JSEC – Junos Security

X

Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.

Subscribe

I'd like to receive emails with the latest updates and promotions from Insoft.

Data Protection & Privacy

I hereby allow Insoft Ltd. to contact me on this topic. Further, I authorise Insoft Ltd. processing, using collecting and storing my personal data for the purpose of these activities. All your data will be protected and secured as outlined in our privacy policy.


Upcoming Dates


Nov 1 - Nov 5, 2021
09:00 - 17:00
Online

JSEC – Junos Security
5 days  (Instructor Led Online)  |  Junos Security

Course Details

This five-day course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include: security zones, security policies, Network Address Translation (NAT), IPsec VPNs, and chassis clustering. Through demonstrations and hands-on labs, students will gain experience in configuring the Junos OS and monitoring device operations of Junos security devices. This course uses Juniper Networks SRX Series Services Gateways for the primary hands-on component. This course is based on Junos OS Release 17.4R1.16 and the vSRX virtual appliance

 

 

See other Juniper courses

Objectives

  • Describe traditional routing and security
  • ¬†Provide an overview of SRX Series Services Gateway devices and the Junos OS software architecture
  • Describe the logical packet flow and session creation performed by SRX Series Services Gateway devices
  • Describe, configure, and monitor zones
  • Describe, configure, and monitor security policies
  • Troubleshoot security zones and policies
  • Describe, configure, and monitor NAT, as implemented on Junos security platforms
  • Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs)
  • Implement and monitor route-based IPsec VPNs
  • ¬†Implement and monitor Hub-and-Spoke VPNs, Group VPNs, and ADVPNs
  • Troubleshoot IPsec VPNs
  • Describe, configure, and monitor chassis clusters
  • Troubleshoot chassis clusters

Outline

Day 1 :

1. COURSE INTRODUCTION:

2 .Introduction to Junos Security:

  • Traditional Routing and Security
  • Architecture Overview of Junos Security Devices
  • ¬†Logical Packet Flow through Junos Security Devices
  • J-Web Overview

3. Zones and Screen Options:

  • Zones Overview
  • Zone Configuration
  • Monitoring Security Zones
  • Configuring Screen Options
  • Screen Options Case Study
  • LAB 1: Zones and Screen Options

4 .Security Policies :

  • Security Policy Overview
  • Policy Components
  • Security Policy Configuration in J-Web
  • Policy Case Study (CLI)
  • Policy Case Study (J-Web)
  • ¬†LAB 2: Security Policies

5 .Advanced Security Policy:

  • Session Management
  • Junos ALGs
  • Policy Scheduling
  • Logging
  • Advanced Security Policy
  • ¬†Lab 3: Advanced Policy Options

Day 2 :

6 .Troubleshooting Zones and Policies:

  • ¬†General Troubleshooting for Junos Devices
  • Troubleshooting Tools
  • Troubleshooting Zones and Policies
  • Zone and Policy Case Studies
  • ¬†Lab 4: Troubleshooting Security Zones and Policies

7 .Network Address Translation :

  • NAT Overview
  • Source NAT
  • Destination NAT
  • Static NAT
  • Proxy ARP
  • Lab 5: Network Address Translation

8 .Advanced NAT:

  • ¬†Persistent NAT
  • DNS Doctoring
  • IPv6 with NAT
  • Advanced NAT Scenarios
  • Troubleshooting NAT
  • Lab 6: Advanced NAT

Day 3 :

9 .IPsec VPN Concepts :

  • ¬†VPN Types
  • Secure VPN Requirements
  • IPsec Tunnel Establishment
  • ¬†IPsec Traffic Processing

 10 .IPsec VPN Implementation :

  • ¬†IPsec VPN Configuration
  • ¬†IPsec VPN Case Study
  • ¬†Proxy IDs and Traffic Selectors
  • Monitoring IPsec VPNs
  • Lab 7: Implementing IPsec VPNs

11 .Hub-and-Spoke VPNs:

  • ¬† Hub-and-Spoke VPN Overview
  • ¬†Hub-and-Spoke Configuration and Monitoring
  • ¬†Lab 8: Hub-and-Spoke VPNs

12. Group VPNs:

  • ¬†Group VPN Overview
  • ¬†Group VPN Configuration and Monitoring
  • Lab 9: Group VPNs

Day 4 :

13 .PKI and ADVPNs:

  • Public Key Infrastructure Overview
  • PKI Configuration
  • ADVPN Overview
  • ADVPN Configuration and Monitoring
  • Lab 10: PKI and ADVPNs

15 .Troubleshooting IPsec :

  • ¬†IPsec Troubleshooting Overview
  • Troubleshooting IKE Phase 1 and 2
  • IPsec Logging
  • ¬†IPsec Case Studies
  • ¬†Lab 12: Troubleshooting IPsec

14 .Advanced IPsec

  • NAT with IPsec
  • ¬†Class of Service with IPsec
  • ¬†Best Practices
  • ¬†Routing OSPF over IPsec
  • IPsec with Overlapping Addresses
  • IPsec with Dynamic Gateway IP Addresses
  • ¬†Lab 11: Advanced IPsec VPN Solutions

16 ,Chassis Cluster Concepts :

  • ¬†Chassis Clustering Overview
  • ¬†Chassis Cluster Components
  • Chassis Cluster Operation

Day 5 :

17 .Chassis Cluster Implementation :

  • ¬†Chassis Cluster Configuration
  • Advanced Chassis Cluster Options
  • Lab 14: Implementing Chassis Clusters

A SRX Series Hardware :

  • Branch SRX Platform Overview
  • ¬†Mid-Range SRX Platform Overview
  • High-End SRX Platform Overview
  • SRX Traffic Flow and Distribution

18 .Troubleshooting Chassis Clusters :

  • Troubleshooting Chassis Clusters
  • Chassis Cluster Case Studies
  • ¬†Lab 14: Troubleshooting Chassis Clusters

 B Virtual SRX :

  • Virtualization Overview
  • Network Virtualization and SDN
  • Overview of the Virtual SRX
  • Deployment Scenarios
  • ¬†Integration with AWS

Target Audience

This course benefits operators of SRX Series devices. These operators include network engineers, administrators, support personnel, and reseller support personnel.

Prerequisites