Junos Security Skills Camp (JSEC, AJSEC)

Junos Security Skills Camp (JSEC, AJSEC) Course Description

Duration: 5.00 days (40 hours)

Build your intermediate and advanced Juniper security skills in this convenient skills-building course. We've combined two authorized Juniper courses, Junos Security (JSEC) and Advanced Junos Security (AJSEC) to create an intensive, extended-hours Skills Camp in which you will build your intermediate and advanced Juniper security skills.

Next Class Dates

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this Junos Security Skills Camp (JSEC, AJSEC) Course

  • » Network engineers, administrators, support personnel, and reseller support personnel using SRX Series devices

Back to Top

Course Prerequisites for Junos Security Skills Camp (JSEC, AJSEC)

  • » Introduction to the Junos Operating System (IJOS)
  • » Junos Routing Essentials (JRE)

Back to Top

Junos Security Skills Camp (JSEC, AJSEC) Course Objectives

  • » SRX Series devices and software architecture
  • » Logical packet flow and session creation performed by SRX Series devices
  • » Placement and traffic distribution of the various components of SRX devices
  • » Configure, utilize, and monitor the various interface types available to the SRX Series product line
  • » Configure and monitor zones, security policies, and firewall user authentication
  • » Configure and monitor SCREEN options to prevent network attacks
  • » Implement and monitor NAT on Junos security platforms
  • » Implement static, source, destination, and dual NAT in complex LAN environments
  • » Implement variations of cone or persistent NAT
  • » Interaction between NAT and security policy
  • » Purpose and mechanics of IPsec virtual private networks (VPNs)
  • » Implement and monitor policy-based and route-based IPsec VPNs
  • » Differentiate and configure standard point-to-point IPsec VPN tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs
  • » Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls
  • » Monitor the operations of the various IPsec VPN implementations
  • » Use and update the IDP signature database
  • » Configure and monitor IDP policy with policy templates
  • » Configure and monitor high availability (HA) chassis clusters
  • » Security supported by the Junos OS
  • » Junos security handling at Layer 2 vs. Layer 3
  • » Junos OS processing of Application Layer Gateways (ALGs)
  • » Alter the Junos default behavior of ALG and application processing
  • » Implement address books with dynamic addressing
  • » Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios
  • » Junos routing instance types used for virtualization
  • » Implement virtual routing instances
  • » Configure route sharing between routing instances using logical tunnel interfaces
  • » Implement packet-based and filter-based forwarding
  • » Implement optimized chassis clustering
  • » IPv6 support for chassis clusters
  • » Public key cryptography for certificates
  • » Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems
  • » Junos tools for troubleshooting Junos security implementations

Back to Top

Junos Security Skills Camp (JSEC, AJSEC) Course Outline

      1. Junos Security Platforms
        1. Traditional Routing
        2. Traditional Security
        3. Breaking the Tradition
        4. The Junos OS Architecture
      2. Zones
        1. The Definition of Zones
        2. Zone Configuration
        3. Monitoring Security Zones
      3. Security Policies
        1. Policy Components
        2. Verifying Policy Operation
        3. Policy Scheduling and Rematching
        4. ALGs
        5. Custom Application Definitions
        6. Advanced Addressing
        7. Policy Matching
      4. Firewall User Authentication
        1. Firewall User Authentication Overview
        2. Pass-Through Authentication
        3. Web Authentication
        4. Client Groups
        5. Using External Authentication Servers
        6. Verifying Firewall User Authentication
      5. SCREEN Options
        1. Multilayer Network Protection
        2. Stages and Types of Attacks
        3. Using Junos SCREEN Options
        4. Applying and Monitoring SCREEN Options
      6. NAT
        1. Source NAT Operation and Configuration
        2. Destination NAT Operation and Configuration
        3. Static NAT Operation and Configuration
        4. Proxy ARP
        5. Monitoring and Verifying NAT Operation
        6. Beyond Layer 3 and Layer 4 Headers
        7. Advanced NAT Scenarios
      7. IPsec VPNs
        1. VPN Types
        2. Secure VPN Requirements
        3. IPsec Details
        4. Configuration of IPsec VPNs
        5. IPsec VPN Monitoring
        6. Routing over VPNs
        7. IPsec with Overlapping Addresses
        8. Dynamic Gateway IP Addresses
        9. Enterprise VPN Deployment Tips and Tricks
      8. IPsec Implementations
        1. Standard VPN Implementations
        2. Public Key Infrastructure
        3. Hub-and-Spoke VPNs
      9. Enterprise IPsec Technologies
        1. Group VPN
        2. GDOI Protocol
        3. Group VPN Configuration and Monitoring
        4. Dynamic VPN Implementation
      10. IDP
        1. Junos IDP
        2. Policy Components
        3. Configuration
        4. Signature Database
        5. Monitoring IDP Operation
      11. HA Clustering
        1. Chassis Cluster Components
        2. Advanced HA Topics

Back to Top

This training prepares students for the following exam(s):

  • » JNCIP-SEC : Juniper Networks Certified Internet Professional - Security (JNCIP-SEC)

Back to Top

Do you have the right background for Junos Security Skills Camp (JSEC, AJSEC)?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

Our instructors are passionate at teaching and are experts in their respective fields. Our average NetCom instructor has many, many years of real-world experience and impart their priceless, valuable knowledge to our students every single day. See our world-class instructors.   See more instructors...

Back to Top

Recent Client Testimonials & Reviews

The instructor was clear in his lessons and very knowledgeable. Overall I liked the course and Dominic, the instructor, was very thorough/knowledgeable on the topics we covered.
- Matthew H.
Course(s) Taken

» Juniper Networks

Excellent instructor, good course layout. Great learning structure, the courses I have taken have been taught by great teachers.
- Chris C.
Course(s) Taken

» Juniper Networks

  More testimonials »  

Back to Top