> > > JIPS Detaillierte Beschreibung

Junos Intrusion Prevention System Functionality (JIPS)

Kursbeschreibung Kurstermine Detaillierter Kursinhalt

Detaillierter Kursinhalt

Day 1

Chapter 1: Course Introduction

Chapter 2: Overview of IPS Functionality

  • Reasons for Network Attacks
  • Categories of Attacks
  • Anatomy of an Attack
  • IPS Mechanisms on SRX Series Devices
  • Lab 1: Initial Configuration

Chapter 3: Initial Device Configuration

  • Deployment Options for IPS Functionality
  • Management Options
  • Network Settings
  • Preparing the SRX Series Device for IPS Features
  • Lab 2: Creating a Basic Policy

Chapter 4: IPS Terminology and Concepts

  • Terminology Overview
  • Attack Objects
  • IPS Rulebase Details
  • Rule Match Conditions
  • Rule Actions
  • Terminal Rules
  • IP Actions
  • Notification
  • Terminology Review
  • IPS Traffic Flow
  • Lab 3: Examining and Modifying the Recommended Policy
  • Lab 4: Exempt Rulebase
  • Lab 5: Rule Actions

Day 2

Chapter 5: IPS Attack Objects

  • IPS Rules and Rulebases
  • Attack Objects
  • Custom Signatures
  • Lab 6: Custom Signatures

Chapter 6: Scanning and Reconnaissance

  • Overview of Scanning
  • Types of Scans
  • Fingerprinting
  • IPS Scan Prevention

Chapter 7: Blocking Evasion Techniques and Denial of Service

  • FIN Scans
  • IP Spoofing
  • IP Source Routing Options
  • DoS and DDoS Attacks
  • Mechanisms for Blocking DoS and DDoS
  • Lab 7: Blocking Evasions
  • Lab 8: Denial of Service

Chapter 8: Reporting

  • NSM Reports
  • Syslog Structure
  • The Junos OS Commands