PDF Schedule
PDF Schedule
TR-AJSEC
Juniper Network Course

Advanced Junos Security

LEVEL 34 DAY COURSE
LEVEL 3

COURSE DESCRIPTION

This 4-day course, which is designed to build off of the current Junos Security (JSEC) offering, delves deeperinto Junos security. Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos OS security features with advanced coverage of virtualization, AppSecure, advanced Network Address Translation (NAT) deployments, Layer 2 security, and Sky ATP. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component.

$4000

TR-AJSEC

REGISTER NOW

Available Certifications

Students must pass exam to be certified.

TFS AJSEC Certification $150

Questions?
Call 877.529.9114

Objectives
Lectures
Labs
Prerequisites

Objectives

Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos OS security features with advanced coverage of virtualization, AppSecure, advanced Network Address Translation (NAT) deployments, Layer 2 security, and Sky ATP. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component.

This course is based on Junos OS Release 15.1X49-D70.3 and Junos Space Security Director 16.1.

After successfully completing this course, you should be able to:

  • Demonstrate understanding of concepts covered in the prerequisite Junos Security course.
  • Describe the various forms of security supported by the Junos OS.
  • Implement features of the AppSecure suite, including AppID, AppFW, AppTrack, AppQoS, and SSL Proxy.
  • Configure custom application signatures.
  • Describe Junos security handling at Layer 2 versus Layer 3.
  • Implement next generation Layer 2 security features.
  • Demonstrate understanding of Logical Systems (LSYS).
  • Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems.
  • Describe Junos routing instance types used for virtualization.
  • Implement virtual routing instances in a security setting.
  • Describe and configure route sharing between routing instances using logical tunnel interfaces.
  • Utilize Junos tools for troubleshooting Junos security implementations.
  • Perform successful troubleshooting of some common Junos security issues.
  • Describe and discuss Sky ATP and its function in the network.
  • Describe and configure UTM functions.
  • Discuss IPS and its function in the network.
  • Implement IPS policy.
  • Describe and implement SDSN in a network.
  • Describe and implement user role firewall in a network.
  • Demonstrate the understanding of integrated user firewall.

Lectures

Day 1

Chapter 1: Course Introduction

Chapter 2: Junos Layer 2 Packet Handling and Security Features

  • Transparent Mode Security
  • Secure Wire
  • Layer 2 Next Generation Ethernet Switching
  • MACsec
  • Lab 1: Implementing Layer 2 Security

Chapter 3: Firewall Filters

  • Using Firewall Filters to Troubleshoot
  • Routing Instances
  • Filter-Based Forwarding
  • Lab 2: Implementing Firewall Filters

Chapter 4: Troubleshooting Zones and Policies

  • General Troubleshooting for Junos Devices
  • Troubleshooting Tools
  • Troubleshooting Zones and Policies
  • Zone and Policy Case Studies
  • Lab 3: Troubleshooting Zones and Policies

Day 2

Chapter 5: Hub-and-Spoke VPN

  • Overview
  • Configuration and Monitoring
  • Lab 4: Implementing Hub-and-Spoke VPNs

Chapter 6: Advanced NAT

  • Configuring Persistent NAT
  • Demonstrate DNS doctoring
  • Configure IPv6 NAT operations
  • Troubleshooting NAT
  • Lab 5: Implementing Advanced NAT Features

Chapter 7: Logical and Tenant Systems

  • Overview
  • Administrative Roles
  • Differences Between LSYS and TSYS
  • Configuring LSYS
  • Configuring TSYS
  • Lab 6: Implementing TSYS

Day 3

Chapter 8: PKI and ADVPNs

  • PKI Overview
  • PKI Configuration
  • ADVPN Overview
  • ADVPN Configuration and Monitoring
  • Lab 7: Implementing ADVPNs

Chapter 9: Advanced IPsec

  • NAT with IPsec
  • Class of Service with IPsec
  • Best Practices
  • Routing OSPF over VPNs
  • Lab 8: Implementing Advanced IPsec Solutions

Chapter 10: Troubleshooting IPsec

  • IPsec Troubleshooting Overview
  • Troubleshooting IKE Phase 1 and 2
  • IPsec Logging
  • IPsec Case Studies
  • Lab 9: Troubleshooting IPsec

Day 4

Chapter 11: Juniper Connected Security

  • Security Models
  • Enforcement on Every Network Device

Chapter 12: SecIntel

  • Security Feed
  • Encrypted Traffic Analysis
  • Use Cases for SecIntel
  • Lab 10: Implementing SecIntel

Chapter 13:Advanced Juniper ATP On-Prem

  • Collectors
  • Private Mode
  • Incident Response
  • Deployment Models
  • Lab 11: Implementing Advanced ATP On-Prem

Chapter 14: Automated Threat Mitigation

  • Identify and Mitigate Malware Threats
  • Automate Security Mitigation
  • Lab 12: Identifying and Mitigation of Threats

Appendix A: Group VPNs

  • Overview
  • Implementing Group VPNs

Hands-On Labs

No information available.

Prerequisites: Level 2

Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Juniper Security (JSEC) course prior to attending this class.

Target Audience

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components.

SCHEDULE

Call 877.529.9114 for scheduling information.

On-Site
Training

Call: 877.529.9114

Remember, if you have 5 or more students, we can bring our class to you at your own facility – saving you time and money!

Customized Training

Call: 877.529.9114

Any of our courses can be customized to focus on your needs – like using specific equipment, or working in a particular situation.

Cancellation Policy

We reserve the right to cancel any course. A full refund will be provided unless the student elects to transfer to another course or time.

No refunds will be granted for student cancellation, but substitutions are permitted.