Course Overview
This four-day course provides students with the knowledge to configure and monitor advanced Junos OS security features for enterprise, campus, and service provider applications. Key topics include advanced Junos OS security features with coverage of advanced reporting, next-generation Layer 2 security, next-generation advanced features, Ethernet VPN–Virtual Extensible LAN (EVPN-VXLAN) security, advanced policy-based routing, virtualization features, advanced IPsec VPNs, advanced Network Address Translation (NAT) features, and multinode high availability.
Through demonstrations and hands-on labs, students will gain experience with the features of SRX Series devices and vSRX Series devices.
This course is based on Junos OS Release 23.2R1.13.
Who should attend
Individuals responsible for implementing, monitoring, and troubleshooting Juniper security components. This course also helps you prepare for the JNCIP-SEC certification
Certifications
This course is part of the following Certifications:
Prerequisites
- Strong skill level in TCP/IP, Layer 2 Ethernet, security policies, and security concepts
- General understanding of stateful firewalls, NAT, and IPsec
- Recommended, but not required:
- Completion of the Introduction to the Junos Operating System (IJOS) and Juniper Security (JSEC) courses
- Experience with packet captures
Course Objectives
After successfully completing this course, you should be able to:
- Describe Layer 2 security features.
- Discuss ways to use packet-based security.
- Describe how to troubleshoot zones and policies.
- Describe how to implement a hub-and-spoke VPN.
- Discuss advanced NAT capabilities.
- List the ways that the SRX Series firewall may be virtualized.
- Describe how to implement an Auto Discovery VPN (ADVPN) setup.
- List options using IPsec to accomplish advanced configurations.
- Discuss how to troubleshoot IPsec VPNs.
- Describe how to route traffic based on the application.
- Describe how to secure VXLAN traffic within the network.
- Implement multinode high availability.
- Discuss how to mitigate network threats automatically.
Course Content
- Junos Layer 2 Packet Handling and Security Features
- Packet-Based Security
- Troubleshooting Zones and Policies
- Hub-and-Spoke VPN
- Advanced NAT
- Logical and Tenant Systems
- PKI and ADVPNs
- Advanced IPsec
- Troubleshooting IPsec
- Advanced Policy-Based Routing
- EVPN-VXLAN Security
- Multinode High Availability
- Automated Threat Mitigation