Juniper Networks Advanced Junos Security (AJSEC) - JNCIP-SEC Certification Course

Price
$3,800.00 USD

Duration
4 Days

 

Delivery Methods
Virtual Instructor Led
Private Group

Request More Information
Download Course Details
Course Details Only
Course Details & Schedule
Skip to Class Dates

Course Overview

This four-day course, designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos OS security features with coverage of advanced logging and reporting, next-generation Layer 2 security, and next-generation advanced anti-malware with Juniper ATP On-Prem and SecIntel. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component. This course uses on Junos OS Release 20.1R1.11, Junos Space Security Director 19.4, and Juniper ATP On-Prem version 5.0.7. Advanced Juniper Security (AJSEC) is an advanced-level course.

Course Objectives

  • Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses.
  • Describe the various forms of security supported by the Junos OS.
  • Describe the Juniper Connected Security model.
  • Describe Junos security handling at Layer 2 versus Layer 3.
  • Implement next generation Layer 2 security features.
  • Demonstrate understanding of Logical Systems (LSYS).
  • Demonstrate understanding of Tenant Systems (TSYS).
  • Implement virtual routing instances in a security setting.
  • Describe and configure route sharing between routing instances using logical tunnel interfaces.
  • Describe and discuss Juniper ATP and its function in the network.
  • Describe and implement Juniper Connected Security with Policy Enforcer in a network.
  • Describe firewall filters use on a security device.
  • Implement firewall filters to route traffic.
  • Explain how to troubleshoot zone problems.
  • Describe the tools available to troubleshoot SRX Series devices.
  • Describe and implement IPsec VPN in a hub-and-spoke model.
  • Describe the PKI infrastructure.
  • Implement certificates to build an ADVPN network.
  • Describe using NAT, CoS and routing protocols over IPsec VPNs.
  • Implement NAT and routing protocols over an IPsec VPN.
  • Describe the logs and troubleshooting methodologies to fix IPsec VPNs.
  • Implement working IPsec VPNs when given configuration that are broken.
  • Describe Incident Reporting with Juniper ATP On-Prem device.
  • Configure mitigation response to prevent spread of malware.
  • Explain SecIntel uses and when to use them.
  • Describe the systems that work with SecIntel.
  • Describe and implement advanced NAT options on the SRX Series devices.
  • Explain DNS doctoring and when to use it.
  • Describe NAT troubleshooting logs and techniques.

Who Should Attend?

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components.
  • Top-rated instructors: Our crew of subject matter experts have an average instructor rating of 4.8 out of 5 across thousands of reviews.
  • Authorized content: We maintain more than 35 Authorized Training Partnerships with the top players in tech, ensuring your course materials contain the most relevant and up-to date information.
  • Interactive classroom participation: Our virtual training includes live lectures, demonstrations and virtual labs that allow you to participate in discussions with your instructor and fellow classmates to get real-time feedback.
  • Post Class Resources: Review your class content, catch up on any material you may have missed or perfect your new skills with access to resources after your course is complete.
  • Private Group Training: Let our world-class instructors deliver exclusive training courses just for your employees. Our private group training is designed to promote your team’s shared growth and skill development.
  • Tailored Training Solutions: Our subject matter experts can customize the class to specifically address the unique goals of your team.

Course Prerequisites

  • Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Juniper Security (JSEC) course prior to attending this class.

Agenda

1: Course Introduction

2: Junos Layer 2 Packet Handling and Security Features

  • Transparent Mode Security
  • Secure Wire
  • Layer 2 Next Generation Ethernet Switching
  • MACsec
  • Lab 1: Implementing Layer 2 Security

3: Firewall Filters

  • Using Firewall Filters to Troubleshoot
  • Routing Instances
  • Filter-Based Forwarding
  • Lab 2: Implementing Firewall Filters

4: Troubleshooting Zones and Policies

  • General Troubleshooting for Junos Devices
  • Troubleshooting Tools
  • Troubleshooting Zones and Policies
  • Zone and Policy Case Studies
  • Lab 3: Troubleshooting Zones and Policies

5: Hub-and-Spoke VPN

  • Overview
  • Configuration and Monitoring
  • Lab 4: Implementing Hub-and-Spoke VPNs

6: Advanced NAT

  • Configuring Persistent NAT
  • Demonstrate DNS doctoring
  • Configure IPv6 NAT operations
  • Troubleshooting NAT
  • Lab 5: Implementing Advanced NAT Features

7: Logical and Tenant Systems

  • Overview
  • Administrative Roles
  • Differences Between LSYS and TSYS
  • Configuring LSYS
  • Configuring TSYS
  • Lab 6: Implementing TSYS

8: PKI and ADVPNs

  • PKI Overview
  • PKI Configuration
  • ADVPN Overview
  • ADVPN Configuration and Monitoring
  • Lab 7: Implementing ADVPNs

9: Advanced IPsec

  • NAT with IPsec
  • Class of Service with IPsec
  • Best Practices
  • Routing OSPF over VPNs
  • Lab 8: Implementing Advanced IPsec Solutions

10: Troubleshooting IPsec

  • IPsec Troubleshooting Overview
  • Troubleshooting IKE Phase 1 and 2
  • IPsec Logging
  • IPsec Case Studies
  • Lab 9: Troubleshooting IPsec

11: Juniper Connected Security

  • Security Models
  • Enforcement on Every Network Device

12: SecIntel

  • Security Feed
  • Encrypted Traffic Analysis
  • Use Cases for SecIntel
  • Lab 10: Implementing SecIntel

13:Advanced Juniper ATP On-Prem

  • Collectors
  • Private Mode
  • Incident Response
  • Deployment Models
  • Lab 11: Implementing Advanced ATP On-Prem

14: Automated Threat Mitigation

  • Identify and Mitigate Malware Threats
  • Automate Security Mitigation
  • Lab 12: Identifying and Mitigation of Threats
 

Get in touch to schedule training for your team
We can enroll multiple students in an upcoming class or schedule a dedicated private training event designed to meet your organization’s needs.

               
 



Do You Have Additional Questions? Please Contact Us Below.

contact us contact us 
Contact Us about Starting Your Business Training Strategy with New Horizons