Juniper SRX Firewall

Course Description

This course Covers all Security Features of Juniper SRX Firewalll Product Candidates will receive In-Depth Training for Deployment, configuration and Troubleshooting of Juniper SRX Firewalll Features.

The Training is Level-2 Designed and Conducted by Experts. Analyzing Packet Flow Sequence, Using Syslog and Packet Capture for Detailed Understanding and Troubleshooting.

Overall 30 Hands-on Lab Developed by our Experts will be Conducted to fully Cover all Security Features. Horizon Computers Trademark Expertise in the Field of Security Means Highest level of Professional Training which enable Candidates to Deal confidently with Real Life Juniper Firewall Deployment .

Juniper SRX Firewalll Training is Conducted in Horizon Computers Vashi Vile Parle and Pune Centers.

This course is based on Junos OS Release 15.1X49-D70 and Junos Space Security Director 16.1R1



OBJECTIVES

  • Describe traditional routing and security.
  • Provide an overview of SRX Series Services Gateway devices and the Junos OS software architecture.
  • Describe the logical packet flow and session creation performed by SRX Series Services Gateway devices.
  • Describe, configure, and monitor zones.
  • Describe, configure, and monitor security policies.
  • Troubleshoot security zones and policies.
  • Describe, configure, and monitor NAT, as implemented on Junos security platforms.
  • Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
  • Implement and monitor route-based IPsec VPNs.
  • Implement and monitor Hub-and-Spoke VPNs, Group VPNs, and ADVPNs.
  • Troubleshoot IPsec VPNs.
  • Describe, configure, and monitor chassis clusters.
  • Troubleshoot chassis clusters.

Course Audience:

  • This course benefits operators of SRX Series devices. These operators include network engineers, administrators, support personnel, and reseller support personnel.

"Difficulty Level - Intermediate to Advance"

Course Pre-requisite:

  • OSI and TCP/IP Reference model
  • Data Encapsulation, Packet Format
  • IPv4/IPv6 Addressing Basics
  • L3 routing, Static, Dynamic
  • L2 Switching, Vlans, Trunk, SVI
  • Use of Packet Capture tools
  • Access Control List
  • NAT Basics

RECOMMENDED NEXT COURSE

Advanced Junos Security (AJSEC)

ASSOCIATED CERTIFICATION

JNCIS-SEC

RELEVANT JUNIPER PRODUCT:

  • Security
  • Junos OS
  • SRX Series
  • vSRX Series

COURSE INTRODUCTION

Juniper SRX Firewall is available in Horizon Computers Vashi, Vile Parle, Pune
Module Topic Content
1 Introduction to Junos Security
  • Identify the basic functions of the Web UI.
  • Traditional Routing and Security
  • Architecture Overview of Junos Security Devices
  • Logical Packet Flow through Junos Security Devices
  • Junos Space and Security Director Overview
2Zones and Screen Options
  • The Definition of Zones
  • Zone Configuration
  • Monitoring Security Zones
  • Configuring Screen Options
  • Screen Options Case Study
LAB 1: Zones and Screen Options
3 Security Policies
  • Security Policy Overview
  • Policy Components
  • Policy Case Study
LAB 2: Security Policies
4Security Director Firewall Policies
  • Firewall Policy Configuration
  • Firewall Policy Processing Order
  • Deploying Firewall Policies
  • Monitoring Firewall Policies
  • LAB 3: Security Director Firewall Policies
5 Advanced Security Policy
  • Session Management
  • Junos ALGs
  • Policy Scheduling
  • Logging
  • Advanced Security Policy with Security Director
Lab 4: Advanced Policy Options
6Troubleshooting Zones and Policies
  • General Troubleshooting for Junos Devices
  • Troubleshooting Tools
  • Troubleshooting Zones and Policies
  • Zone and Policy Case Studies
Lab 5: Troubleshooting Security Zones and Policies
7 Network Address Translation
  • NAT Overview
  • Source NAT
  • Destination NAT
  • Static NAT
  • Proxy ARP
  • Configuring NAT in Security Director
Lab 6: Network Address Translation
8Advanced NAT
  • Persistent NAT
  • DNS Doctoring
  • IPv6 with NAT
  • Advanced NAT Scenarios
  • Troubleshooting NAT
  • Lab 7: Advanced NAT
9 IPsec VPN Concepts
  • VPN Types
  • Secure VPN Requirements
  • IPsec Tunnel Establishment
  • IPsec Traffic Processing
10IPsec VPN Implementation
  • IPsec VPN Configuration
  • IPsec VPN Configuration Case Study
  • Proxy IDs and Traffic Selectors
  • Monitoring IPsec VPNs
  • Lab 8: Implementing IPsec VPNs
11 Hub-and-Spoke VPNs
  • Hub-and-Spoke VPN Overview
  • Hub-and-Spoke Configuration and Monitoring
  • Hub-and-Spoke Configuration with Security Director
  • Lab 9: Implementing IPsec VPNs
12Group VPNs
  • Group VPN Overview
  • Group VPN Configuration and Monitoring
  • Lab 10: Implementing Group VPNs
13 PKI and ADVPNs
  • Public Key Infrastructure
  • ADVPN Overview
  • ADVPN Configuration and Monitoring
Lab 11: Implementing PKI and ADVPNs
14Advanced IPsec
    NAT with IPsec
  • Class of Service with IPsec
  • Enterprise Best Practices
  • Routing OSPF over IPsec
  • IPsec with Overlapping Addresses
  • IPsec with Dynamic Gateway IP Addresses
  • Lab 8: Advanced IPsec VPN Scenarios
15 Troubleshooting IPsec
  • IPsec Troubleshooting Overview
  • Troubleshooting IKE Phase 1 and 2
  • IPsec Logging
  • IPsec Case Studies
Lab 10: Troubleshooting IPsec
16Chassis Cluster Concepts
  • Chassis Clustering Overview
  • Chassis Cluster Components
  • Chassis Cluster Operation
17 Chassis Cluster Implementation
  • Chassis Cluster Configuration
  • Advanced Chassis Cluster Options
LAB 14: Implementing High Availability Techniques
18Troubleshooting Chassis Clusters
  • Troubleshooting Chassis Clusters
  • Chassis Cluster Case Studies
  • LAB 15: Troubleshooting Chassis Clusters
19 Appendix A: SRX Series Hardware and Interfaces
  • Branch SRX Platform Overview
  • High-End SRX Platform Overview
  • SRX Traffic Flow and Distribution
  • SRX Interfaces
20Appendix B: Virtual SRX
  • Virtualization Overview
  • Network Virtualization and SDN
  • Overview of the Virtual SRX
  • Deployment Scenarios
  • Integration with AWS