Network Security
Call 1-800-868-4858
  Course Fees: $3750 (Training Credits Accepted)  
  Course Duration: 5 Days  
  Course Code: EDU-JUN-JNCIP-SEC  
  Course Schedule: Click for Schedule and Registrationschd  
  Juniper Certification Code: JNCIP-SEC :: Exam Code:632  

Course Overview

This five-day course, is designed to build off of the current Junos Security (JSEC) offering, delves deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with SRX Series Services Gateways. The course covers concepts, ideas, and terminology relating to providing intrusion prevention using the SRX Series platform. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring advanced security features of the Junos operating system.



After successfully completing this course, you should be able to pass your JNCIP-SEC certification exam.:

Intended Audience

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components.

Course Level

AJSEC & JIPS are advanced-level courses.


Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Introduction to the Junos Operating System (IJOS), Junos Routing Essentials (JRE), and Junos Security (JSEC) courses prior to attending this class.

Course Contents

Day 1 (AJSEC)

Chapte1: Course Introduction

Chapter 2: Junos Security Review

  • Junos Security Components Overview and Selective Packet-Based Forwarding
  • Junos Layer 2 Packet Handling
  • Lab 1: Selective Forwarding

Chapter 3: Security Policy Components

  • ALG Overview
  • Junos ALGs
  • Custom Application Definitions
  • Advanced Addressing
  • Policy Matching
  • Lab 2: Implementing Advanced Security Policy

Chapter 4: Virtualization

  • Virtualization Overview
  • Routing Instances
  • Filter-Based Forwarding
  • Lab 3: Implementing Junos Virtual Routing

Day 2

Chapter 5: Advanced NAT Concepts

  • Operational Review
  • NAT: Beyond Layer 3 and Layer 4 Headers
  • Advanced NAT Scenarios
  • Lab 4: Advanced NAT Implementations

Chapter 6: High Availability Clustering

  • High Availability Overview
  • Chassis Clustering Implementations
  • Advanced HA Topics
  • Lab 5: Implementing Advanced High Availability Techniques

Chapter 7: IPsec Implementations

  • Standard VPN Implementations Review
  • Public Key Infrastructure
  • Hub-and-Spoke VPNs
  • Lab 6: Hub-and-Spoke IPsec VPNs

Day 3

Chapter 8: Enterprise IPsec Technologies: Group and Dynamic VPNs

  • Group VPN Overview
  • GDOI Protocol
  • Group VPN Configuration and Monitoring
  • Dynamic VPN Overview
  • Dynamic VPN Implementation
  • Lab 7: Configuring Group VPNs

Chapter 9: IPsec VPN Case Studies and Solutions

  • Routing over VPNs
  • IPsec with Overlapping Addresses
  • Dynamic Gateway IP Addresses
  • Enterprise VPN Deployment Tips and Tricks
  • Lab 8: OSPF over GRE over IPsec VPNs

Chapter 10: Troubleshooting Junos Security

  • Troubleshooting Methodology
  • Troubleshooting Tools
  • Identifying IPsec Issues
  • Lab 9: Performing Security Troubleshooting Techniques

Appendix A: SRX Series Hardware and Interfaces

  • Branch SRX Platform Overview
  • High End SRX Platform Overview
  • SRX Traffic Flow and Distribution
  • SRX Interfaces

Day 4 ( JIPS )

Chapter 1: Course Introduction

Chapter 2: Overview of IPS Functionality

  • Reasons for Network Attacks
  • Categories of Attacks
  • Anatomy of an Attack
  • IPS Mechanisms on SRX Series Devices
  • Lab 1: Initial Configuration

Chapter 3: Initial Device Configuration

  • Deployment Options for IPS Functionality
  • Management Options
  • Network Settings
  • Preparing the SRX Series Device for IPS Features
  • Lab 2: Initial IDP Setup

Chapter 4: IPS Terminology and Concepts

  • Terminology Overview
  • Attack Objects
  • IPS Rulebase Details
  • Rule Match Conditions
  • Rule Actions
  • Terminal Rules
  • IP Actions
  • Notification
  • Terminology Review
  • IPS Traffic Flow
  • Lab 3: Examining and Modifying the Recommended Policy
  • Lab 4: Exempt Rulebase
  • Lab 5: Rule Actions

 Day 5

 Chapter 5: IPS Attack Objects

  • IPS Rules and Rulebases
  • Attack Objects
  • Custom Signatures
  • Lab 6: Custom Signatures

Chapter 6: Scanning and Reconnaissance

  • Overview of Scanning
  • Types of Scans
  • Fingerprinting
  • IPS Scan Prevention

Chapter 7: Blocking Evasion Techniques and Denial of Service

  • FIN Scans
  • IP Spoofing
  • IP Source Routing Options
  • DoS and DDoS Attacks
  • Mechanisms for Blocking DoS and DDoS
  • Lab 7: Detecting Evasion Attempts
  • Lab 8: Denial of Service

Chapter 8: Reporting

  • NSM Reports
  • Junos Syslog and Operational Commands



juniper schedule







Copy Right (c) 2017 Cosmos Security Center Inc.
The leading Juniper, CISSP, Check Point Training Center
Juniper Training :: CISSP Training :: CheckPoint Training
Juniper SRX Security Training, Juniper Routing & Switching Training,