Overview
This course, which is designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software.
Duration 4 days.
You can find current trainings on training calendar page.
Training Prerequisites
- Strong level of TCP/IP networking and security knowledge
- Complete the Juniper Security (JSEC) course prior to attending this class
Training Contents
-Course Introduction
-Junos Layer 2 Packet Handling and Security Features
- Transparent Mode Security
- Secure Wire
- Layer 2 Next Generation Ethernet Switching
- MACsec
-Firewall Filters
- Using Firewall Filters to Troubleshoot
- Routing Instances
- Filter-Based Forwarding
-Troubleshooting Zones and Policies
- General Troubleshooting for Junos Devices
- Troubleshooting Tools
- Troubleshooting Zones and Policies
- Zone and Policy Case Studies
-Hub-and-Spoke VPN
- Overview
- Configuration and Monitoring
-Advanced NAT
- Configuring Persistent NAT
- Demonstrate DNS Doctoring
- Configure IPv6 NAT Operations
- Troubleshooting NAT
-Logical and Tenant Systems
- Overview
- Administrative Roles
- Differences Between LSYS and TSYS
- Configuring LSYS
- Configuring TSYS
-PKI and ADVPNs
- PKI Overview
- PKI Configuration
- ADVPN Overview
- ADVPN Configuration and Monitoring
-Advanced IPsec
- NAT with IPsec
- Class of Service with IPsec
- Best Practices
- Routing OSPF over VPNs
-Troubleshooting IPsec
- IPsec Troubleshooting Overview
- Troubleshooting IKE Phase 1 and 2
- IPsec Logging
- IPsec Case Studies
-Juniper Connected Security
- Security Models
- Enforcement on Every Network Device
-SecIntel
- Security Feed
- Encrypted Traffic Analysis
- Use Cases for SecIntel
- Advanced Juniper ATP On-Prem
- Collectors
- Private Mode
- Incident Response
- Deployment Models
-Automated Threat Mitigation
- Identify and Mitigate Malware Threats
- Automate Security Mitigation
Training Objectives
- Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses.
- Describe the various forms of security supported by the Junos OS.
- Describe the Juniper Connected Security model.
- Describe Junos security handling at Layer 2 versus Layer 3.
- Implement next generation Layer 2 security features.
- Demonstrate understanding of Logical Systems (LSYS).
- Demonstrate understanding of Tenant Systems (TSYS).
- Implement virtual routing instances in a security setting.
- Describe and configure route sharing between routing instances using logical tunnel interfaces.
- Describe and discuss Juniper ATP and its function in the network.
- Describe and implement Juniper Connected Security with Policy Enforcer in a network.
- Describe firewall filters use on a security device.
- Implement firewall filters to route traffic.
- Explain how to troubleshoot zone problems.
- Describe the tools available to troubleshoot SRX Series devices.
- Describe and implement IPsec VPN in a hub-and-spoke model.
- Describe the PKI infrastructure.
- Implement certificates to build an ADVPN network.
- Describe using NAT, CoS and routing protocols over IPsec VPNs.
- Implement NAT and routing protocols over an IPsec VPN.
- Describe the logs and troubleshooting methodologies to fix IPsec VPNs.
- Implement working IPsec VPNs when given configuration that are broken.
- Describe Incident Reporting with Juniper ATP On-Prem device.
- Configure mitigation response to prevent spread of malware.
- Explain SecIntel uses and when to use them.
- Describe the systems that work with SecIntel.
- Describe and implement advanced NAT options on the SRX Series devices.
- Explain DNS doctoring and when to use it.
- Describe NAT troubleshooting logs and techniques.
Who should attend?
This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components.
- Overview
- Prerequisites
- Contents
- Objectives
- Audience
Overview
This course, which is designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software.
Duration 4 days.
You can find current trainings on training calendar page.
Training Prerequisites
- Strong level of TCP/IP networking and security knowledge
- Complete the Juniper Security (JSEC) course prior to attending this class
Training Contents
-Course Introduction
-Junos Layer 2 Packet Handling and Security Features
- Transparent Mode Security
- Secure Wire
- Layer 2 Next Generation Ethernet Switching
- MACsec
-Firewall Filters
- Using Firewall Filters to Troubleshoot
- Routing Instances
- Filter-Based Forwarding
-Troubleshooting Zones and Policies
- General Troubleshooting for Junos Devices
- Troubleshooting Tools
- Troubleshooting Zones and Policies
- Zone and Policy Case Studies
-Hub-and-Spoke VPN
- Overview
- Configuration and Monitoring
-Advanced NAT
- Configuring Persistent NAT
- Demonstrate DNS Doctoring
- Configure IPv6 NAT Operations
- Troubleshooting NAT
-Logical and Tenant Systems
- Overview
- Administrative Roles
- Differences Between LSYS and TSYS
- Configuring LSYS
- Configuring TSYS
-PKI and ADVPNs
- PKI Overview
- PKI Configuration
- ADVPN Overview
- ADVPN Configuration and Monitoring
-Advanced IPsec
- NAT with IPsec
- Class of Service with IPsec
- Best Practices
- Routing OSPF over VPNs
-Troubleshooting IPsec
- IPsec Troubleshooting Overview
- Troubleshooting IKE Phase 1 and 2
- IPsec Logging
- IPsec Case Studies
-Juniper Connected Security
- Security Models
- Enforcement on Every Network Device
-SecIntel
- Security Feed
- Encrypted Traffic Analysis
- Use Cases for SecIntel
- Advanced Juniper ATP On-Prem
- Collectors
- Private Mode
- Incident Response
- Deployment Models
-Automated Threat Mitigation
- Identify and Mitigate Malware Threats
- Automate Security Mitigation
Training Objectives
- Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses.
- Describe the various forms of security supported by the Junos OS.
- Describe the Juniper Connected Security model.
- Describe Junos security handling at Layer 2 versus Layer 3.
- Implement next generation Layer 2 security features.
- Demonstrate understanding of Logical Systems (LSYS).
- Demonstrate understanding of Tenant Systems (TSYS).
- Implement virtual routing instances in a security setting.
- Describe and configure route sharing between routing instances using logical tunnel interfaces.
- Describe and discuss Juniper ATP and its function in the network.
- Describe and implement Juniper Connected Security with Policy Enforcer in a network.
- Describe firewall filters use on a security device.
- Implement firewall filters to route traffic.
- Explain how to troubleshoot zone problems.
- Describe the tools available to troubleshoot SRX Series devices.
- Describe and implement IPsec VPN in a hub-and-spoke model.
- Describe the PKI infrastructure.
- Implement certificates to build an ADVPN network.
- Describe using NAT, CoS and routing protocols over IPsec VPNs.
- Implement NAT and routing protocols over an IPsec VPN.
- Describe the logs and troubleshooting methodologies to fix IPsec VPNs.
- Implement working IPsec VPNs when given configuration that are broken.
- Describe Incident Reporting with Juniper ATP On-Prem device.
- Configure mitigation response to prevent spread of malware.
- Explain SecIntel uses and when to use them.
- Describe the systems that work with SecIntel.
- Describe and implement advanced NAT options on the SRX Series devices.
- Explain DNS doctoring and when to use it.
- Describe NAT troubleshooting logs and techniques.
Who should attend?
This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components.
