JUNOS Security Training (JSEC)

Print Friendly, PDF & Email

JUNOS Security Training (JSEC) Course through demonstrations and hands-on labs

Learn to configure and monitor SRX Series devices while preparing for the JNCIS-SEC exam through instructor-led demonstrations and hands-on training.

This five-day JUNOS Security Training (JSEC) course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include security zones, security policies, Network Address Translation (NAT), IPsec VPNs, and chassis clustering.

Through demonstrations and hands-on labs, students will gain experience in configuring the Junos OS and monitoring device operations of Junos security devices. This JUNOS Security Training (JSEC) course uses Juniper Networks SRX Series Services Gateways for the primary hands-on component.

This JUNOS Security Training (JSEC) course is based on Junos OS Release 17.4R1.16 and the vSRX virtual appliance.

Duration: 3 days

JUNOS Security Training (JSEC) Related Courses

Customize It

• If you are familiar with some aspects of this JUNOS Security Training (JSEC) course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the JUNOS Security Training (JSEC) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the JUNOS Security Training (JSEC) course in manner understandable to lay audiences.

Audience / Target Group

• This JUNOS Security Training (JSEC) course benefits operators of SRX Series devices. These operators include network engineers, administrators, support personnel, and reseller support personnel.

JUNOS Security Training (JSEC) - Objectives:

After completing this JUNOS Security Training (JSEC) course, attendees will be able to:

• Describe traditional routing and security and the current trends in internetworking.
• Provide an overview of SRX Series devices and software architecture.
• Describe the logical packet flow and session creation performed by SRX Series devices.
• Describe, configure, and monitor zones.
• Describe, configure, and monitor security policies.
• Describe, configure, and monitor firewall user authentication.
• Describe various types of network attacks.
• Configure and monitor Screen options to prevent network attacks.
• Explain, implement, and monitor NAT, as implemented on Junos security platforms.
• Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
• Implement and monitor policy-based and route-based IPsec VPNs.
• Describe, configure, and monitor high availability chassis clusters.
• Describe how to deploy and manage vSRX.
• Describe and configure Group VPNs.
• Describe and configure ADVPNs.
• Troubleshoot chassis clusters, IPsec VPNs, zones, and Security Policies

JUNOS Security Training (JSEC) - Course Content:

Course Introduction

Introduction to Junos Security
Traditional Routing and Security
Architecture Overview of Junos Security Devices
Logical Packet Flow through Junos Security Devices
J-Web Overview

Zones and Screen Options

Zones Overview
Zone Configuration
Monitoring Security Zones
Configuring Screen Options
Screen Options Case Study

Security Policies

Security Policy Overview
Policy Components
Security Policy Configuration in J-Web
Policy Case Study (CLI)
Policy Case Study (J-Web)

Advanced Security Policy

Session Management
Junos ALGs
Policy Scheduling
Advanced Security Policy

Troubleshooting Zones and Policies

General Troubleshooting for Junos Devices
Troubleshooting Tools
Troubleshooting Zones and Policies
Zone and Policy Case Studies

Network Address Translation

NAT Overview
Source NAT
Destination NAT
Static NAT
Proxy ARP

Advanced NAT
Persistent NAT
DNS Doctoring
IPv6 with NAT
Advanced NAT Scenarios
Troubleshooting NAT

IPsec VPN Concepts

VPN Types
Secure VPN Requirements
IPsec Tunnel Establishment
IPsec Traffic Processing

IPsec VPN Implementation

IPsec VPN Configuration
IPsec VPN Case Study
Proxy IDs and Traffic Selectors
Monitoring IPsec VPNs

Hub-and-Spoke VPNs

Hub-and-Spoke VPN Overview
Hub-and-Spoke Configuration and Monitoring

Group VPNs

Group VPN Overview
Group VPN Configuration and Monitoring


Public Key Infrastructure Overview
PKI Configuration
ADVPN Overview
ADVPN Configuration and Monitoring

Advanced IPsec

NAT with IPsec
Class of Service with IPsec
Best Practices
Routing OSPF over IPsec
IPsec with Overlapping Addresses
IPsec with Dynamic Gateway IP Addresses

Troubleshooting IPsec

IPsec Troubleshooting Overview
Troubleshooting IKE Phase 1 and 2
IPsec Logging
IPsec Case Studies

Chassis Cluster Concepts

Chassis Clustering Overview
Chassis Cluster Components
Chassis Cluster Operation

Chassis Clutter Implementation

Chassis Cluster Configuration
Advanced Chassis Cluster Options

Troubleshooting Chassis Clusters

Troubleshooting Chassis Clusters
Chassis Cluster Case Studies

SRX Series Hardware

Branch SRX Platform Overview
Mid-Range SRX Platform Overview
High-End SRX Platform Overview
SRX Traffic Flow and Distribution
SRX Interfaces

Virtual SRX

Virtualization Overview
Network Virtualization and SDN
Overview of the Virtual SRX
Deployment Scenarios
Integration with AWS

JUNOS Security Training (JSEC) - LABS:

LAB 1: Zones and Screen Options
LAB 2: Security Policies
Lab 3: Advanced Policy Options
Lab 4: Troubleshooting Security Zones and Policies
Lab 5: Network Address Translation
Lab 6: Advanced NAT
Lab 7: Implementing IPsec VPNs
Lab 8: Hub-and-Spoke VPNs
Lab 9: Group VPNs
Lab 10: PKI and ADVPNs
Lab 11: Advanced IPsec VPN Solutions
Lab 12: Troubleshooting IPsec
Lab 13: Implementing Chassis Clusters
Lab 14: Troubleshooting Chassis Clusters

Request More Information

Time Frame: 0-3 Months4-12 Months