JSEC : JUNOS Security

  • Duration: 3 days
  • Test Level: 0
  • Certifications: JNCIS-SEC
  • Price: $2,395.00
  • Exams: JN0-332
This three-day course provides students with the skills for configuration, operation, and implementation of JUNOS security platforms in a typical network environment. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring JUNOS Software for JUNOS security platforms.

This intermediate-level course significantly benefits operators of SRX Series devices.

After successfully completing this course, students will be able to describe, configure, and monitor zones, security policies and firewall user authentication, and configure and monitor IDP policy with policy templates.
Network engineers, technical support personnel, reseller support engineers, and others responsible for implementing and or maintaining the Juniper Networks products covered in this course.
  • Describe traditional routing and security and the current trends in networking
  • Provide an overview of the JUNOS security platforms and software architecture
  • Describe the logical packet flow and session creation performed by JUNOS security platforms
  • Describe, configure, and monitor zones
  • Describe, configure, and monitor security policies
  • Describe, configure, and monitor firewall user authentication
  • Describe various types of network attacks
  • Configure and monitor SCREEN options to prevent network attacks
  • Explain, implement, and monitor NAT as implemented on JUNOS security platforms
  • Explain the purpose and mechanics of IPsec VPNs
  • Implement and monitor policy-based and route-based IPsec VPNs
  • Utilize and update the IDP signature database on JUNOS security platforms;
  • Configure and monitor IDP policy with policy templates
  • Describe, configure, and monitor high availability chassis clusters.
Day 1

Chapter 1: Course Introduction

Chapter 2: Introduction to Junos security platforms
  • Traditional Routing
  • Traditional Security
  • The Junos OS Architecture

Chapter 3: Zones
  • The Definition of Zones
  • Zone Configuration
  • Monitoring Security Zones

Chapter 4: Security Policies
  • Security Policy Overview
  • Junos ALGs
  • Policy Components
  • Verifying Policy Operation
  • Policy Scheduling and Rematching
  • Policy Case Study

Day 2

Chapter 5: Firewall User Authentication
  • Firewall User Authentication Overview
  • Pass-Through Authentication
  • Web Authentication
  • Client Groups
  • Using External Authentication Servers
  • Verifying Firewall User Authentication

Chapter 6: Screen Options
  • Multilayer Network Protection
  • Stages and Types of Attacks
  • Using Junos Screen Options—Reconnaissance Attack Handling
  • Using Junos Screen Options—Denial of Service Attack Handling
  • Using Junos Screen Options—Suspicious Packets Attack Handling
  • Applying and Monitoring Screen Options

Chapter 7: Network Address Translation
  • NAT Overview
  • Source NAT Operation and Configuration
  • Destination NAT Operation and Configuration
  • Static NAT Operation and Configuration
  • Proxy ARP
  • Monitoring and Verifying NAT Operation

Day 3

Chapter 8: IPsec VPNs
  • VPN Types
  • Secure VPN Requirements
  • IPsec Details
  • Configuration of IPsec VPNs
  • IPsec VPN Monitoring

Chapter 9: Introduction to Intrusion Detection and Prevention
  • Introduction to Junos IDP
  • IDP Policy Components and Configuration
  • Signature Database
  • Case Study: Applying the Recommended IDP Policy
  • Monitoring IDP Operation


Chapter 10: High Availability Clustering
  • High Availability Overview
  • Chassis Cluster Components
  • Advanced Chassis Cluster Topics

Chapter 11: High Availability Clustering Implementation
  • Chassis Cluster Operation
  • Chassis Cluster Configuration
  • Chassis Cluster Monitoring

Appendix A: SRX Series Hardware and Interfaces
  • Branch SRX Platform Overview
  • High End SRX Platform Overview
  • SRX Traffic Flow and Distribution
  • SRX Interfaces
Students should have basic networking knowledge and an understanding of the OSI model and the TCP/IP protocol suite. Students should also either attend the Introduction to the Junos Operating System (IJOS) and JUNOS Routing Essentials (JRE) courses prior to attending this class, or have equivalent experience with Junos Software.
Students should have experience with the Junos operating system, including device management, routing, and security policy. Students should also attend the Junos Space Essentials (JSE) and Junos Security (JSEC) courses prior to attending this class.