Course Details
This three-day course, which is designed to build off of the current Junos Security (JSEC) offering, delves deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with SRX Series Services Gateways. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring advanced security features of the Junos operating system.
Course Agenda
Day 1
Chapter 1: Course Introduction
Chapter 2: Junos Security Review
- Junos Security Components Overview and Selective Packet-Based Forwarding
- Junos Layer 2 Packet Handling
- Lab 1: Selective Forwarding
Chapter 3: Security Policy Components
- ALG Overview
- Junos ALGs
- Custom Application Definitions
- Advanced Addressing
- Policy Matching
- Lab 2: Implementing Advanced Security Policy
Chapter 4: Virtualization
- Virtualization Overview
- Routing Instances
- Filter-Based Forwarding
- Lab 3: Implementing Junos Virtual Routing
Day 2
Chapter 5: Advanced NAT Concepts
- Operational Review
- NAT: Beyond Layer 3 and Layer 4 Headers
- Advanced NAT Scenarios
- Lab 4: Advanced NAT Implementations
Chapter 6: High Availability Clustering
- High Availability Overview
- Chassis Clustering Implementations
- Advanced HA Topics
- Lab 5: Implementing Advanced High Availability Techniques
Chapter 7: IPsec Implementations
- Standard VPN Implementations Review
- Public Key Infrastructure
- Hub-and-Spoke VPNs
- Lab 6: Hub-and-Spoke IPsec VPNs
Day 3
Chapter 8: Enterprise IPsec Technologies: Group and Dynamic VPNs
- Group VPN Overview
- GDOI Protocol
- Group VPN Configuration and Monitoring
- Dynamic VPN Overview
- Dynamic VPN Implementation
- Lab 7: Configuring Group VPNs
Chapter 9: IPsec VPN Case Studies and Solutions
- Routing over VPNs
- IPsec with Overlapping Addresses
- Dynamic Gateway IP Addresses
- Enterprise VPN Deployment Tips and Tricks
- Lab 8: OSPF over GRE over IPsec VPNs
Chapter 10: Troubleshooting Junos Security
- Troubleshooting Methodology
- Troubleshooting Tools
- Identifying IPsec Issues
- Lab 9: Performing Security Troubleshooting Techniques