Junos Security (JSEC)

Vendor: Juniper
Course Code: WGAC-JUN-JSEC
Course Outline
This three-day course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include security technologies such as security zones, security policies, intrusion detection and prevention (IDP), Network Address Translation (NAT), and high availability clusters, as well as details pertaining to basic implementation, configuration, and management.

Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring device operations. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component, but the lab environment does not preclude the course from being applicable to other Juniper hardware platforms running the Junos OS.
Prerequisites & Audience
Students should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (WGAC-JUN-IJOS) course and the Junos Routing Essentials (WGAC-JUN-JRE) course, or have equivalent experience prior to attending this class.
Course Objectives
After successfully completing this course, you should be able to:

•Describe traditional routing and security and the current trends in internetworking.
•Provide an overview of SRX Series devices and software architecture.
•Describe the logical packet flow and session creation performed by SRX Series devices.
•Describe, configure, and monitor zones.
•Describe, configure, and monitor security policies.
•Describe, configure, and monitor firewall user authentication.
•Describe various types of network attacks.
•Configure and monitor Screen options to prevent network attacks.
•Explain, implement, and monitor NAT, as implemented on Junos security platforms.
•Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
•Implement and monitor policy-based and route-based IPsec VPNs.
•Utilize and update the IDP signature database.
•Configure and monitor IDP policy with policy templates.
•Describe, configure, and monitor high availability chassis clusters
Course Topics
Day 1

Chapter 1: Course Introduction
Chapter 2: Introduction to Junos Security
•Traditional Routing
•Traditional Security
•The Junos OS Architecture

Chapter 3: Zones
•The Definition of Zones
•Zone Configuration
•Monitoring Security Zones
•Lab 1: Configuring and Monitoring Zones

Chapter 4: Security Policies
•Security Policy Overview
•Junos ALGs
•Policy Components
•Verifying Policy Operation
•Policy Scheduling and Rematching
•Policy Case Study
•Lab 2: Security Policies

Day 2

Chapter 5: Firewall User Authentication
•Firewall User Authentication Overview
•Pass-Through Authentication
•Web Authentication
•Client Groups
•Using External Authentication Servers
•Verifying Firewall User Authentication
•Lab 3: Configuring Firewall Authentication

Chapter 6: Screen Options
•Multilayer Network Protection
•Stages and Types of Attacks
•Using Junos Screen Options—Reconnaissance Attack Handling
•Using Junos Screen Options—Denial of Service Attack Handling
•Using Junos Screen Options—Suspicious Packets Attack Handling
•Applying and Monitoring Screen Options
•Lab 4: Implementing Screen Options

Chapter 7: Network Address Translation
•NAT Overview
•Source NAT Operation and Configuration
•Destination NAT Operation and Configuration
•Static NAT Operation and Configuration
•Proxy ARP
•Monitoring and Verifying NAT Operation
•Lab 5: Network Address Translation

Day 3

Chapter 8: IPsec VPNs
•VPN Types
•Secure VPN Requirements
•IPsec Details
•Configuration of IPsec VPNs
•IPsec VPN Monitoring
•Lab 6: Implementing IPsec VPNs

Chapter 9: Introduction to Intrusion Detection and Prevention
•Introduction to Junos IDP
•IDP Policy Components and Configuration
•Signature Database
•Case Study: Applying the Recommended IDP Policy
•Monitoring IDP Operation
•Lab 7: Implementing IDP

Chapter 10: High Availability Clustering Theory
•High Availability Overview
•Chassis Cluster Components
•Advanced Chassis Cluster Topics

Chapter 11: High Availability Clustering Implementation
•Chassis Cluster Operation
•Chassis Cluster Configuration
•Chassis Cluster Monitoring
•Lab 8: Implementing High Availability Techniques
Related Courses
Junos Unified Threat Management (WGAC-JUN-JUTM)
Top of page

Classroom Dates

Start Date End Date Location Language Status Price Learning Credits
31 May 2017 02 Jun 2017 Barcelona,
es Open $1,914.89
14 Jun 2017 16 Jun 2017 Madrid,
es Open $1,914.89
03 Jul 2017 05 Jul 2017 Mönchengladbach,
de Open $2,234.04
05 Jul 2017 07 Jul 2017 Houten,
en Open $2,234.04
17 Jul 2017 19 Jul 2017 Asnieres-sur-Seine,
fr Open $2,234.04
07 Aug 2017 09 Aug 2017 Paderborn,
de Open $2,234.04
13 Sep 2017 15 Sep 2017 Vilvoorde,
en Open $2,234.04
09 Oct 2017 11 Oct 2017 Houten,
en Open $2,234.04
09 Oct 2017 11 Oct 2017 Berlin,
de Open $2,234.04
06 Nov 2017 08 Nov 2017 Paderborn,
de Open $2,234.04
15 Nov 2017 17 Nov 2017 Vilvoorde,
en Open $2,234.04
04 Dec 2017 06 Dec 2017 Berlin,
de Open $2,234.04
Top of page

On Demand Training

This course is available as an onsite, closed course and can be delivered at your premises. This may be a cost effective option where you have a group of delegates who require the same training. Additionally, it has the benefit that course content can be tailored to the needs of your organisation.

Register or Log in to submit your enquiry.