Junos Security (JSEC)

Junos Security (JSEC) Course Description

Duration: 5.00 days (40 hours)

This five-day course covers the configuration, operation, and implementation of SRX Series Services Gateways in a typical network environment. Key topics within this course include security technologies such as security zones, security policies, Network Address Translation (NAT), IP Security (IPsec), and high availability clusters, as well as details pertaining to basic implementation, configuration, management, and troubleshooting.

Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring device operations. This course uses Juniper Networks SRX Series Services Gateways and Security Director for the hands-on component. This course is based on Junos OS Release 15.1X49-D70.3 and Junos Space Security Director 16.1.

Next Class Dates

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this Junos Security (JSEC) Course

  • » The course benefits operators of SRX Series devices. These operators include network engineers, administrators, support personnel, and reseller support personnel.

Back to Top

Course Prerequisites for Junos Security (JSEC)

  • » Students should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol suite.
  • » Students should also attend the Introduction to the Junos Operating System (IJOS) course, or have equivalent experience prior to attending this class.

Back to Top

Junos Security (JSEC) Course Objectives

  • » Describe traditional routing and security and the current trends in internetworking
  • » Provide an overview of SRX Series devices and software architecture
  • » Describe the logical packet flow and session creation performed by SRX Series devices
  • » Describe, configure, and monitor zones
  • » Describe, configure, and monitor security policies
  • » Describe, configure, and monitor user firewall authentication
  • » Describe various types of network attacks
  • » Configure and monitor Screen options to prevent network attacks
  • » Explain, implement, and monitor NAT, as implemented on Junos security platforms
  • » Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs)
  • » Implement and monitor policy-based and route-based IPsec VPNs
  • » Describe, configure, and monitor high availability chassis clusters
  • » Describe how to deploy and manage vSRX
  • » Describe and configure Group VPNs
  • » Describe and configure ADVPNs
  • » Troubleshoot chassis clusters, IPsec VPNs, zones, and Security Policies

Back to Top

Junos Security (JSEC) Course Outline

      1. Introduction to Junos Security
        1. Traditional Routing
        2. Traditional Security
        3. The Junos OS Architecture
      2. Zones
        1. The Definition of Zones
        2. Zone Configuration
        3. Monitoring Security Zones
        4. Screen Options
        5. Lab 1: Configuring and Monitoring Zones
      3. Security Policies
        1. Security Policy Overview
        2. Policy Components
        3. Verifying Policy Operation
        4. Policy Case Study
        5. Lab 2: Security Policies
      4. Advanced Policy Options
        1. Session Management
        2. Junos ALGs
        3. Policy Scheduling
        4. Logging
      5. Troubleshooting Security Zones and Policies
        1. Troubleshoot Security Zones
        2. Troubleshoot Security Policies
        3. Case Studies
        4. Lab 3: Troubleshooting Security Zones and Policies
      6. Network Address Translation
        1. NAT Overview
        2. Source NAT Operation and Configuration
        3. Destination NAT Operation and Configuration
        4. Static NAT Operation and Configuration
        5. Proxy ARP
        6. Monitoring and Verifying NAT Operation
        7. Lab 4: Network Address Translation
      7. Advanced NAT Concepts
        1. NAT Interaction with Policy and ALGs
        2. DNS Doctoring
        3. Cone NAT
        4. Multi-Tenant NAT
        5. IPv4-to-IPv6 NAT
        6. Advanced NAT Scenarios
        7. Lab 5: Advanced NAT Implementations
      8. IPsec VPN Concepts
        1. VPN Types
        2. Secure VPN Requirements
        3. IPsec Overview
        4. IPsec Details
      9. IPsec VPN Implementation
        1. Configuration of IPsec VPNs
        2. IPsec VPN Case Studies
        3. Monitoring IPsec VPN
        4. Traffic Selectors
        5. Lab 6: Implementing IPsec VPNs
      10. Group VPNs
        1. Group VPN Overview
        2. GDOI Protocol
        3. Group VPN Configuration and Monitoring
        4. Lab 7: Implementing Group VPNs
      11. ADVPNs
        1. ADVPN Overview
        2. ADVPN Member Roles
        3. Shortcut Termination
        4. Routing with ADVPNs
        5. IKEv2
        6. ADVPN Implementation
        7. Lab 8: Implementing ADVPNs
      12. IPsec VPN Case Studies and Solutions
        1. Routing over VPNs
        2. NAT with IPsec
        3. Enterprise VPN Deployment Best Practices
        4. Lab 9: Implementing Routing over VPN Tunnels and IPsec Best Practices
      13. Troubleshooting IPsec
        1. IKE Phase 1 Troubleshooting
        2. IKE Phase 2 Troubleshooting
        3. Case Studies
        4. Lab 10: Troubleshooting IPsec
      14. Virtualized SRX
        1. vSRX Overview
        2. Installation of vSRX
        3. Chassis Clustering
        4. Deployment Scenarios and Use Cases
        5. Automated Deployments Options
        6. AWS Deployment Scenarios
      15. High Availability Clustering Theory
        1. High Availability Overview
        2. Chassis Cluster Components
        3. Advanced Chassis Cluster Topics
      16. High Availability Clustering Implementation
        1. Chassis Cluster Configuration
        2. Chassis Cluster Monitoring
        3. Advanced Chassis Cluster Topics
        4. Lab 12: Implementing High Availability Techniques
      17. Troubleshooting Chassis Clusters
        1. Chassis Cluster Troubleshooting
        2. Case Studies
        3. IDP Policy Components and Configuration
        4. Lab 13: Troubleshooting Chassis Clusters

Back to Top

Do you have the right background for Junos Security (JSEC)?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

Our instructors are passionate at teaching and are experts in their respective fields. Our average NetCom instructor has many, many years of real-world experience and impart their priceless, valuable knowledge to our students every single day. See our world-class instructors.   See more instructors...

Back to Top

Recent Client Testimonials & Reviews

The instructor was clear in his lessons and very knowledgeable. Overall I liked the course and Dominic, the instructor, was very thorough/knowledgeable on the topics we covered.
- Matthew H.
Course(s) Taken

» Juniper Networks

Excellent instructor, good course layout. Great learning structure, the courses I have taken have been taught by great teachers.
- Chris C.
Course(s) Taken

» Juniper Networks

  More testimonials »  

Back to Top