Junos for Security Platforms (TR-JSEC)

Course Information

This five-day course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include security technologies such as security zones, security policies, Network Address Translation (NAT), IP Security (IPsec), and high availability clusters, as well as details pertaining to basic implementation, configuration, management, and troubleshooting. [tab] [tab_item title=”Objectives”] Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring device operations. This course uses Juniper Networks SRX Series Services Gateways and Security Director for the hands-on component. This course is based on Junos OS Release 15.1X49-D70.3 and Junos Space Security Director 16.1.

Objectives
Course Synopsis
Target Audience
Labs
Certifications

Objectives

After successfully completing this course, you should be able to perform the following:

  • Describe traditional routing and security and the current trends in internetworking.
  • Provide an overview of SRX Series devices and software architecture.
  • Describe the logical packet flow and session creation performed by SRX Series devices.
  • Describe, configure, and monitor zones.
  • Describe, configure, and monitor security policies.
  • Describe, configure, and monitor user firewall authentication
  • Describe various types of network attacks.
  • Configure and monitor Screen options to prevent network attacks.
  • Explain, implement, and monitor NAT, as implemented on Junos security platforms.
  • Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
  • Implement and monitor policy-based and route-based IPsec VPNs.
  • Describe, configure, and monitor high availability chassis clusters.
  • Describe how to deploy and manage vSRX.
  • Describe and configure Group VPNs.
  • Describe and configure ADVPNs.
  • Troubleshoot chassis clusters, IPsec VPNs, zones, and Security Policies

Course Synopsis

Day 1

Chapter 1: Course Introduction

Chapter 2: Introduction to Junos Security

  • Traditional Routing and Security
  • Architecture Overview of Junos Security Devices
  • Logical Packet Flow through Junos Security Devices
  • Junos Space and Security Director Overview

Chapter 3: Zones and Screen Options

  • The Definition of Zones
  • Zone Configuration
  • Monitoring Security Zones
  • Configuring Screen Options
  • Screen Options Case Study
  • Lab 1: Zones and Screen Options

Chapter 4: Security Policies

  • Security Policy Overview
  • Policy Components
  • Policy Case Study
  • Lab 2: Security Policies

Chapter 5: Security Director Firewall Policies

  • Firewall Policy Configuration
  • Firewall Policy Processing Order
  • Deploying Firewall Policies
  • Monitoring Firewall Policies
  • Lab 3: Security Director Firewall Policies

Day 2

Chapter 6: Advanced Security Policy

  • Session Management
  • Junos ALGs
  • Policy Scheduling
  • Logging
  • Advanced Security Policy with Security Director
  • Lab 4: Advanced Policy Options

Chapter 7: Troubleshooting Zones and Policies

  • General Troubleshooting for Junos Devices
  • Troubleshooting Tools
  • Troubleshooting Zones and Policies
  • Zone and Policy Case Studies
  • Lab 5: Troubleshooting Security Zones and Policies

Chapter 8: Network Address Translation

  • NAT Overview
  • Source NAT
  • Destination NAT
  • Static NAT
  • Proxy ARP
  • Configuring NAT in Security Director
  • Lab 6: Network Address Translation

Chapter 9: Advanced NAT

  • Persistent NAT
  • DNS Doctoring
  • IPv6 with NAT
  • Advanced NAT Scenarios
  • Troubleshooting NAT
  • Lab 7: Advanced NAT

Day 3

Chapter 10: IPsec VPN Concepts

  • VPN Types
  • Secure VPN Requirements
  • IPsec Tunnel Establishment
  • IPsec Traffic Processing

Chapter 11: IPsec VPN Implementation

  • IPsec VPN Configuration
  • IPsec VPN Configuration Case Study
  • Proxy IDs and Traffic Selectors
  • Monitoring IPsec VPNs
  • Lab 8: Implementing IPsec VPNs

Chapter 12: Hub-and-Spoke VPNs

  • Hub-and-Spoke VPN Overview
  • Hub-and-Spoke Configuration and Monitoring
  • Hub-and-Spoke Configuration with Security Director
  • Lab 9: Implementing Hub-and-Spoke VPNs

Chapter 13: Group VPNs

  • Group VPN Overview
  • Group VPN Configuration and Monitoring
  • Lab 10: Implementing Group VPNs

Day 4

Chapter 14: PKI and ADVPNs

  • Public Key Infrastructure
  • ADVPN Overview
  • ADVPN Configuration and Monitoring
  • Lab 11: Implementing PKI and ADVPNs

Chapter 15: Advanced IPsec

  • NAT with IPsec
  • Class of Service with IPsec
  • Enterprise Best Practices
  • Routing OSPF over IPsec
  • IPsec with Overlapping Addresses
  • IPsec with Dynamic Gateway IP Addresses
  • Lab 12: Advanced IPsec VPN Scenarios

Chapter 16: Troubleshooting IPsec

  • IPsec Troubleshooting Overview
  • Troubleshooting IKE Phase 1 and 2
  • IPsec Logging
  • IPsec Case Studies
  • Lab 13: Troubleshooting IPsec

Chapter 17: Chassis Cluster Concepts

  • Chassis Clustering Overview
  • Chassis Cluster Components
  • Chassis Cluster Operation

Day 5

Chapter 18: Chassis Cluster Implementation

  • Chassis Cluster Configuration
  • Advanced Chassis Cluster Options
  • Lab 14: Implementing High Availability Techniques

Chapter 19: Troubleshooting Chassis Clusters

  • Troubleshooting Chassis Clusters
  • Chassis Cluster Case Studies
  • Lab 15: Troubleshooting Chassis Clusters

Appendix A: SRX Series Hardware and Interfaces

  • Branch SRX Platform Overview
  • High-End SRX Platform Overview
  • SRX Traffic Flow and Distribution
  • SRX Interfaces

Appendix B: Virtual SRX

  • Virtualization Overview
  • Network Virtualization and SDN
  • Overview of the Virtual SRX
  • Deployment Scenarios
  • Integration with AWS

Target Audience

The course benefits operators of SRX Series devices. These operators include network engineers, administrators, support personnel, and reseller support personnel.

Hands-On Labs

No lab information available.

Certifications

Certification:

TFS Certification – TC-JSEC

Exam: JNO-332; 90 minutes, 70 questions



Pricing

Description Item Code Price
JUNOS for Security Platforms -This five-day course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include security technologies such as security zones, security policies, Network Address Translation (NAT), IP Security (IPsec), and high availability clusters, as well as details pertaining to basic implementation, configuration, management, and troubleshooting. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring device operations. This course uses Juniper Networks SRX Series Services Gateways and Security Director for the hands-on component. This course is based on Junos OS Release 15.1X49-D70.3 and Junos Space Security Director 16.1. TR-JSEC $4,000.00
Exam: 90 Minutes, 70 Questions – This exam must be passed in order to qualify for a certificate in Junos for Security Platforms JNO-332 Included
Certificate: JSEC- TFS – Identifies you as a technician who understands the basic concepts of fiber optics installation and service as they apply to all the functions required to safely and competently install fiber optics communications cabling. Item Type: Installer Training Certificates TC-JSEC $150.00


Schedule & Registration

Schedule
This course is available as open-enrollment Classroom event, instructor-led Live Virtual Class, REAL-ILT™ or as part of a custom Onsite Training for up to 12 students.

Call 877-529-9114 for Scheduling



Planning & Reservations

Contact the Training and Development Coordinator for The Fiber School at Training@fiberoptic.com or call 877.529.9114.


Student Registration Use the Registration Form above or download the editable PDF and email to training@fiberoptic.com.

>> Registration Form PDF:  http://www.fiberoptic.com/catalog/Registration-Form-2018.pdf


Cancellation Policy: FiberOptic.com may cancel a course that lacks sufficient enrollment a week before it is scheduled to begin. When a course is canceled, we make every effort to notify all registered students promptly. A full refund is processed unless the student elects to transfer to another course or time. You can help avoid cancellation by registering early.

Student Cancellation: No refunds are permitted for student cancellation. Substitutions are permitted.


On-Site Training

With just 5 or more students The Fiber School can send the classroom to you! We offer custom, on-site training for any of our courses. Just give us a call at 877.529.9114 or email us at Training@fiberoptic.com and let us schedule an on-site course that perfectly suits your needs.