Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


Advanced Junos Security

Learn to configure and monitor advanced Junos OS security features.

GK# 7217 Vendor# AJSEC

Course Overview


In this course, you will go deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with Juniper Networks SRX Series Services Gateways. Through demonstrations and hands-on labs, you will gain experience configuring and monitoring advanced security features of the Junos operating system.



What You'll Learn

  • Security supported by the Junos OS
  • Junos security handling at Layer 2 vs. Layer 3
  • Placement and traffic distribution of the various components of SRX devices
  • Configure, utilize, and monitor the various interface types available to the SRX Series product line
  • Junos OS processing of Application Layer Gateways (ALGs)
  • Alter the Junos default behavior of ALG and application processing
  • Implement address books with dynamic addressing
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios
  • Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems
  • Junos routing instance types used for virtualization
  • Implement virtual routing instances
  • Configure route sharing between routing instances using logical tunnel interfaces
  • Implement selective packet-based forwarding
  • Implement filter-based forwarding
  • Implement static, source, destination, and dual NAT in complex LAN environments
  • Implement variations of cone or persistent NAT
  • Interaction between NAT and security policy
  • Implement optimized chassis clustering
  • IP version 6 (IPv6) support for chassis clusters
  • Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs
  • Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls
  • Monitor the operations of the various IPsec VPN implementations
  • Public key cryptography for certificates
  • Junos tools for troubleshooting Junos security implementations
  • Perform successful troubleshooting of some common Junos security issues


Viewing outline for:

Virtual Classroom Live Outline

1. Junos Security Review

  • Junos Security Components
  • Selective Packet-Based Forwarding
  • Junos Layer 2 Packet Handling

2. Security Policy Components

  • Application Layer Gateways (ALGs)
  • Junos ALGs
  • Custom Application Definitions
  • Advanced Addressing
  • Policy Matching

3. Virtualization

  • Routing Instances
  • Filter-Based Forwarding

4. Advanced NAT Concepts

  • Beyond Layer 3 and Layer 4 Headers
  • Advanced NAT Scenarios

5. High Availability Clustering

  • High Availability
  • Chassis Clustering Implementations
  • Advanced HA Topics

6. IPsec Implementations

  • Standard VPN Implementations
  • Public Key Infrastructure
  • Hub-and-Spoke VPNs

7. Enterprise IPsec Technologies

  • Group VPN
  • GDOI Protocol
  • Group VPN Configuration and Monitoring
  • Dynamic VPN Implementation

8. IPsec VPN Case Studies and Solutions

  • Routing over VPNs
  • IPsec with Overlapping Addresses
  • Dynamic Gateway IP Addresses
  • Enterprise VPN Deployment Tips and Tricks

9. Troubleshooting Junos Security

  • Troubleshooting Methodology
  • Troubleshooting Tools
  • Identifying IPsec Issues

10. SRX Series Hardware and Interfaces

  • Branch SRX Platform
  • High End SRX Platform
  • SRX Traffic Flow and Distribution
  • SRX Interfaces


Viewing labs for:

Virtual Classroom Live Labs

Lab 1: Selective Forwarding

Lab 2: Implementing Advanced Security Policy

Lab 3: Implementing Junos Virtual Routing

Lab 4: Advanced NAT Implementations

Lab 5: Implementing Advanced High Availability Techniques

Lab 6: Hub-and-Spoke IPsec VPNs

Lab 7: Configuring Group VPNs

Lab 8: OSPF over GRE over IPsec VPNs

Lab 9: Performing Security Troubleshooting Techniques

Who Should Attend


Network technicians and engineers responsible for implementing, monitoring, and troubleshooting Junos security components.

Course Delivery

This course is available in the following formats:

Virtual Classroom Live

Experience expert-led online training from the convenience of your home, office or anywhere with an internet connection.

Duration: 3 day

Request this course in a different delivery format.