Course Description
Course Overview
The JNCIP-SEC Certification Bundle is a 5-day event that covers technology aspects that meet the JUNOS Professional Certification tier for the Junos Security Engineer.
Students will learn Junos Intrusion Prevention System Functionality including an introduction to the IPS feature set, with advanced coverage of IPsec deployments, Classroomization, high availability, advanced Network Address Translation (NAT) deployments, and Layer 2 security This course benefits individuals responsible for configuring and monitoring devices running JUNOS Software in a security application.
Students attending this course will take part in 2 courses as part of the certification, covering Junos Security topics.
This course prepares students for the new JNCIS-SEC Certification exam, whose topics are based on the content of these courses.
Course Objectives
- Understand Junos security handling at Layer 2 versus Layer 3
- Understand Junos OS processing of Application Layer Gateways (ALG)
- Alter the Junos default behavior of ALG and application processing
- Implement address books with dynamic addressing
- Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios
- Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems
- Implement Classroom routing-instances
- Implement policy-based routing
- Describe and implement static, source, destination, and dual Network Address Translation (NAT)
- Implement NAT traversal
- Implement and monitor optimized chassis clustering
- Differentiate and configure standard point-to-point Classroom private network (VPN) tunnels, hub-and-spoke VPNs, and group VPNs
- Monitor the operations of the various IP Security (IPsec) VPN implementations
- Describe, implement, and monitor Group VPNs in an enterprise environment
- Describe, implement, and monitor Dynamic VPNs in an enterprise environment
- Utilize IPsec VPN tunnels with OSPF
- Implement dynamic VPNs
- Describe some IPsec VPN best practices for the Enterprise
- Understand and utilize Junos tools for troubleshooting Junos security implementations
- Utilize a sound methodology for troubleshooting Junos security issues
- Become familiar with the successful troubleshooting of common Junos Security issues
- Define types of intrusions and network penetration attacks
- Describe the steps that the IPS engine uses when inspecting packets
- Describe the components of IPS rules and rulebases
- Define the types of signature-based attacks
- Describe the use of custom signatures and how to configure them
- Use scanning to gather information about target networks
- Configure screens to block various scan types
- Configure denial of service (DoS) and distributed denial of service (DDoS) attacks
- Configure screens to block DoS and DDoS attacks
- Describe and manage the reporting capabilities available for IPS functionality
Target Audience
Network engineers, technical support personnel, reseller support engineers, and others responsible for implementing and/or maintaining the Juniper Networks products covered in this course.
Course Outline
Day 1 AJSEC
Chapter 1: Course Introduction
Chapter 2: Junos Security Review
- Junos OS Security Components
- Layer 2 Versus Layer 3 Packet Handling
- Data Center and Branch Deployments
Chapter 3: SRX Series Hardware and Interfaces
- Branch Platform Overview
- Data Center Platform Overview
- Traffic Flow and Distribution
- SRX Series Interfaces
Chapter 4: Advanced Security Policy
- Junos OS ALGs
- Custom Application Definitions
- Advanced Policy Design
- Dynamic Addressing
- Policy Logging
- DNS Doctoring
Day 2 AJSEC
Chapter 5: Classroomization
- Junos Routing Instances
- Forwarding Between Instances
- Filter-based Forwarding and Policy-based Routing
Chapter 6: Advanced NAT Concepts
- NAT Interaction with Policy and ALGs
- Junos NAT Implementation Review
- Cone NAT
- Multitenant NAT
- IPv4-to-IPv6 NAT
Chapter 7: High Availability
- Chassis Clustering Implementations
- Monitoring Chassis Clusters
- Advanced HA Topics
Day 3 AJSEC
Chapter 8: IPsec Implementations
- Standard VPN Implementations Review
- Public Key Infrastructure
- Hub-and-Spoke VPNs
- Group VPNs
Chapter 9: Enterprise IPsec Technologies: Group and Dynamic VPNs
- Group VPN Overview
- GDOI Protocol
- Group VPN Configuration and Monitoring
- Dynamic VPN Overview
- Dynamic VPN Implementation
Chapter 10: IPsec VPN Case Studies and Solutions
- Routing over VPNs
- NAT with IPsec
- Enterprise VPN Deployment Best Practices
Chapter 11: Troubleshooting Junos Security
- Troubleshooting Tools
- Troubleshooting Methodology
- Case Study A
- Case Study B
Day 4 JIPS
Chapter 1
Chapter 2 Overview of IPS Functionality
- Reasons for Network Attacks
- Categories of Attacks
- Anatomy of an Attack
- IPS Mechanisms on SRX Series Devices
Chapter 3 Initial Device Configuration
- Deployment Options for IPS Functionality
- Management Options
- Network Settings
- Preparing the SRX Series Device for IPS Features
Chapter 4 IPS Terminology and Concepts
- Terminology Overview
- Attack Objects
- IPS Rulebase Details
- Rule Match Conditions
- Rule Actions
- Terminal Rules
- IP Actions
- Notification
- Terminology Review
- IPS Traffic Flow
Day 5 JIPS
Chapter 5 IPS Attack Objects
- IPS Rules and Rulebases
- Attack Objects
- Custom Signatures
Chapter 6 Scanning and Reconnaissance
- Overview of Scanning
- Types of Scans
- Fingerprinting
- IPS Scan Prevention
Chapter 7 Blocking Evasion Techniques and Denial of Service
- FIN Scans
- IP Spoofing
- IP Source Routing Options
- DoS and DDoS Attacks
- Mechanisms for Blocking DoS and DDoS
Chapter 8 Reporting
- NSM Reports
- Syslog Structure
- The Junos OS Commands