Network Security
Call 1-800-868-4858
 
  Advanced Junos Security (AJSEC)    
   
  Course Fees: $3750 (Training Credits Accepted)  
  Course Duration: 5 Days  
  Course Code: EDU-JUN-AJSEC  
  Course Schedule: Click for Schedule and Registrationschd  
  Juniper Certification Code: JNCIP-SEC :: Exam Code:632  
 

Course Overview

This five-day course, which is designed to build off of the current Junos Security (JSEC) offering, delves deeper into Junos security. Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos OS security features with advanced coverage of virtualization, AppSecure, advanced Network Address Translation (NAT) deployments, Layer 2 security, and Sky ATP. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component.

 

Objectives

After successfully completing this course, you should be able to:

  • Demonstrate understanding of concepts covered in the prerequisite Junos Security course.
  • Describe the various forms of security supported by the Junos OS.
  • Describe Junos security handling at Layer 2 versus Layer 3.
  • Describe the placement and traffic distribution of the various components of SRX devices.
  • Configure, utilize, and monitor the various interface types available to the SRX Series product line.
  • Describe Junos OS processing of Application Layer Gateways (ALGs).
  • Alter the Junos default behavior of ALG and application processing.
  • Implement address books with dynamic addressing.
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios.
  • Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems.
  • Describe Junos routing instance types used for virtualization.
  • Implement virtual routing instances.
  • Describe and configure route sharing between routing instances using logical tunnel interfaces.
  • Implement selective packet-based forwarding.
  • Implement filter-based forwarding.
  • Describe and implement static, source, destination, and dual NAT in complex LAN environments.
  • Describe and implement variations of cone, or persistent NAT.
  • Describe the interaction between NAT and security policy.
  • Implement optimized chassis clustering.
  • Describe IP version 6 (IPv6) support for chassis clusters.
  • Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs.
  • Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls.
  • Monitor the operations of the various IPsec VPN implementations.
  • Describe public key cryptography for certificates.
  • Utilize Junos tools for troubleshooting Junos security implementations.
  • Perform successful troubleshooting of some common Junos security issues.

Intended Audience

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components.

Course Level

AJSEC is an advanced-level course.

Prerequisites

Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Introduction to the Junos Operating System (IJOS), Junos Routing Essentials (JRE), and Junos Security (JSEC) courses prior to attending this class.

Course Contents

 

Chapter 1: Course Introduction

Chapter 2: Junos Security Review

  • Junos Security Components Overview and Selective Packet-Based Forwarding
  • Junos Layer 2 Packet Handling
  • Lab 1: Selective Forwarding

Chapter 3: Security Policy Components

  • ALG Overview
  • Junos ALGs
  • Custom Application Definitions
  • Advanced Addressing
  • Policy Matching
  • Lab 2: Implementing Advanced Security Policy

Chapter 4: Virtualization

  • Virtualization Overview
  • Routing Instances
  • Filter-Based Forwarding
  • Lab 3: Implementing Junos Virtual Routing

Chapter 5: Advanced NAT Concepts

  • Operational Review
  • NAT: Beyond Layer 3 and Layer 4 Headers
  • Advanced NAT Scenarios
  • Lab 4: Advanced NAT Implementations

Chapter 6: High Availability Clustering

  • High Availability Overview
  • Chassis Clustering Implementations
  • Advanced HA Topics
  • Lab 5: Implementing Advanced High Availability Techniques

Chapter 7: IPsec Implementations

  • Standard VPN Implementations Review
  • Public Key Infrastructure
  • Hub-and-Spoke VPNs
  • Lab 6: Hub-and-Spoke IPsec VPNs

Chapter 8: Enterprise IPsec Technologies: Group and Dynamic VPNs

  • Group VPN Overview
  • GDOI Protocol
  • Group VPN Configuration and Monitoring
  • Dynamic VPN Overview
  • Dynamic VPN Implementation
  • Lab 7: Configuring Group VPNs

Chapter 9: IPsec VPN Case Studies and Solutions

  • Routing over VPNs
  • IPsec with Overlapping Addresses
  • Dynamic Gateway IP Addresses
  • Enterprise VPN Deployment Tips and Tricks
  • Lab 8: OSPF over GRE over IPsec VPNs

Chapter 10: Troubleshooting Junos Security

  • Troubleshooting Methodology
  • Troubleshooting Tools
  • Identifying IPsec Issues
  • Lab 9: Performing Security Troubleshooting Techniques

Appendix A: SRX Series Hardware and Interfaces

  • Branch SRX Platform Overview
  • High End SRX Platform Overview
  • SRX Traffic Flow and Distribution
  • SRX Interfaces
 

 

 

juniper schedule

 

 

 

 

 

 

Copy Right (c) 2017 Cosmos Security Center Inc.
The leading Juniper, CISSP, Check Point Training Center
Juniper Training :: CISSP Training :: CheckPoint Training
Juniper SRX Security Training, Juniper Routing & Switching Training,