Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

JNCIP-SEC Security Certification Boot Camp

Prepare for your JNCIP-SEC certification.

GK# 7226 Vendor# JIPS & AJSEC

Course Overview

TOP

In this hands-on course, you will prepare for your JNCIP-SEC certification by experiencing both the JIPS and AJSEC courses. You will learn the concepts, ideas, and terminology relating to providing intrusion prevention using the SRX Series platform. Hands-on labs provide you with the opportunity to configure various IPS features and to test and analyze those functions. And through the AJSEC portion you will go deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with Juniper Networks SRX Series Services Gateways. Through demonstrations and hands-on labs, you will gain experience configuring and monitoring advanced security features of the Junos operating system. The hands-on labs will also provide you with an introduction to the Intrusion Prevention System (JIPS) feature set available on the Juniper Networks SRX Series Services Gateway.

What You'll Learn

TOP
  • Types of intrusions and network penetration steps
  • How to access the SRX Series Services Gateways with IPS functionality for configuration and management
  • How to configure the SRX Series Services Gateways for IPS functionality
  • Steps that the IPS engine takes when inspecting packets
  • Components of IPS rules and rulebases
  • Types of signature-based attacks
  • Uses of custom signatures and how to configure them
  • How scanning can be used to gather information about target networks
  • Configure screens to block various scan types
  • Commonly used evasion techniques and how to block them
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
  • Mechanisms available on the SRX Series device to detect and block DoS and DDoS attacks
  • Configure screens to block DoS and DDoS attacks
  • Reporting capabilities available for IPS functionality
  • Terms and concepts related to intrusion prevention
  • Functions and features available on the SRX Series platform that provide IPS functionality
  • Configure fundamental IPS features and functions on an SRX240 device
  • Security supported by the Junos OS
  • Junos security handling at Layer 2 vs. Layer 3
  • Placement and traffic distribution of the various components of SRX devices
  • Configure, utilize, and monitor the various interface types available to the SRXSeries product line
  • Junos OS processing of Application Layer Gateways (ALGs)
  • Alter the Junos default behavior of ALG and application processing
  • Implement address books with dynamic addressing
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios
  • Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems
  • Junos routing instance types used for virtualization
  • Implement virtual routing instances
  • Configure route sharing between routing instances using logical tunnel interfaces
  • Implement selective packet-based forwarding
  • Implement filter-based forwarding
  • Implement static, source, destination, and dual NAT in complex LAN environments
  • Implement variations of cone or persistent NAT
  • Interaction between NAT and security policy
  • Implement optimized chassis clustering
  • IP version 6 (IPv6) support for chassis clusters
  • Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs
  • Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls
  • Monitor the operations of the various IPsec VPN implementations
  • Public key cryptography for certificates
  • Junos tools for troubleshooting Junos security implementations
  • Perform successful troubleshooting of some common Junos security issues

Outline

TOP
Viewing outline for:

Virtual Classroom Live Outline

1. IPS Functionality

  • Reasons for Network Attacks
  • Categories of Attacks
  • Anatomy of an Attack
  • IPS Mechanisms on SRX Series Devices

2. Initial Device Configuration

  • Deployment Options for IPS Functionality
  • Management Options
  • Network Settings
  • Preparing the SRX Series Device for IPS Features

3. IPS Terminology and Concepts

  • Attack Objects
  • IPS Rulebase Details
  • Rule Match Conditions
  • Rule Actions
  • Terminal Rules
  • IP Actions
  • Notification
  • IPS Traffic Flow

4. IPS Attack Objects

  • IPS Rules and Rulebases
  • Attack Objects
  • Custom Signatures

5. Scanning and Reconnaissance

  • Types of Scans
  • Fingerprinting
  • IPS Scan Prevention

6. Blocking Evasion Techniques and DoS

  • FIN Scans
  • IP Spoofing
  • IP Source Routing Options
  • DoS and DDoS Attacks
  • Mechanisms for Blocking DoS and DDoS

7. Reporting

  • NSM Reports
  • Junos Syslog and Operational Commands

8. Junos Security Review

  • Junos Security Components
  • Selective Packet-Based Forwarding
  • Junos Layer 2 Packet Handling

9. Security Policy Components

  • Application Layer Gateways (ALGs)
  • Junos ALGs
  • Custom Application Definitions
  • Advanced Addressing
  • Policy Matching

10. Virtualization

  • Routing Instances
  • Filter-Based Forwarding

11. Advanced NAT Concepts

  • Beyond Layer 3 and Layer 4 Headers
  • Advanced NAT Scenarios

12. High Availability Clustering

  • High Availability
  • Chassis Clustering Implementations
  • Advanced HA Topics

13. IPsec Implementations

  • Standard VPN Implementations
  • Public Key Infrastructure
  • Hub-and-Spoke VPNs

14. Enterprise IPsec Technologies

  • Group VPN
  • GDOI Protocol
  • Group VPN Configuration and Monitoring
  • Dynamic VPN Implementation

15. IPsec VPN Case Studies and Solutions

  • Routing over VPNs
  • IPsec with Overlapping Addresses
  • Dynamic Gateway IP Addresses
  • Enterprise VPN Deployment Tips and Tricks

16. Troubleshooting Junos Security

  • Troubleshooting Methodology
  • Troubleshooting Tools
  • Identifying IPsec Issues

17. SRX Series Hardware and Interfaces

  • Branch SRX Platform
  • High End SRX Platform
  • SRX Traffic Flow and Distribution
  • SRX Interfaces

Prerequisites

TOP
  • Introduction to the Junos Operating System (IJOS)
  • Junos Routing Essentials (JRE)

Who Should Attend

TOP
  • Network technicians and engineers responsible for configuring and monitoring the IPS aspects of SRX Series devices, and implementing, monitoring, and troubleshooting Junos security components
Course Delivery

This course is available in the following formats:

Virtual Classroom Live

Experience expert-led online training from the convenience of your home, office or anywhere with an internet connection.

Duration: 5 day

Classroom Live

Receive face-to-face instruction at one of our training center locations.

Duration: 5 day

Request this course in a different delivery format.
Enroll