Advanced Juniper Security

Advanced Juniper SecurityAJSECJPJuniper NetworksJP-AJSEC23.a<p>After successfully completing this course, you should be able to:</p> <ul> <li>Describe Layer 2 security features.</li><li>Discuss ways to use packet-based security.</li><li>Describe how to troubleshoot zones and policies.</li><li>Describe how to implement a hub-and-spoke VPN.</li><li>Discuss advanced NAT capabilities.</li><li>List the ways that the SRX Series firewall may be virtualized.</li><li>Describe how to implement an Auto Discovery VPN (ADVPN) setup.</li><li>List options using IPsec to accomplish advanced configurations.</li><li>Discuss how to troubleshoot IPsec VPNs.</li><li>Describe how to route traffic based on the application.</li><li>Describe how to secure VXLAN traffic within the network.</li><li>Implement multinode high availability.</li><li>Discuss how to mitigate network threats automatically.</li></ul><ul> <li>Strong skill level in TCP/IP, Layer 2 Ethernet, security policies, and security concepts</li><li>General understanding of stateful firewalls, NAT, and IPsec</li><li>Recommended, but not required: <ul> <li>Completion of the <span class="cms-link-marked"><a class="fl-href-prod" href="/swisscom/en/course/juniper-ijos"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Introduction to the Junos Operating System <span class="fl-prod-pcode">(IJOS)</span></a></span> and <span class="cms-link-marked"><a class="fl-href-prod" href="/swisscom/en/course/juniper-jsec"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Juniper Security <span class="fl-prod-pcode">(JSEC)</span></a></span> courses</li><li>Experience with packet captures</li></ul></li></ul><p>Individuals responsible for implementing, monitoring, and troubleshooting Juniper security components. This course also helps you prepare for the JNCIP-SEC certification</p><ul> <li>Junos Layer 2 Packet Handling and Security Features</li><li>Packet-Based Security</li><li>Troubleshooting Zones and Policies</li><li>Hub-and-Spoke VPN</li><li>Advanced NAT</li><li>Logical and Tenant Systems</li><li>PKI and ADVPNs</li><li>Advanced IPsec</li><li>Troubleshooting IPsec</li><li>Advanced Policy-Based Routing</li><li>EVPN-VXLAN Security</li><li>Multinode High Availability</li><li>Automated Threat Mitigation</li></ul><h5>Junos Layer 2 Packet Handling and Security Features</h5><ul> <li>Explain transparent mode security operations</li><li>Define secure wire implementation</li><li>Describe MACsec uses</li></ul><p>Lab 1: Implementing Layer 2 Security</p> <h5>Packet-Based Security</h5><ul> <li>Explain routing instances</li><li>Describe filter-based forwarding</li></ul><p>Lab 2: Implementing Packet-Based Security</p> <h5>Troubleshooting Zones and Policies</h5><ul> <li>Describe troubleshooting tools available in Junos OS</li><li>Discuss troubleshooting of security zones and security policies</li><li>Examine troubleshooting case studies</li></ul><p>Lab 3: Troubleshooting Zones and Policies</p> <h5>Hub-and-Spoke VPN</h5><ul> <li>Describe the hub-and-spoke VPN topology</li><li>Configure hub-and-spoke VPNs</li></ul><p>Lab 4: Implementing Hub-and-Spoke VPNs</p> <h5>Advanced NAT</h5><ul> <li>Explain the difference between address persistence and persistent NAT</li><li>Describe DNS doctoring</li><li>Describe advanced NAT scenarios</li><li>Discuss NAT troubleshooting</li></ul><p>Lab 5: Implementing Advanced NAT</p> <h5>Logical and Tenant Systems</h5><ul> <li>Describe logical systems</li><li>Describe tenant systems</li></ul><p>Lab 6: Implementing Tenant Systems</p> <h5>PKI and ADVPNs</h5><ul> <li>Describe PKI</li><li>Configure PKI for Junos security devices</li><li>Describe how ADVPNs function</li><li>Configure and monitor ADVPNs</li></ul><p>Lab 7: Implementing ADVPNs</p> <h5>Advanced IPsec</h5><ul> <li>Explain NAT interoperability with IPsec</li><li>Describe the CoS feature with IPsec VPNs</li><li>Explain IPsec best practices</li><li>Configure OSPF over IPsec</li><li>Configure IPsec with overlapping addresses</li><li>Configure IPsec with dynamic gateway IP addresses</li></ul><p>Lab 8: Implementing Advanced IPsec Solutions</p> <h5>Troubleshooting IPsec</h5><ul> <li>Describe general troubleshooting for IPsec VPNs</li><li>Discuss how to troubleshoot IKE Phase 1 and Phase 2</li><li>Configure and analyze logging for IPsec VPNs</li><li>Examine IPsec troubleshooting case studies</li></ul><p>Lab 9: Troubleshooting IPsec VPNs</p> <h5>Advanced Policy-Based Routing</h5><ul> <li>Define advanced policy-based routing</li><li>Configure advanced policy-based routing</li><li>Explain application quality of experience</li></ul><p>Lab 10: Implementing APBR</p> <h5>EVPN-VXLAN Security</h5><ul> <li>Describe the EVPN-VXLAN protocols</li><li>Explain VXLAN tunnel security</li><li>Configure security on VXLAN tunnels</li></ul><p>Lab 11: Securing Traffic Between Data Centers</p> <h5>Multinode High Availability</h5><ul> <li>Identify the benefits of high availability and security</li><li>Explain the use of multinode high availability</li><li>Identify multinode high availability modes</li><li>Discuss services redundancy groups</li></ul><p>Lab 12: Implementing Multinode HA</p> <h5>Automated Threat Mitigation</h5><ul> <li>Explain Automated Threat Mitigation</li><li>Discuss Juniper Connected Security third-party integrations</li><li>Discuss Juniper Connected Security multicloud integrations</li><li>Discuss the Secure Enterprise use case</li></ul>After successfully completing this course, you should be able to: - Describe Layer 2 security features. - Discuss ways to use packet-based security. - Describe how to troubleshoot zones and policies. - Describe how to implement a hub-and-spoke VPN. - Discuss advanced NAT capabilities. - List the ways that the SRX Series firewall may be virtualized. - Describe how to implement an Auto Discovery VPN (ADVPN) setup. - List options using IPsec to accomplish advanced configurations. - Discuss how to troubleshoot IPsec VPNs. - Describe how to route traffic based on the application. - Describe how to secure VXLAN traffic within the network. - Implement multinode high availability. - Discuss how to mitigate network threats automatically.- Strong skill level in TCP/IP, Layer 2 Ethernet, security policies, and security concepts - General understanding of stateful firewalls, NAT, and IPsec - Recommended, but not required: - Completion of the Introduction to the Junos Operating System (IJOS) and Juniper Security (JSEC) courses - Experience with packet capturesIndividuals responsible for implementing, monitoring, and troubleshooting Juniper security components. This course also helps you prepare for the JNCIP-SEC certification- Junos Layer 2 Packet Handling and Security Features - Packet-Based Security - Troubleshooting Zones and Policies - Hub-and-Spoke VPN - Advanced NAT - Logical and Tenant Systems - PKI and ADVPNs - Advanced IPsec - Troubleshooting IPsec - Advanced Policy-Based Routing - EVPN-VXLAN Security - Multinode High Availability - Automated Threat MitigationJunos Layer 2 Packet Handling and Security Features - Explain transparent mode security operations - Define secure wire implementation - Describe MACsec uses Lab 1: Implementing Layer 2 Security Packet-Based Security - Explain routing instances - Describe filter-based forwarding Lab 2: Implementing Packet-Based Security Troubleshooting Zones and Policies - Describe troubleshooting tools available in Junos OS - Discuss troubleshooting of security zones and security policies - Examine troubleshooting case studies Lab 3: Troubleshooting Zones and Policies Hub-and-Spoke VPN - Describe the hub-and-spoke VPN topology - Configure hub-and-spoke VPNs Lab 4: Implementing Hub-and-Spoke VPNs Advanced NAT - Explain the difference between address persistence and persistent NAT - Describe DNS doctoring - Describe advanced NAT scenarios - Discuss NAT troubleshooting Lab 5: Implementing Advanced NAT Logical and Tenant Systems - Describe logical systems - Describe tenant systems Lab 6: Implementing Tenant Systems PKI and ADVPNs - Describe PKI - Configure PKI for Junos security devices - Describe how ADVPNs function - Configure and monitor ADVPNs Lab 7: Implementing ADVPNs Advanced IPsec - Explain NAT interoperability with IPsec - Describe the CoS feature with IPsec VPNs - Explain IPsec best practices - Configure OSPF over IPsec - Configure IPsec with overlapping addresses - Configure IPsec with dynamic gateway IP addresses Lab 8: Implementing Advanced IPsec Solutions Troubleshooting IPsec - Describe general troubleshooting for IPsec VPNs - Discuss how to troubleshoot IKE Phase 1 and Phase 2 - Configure and analyze logging for IPsec VPNs - Examine IPsec troubleshooting case studies Lab 9: Troubleshooting IPsec VPNs Advanced Policy-Based Routing - Define advanced policy-based routing - Configure advanced policy-based routing - Explain application quality of experience Lab 10: Implementing APBR EVPN-VXLAN Security - Describe the EVPN-VXLAN protocols - Explain VXLAN tunnel security - Configure security on VXLAN tunnels Lab 11: Securing Traffic Between Data Centers Multinode High Availability - Identify the benefits of high availability and security - Explain the use of multinode high availability - Identify multinode high availability modes - Discuss services redundancy groups Lab 12: Implementing Multinode HA Automated Threat Mitigation - Explain Automated Threat Mitigation - Discuss Juniper Connected Security third-party integrations - Discuss Juniper Connected Security multicloud integrations - Discuss the Secure Enterprise use case4 days5250.004000.004000.0013880.002500.002500.002500.004000.004000.004000.004750.00