Junos Security Training (JSEC)
|Commitment||5 days, 7-8 hours a day.|
|How To Pass||Pass all graded assignments to complete the course.|
|User Ratings||Average User Rating 4.8 See what learners said|
|Delivery Options||Instructor-Led Onsite, Online, and Classroom Live|
Junos Security Training (JSEC) Course – Hands-on
This five-day Junos Security Training (JSEC) course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include security zones, security policies, Network Address Translation (NAT), IPsec VPNs, and chassis clustering.
Through demonstrations and hands-on labs, students will gain experience in configuring the Junos OS and monitoring device operations of Junos security devices. This course uses Juniper Networks SRX Series Services Gateways for the primary hands-on component.
This course is based on Junos OS Release 17.4R1.16 and the vSRX virtual appliance.
Junos Security Training (JSEC) Course – Customize it
- We can adapt this Junos Security Training (JSEC) course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this Junos Security Training (JSEC) course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the Junos Security Training (JSEC) around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Junos Security Training (JSEC) course in manner understandable to lay audiences.
Junos Security Training (JSEC) Course – Audience/Target Group
The target audience for this Junos Security Training (JSEC) course:
- Network engineers, administrators, support personnel, and reseller support personnel using SRX Series devices
- Anyone seeking JNCIS-SEC certification
Junos Security Training (JSEC) Course – Class Prerequisites
The knowledge and skills that a learner must have before attending this Junos Security Training (JSEC) course are:
- Introduction to the Junos Operating System (IJOS)
Junos Security Training (JSEC) Course – Objectives:
Upon completing this Junos Security Training (JSEC) course, learners will be able to meet these objectives:
- Describe traditional routing and security and the current trends in internetworking.
- Provide an overview of SRX Series devices and software architecture.
- Describe the logical packet flow and session creation performed by SRX Series devices.
- Describe, configure, and monitor zones.
- Describe, configure, and monitor security policies.
- Describe, configure, and monitor user firewall authentication
- Describe various types of network attacks.
- Configure and monitor Screen options to prevent network attacks.
- Explain, implement, and monitor NAT, as implemented on Junos security platforms.
- Explain the purpose and mechanics of IP Security (IPsec) virtual private networks
- Implement and monitor policy-based and route-based IPsec VPNs.
- Describe, configure, and monitor high availability chassis clusters.
- Describe how to deploy and manage vSRX.
- Describe and configure Group VPNs.
- Describe and configure ADVPNs.
- Troubleshoot chassis clusters, IPsec VPNs, zones, and Security Policies
Junos Security Training (JSEC) – Course Content
Introduction to Junos Security
Traditional Routing and Security
Architecture Overview of Junos Security Devices
Logical Packet Flow through Junos Security Devices
Zones and Screen Options
- Zones Overview
- Zone Configuration
- Monitoring Security Zones
- Configuring Screen Options
- Screen Options Case Study
- Security Policy Overview
- Policy Components
- Security Policy Configuration in J-Web
- Policy Case Study (CLI)
- Policy Case Study (J-Web)
Advanced Security Policy
Advanced Security Policy
Troubleshooting Zones and Policies
- General Troubleshooting for Junos Devices
- Troubleshooting Tools
- Troubleshooting Zones and Policies
- Zone and Policy Case Studies
Network Address Translation
- NAT Overview
- Source NAT
- Destination NAT
- Static NAT
- Proxy ARP
- Persistent NAT
- DNS Doctoring
- IPv6 with NAT
- Advanced NAT Scenarios
- Troubleshooting NAT
IPsec VPN Concepts
- VPN Types
- Secure VPN Requirements
- IPsec Tunnel Establishment
- IPsec Traffic Processing
IPsec VPN Implementation
- IPsec VPN Configuration
- IPsec VPN Case Study
- Proxy IDs and Traffic Selectors
- Monitoring IPsec VPNs
- Hub-and-Spoke VPN Overview
- Hub-and-Spoke Configuration and Monitoring
Group VPN Overview
Group VPN Configuration and Monitoring
PKI and ADVPNs
- Public Key Infrastructure Overview
- PKI Configuration
- ADVPN Overview
- ADVPN Configuration and Monitoring
- NAT with IPsec
- Class of Service with IPsec
- Best Practices
- Routing OSPF over IPsec
- IPsec with Overlapping Addresses
- IPsec with Dynamic Gateway IP Addresses
IPsec Troubleshooting Overview
Troubleshooting IKE Phase 1 and 2
IPsec Case Studies
Chassis Cluster Concepts
- Chassis Clustering Overview
- Chassis Cluster Components
- Chassis Cluster Operation
Chassis Clutter Implementation
- Chassis Cluster Configuration
- Advanced Chassis Cluster Options
Troubleshooting Chassis Clusters
- Troubleshooting Chassis Clusters
- Chassis Cluster Case Studies
SRX Series Hardware
- Branch SRX Platform Overview
- Mid-Range SRX Platform Overview
- High-End SRX Platform Overview
- SRX Traffic Flow and Distribution
- SRX Interfaces
- Virtualization Overview
- Network Virtualization and SDN
- Overview of the Virtual SRX
- Deployment Scenarios
- Integration with AWS
- LAB 1: Zones and Screen Options
- LAB 2: Security Policies
- Lab 3: Advanced Policy Options
- Lab 4: Troubleshooting Security Zones and Policies
- Lab 5: Network Address Translation
- Lab 6: Advanced NAT
- Lab 7: Implementing IPsec VPNs
- Lab 8: Hub-and-Spoke VPNs
- Lab 9: Group VPNs
- Lab 10: PKI and ADVPNs
- Lab 11: Advanced IPsec VPN Solutions
- Lab 12: Troubleshooting IPsec
- Lab 13: Implementing Chassis Clusters
- Lab 14: Troubleshooting Chassis Clusters