AJSEC - Advanced Junos Security

4.6 out of 5 rating

Jump to dates

Duration

4 Days

24 CPD hours

This course is intended for

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components.

Overview

After successfully completing this course, you should be able to:
Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses.
Describe the various forms of security supported by the Junos OS.
Describe the Juniper Connected Security model.
Describe Junos security handling at Layer 2 versus Layer 3.
Implement next generation Layer 2 security features.
Demonstrate understanding of Logical Systems (LSYS).
Demonstrate understanding of Tenant Systems (TSYS).
Implement virtual routing instances in a security setting.
Describe and configure route sharing between routing instances using logical tunnel interfaces.
Describe and discuss Juniper ATP and its function in the network.
Describe and implement Juniper Connected Security with Policy Enforcer in a network.
Describe firewall filters use on a security device.
Implement firewall filters to route traffic.
Explain how to troubleshoot zone problems.
Describe the tools available to troubleshoot SRX Series devices.
Describe and implement IPsec VPN in a hub-and-spoke model.
Describe the PKI infrastructure.
Implement certificates to build an ADVPN network.
Describe using NAT, CoS and routing protocols over IPsec VPNs.
Implement NAT and routing protocols over an IPsec VPN.
Describe the logs and troubleshooting methodologies to fix IPsec VPNs.
Implement working IPsec VPNs when given configuration that are broken.
Describe Incident Reporting with Juniper ATP On-Prem device.
Configure mitigation response to prevent spread of malware.
Explain SecIntel uses and when to use them.
Describe the systems that work with SecIntel.
Describe and implement advanced NAT options on the SRX Series devices.
Explain DNS doctoring and when to use it.
Describe NAT troubleshooting logs and techniques.

Description

This four-day course, designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software.

Chapter 1: Course Introduction
  • Course Introduction
Chapter 2: Junos Layer 2 Packet Handling and Security Features
  • Transparent Mode Security
  • Secure Wire
  • Layer 2 Next Generation Ethernet Switching
  • MACsec
  • Lab 1: Implementing Layer 2 Security
Chapter 3: Firewall Filters
  • Using Firewall Filters to Troubleshoot
  • Routing Instances
  • Filter-Based Forwarding
  • Lab 2: Implementing Firewall Filters
Chapter 4: Troubleshooting Zones and Policies
  • General Troubleshooting for Junos Devices
  • Troubleshooting Tools
  • Troubleshooting Zones and Policies
  • Zone and Policy Case Studies
  • Lab 3: Troubleshooting Zones and Policies
Chapter 5: Hub-and-Spoke VPN
  • Overview
  • Configuration and Monitoring
  • Lab 4: Implementing Hub-and-Spoke VPNs
Chapter 6: Advanced NAT
  • Configuring Persistent NAT
  • Demonstrate DNS doctoring
  • Configure IPv6 NAT operations
  • Troubleshooting NAT
  • Lab 5: Implementing Advanced NAT Features
Chapter 7: Logical and Tenant Systems
  • Overview
  • Administrative Roles
  • Differences Between LSYS and TSYS
  • Configuring LSYS
  • Configuring TSYS
  • Lab 6: Implementing TSYS
Chapter 8: PKI and ADVPNs
  • PKI Overview
  • PKI Configuration
  • ADVPN Overview
  • ADVPN Configuration and Monitoring
  • Lab 7: Implementing ADVPNs
Chapter 9: Advanced IPsec
  • NAT with IPsec
  • Class of Service with IPsec
  • Best Practices
  • Routing OSPF over VPNs
  • Lab 8: Implementing Advanced IPsec Solutions
Chapter 10: Troubleshooting IPsec
  • IPsec Troubleshooting Overview
  • Troubleshooting IKE Phase 1 and 2
  • IPsec Logging
  • IPsec Case Studies
  • Lab 9: Troubleshooting IPsec
Chapter 11: Juniper Connected Security
  • Security Models
  • Enforcement on Every Network Device
Chapter 12: SecIntel
  • Security Feed
  • Encrypted Traffic Analysis
  • Use Cases for SecIntel
  • Lab 10: Implementing SecIntel
Chapter 13:Advanced Juniper ATP On-Prem
  • Collectors
  • Private Mode
  • Incident Response
  • Deployment Models
  • Lab 11: Implementing Advanced ATP On-Prem
Chapter 14: Automated Threat Mitigation
  • Identify and Mitigate Malware Threats
  • Automate Security Mitigation
  • Lab 12: Identifying and Mitigation of Threats
Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable. To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.

What people say about us


Find out more about this course

Interested in alternative dates? Would like to book a private session of this course for your company? Or for any other queries please simply fill out the form below.