Global Knowledge

1-800-COURSES
Chat Now

Shopping Cart | My Global Knowledge Login | United States United States [change region]

  • Courses
    • Browse Catalog
    • Delivery Methods
    • New Courses
    • Special Offers
    • Guaranteed Dates
    • Search Wizard
  • Certifications
  • Training Solutions
    • Corporate Training
    • Government Training
    • Partner with Us
  • Training Locations
    • Atlanta
    • Chicago
    • Dallas
    • Morristown
    • New York
    • Raleigh
    • San Jose
    • Washington, DC
    • All 150+ Locations
  • Knowledge Center
    • Assessments
    • Case Studies
    • Demos
    • Events
    • Lab Topologies
    • Mobile Apps
    • Practice Files
    • Special Reports
    • Twitter
    • Videos
    • Webinars
    • White Papers
  • Contact Us
Junos Security Skills Camp JSEC AJSEC

Home > Course Catalog >  Cybersecurity Training > Junos Security Skills Camp (JSEC, AJSEC)

Junos Security Skills Camp (JSEC, AJSEC)

Build your intermediate and advanced Juniper security skills in this convenient skills-building course.

We've combined two authorized Juniper courses, Junos Security (JSEC) and Advanced Junos Security (AJSEC) to create an intensive, extended-hours Skills Camp in which you will build your intermediate and advanced Juniper security skills. You will gain hands-on experience implementing, configuring, and monitoring the Junos OS for SRX Series devices, covering:

  • Security zones
  • Security policies
  • Intrusion detection and prevention (IDP)
  • Network Address Translation (NAT)
  • IP Security (IPsec) deployments
  • Virtualization
  • Layer 2 security with SRX Series Services Gateways

What You'll Learn

  • SRX Series devices and software architecture
  • Logical packet flow and session creation performed by SRX Series devices
  • Placement and traffic distribution of the various components of SRX devices
  • Configure, utilize, and monitor the various interface types available to the SRX Series product line
  • Configure and monitor zones, security policies, and firewall user authentication
  • Configure and monitor SCREEN options to prevent network attacks
  • Implement and monitor NAT on Junos security platforms
  • Implement static, source, destination, and dual NAT in complex LAN environments
  • Implement variations of cone or persistent NAT
  • Interaction between NAT and security policy
  • Purpose and mechanics of IPsec virtual private networks (VPNs)
  • Implement and monitor policy-based and route-based IPsec VPNs
  • Differentiate and configure standard point-to-point IPsec VPN tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs
  • Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls
  • Monitor the operations of the various IPsec VPN implementations
  • Use and update the IDP signature database
  • Configure and monitor IDP policy with policy templates
  • Configure and monitor high availability (HA) chassis clusters
  • Security supported by the Junos OS
  • Junos security handling at Layer 2 vs. Layer 3
  • Junos OS processing of Application Layer Gateways (ALGs)
  • Alter the Junos default behavior of ALG and application processing
  • Implement address books with dynamic addressing
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios
  • Junos routing instance types used for virtualization
  • Implement virtual routing instances
  • Configure route sharing between routing instances using logical tunnel interfaces
  • Implement packet-based and filter-based forwarding
  • Implement optimized chassis clustering
  • IPv6 support for chassis clusters
  • Public key cryptography for certificates
  • Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems
  • Junos tools for troubleshooting Junos security implementations

Who Needs to Attend

Network engineers, administrators, support personnel, and reseller support personnel using SRX Series devices

Prerequisites

  • Introduction to the Junos Operating System (IJOS)
  • Junos Routing Essentials (JRE)

Or

  • Junos Foundations: JNCIA-Junos Boot Camp (IJOS, JRE)

Follow-On Courses

There are no follow-ons for this course.

Certification Programs and Certificate Tracks

This course is part of the following programs or tracks:

  • Juniper Networks Certified Internet Professional - Security (JNCIP-SEC)

Course Outline

1. Junos Security Platforms

  • Traditional Routing
  • Traditional Security
  • Breaking the Tradition
  • The Junos OS Architecture

2. Zones

  • The Definition of Zones
  • Zone Configuration
  • Monitoring Security Zones

3. Security Policies

  • Policy Components
  • Verifying Policy Operation
  • Policy Scheduling and Rematching
  • ALGs
  • Custom Application Definitions
  • Advanced Addressing
  • Policy Matching

4. Firewall User Authentication

  • Firewall User Authentication Overview
  • Pass-Through Authentication
  • Web Authentication
  • Client Groups
  • Using External Authentication Servers
  • Verifying Firewall User Authentication

5. SCREEN Options

  • Multilayer Network Protection
  • Stages and Types of Attacks
  • Using Junos SCREEN Options
    • Reconnaissance Attack Handling
    • Denial of Service Attack Handling
    • Suspicious Packets Attack Handling
  • Applying and Monitoring SCREEN Options

6. NAT

  • Source NAT Operation and Configuration
  • Destination NAT Operation and Configuration
  • Static NAT Operation and Configuration
  • Proxy ARP
  • Monitoring and Verifying NAT Operation
  • Beyond Layer 3 and Layer 4 Headers
  • Advanced NAT Scenarios

7. IPsec VPNs

  • VPN Types
  • Secure VPN Requirements
  • IPsec Details
  • Configuration of IPsec VPNs
  • IPsec VPN Monitoring
  • Routing over VPNs
  • IPsec with Overlapping Addresses
  • Dynamic Gateway IP Addresses
  • Enterprise VPN Deployment Tips and Tricks

8. IPsec Implementations

  • Standard VPN Implementations
  • Public Key Infrastructure
  • Hub-and-Spoke VPNs

9. Enterprise IPsec Technologies

  • Group VPN
  • GDOI Protocol
  • Group VPN Configuration and Monitoring
  • Dynamic VPN Implementation

10. IDP

  • Junos IDP
  • Policy Components
  • Configuration
  • Signature Database
  • Monitoring IDP Operation

11. HA Clustering

  • Chassis Cluster
    • Components
    • Operation
    • Configuration
    • Monitoring
    • Implementations
  • Advanced HA Topics

12. Virtualization

  • Routing Instances
  • Filter-Based Forwarding

13. Troubleshooting Junos Security

  • Troubleshooting Methodology
  • Troubleshooting Tools
  • Identifying IPsec Issues

14. SRX Series Hardware and Interfaces

  • Branch SRX Platform
  • High-End SRX Platform
  • SRX Traffic Flow and Distribution
  • SRX Interfaces

Labs

Lab 1: Configuring and Monitoring Zones

Lab 2: Security Policies

Case Study 1: Security Policy

Lab 3: Configuring Firewall Authentication

Lab 4: Implementing SCREEN Options

Lab 5: Network Address Translation

Lab 6: Implementing IPsec VPNs

Lab 7: Implementing IDP

Case Study 2: Applying the Recommended IDP Policy

Lab 8: Implementing Chassis Clusters

Lab 9: Selective Forwarding

Lab 10: Implementing Advanced Security Policy

Lab 11: Implementing Junos Virtual Routing

Lab 12: Advanced NAT Implementations

Lab 13: Implementing Advanced HA Techniques

Lab 14: Hub-and-Spoke IPsec VPNs

Lab 15: Configuring Group VPNs

Lab 16: OSPF over GRE over IPsec VPNs

Lab 17: Performing Security Troubleshooting Techniques

Cybersecurity

On-Site

Course Code: 7213

Exclusive Course

Contact us for pricing

5 Day Course


Payment Options

Alert Me Alert Me

Schedule and Registration

Request a Quote.

Request a date & location.

Resources

PDF of this course

 

Share

Copyright ©2013 Global Knowledge Training LLC  All rights reserved.  1-800-COURSES (1-800-268-7737) Privacy  Legal  Policies  Site Map  Blog RSSRSS