Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

Advanced Junos Security

Learn to configure and monitor advanced Junos OS security features.

GK# 7217 Vendor# AJSEC

Course Overview

TOP

In this course, you will go deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with Juniper Networks SRX Series Services Gateways. Through demonstrations and hands-on labs, you will gain experience configuring and monitoring advanced security features of the Junos operating system.

Certification:

JNCIP-SEC

What You'll Learn

TOP
  • Security supported by the Junos OS
  • Junos security handling at Layer 2 vs. Layer 3
  • Placement and traffic distribution of the various components of SRX devices
  • Configure, utilize, and monitor the various interface types available to the SRX Series product line
  • Junos OS processing of Application Layer Gateways (ALGs)
  • Alter the Junos default behavior of ALG and application processing
  • Implement address books with dynamic addressing
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios
  • Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems
  • Junos routing instance types used for virtualization
  • Implement virtual routing instances
  • Configure route sharing between routing instances using logical tunnel interfaces
  • Implement selective packet-based forwarding
  • Implement filter-based forwarding
  • Implement static, source, destination, and dual NAT in complex LAN environments
  • Implement variations of cone or persistent NAT
  • Interaction between NAT and security policy
  • Implement optimized chassis clustering
  • IP version 6 (IPv6) support for chassis clusters
  • Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs
  • Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls
  • Monitor the operations of the various IPsec VPN implementations
  • Public key cryptography for certificates
  • Junos tools for troubleshooting Junos security implementations
  • Perform successful troubleshooting of some common Junos security issues

Outline

TOP
Viewing outline for:

Virtual Classroom Live Outline

1. Junos Security Review

  • Junos Security Components
  • Selective Packet-Based Forwarding
  • Junos Layer 2 Packet Handling

2. Security Policy Components

  • Application Layer Gateways (ALGs)
  • Junos ALGs
  • Custom Application Definitions
  • Advanced Addressing
  • Policy Matching

3. Virtualization

  • Routing Instances
  • Filter-Based Forwarding

4. Advanced NAT Concepts

  • Beyond Layer 3 and Layer 4 Headers
  • Advanced NAT Scenarios

5. High Availability Clustering

  • High Availability
  • Chassis Clustering Implementations
  • Advanced HA Topics

6. IPsec Implementations

  • Standard VPN Implementations
  • Public Key Infrastructure
  • Hub-and-Spoke VPNs

7. Enterprise IPsec Technologies

  • Group VPN
  • GDOI Protocol
  • Group VPN Configuration and Monitoring
  • Dynamic VPN Implementation

8. IPsec VPN Case Studies and Solutions

  • Routing over VPNs
  • IPsec with Overlapping Addresses
  • Dynamic Gateway IP Addresses
  • Enterprise VPN Deployment Tips and Tricks

9. Troubleshooting Junos Security

  • Troubleshooting Methodology
  • Troubleshooting Tools
  • Identifying IPsec Issues

10. SRX Series Hardware and Interfaces

  • Branch SRX Platform
  • High End SRX Platform
  • SRX Traffic Flow and Distribution
  • SRX Interfaces

Labs

TOP
Viewing labs for:

Virtual Classroom Live Labs

Lab 1: Selective Forwarding

Lab 2: Implementing Advanced Security Policy

Lab 3: Implementing Junos Virtual Routing

Lab 4: Advanced NAT Implementations

Lab 5: Implementing Advanced High Availability Techniques

Lab 6: Hub-and-Spoke IPsec VPNs

Lab 7: Configuring Group VPNs

Lab 8: OSPF over GRE over IPsec VPNs

Lab 9: Performing Security Troubleshooting Techniques

Who Should Attend

TOP

Network technicians and engineers responsible for implementing, monitoring, and troubleshooting Junos security components.

Course Delivery

This course is available in the following formats:

Virtual Classroom Live

Experience expert-led online training from the convenience of your home, office or anywhere with an internet connection.

Duration: 3 day

Request this course in a different delivery format.
Enroll