure VPN exploit in April that compromised government agencies and companies in the US and Europe.While there has been a rise in vulnerabilities of VPNs due to more VPN usage over the last year and a half, newer VPN technologies with newer types of cryptography are evolving to ensure the protection of information transmitted across the internet, Paunet said, noting popular tools like WireGuard VPN that use cryptography. “What is missing from the guidelines are taking the human element into consideration. Along with following the strict guidelines, IT professionals are also challenged with getting employees to effectively use the technology. If the VPN is too difficult to use, or slows down systems, the employee is likely to turn it off,” Paunet said. “The challenge for IT professionals is to find a VPN solution that fits the guidelines, but is also fast and reliable so that employees turn it on once and forget about it.”Archie Agarwal, CEO at ThreatModeler, noted that a quick search on the Shodan search engine reveals over a million VPNs on the Internet in the US alone, providing a doorways to private sensitive internal networks that are sitting exposed to the world for anyone to try to break through. “These represent the old perimeter security paradigm and have failed to protect the inner castle over and again. If credentials are leaked or stolen, or new vulnerabilities discovered, the game is lost and the castle falls,” Agarwal said.  More

IT certifications offer a quick and relatively inexpensive way to enter or enhance an IT career. These credentials may focus on entry-level fundamentals or system and network concentrations for management and specialized careers.Information technology certifications can provide professionals with the training, skills, and credentials necessary to enter the IT field or move within it. Today, skilled IT professionals are in high demand and benefit from remote working opportunities. The Bureau of Labor Statistics (BLS) projects 13% growth for all computer occupations between 2020 and 2030. The computer and information technology sector pays median annual wages of $91,250. Throughout this page, we explore the value of IT certifications and examine some of the leading credentials for entry-level and experienced IT professionals, plus the certifications with the highest earning potential.What is information technology?Information technology includes the hardware, software, and devices that store, process, and manage information. Studies in this field cover the uses, implementation, and optimization of these technologies.Within many organizations, IT departments take on responsibilities including: Operations: Operations professionals focus on providing technical support to users, managing and maintaining network performance, and device management. 

Infrastructure installation and maintenance: Infrastructure professionals implement and configure systems and devices. They provide troubleshooting and maintenance when required. Governance: Governance professionals oversee the IT policies and procedures within an organization. They establish IT strategies and goals and provide leadership.What is an IT certification?IT certifications exhibit a professional’s mastery over a specific discipline, technology, or field. The credentials may feature both condensed training and an exam or only one of these components. IT certifications may provide entry-level, intermediate, or advanced training and credentials.Professionals can pursue certifications to enter the IT field, change positions, or advance their careers. The credentials can showcase a professional’s expertise with a specific vendor’s technology, which may be extremely valuable for employers who use those systems.They also demonstrate determination and drive for personal and professional improvement. IT certification costThe cost of an IT certification varies. Some platforms feature a monthly fee, such as Coursera, which charges between $29-$99. First-time participants can get a free trial period.Most certifications have an exam fee between $99-$999. These credentials often allow candidates to study on their own for free, though paid study materials or instructor-led classes are usually available. What’s the difference between certifications and degrees in information technology?Though they can have similar outcomes, IT certifications and degrees feature significant differences. In contrast to highly focused and accelerated certifications, degrees combine general education and core training over 2- to 4-year periods. Many degrees offer specialization options and courses like information systems fundamentals, enterprise network design, and cybersecurity. While both associate degrees and certain certifications can lead to entry-level careers, many advanced and high-paying IT roles require a bachelor’s degree in IT or higher. What’s the difference between information technology certificates and certifications?An information technology certificate is an education program that trains learners in a specific IT field. Compared to degree-granting IT programs, an information technology certificate takes less time and does not include general education courses. Most certificate programs take 4-12 months. Certifications are granted by third-party providers who meet industry-wide specifications, while a certificate is generally earned through a college or other learning platform. Both undergraduate and graduate certificates are available. By comparison, a certification generally does not require classes. Instead, candidates meet experience or education prerequisites and pass an examination. Some certificate programs offer a credential upon completion, including the IBM Cybersecurity Analyst Professional Certificate in the list below.Must-have certifications in 2021With so many certifications to choose from, IT professionals can find the selection process challenging. To help simplify matters, we picked out the most widely recognized and sought-after credentials available. The following lists highlight some of the best entry-level, specialized, and high-earning certifications on the market.Entry-level IT certificationsEntry-level certifications can open the door to the IT industry for aspiring professionals without any previous education or experience. With a mixture of foundational and specialized training, these credentials may help candidates change careers and can lead to more advanced training and credentials in the future. 

NicoElNino, Getty Images/iStockphoto

Time to complete: Approximately six monthsCost: $39/month Exam required? NoDesigned to prepare graduates for entry-level IT support positions, this certificate equips participants with troubleshooting, debugging, and program installation skills. The training covers Linux, Domain Name Systems, and cloud computing. No previous experience is required. 

(Image: Shutterstock)

Time to complete: Approximately eight monthsCost: $39/monthExam required? NoThis certificate teaches aspiring IT support specialists how to write Python script that automates IT solutions and administrative tasks. The training also covers Git, GitHub, IT resource management, and troubleshooting and debugging. No previous experience is required.

Time to complete: Eight days + 120-minute examCost: $300Exam required? YesDeveloped for aspiring IT and networking professionals, this certification provides participants with knowledge of Cisco network components, IP services, and security. Candidates often possess Cisco solutions experience and knowledge of network fundamentals and IP addressing.  

By The Art of Pics — Shutterstock

Time to complete: VariesCost: $127Exam required? YesMicrosoft Technology Associate certifications cover infrastructure fundamentals in areas including operating systems, networking, Windows server administration, and security. These certifications can lead to careers in IT support and administration for desktop, cloud computing, and servers. Candidates taking each exam should have experience and familiarity with the major concepts and fundamentals.

Cloud technology certificationsCloud technologies give users access to various computing services whenever and wherever they need them. Certified professionals in this field can access some of the most in-demand computer occupations. The following are some of the best certifications in this field.

By DANIEL CONSTANTE — Shutterstock

Time to complete: Two days + 45-minute examCost: $99Exam required? YesThis certification acknowledges professionals with knowledge of Microsoft Azure services, support, and security. Candidates possess an understanding of the integrated management tools and solutions, along with the network and compliance features. There are no exam prerequisites other than understanding the material.

Time to complete: VariesCost: $165Exam required? YesThis certification prepares professionals to govern an organization’s cloud infrastructure and resources. It demonstrates skills in implementing and managing Microsoft Azure environments.  Candidates should possess at least six months of experience using Microsoft Azure and related systems.

IT security certificationsIT security certifications credentials prepare professionals to protect organizational information, develop advanced security programs, and establish risk management strategies. Certified professionals can pursue roles in management or as cybersecurity specialists. 

By JLStock — Shutterstock

Time to complete: Approximately eight months + examCost: $49/monthExam required? YesDesigned for cybersecurity analysts, this certification prepares professionals to protect data and endpoints, collect security data, and leverage open source tools. Certificate-holders learn to identify database vulnerabilities, prevent malware attacks, and detect and handle cyberthreats. No previous experience is required. 

By JLStock — Shutterstock

Time to complete: 90-minute exam + study timeCost: $370 – $949Exam required? Ideal for IT professionals who want to demonstrate cybersecurity expertise, this certification covers threat and vulnerability detection, program design and implementation, and incident response. Certified professionals also master organizational risk management & regulations compliance. Experience is not mandatory, but two years of IT and security experience is recommended.

Network certificationsNetwork certifications focus on improving business communications and networks. Credentialed professionals know how to design, implement, manage, and optimize networks for organizations, leading to careers in network administration, analysis, and management.

Time to complete: Approximately 16 days of training + two 120-minute examsCost: $400Exam required? YesThis certification prepares professionals to take on roles dedicated to enterprise networking technologies. The core training and exam equip learners to handle dual-stack architecture, network assurance, and security. Concentrations are available in advanced routing, wireless networks, and automation. There are no prerequisites, but many candidates possess between 3-5 years of experience with enterprise networking solutions. 

Time to complete: Recommended three-day course + 90-minute examCost: $200Exam required? YesMade for networking professionals, this certification covers the Juniper Networks Junos operating system. The credential recognizes those who understand the system fundamentals and interfaces, can configure Junos devices, and can identify routing concepts and policies. An optional training course is recommended prior to taking the exam. 

Shutterstock

Time to complete: 90 minutes + study timeCost: $338 – $999Exam required? YesBuilt for aspiring network troubleshooters and administrators, this certification recognizes professionals who have a grasp of networking concepts, devices, security, and operations. CompTIA recommends test-takers have nine months of networking experience and a solid handle on the exam material before testing.

Highest Paying IT CertificationsMany IT certifications lead to promising careers, but some offer greater financial rewards than others. Through a survey with 3,700 U.S.-based respondents, Global Knowledge found professionals holding the following IT certifications reported the best ROI and highest average salaries. Readers should note that salaries may be dependent on experience, employers, performance, and location. 

Time to complete: Two-hour exam + study timeCost: $200Exam required? YesAverage salary: $171,749Created to recognize data engineering expertise, this certification acknowledges professionals who can design, build, and manage data processing systems. The credential focuses on machine learning models, compliance, and security. Google recommends that test-takers possess at least three years of professional experience and one year of experience with Google Cloud.

By SFIO CRACHO — Shutterstock

Time to complete: Two-hour exam + study timeCost: $200Exam required? YesAverage salary: $169,029This certification acknowledges professionals who provide business solutions using Google Cloud technologies. The exam covers cloud solutions design and planning, security, reliability, and management. Google recommends that professionals possess at least three years of industry experience and one year of Google Cloud experience before testing.

Shutterstock

Time to complete: 130-minute exam + study timeCost: $150Exam required? Average salary: $159,033This certification affirms professionals’ skills in AWS cloud systems and solutions. The exam covers designing and implementation of distributed systems, including AWS security, networking, and compliance requirements. AWS recommends that test-takers have at least one year of experience using AWS technologies. 

Getty Images/iStockphoto

Time to complete: Four-hour exam + study timeCost: $575 for members and $760 for non-membersExam required? YesAverage salary: $151,995Developed for IT risk management and security professionals, this certification demonstrates an understanding of risk monitoring and threat mitigation. The credential covers information systems governance, assessment, security, and risk response and reporting. For certification, professionals need at least three years of relevant professional experience.

Time to complete: Three-hour exam + study timeCost: $749Exam required? YesAverage salary: $151,853Awarded to IT professionals who can design and manage effective cybersecurity programs, this certification covers risk management, architecture and engineering, assessment and testing, and software development. The requirements for certification include a minimum of five years of experience in at least two CISSP domains. 

Time to complete: Four-hour exam + study timeCost: $575 for members and $760 for non-membersExam required? YesAverage salary: $149,246This certification recognizes professionals who can design and manage information security programs. The credential also covers governance, risk and incident management, and compliance. Qualifying for certification requires at least five years of information security management experience.

kasto80, Getty Images/iStockphoto

Time to complete: 35 contact hours of training + 230-minute exam + study timeCost: $405 for members and $555 for non-membersExam required? YesAverage salary: $148,906Built for experienced project managers, this certification acknowledges professionals with skills using predictive, Agile, and hybrid management methodologies. Certified professionals demonstrate expertise in planning, controlling, and closing projects. For eligibility, professionals need a four-year degree and three years of management experience or 60 months of management experience. 

Nutanix

Time to complete: Two-hour exam + study timeCost: $199Exam required? YesAverage salary: $142,810This certification validates a professional’s abilities to manage and troubleshoot Nutanix AOS 5.15. The exam tests on enterprise cloud concepts and managing and securing clusters. Though not required, ideal candidates have at least 3-6 months of experience with AOS and 1-2 years of experience with general systems.

Time to complete: Four-hour exam + study timeCost: $575 for members and $760 for non-membersExam required? YesAverage salary: $134,460Acknowledging professionals who monitor, control, and assess business IT systems, this certification covers the auditing process, IT governance, systems development and implementation, and asset protection. For certification, professionals need at least five years of auditing or related experience. 

Shutterstock

Time to complete: 130-minute exam + study timeCost: $250Exam required? YesAverage salary: $132,947This certification demonstrates an understanding of vSphere infrastructure best practices, implementation, and management skills. Credentialed professionals can install, configure, troubleshoot, and secure the virtualization platform. 

Which IT certification is right for you?When choosing between the many IT certifications, candidates should consider multiple factors to ensure they pick the best-suited option for them. First, they should evaluate their current level and strengths. Next, they should think about their career goals and identify what credentials and training they need in order to reach that level. Equipped with that information, candidates can search the available certifications, sorting by relevance, industry recognition and acceptance of the credential, cost, and delivery format. While IT certifications do not typically pursue or receive accreditation, they may still be recognized by noteworthy organizations, such as professional industry associations or specific vendors. Candidates can research what type of industry recognition certifications have received to ensure they get the best credential available.

What are the best IT certs to get?

The best IT certifications depend on the candidate’s career goals. Many employers rank certain certifications above others depending on their usefulness to the organization, such as those that provide relevant vendor- and system-specific training. 

Can you get an IT job with just certifications?

Yes. Professionals with an IT certification as their only relevant training can access some entry-level IT careers.

What IT certifications pay the most?

The highest-paying IT certifications depend on the credentialed professional’s experience, employer, and location. According to Global Knowledge, professionals holding a Google Certified Professional Data Engineer credential report some of the highest average wages at $171,749.

ZDNet Recommends More

The US Federal Communications Commission (FCC) has laid out the rules for small carriers that are applying to access a pot of $1.9 billion to rip out and replace network equipment and services from Huawei and ZTE. The rules state that carriers will need to have under 10 million customers and allow for the possibility of some schools, libraries, and health care providers gaining access to funds if they provide broadband services. For the purposes of the program, equipment would need to be capable of speeds above 200kbps in either direction. “The reimbursement program will reimburse eligible providers of advanced communications services for costs reasonably incurred for the removal, replacement, and disposal of their Huawei and ZTE equipment and services obtained on or before June 30, 2020,” the FCC said. “RRD costs incurred prior to April 17, 2018 will not be reimbursable.” The FCC said in the cases of older network, replacing like-for-like may not be possible, and instances such as ripping out an older mobile network to be replaced by LTE or 5G-ready equipment would be allowed. Those receiving the funds will not be able to replace microwave backhaul or fixed wireless links with fibre links. If a tower is not capable of holding replacement equipment, the cost of a new tower would be considered on a case-by-case basis, the regulator said. Applicants for the funds will be able to claim vendor travel expenses and salary costs of internal employees dedicated purely to the replacement program.

“Separately, the commission has determined that the replacement of non-Huawei or ZTE mobile handsets and other customer premises equipment, including Internet of Things devices, used by end users to access and utilise advanced communications services are not reasonably necessary to the removal, replacement, and disposal of covered communications equipment or service,” it said. The window for applying runs from October 29 to January 14, with successful applicants expected to be informed in early Q2 2022. The program has been in the works for two years, with the FCC officially designating Huawei and ZTE as national security threats in July 2020. Separately, over the weekend, the US Justice Department and Huawei CFO Meng Wanzhou cut a deal to end an extradition lawsuit that ran for nearly three years. Meng admitted only to misleading global financial institutions, and did not plead guilty to the various fraud charges imposed against her. Without even trying to hide its hostage diplomacy tactics, Beijing subsequently released two Canadians who were detained shortly after Meng’s arrest and kept in Chinese prisons.By contrast, Meng was able to live under house arrest in one of her two Vancouver homes. Related Coverage More