This four-day course, designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos OS security features with coverage of advanced logging and reporting, next-generation Layer 2 security, and next-generation advanced anti-malware with Juniper ATP On-Prem and Sectel. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component. This course uses on Junos OS Release 20.1R1.11, Junos Space Security Director 19.4, and Juniper ATP On-Prem version 5.0.7.
Who should attend
This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components.
This course is part of the following Certifications:
Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Junos Security (JSEC) course prior to attending this class.
After successfully completing this course, you should be able to:
- Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses.
- Describe the various forms of security supported by the Junos OS.
- Describe the Juniper Connected Security model.
- Describe Junos security handling at Layer 2 versus Layer 3.
- Implement next generation Layer 2 security features.
- Demonstrate understanding of Logical Systems (LSYS).
- Demonstrate understanding of Tenant Systems (TSYS).
- Implement virtual routing instances in a security setting.
- Describe and configure route sharing between routing instances using logical tunnel interfaces.
- Describe and discuss Juniper ATP and its function in the network.
- Describe and implement Juniper Connected Security with Policy Enforcer in a network.
- Describe firewall filters use on a security device.
- Implement firewall filters to route traffic.
- Explain how to troubleshoot zone problems.
- Describe the tools available to troubleshoot SRX Series devices.
- Describe and implement IPsec VPN in a hub-and-spoke model.
- Describe the PKI infrastructure.
- Implement certificates to build an ADVPN network.
- Describe using NAT, CoS and routing protocols over IPsec VPNs.
- Implement NAT and routing protocols over an IPsec VPN.
- Describe the logs and troubleshooting methodologies to fix IPsec VPNs.
- Implement working IPsec VPNs when given configuration that are broken.
- Describe Incident Reporting with Juniper ATP On-Prem device.
- Configure mitigation response to prevent spread of malware.
- Explain Sectel uses and when to use them.
- Describe the systems that work with Sectel.
- Describe and implement advanced NAT options on the SRX Series devices.
- Explain DNS doctoring and when to use it.
- Describe NAT troubleshooting logs and techniques.
- Course Introduction
- Junos Layer 2 Packet Handling and Security Features
- Firewall Filters
- Troubleshooting Zones and Policies
- Hub-and-Spoke VPN
- Advanced NAT
- Logical and Tenant Systems
- PKI and ADVPNs
- Advanced IPsec
- Troubleshooting IPsec
- Juniper Connected Security
- Advanced Juniper ATP On-Prem
- Automated Threat Mitigation