• Call Us Now

    India: +91 (40 ) 23006430

    Australia: +61 (03) 9623 2218

  • Connect With Us
JSEC - Juniper Secuirty

This five-day course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include: security zones, security policies, Network Address Translation (NAT), IPsec VPNs, and chassis clustering.

Through demonstrations and hands-on labs, students will gain experience in configuring the Junos OS and monitoring device operations of Junos security devices. This course uses Juniper Networks SRX Series Services Gateways for the primary hands-on component.

This course is based on Junos OS Release 17.4R1.16, and the vSRX 2.0 virtual appliance.

After successfully completing this course, you should be able to:

  • Describe traditional routing and security.
  • Describe traditional routing and security.
  • Provide an overview of SRX Series Services Gateway devices and the Junos OS software architecture.
  • Describe the logical packet flow and session creation performed by SRX Series Services Gateway devices.
  • Describe, configure, and monitor zones.
  • Describe, configure, and monitor security policies.
  • Troubleshoot security zones and policies.
  • Describe, configure, and monitor NAT, as implemented on Junos security platforms.
  • Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
  • Implement and monitor route - based IPsec VPNs.
  • Implement and monitor Hub - and - Spoke VPNs, Group VPNs, and ADVPNs.
  • Troubleshoot IPsec VPNs.
  • Describe, configure, and monitor chassis clusters.
  • Troubleshoot chassis clusters.

This course benefits operators of SRX Series devices. These operators include network engineers, administrators, support personnel, and reseller support personnel.

JSEC is an intermediate-level course.

Students should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (IJOS) course, or have equivalent experience prior to attending this class.

Day 1

Chapter 1: Course Introduction

Chapter 2:Introduction to Junos Security

  • Traditional Routing and Security
  • Architecture Overview of Junos Security Devices
  • Logical Packet Flow through Junos Security Devices
  • J-Web Overview

Chapter 3: Zones and Screen Options

  • The Definition of Zones
  • Zone Configuration
  • Monitoring Security Zones
  • Configuring Screen Options
  • Screen Options Case Study
  • Lab 1:Zones and Screen Options

Chapter 4: Security Policies

  • Security Policy Overview
  • Policy Components
  • Security Policy Configuration in J-Web
  • Policy Case Study (CLI)
  • Policy Case Study (J-Web)
  • Lab 2: Security Policies

Chapter 5: Advanced Security Policy

  • Session Management
  • Junos ALGs
  • Policy Scheduling
  • Logging
  • Advanced Security Policy with Security Director
  • Lab 3: Advanced Policy Options

Day 2

Chapter 6: Troubleshooting Zones and Policies

  • General Troubleshooting for Junos Devices
  • Troubleshooting Tools
  • Troubleshooting Zones and Policies
  • Zone and Policy Case Studies
  • Lab 4: Troubleshooting Security Zones and Policies

Chapter 7: Network Address Translation

  • NAT Overview
  • Source NAT
  • Destination NAT
  • Static NAT
  • Proxy ARP
  • Lab 5: Network Address Translation

Chapter 8: Advanced NAT

  • Persistent NAT
  • DNS Doctoring
  • IPv6 with NAT
  • Advanced NAT Scenarios
  • Troubleshooting NAT
  • Lab 6: Advanced NAT

Day 3

Chapter 9: IPsec VPN Concepts

  • VPN Types
  • Secure VPN Requirements
  • IPsec Tunnel Establishment
  • IPsec Traffic Processing

Chapter 10: IPsec VPN Implementation

  • IPsec VPN Configuration
  • IPsec VPN Configuration Case Study
  • Proxy IDs and Traffic Selectors
  • Monitoring IPsec VPNs
  • Lab 7: Implementing IPsec VPNs

Chapter 11: Hub-and-Spoke VPNs

  • Hub-and-Spoke VPN Overview
  • Hub-and-Spoke Configuration and Monitoring
  • Lab 8: Hub-and-Spoke VPNs

Chapter 12: Group VPNs

  • Group VPN Overview
  • Group VPN Configuration and Monitoring
  • Lab 9: Group VPNs

Day 4

Chapter 13: PKI and ADVPNs

  • Public Key Infrastructure Overview
  • PKI Configuration
  • ADVPN Overview
  • ADVPN Configuration and Monitoring
  • Lab 10: PKI and ADVPNs

Chapter 14: Advanced IPsec

  • NAT with IPsec
  • Class of Service with IPsec
  • Best Practices
  • Routing OSPF over IPsec
  • IPsec with Overlapping Addresses
  • IPsec with Dynamic Gateway IP Addresses
  • Lab 11: Advanced IPsec VPN Solutions

Chapter 15: Troubleshooting IPsec

  • IPsec Troubleshooting Overview
  • Troubleshooting IKE Phase 1 and 2
  • IPsec Logging
  • IPsec Case Studies
  • Lab 12: Troubleshooting IPsec

Chapter 16: Chassis Cluster Concepts

  • Chassis Clustering Overview
  • Chassis Cluster Components
  • Chassis Cluster Operation

Day 5

Chapter 17: Chassis Cluster Implementation

  • Chassis Cluster Configuration
  • Advanced Chassis Cluster Options
  • Lab 13: Implementing High Availability Techniques

Chapter 18: Troubleshooting Chassis Clusters

  • Troubleshooting Chassis Clusters
  • Chassis Cluster Case Studies
  • Lab 14: Troubleshooting Chassis Clusters

Appendix A: SRX Series Hardware

  • Branch SRX Platform Overview
  • High End SRX Platform Overview
  • SRX Traffic Flow and Distribution
  • SRX Interfaces

Appendix B: Virtual SRX

  • Virtualization Overview
  • Network Virtualization and SDN
  • Overview of the Virtual SRX
  • Deployment Scenarios
  • Integration with AWS