Skip to main Content

Junos Security

  • Código del Curso JSEC
  • Duración 5 días

Otras opciones de pago

  • GTC 45 IVA Incluido

    ¿Qué son los GTC?

Clase de calendario Precio

eur3.300,00

Solicitar Formación Grupal Inscribirse

Método de Impartición

Este curso está disponible en los siguientes formatos:

  • Cerrado

    Cerrado

  • Clase de calendario

    Aprendizaje tradicional en el aula

  • Aprendizaje Virtual

    Aprendizaje virtual

  • Elearning (a tu propio ritmo)

    E-learning a tu propio ritmo

Solicitar este curso en un formato de entrega diferente.

This five-day course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include security technologies such as security zones, security policies, Network Address Translation (NAT), IPsec VPNs, and high availability clusters, as well as how to implement these features by using Junos Space and Security Director.

Through demonstrations and hands-on labs, students will gain experience in configuring the Junos OS and monitoring device operations of Junos security devices. This course uses Juniper Networks SRX Series Services Gateways for the primary hands-on component. The course also includes some hands-on labs that use Junos Space and Security Director to configure and manage Junos security devices. This course is based on Junos OS Release 15.1X49-D70 and Junos Space Security Director 16.1R1.

 

Calendario

Parte superior

Dirigido a

Parte superior

The course benefits operators of SRX Series devices. These operators include network engineers, administrators, support personnel, and reseller support personnel.


 

Objetivos del Curso

Parte superior

After successfully completing this course, you should be able to perform the following:

  • Describe traditional routing and security.
  • Provide an overview of SRX Series Services Gateway devices and the Junos OS software architecture.
  • Describe the logical packet flow and session creation performed by SRX Series Services Gateway devices.
  • Describe, configure, and monitor zones.
  • Describe, configure, and monitor security policies.
  • Troubleshoot security zones and policies.
  • Describe, configure, and monitor NAT, as implemented on Junos security platforms.
  • Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
  • Implement and monitor route-based IPsec VPNs.
  • Implement and monitor Hub-and-Spoke VPNs, Group VPNs, and ADVPNs.
  • Troubleshoot IPsec VPNs.
  • Describe, configure, and monitor chassis clusters.
  • Troubleshoot chassis clusters.

 

Chapter 1: Course Introduction

Chapter 2: Introduction to Junos Security

  • Traditional Routing and Security
  • Architecture Overview of Junos Security Devices
  • Logical Packet Flow through Junos Security Devices
  • J-Web Overview

Chapter 3: Zones and Screen Options

  • Zones Overview
  • Zone Configuration
  • Monitoring Security Zones
  • Configuring Screen Options
  • Screen Options Case Study
  • LAB 1: Zones and Screen Options

Chapter 4: Security Policies

  • Security Policy Overview
  • Policy Components
  • Security Policy Configuration in J-Web
  • Policy Case Study (CLI)
  • Policy Case Study (J-Web)
  • LAB 2: Security Policies

Chapter 5: Advanced Security Policy

  • Session Management
  • Junos ALGs
  • Policy Scheduling
  • Logging
  • Advanced Security Policy
  • Lab 3: Advanced Policy Options

Chapter 6. Troubleshooting Zones and Policies

  • General Troubleshooting for Junos Devices
  • Troubleshooting Tools
  • Troubleshooting Zones and Policies
  • Zone and Policy Case Studies
  • Lab 4: Troubleshooting Security Zones and Policies

Chapter 7. Network Address Translation

  • NAT Overview
  • Source NAT
  • Destination NAT
  • Static NAT
  • Proxy ARP
  • Lab 5: Network Address Translation

Chapter 8. Advanced NAT

  • Persistent NAT
  • DNS Doctoring
  • IPv6 with NAT
  • Advanced NAT Scenarios
  • Troubleshooting NAT
  • Lab 6: Advanced NAT

Chapter 9. IPsec VPN Concepts

  • VPN Types
  • Secure VPN Requirements
  • IPsec Tunnel Establishmen
  • IPsec Traffic Processing

Chapter 10. IPsec VPN Implementation

  • IPsec VPN Configuration
  • IPsec VPN Case Study
  • Proxy IDs and Traffic Selectors
  • Monitoring IPsec VPNs
  • Lab 7: Implementing IPsec VPNs

Chapter 11.  Hub-and-Spoke VPNs

  • Hub-and-Spoke VPN Overview
  • Hub-and-Spoke Configuration and Monitoring
  • Lab 8: Hub-and-Spoke VPNs

Chapter 12. Group VPNs

  • Group VPN Overview
  • Group VPN Configuration and Monitoring
  • Lab 9: Group VPNs

Chapter 13. PKI and ADVPNs

  • Public Key Infrastructure Overview
  • PKI Configuration
  • ADVPN Overview
  • ADVPN Configuration and Monitoring
  • Lab 10: PKI and ADVPNs

Chapter 14. Advanced IPsec

  • NAT with IPsec
  • Class of Service with IPsec
  • Best Practices
  • Routing OSPF over IPsec
  • IPsec with Overlapping Addresses
  • IPsec with Dynamic Gateway IP Addresses
  • Lab 11: Advanced IPsec VPN Solutions

Chapter 15. Troubleshooting IPsec

  • IPsec Troubleshooting Overview
  • Troubleshooting IKE Phase 1 and 2
  • IPsec Logging
  • IPsec Case Studies
  • Lab 12: Troubleshooting IPsec

Chapter 16. Chassis Cluster Concepts

  • Chassis Clustering Overview
  • Chassis Cluster Components
  • Chassis Cluster Operation

Chapter 17. Chassis Cluster Implementation

  • Chassis Cluster Configuration
  • Advanced Chassis Cluster Options
  • Lab 14: Implementing Chassis Clusters

Chapter 18. Troubleshooting Chassis Clusters

  • Troubleshooting Chassis Clusters
  •  Chassis Cluster Case Studies
  • Lab 14: Troubleshooting Chassis Clusters

Appendix A. SRX Series Hardware

  • Branch SRX Platform Overview
  • Mid-Range SRX Platform Overview
  • High-End SRX Platform Overview
  • SRX Traffic Flow and Distribution
  • SRX Interfaces

Appendix B. Virtual SRX

  • Virtualization Overview
  • Network Virtualization and SDN
  • Overview of the Virtual SRX
  • Deployment Scenarios
  • Integration with AWS

 

Pre-requisitos

Parte superior

Students should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (IJOS) course, or have equivalent experience prior to attending this class.

 

Certificación de Prueba

Parte superior
  • This course is recommended training for the Juniper Networks Certified Specialist Security (JNCIS-SEC) exam

Siguientes Cursos Recomendados

Parte superior
  • Advanced Junos Security (AJSEC)
Siguientes cursos recomendados:
Cookie Control toggle icon