Advanced Junos Security (AJSEC)

Kursbeschreibung Kurstermine Detaillierter Kursinhalt
 

Zielgruppe

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components.

Zertifizierungen

Voraussetzungen

Attendees should meet the following prerequisites: Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Introduction to the Junos Operating System (IJOS), Junos Routing Essentials (JRE), and Junos Security (JSEC) courses prior to attending this class.

Kursziele

After you complete this course you will be able to:

  • Demonstrate understanding of concepts covered in the prerequisite Junos Security course.
  • Describe the various forms of security supported by the Junos OS.
  • Describe Junos security handling at Layer 2 versus Layer 3.
  • Describe the placement and traffic distribution of the various components of SRX devices.
  • Configure, utilize, and monitor the various interface types available to the SRX Series product line.
  • Describe Junos OS processing of Application Layer Gateways (ALGs).
  • Alter the Junos default behaviour of ALG and application processing.
  • Implement address books with dynamic addressing.
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios.
  • Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems
  • Describe Junos routing instance types used for virtualization.
  • Implement virtual routing-instances.
  • Describe and configure route sharing between routing instances using logical tunnel interfaces.
  • Implement selective packet-based forwarding.
  • Implement filter-based forwarding.
  • Describe and implement static, source, destination, and dual NAT in complex LAN environments.
  • Describe and implement variations of cone, or persistent NAT.
  • Describe the interaction between NAT and security policy.
  • Implement optimized chassis clustering.
  • Describe IP version 6 (IPv6) support for chassis clusters.
  • Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs.
  • Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls.
  • Monitor the operations of the various IPsec VPN implementations.
  • Describe public key cryptography for certificates.
  • Utilize Junos tools for troubleshooting Junos security implementations.
  • Perform successful troubleshooting of some common Junos security issues.
  • Recall and solidify concepts covered in the prerequisite JSEC course.
  • Understand the various forms of security supported by the Junos OS.
  • Have a clear understanding of the fundamentals of session-based Junos OS.
  • Understand Junos security handling at Layer 2 versus Layer 3.
  • Give an overview of the SRX Series Services Gateways product lines.
  • Understand the placement and traffic distribution of the various components of SRX Series devices.
  • Configure, utilize, and monitor the various interface types available to the SRX Series product line.
  • Understand Junos OS processing of Application Layer Gateways (ALG).
  • Alter the Junos default behaviour of ALG and application processing.
  • Implement address books with dynamic addressing.
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios.
  • Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems.
  • Describe Junos routing instance types used for virtualization.
  • Implement virtual routing-instances.
  • Selectively forward traffic between virtual routing-instances.
  • Implement policy-based routing.
  • Describe and implement static, source, destination, and dual Network Address Translation (NAT).
  • Describe and implement variations of cone NAT.
  • Describe the interaction between NAT and security policy.
  • Implement NAT traversal.
  • Implement and monitor optimized chassis clustering.
  • Understand IPv6 support for chassis clusters.
  • Implement graceful restart and nonstop routing with SRX Series devices.
  • Describe the Junos server load-balancing feature.
  • Differentiate and configure standard point-to-point virtual private network (VPN) tunnels, hub-and-spoke VPNs, and group VPNs.
  • Monitor the operations of the various IP Security (IPsec) VPN implementations.
  • Describe public key cryptography for certificates.
  • Describe, implement, and monitor Group VPNs in an enterprise environment.
  • Describe, implement, and monitor Dynamic VPNs in an enterprise environment.
  • Utilize IPsec VPN tunnels with OSPF.
  • Implement dynamic VPNs.
  • Describe some IPsec VPN best practices for the Enterprise.
  • Understand and utilize Junos tools for troubleshooting Junos security implementations.
  • Utilize a sound methodology for troubleshooting Junos security issues.
  • Be familiar with the successful troubleshooting of some common Junos security issues.

Kursinhalt

This three-day course, which is designed to build off of the current Junos Security (JSEC) offering, delves deeper into Junos security with advanced coverage of IPsec deployments, virtualization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security with SRX Series Services Gateways. Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring advanced security features of the Junos operating system.

Classroom Training

Dauer 3 Tage

Preis (exkl. MwSt.)
  • Deutschland: 1.890,- €
  • Schweiz: Fr. 2.900,-
inkl. Verpflegung
Verpflegung umfasst:

  • Kaffee, Tee, Saft, Wasser, Cola
  • Gebäck und Süßigkeiten
  • Belegte Brötchen
  • Frisches Obst
  • Mittagessen in einem der naheliegenden Restaurants

Gilt nur bei Durchführung durch Fast Lane. Termine, die von unseren Partnern durchgeführt werden, beinhalten ggf. ein abweichendes Verpflegungsangebot.


Digitale Kursunterlagen Termine und Buchen
Online Training

Dauer 3 Tage

Preis (exkl. MwSt.)
  • Deutschland: US$ 2.100,-
Digitale Kursunterlagen Termine und Buchen
 
Zum Buchen bitte auf den Ortsnamen klickenKurstermine
Fast Lane wird alle garantierten Termine unabhängig von der Teilnehmerzahl durchführen. Ausgenommen sind höhere Gewalt oder andere unvorhersehbare Ereignisse (wie z.B. Unfall, Krankheit des Trainers), die eine Kursdurchführung unmöglich machen.
Dies ist ein Instructor-led Online Training, das über WebEx in einer VoIP Umgebung durchgeführt wird. Sollten Sie Fragen zu einem unserer Online-Kurse haben, können Sie uns jederzeit unter +49 (0)40 25334610 oder per E-Mail an info@flane.de kontaktieren.
Dies ist ein FLEX™-Kurs.
Deutschland
15.05. - 17.05.2017 Frankfurt Garantietermin!
10.07. - 12.07.2017 München
11.09. - 13.09.2017 Hamburg Kurssprache: englisch
11.09. - 13.09.2017 Hamburg
13.11. - 15.11.2017 Berlin
Schweiz
13.11. - 15.11.2017 Zürich
Österreich
13.11. - 15.11.2017 Wien (iTLS)

Fast Lane Flex™ Classroom Ist der für Sie passende Termin oder Ort nicht dabei? Wir bieten Ihnen noch weitere FLEX™ Classroom Trainingstermine an!