Course Description
DISCLAIMER
Beginning April 1, 2017, DWWTC will teach a new version of the SRX BootCamp. The new version will be a 5-day version of the Introduction to the Junos Operating System (IJOS) course and the Junos for Security Platforms (JSEC) course. The JRE course and the OLD SRX BootCamp course that included the JRE will not be offered after April 1, 2017.
Course Overview
The Juniper SRX BootCamp course is a 5-day leader-led event that covers all aspects of the SRX product, including a Junos Primer, Security and Routing principles and configuration methods using Junos CLI and WebUI. The course provides the foundational knowledge required to configure Juniper SRX devices running Junos Software. Key topics include initial setup of devices, interface configuration basics with configuration examples, secondary system configuration, and the basics of operational monitoring and maintenance of devices running Junos Software. As the course continues, students will learn class of service (CoS). Students will perform device configuration in labs that are interspersed throughout the 5-day course.
Course Objectives
- Describe the basic design architecture of the Junos OS.
- Identify and provide a brief overview of Junos devices.
- Navigate within the Junos CLI.
- Perform tasks within the CLI operational and configuration modes.
- Restore a Junos device to its factory-default state.
- Perform initial configuration tasks.
- Configure and monitor network interfaces.
- Describe user configuration and authentication options.
- Perform secondary configuration tasks for features and services such as system logging (syslog) and tracing, Network Time Protocol (NTP), configuration archival, and SNMP.
- Monitor basic operation for the Junos OS and devices.
- Identify and use network utilities.
- Upgrade the Junos OS.
- Perform file system maintenance and password recovery on a Junos device.
- Navigate within the Junos J-Web interface.
- Explain basic routing operations and concepts.
- View and describe routing and forwarding tables.
- Configure and monitor static routing.
- Configure and monitor OSPF.
- Describe the framework for routing policy and firewall filters.
- Explain the evaluation of routing policy and firewall filters.
- Identify instances where you might use routing policy.
- Write and apply a routing policy.
- Identify instances where you might use firewall filters.
- Write and apply a firewall filter.
- Describe the operation and configuration for unicast reverse path forwarding (RPF).
- Describe traditional routing and security and the current trends in networking
- Provide an overview of the JUNOS security platforms and software architecture
- Describe the logical packet flow and session creation performed by JUNOS security platforms
- Describe, configure, and monitor zones
- Describe, configure, and monitor security policies
- Describe, configure, and monitor firewall user authentication
- Describe various types of network attacks
- Configure and monitor SCREEN options to prevent network attacks
- Explain, implement, and monitor NAT as implemented on JUNOS security platforms
- Explain the purpose and mechanics of IPsec VPNs
- Implement and monitor policy-based and route-based IPsec VPNs
- Utilize and update the IDP signature database on JUNOS security platforms;
- Configure and monitor IDP policy with policy templates
- Describe, configure, and monitor high availability chassis clusters.
Course Outline
Day 1 (IJOS)
Chapter 1: Course Introduction
Chapter 2: Junos Operating System Fundamentals
- The Junos OS
- Traffic Processing
- Platforms Running the Junos OS
Chapter 3: User Interface Options
- User Interface Options
- The Junos CLI: CLI Basics
- The Junos CLI: Operational Mode
- The Junos CLI: Configuration Mode
- Lab 1: The Junos CLI
Chapter 4: Initial Configuration
- Factory-Default Configuration
- Initial Configuration
- Interface Configuration
- Lab 2: Initial System Configuration
Chapter 5: Secondary System Configuration
- User Configuration and Authentication
- System Logging and Tracing
- Network Time Protocol
- Archiving Configurations
- SNMP
- Lab 3: Secondary System Configuration
Day 2 (IJOS)
Chapter 6: Operational Monitoring and Maintenance
- Monitoring Platform and Interface Operation
- Network Utilities
- Maintaining the Junos OS
- Password Recovery
- System Clean-up
- Lab 4: Operational Monitoring and Maintenance
Chapter 7: Interface Configuration Examples
- Review of the Interface Configuration Hierarchy
- Interface Configuration Examples
- Using Configuration Groups
Chapter 8: The J-Web Interface
- The J-Web GUI
- Configuration
- Lab 5: The J-Web Interface
Chapter 9: Routing Fundamentals
- Routing Concepts: Overview of Routing
- Routing Concepts: The Routing Table
- Routing Concepts: Routing Instances
- Static Routing
- Dynamic Routing
- Lab 6: Routing Fundamentals
Day 3 (IJOS/JSEC)
Chapter 10: Routing Policy
- Routing Policy Overview
- Case Study: Routing Policy
- Lab 7: Routing Policy
Chapter 11: Firewall Filters
- Firewall Filters Overview
- Case Study: Firewall Filters
- Unicast Reverse-Path-Forwarding Checks
- Lab 8: Firewall Filters
Chapter 12: Class of Service
- CoS Overview
- Traffic Classification
- Traffic Queueing
- Traffic Scheduling
- Case Study: CoS
- Lab 9: Class of Service
Chapter 2: Introduction to Junos security platforms
- Traditional Routing
- Traditional Security
- The Junos OS Architecture
Chapter 3: Zones
- The Definition of Zones
- Zone Configuration
- Monitoring Security Zones
Chapter 4: Security Policies
- Security Policy Overview
- Junos ALGs
- Policy Components
- Verifying Policy Operation
- Policy Scheduling and Rematching
- Policy Case Study
Day 4 (JSEC)
Chapter 5: Firewall User Authentication
- Firewall User Authentication Overview
- Pass-Through Authentication
- Web Authentication
- Client Groups
- Using External Authentication Servers
- Verifying Firewall User Authentication
Chapter 6: Screen Options
- Multilayer Network Protection
- Stages and Types of Attacks
- Using Junos Screen Options—Reconnaissance Attack Handling
- Using Junos Screen Options—Denial of Service Attack Handling
- Using Junos Screen Options—Suspicious Packets Attack Handling
- Applying and Monitoring Screen Options
Chapter 7: Network Address Translation
- NAT Overview
- Source NAT Operation and Configuration
- Destination NAT Operation and Configuration
- Static NAT Operation and Configuration
- Proxy ARP
- Monitoring and Verifying NAT Operation
Day 5 (JSEC)
Chapter 8: IPsec VPNs
- VPN Types
- Secure VPN Requirements
- IPsec Details
- Configuration of IPsec VPNs
- IPsec VPN Monitoring
Chapter 9: Introduction to Intrusion Detection and Prevention
- Introduction to Junos IDP
- IDP Policy Components and Configuration
- Signature Database
- Case Study: Applying the Recommended IDP Policy
- Monitoring IDP Operation
Chapter 10: High Availability Clustering
- High Availability Overview
- Chassis Cluster Components
- Advanced Chassis Cluster Topics
Chapter 11: High Availability Clustering Implementation
- Chassis Cluster Operation
- Chassis Cluster Configuration
- Chassis Cluster Monitoring
Appendix A: SRX Series Hardware and Interfaces
- Branch SRX Platform Overview
- High End SRX Platform Overview
- SRX Traffic Flow and Distribution
- SRX Interfaces