Junos Security

•  Describe traditional routing and security
•  Provide an overview of SRX Series Services Gateway devices and the Junos OS software architecture
• Describe the logical packet flow and session creation performed by SRX Series Services Gateway devices
• Describe, configure, and monitor zones
• Describe, configure, and monitor security policies
• Troubleshoot security zones and policies
• Describe, configure, and monitor NAT, as implemented on Junos security platforms
• Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs)
• Implement and monitor route-based IPsec VPNs
•  Implement and monitor Hub-and-Spoke VPNs, Group VPNs, and ADVPNs
• Troubleshoot IPsec VPNs
• Describe, configure, and monitor chassis clusters
• Troubleshoot chassis clusters

Day 1 :

1. COURSE INTRODUCTION:

2 .Introduction to Junos Security:

• Traditional Routing and Security
• Architecture Overview of Junos Security Devices
•  Logical Packet Flow through Junos Security Devices
• J-Web Overview

3. Zones and Screen Options:

• Zones Overview
• Zone Configuration
• Monitoring Security Zones 
• Configuring Screen Options
• Screen Options Case Study
• LAB 1: Zones and Screen Options

4 .Security Policies :

• Security Policy Overview
• Policy Components
• Security Policy Configuration in J-Web
• Policy Case Study (CLI)
• Policy Case Study (J-Web)
•  LAB 2: Security Policies

5 .Advanced Security Policy:

• Session Management
• Junos ALGs
• Policy Scheduling
• Logging 
• Advanced Security Policy
•  Lab 3: Advanced Policy Options

Day 2 :

6 .Troubleshooting Zones and Policies:

•  General Troubleshooting for Junos Devices
• Troubleshooting Tools
• Troubleshooting Zones and Policies
• Zone and Policy Case Studies
•  Lab 4: Troubleshooting Security Zones and Policies

7 .Network Address Translation :

• NAT Overview
• Source NAT
• Destination NAT 
• Static NAT
• Proxy ARP
• Lab 5: Network Address Translation

8 .Advanced NAT:

•  Persistent NAT
• DNS Doctoring
• IPv6 with NAT
• Advanced NAT Scenarios
• Troubleshooting NAT
• Lab 6: Advanced NAT

Day 3 : 

9 .IPsec VPN Concepts :

•  VPN Types
• Secure VPN Requirements
• IPsec Tunnel Establishment 
•  IPsec Traffic Processing

 10 .IPsec VPN Implementation :

•  IPsec VPN Configuration 
•  IPsec VPN Case Study 
•  Proxy IDs and Traffic Selectors
• Monitoring IPsec VPNs
• Lab 7: Implementing IPsec VPNs

11 .Hub-and-Spoke VPNs:

•   Hub-and-Spoke VPN Overview 
•  Hub-and-Spoke Configuration and Monitoring
•  Lab 8: Hub-and-Spoke VPNs

12. Group VPNs:

•  Group VPN Overview 
•  Group VPN Configuration and Monitoring
• Lab 9: Group VPNs

Day 4 : 

13 .PKI and ADVPNs:

• Public Key Infrastructure Overview
• PKI Configuration
• ADVPN Overview
• ADVPN Configuration and Monitoring
• Lab 10: PKI and ADVPNs

15 .Troubleshooting IPsec :

•  IPsec Troubleshooting Overview
• Troubleshooting IKE Phase 1 and 2
• IPsec Logging 
•  IPsec Case Studies
•  Lab 12: Troubleshooting IPsec

14 .Advanced IPsec

• NAT with IPsec 
•  Class of Service with IPsec 
•  Best Practices 
•  Routing OSPF over IPsec
• IPsec with Overlapping Addresses
• IPsec with Dynamic Gateway IP Addresses
•  Lab 11: Advanced IPsec VPN Solutions

16 ,Chassis Cluster Concepts :

•  Chassis Clustering Overview 
•  Chassis Cluster Components
• Chassis Cluster Operation

Day 5 :

17 .Chassis Cluster Implementation :

•  Chassis Cluster Configuration
• Advanced Chassis Cluster Options
• Lab 14: Implementing Chassis Clusters

A SRX Series Hardware :

• Branch SRX Platform Overview 
•  Mid-Range SRX Platform Overview
• High-End SRX Platform Overview
• SRX Traffic Flow and Distribution

18 .Troubleshooting Chassis Clusters :

• Troubleshooting Chassis Clusters
• Chassis Cluster Case Studies
•  Lab 14: Troubleshooting Chassis Clusters

 B Virtual SRX :

• Virtualization Overview
• Network Virtualization and SDN
• Overview of the Virtual SRX
• Deployment Scenarios 
•  Integration with AWS

• IJSEC - Introduction to Junos Security

• AJSEC - Advanced Junos Security