Junos Security- JNCIS-SEC Certification Course
Junos Security- JNCIS-SEC Certification Course Course Details:
This five-day course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include security zones, security policies, Network Address Translation (NAT), IPsec VPNs, and chassis clustering.
Through demonstrations and hands-on labs, students will gain experience in configuring the Junos OS and monitoring device operations of Junos security devices. This course uses Juniper Networks SRX Series Services Gateways for the primary hands-on component.
This course is based on Junos OS Release 17.4R1.16 and the vSRX virtual appliance.
- Course Introduction
- Introduction to Junos Security
Traditional Routing and Security
Architecture Overview of Junos Security Devices
Logical Packet Flow through Junos Security Devices
- Zones and Screen Options
Monitoring Security Zones
Configuring Screen Options
Screen Options Case Study
- Security Policies
Security Policy Overview
Security Policy Configuration in J-Web
Policy Case Study (CLI)
Policy Case Study (J-Web)
- Advanced Security Policy
Advanced Security Policy
- Troubleshooting Zones and Policies
General Troubleshooting for Junos Devices
Troubleshooting Zones and Policies
Zone and Policy Case Studies
- Network Address Translation
- Advanced NAT
IPv6 with NAT
Advanced NAT Scenarios
- IPsec VPN Concepts
Secure VPN Requirements
IPsec Tunnel Establishment
IPsec Traffic Processing
- IPsec VPN Implementation
IPsec VPN Configuration
IPsec VPN Case Study
Proxy IDs and Traffic Selectors
Monitoring IPsec VPNs
- Hub-and-Spoke VPNs
Hub-and-Spoke VPN Overview
Hub-and-Spoke Configuration and Monitoring
- Group VPNs
Group VPN Overview
Group VPN Configuration and Monitoring
- PKI and ADVPNs
Public Key Infrastructure Overview
ADVPN Configuration and Monitoring
- Advanced IPsec
NAT with IPsec
Class of Service with IPsec
Routing OSPF over IPsec
IPsec with Overlapping Addresses
IPsec with Dynamic Gateway IP Addresses
- Troubleshooting IPsec
IPsec Troubleshooting Overview
Troubleshooting IKE Phase 1 and 2
IPsec Case Studies
- Chassis Cluster Concepts
Chassis Clustering Overview
Chassis Cluster Components
Chassis Cluster Operation
- Chassis Clutter Implementation
Chassis Cluster Configuration
Advanced Chassis Cluster Options
- Troubleshooting Chassis Clusters
Troubleshooting Chassis Clusters
Chassis Cluster Case Studies
- SRX Series Hardware
Branch SRX Platform Overview
Mid-Range SRX Platform Overview
High-End SRX Platform Overview
SRX Traffic Flow and Distribution
- Virtual SRX
Network Virtualization and SDN
Overview of the Virtual SRX
Integration with AWS
*Please Note: Course Outline is subject to change without notice. Exact course outline will be provided at time of registration.
After successfully completing this course, you should be able to perform the following:
- Describe traditional routing and security and the current trends in internetworking.
- Provide an overview of SRX Series devices and software architecture.
- Describe the logical packet flow and session creation performed by SRX Series devices.
- Describe, configure, and monitor zones.
- Describe, configure, and monitor security policies.
- Describe, configure, and monitor user firewall authentication
- Describe various types of network attacks.
- Configure and monitor Screen options to prevent network attacks.
- Explain, implement, and monitor NAT, as implemented on Junos security platforms.
- Explain the purpose and mechanics of IP Security (IPsec) virtual private networks
- Implement and monitor policy-based and route-based IPsec VPNs.
- Describe, configure, and monitor high availability chassis clusters.
- Describe how to deploy and manage vSRX.
- Describe and configure Group VPNs.
- Describe and configure ADVPNs.
- Troubleshoot chassis clusters, IPsec VPNs, zones, and Security Policies
LAB 1: Zones and Screen Options
LAB 2: Security Policies
Lab 3: Advanced Policy Options
Lab 4: Troubleshooting Security Zones and Policies
Lab 5: Network Address Translation
Lab 6: Advanced NAT
Lab 7: Implementing IPsec VPNs
Lab 8: Hub-and-Spoke VPNs
Lab 9: Group VPNs
Lab 10: PKI and ADVPNs
Lab 11: Advanced IPsec VPN Solutions
Lab 12: Troubleshooting IPsec
Lab 13: Implementing Chassis Clusters
Lab 14: Troubleshooting Chassis Clusters
- Network engineers, administrators, support personnel, and reseller support personnel using SRX Series devices
- Anyone seeking JNCIS-SEC certification