New Description
This three-day course, which is designed to build off of the current Junos Security (JSEC) offering, delves deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with SRX Services Gateway devices. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring advanced security features of the Junos operating system. This course is based on the Junos OS Release 10.4R1.9.
Target group
This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components.
Prerequisites
Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the “Introduction to the Junos Operating System” (IJOS), “Junos Routing Essentials” (JRE), and “Junos Security” (JSEC) courses prior to attending this class.
Other
This course is available as scheduled training and the presentation is given in Swedish. The course is mixing theory and practical exercises. We can also give this course as on-site training. If you are interested in customized education, don’t hesitate to contact us for further information.
Agenda
Course Introduction Junos Security Review
- Junos OS Security Components
- Layer 2 Versus Layer 3 Packet Handling
- Data Center and Branch Deployments
SRX Series Hardware and Interfaces
- Branch Platform Overview
- Data Center Platform Overview
- Traffic Flow and Distribution
- SRX Series Interfaces
- Lab 1: Setting Up the Initial Baseline Interfaces and Network
Advanced Security Policy
- Junos OS ALGs
- Custom Application Definitions
- Advanced Policy Design
- Dynamic Addressing
- Policy Logging
- DNS Doctoring
- Lab 2: Implementing Advanced Security Policy
Day 2 Virtualization
- Junos Routing Instances
- Forwarding Between Instances
- Filter-based Forwarding and Policy-based Routing
- Lab 3: Implementing Junos Virtual Routing
Advanced NAT Concepts
- NAT Interaction with Policy and ALGs
- Junos NAT Implementation Review
- Cone NAT
- Multitenant NAT
- IPv4-to-IPv6 NAT
- Lab 4: Implementing Advanced NAT Scenarios
High Availability
- Chassis Clustering Implementations
- Monitoring Chassis Clusters
- Advanced HA Topics
- Lab 5: Implementing Advanced High Availability Techniques
Day 3 IPsec Implementations
- Standard VPN Implementations Review
- Public Key Infrastructure
- Hub-and-Spoke VPNs
- Group VPNs
- Lab 6: Implementing Variations of IPsec VPN Deployments
Enterprise IPsec Technologies: Group and Dynamic VPNs
- Group VPN Overview
- GDOI Protocol
- Group VPN Configuration and Monitoring
- Dynamic VPN Overview
- Dynamic VPN Implementation
- Lab 7: Implementing the Group VPN Feature
IPsec VPN Case Studies and Solutions
- Routing over VPNs
- NAT with IPsec
- Enterprise VPN Deployment Best Practices
- Lab 8: Implementing Routing over VPN Tunnels and IPsec Best Practices
Troubleshooting Junos Security
- Troubleshooting Tools
- Troubleshooting Methodology
- Case Study A
- Case Study B
- Lab 9: Performing Security Troubleshooting Techniques
Print-friendly version
