EDU-JUN-AJSEC - Advanced Juniper Security (AJSEC)

DURATION
4 days

LEVEL
Advanced

OBJECTIVES
This four-day course, which is designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos OS security features with advanced coverage of advanced logging and reporting,
next generation Layer 2 security, next generation advanced anti-malware with Juniper ATP On-Prem and SecIntel. This course uses
Juniper Networks SRX Series Services Gateways for the hands-on component.
This course is based on Junos OS Release 20.1R1.11, Junos Space Security Director 19.4, Juniper ATP On-Prem version 5.0.7

PREREQUISITES
• Strong level of TCP/IP networking and security knowledge
• Complete the Juniper Security (JSEC) course prior to attending this class

WHO SHOULD ATTEND
This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components.

TOPICS
Day 1
COURSE INTRODUCTION

Junos Layer 2 Packet Handling and
Security Features
• Transparent Mode Security
• Secure Wire
• Layer 2 Next Generation Ethernet Switching
• MACsec
LAB 1: Implementing Layer 2 Security

Firewall Filters
• Using Firewall Filters to Troubleshoot
• Routing Instances
• Filter-Based Forwarding
LAB 2: Implementing Firewall Filters

Troubleshooting Zones and Policies
• General Troubleshooting for Junos Devices
• Troubleshooting Tools
• Troubleshooting Zones and Policies
• Zone and Policy Case Studies
LAB 3: Troubleshooting Zones and Policies

Day 2
Hub-and-Spoke VPN
• Overview
• Configuration and Monitoring
LAB 4: Implementing Hub-and-Spoke VPNs

Advanced NAT
• Configuring Persistent NAT
• Demonstrate DNS Doctoring
• Configure IPv6 NAT Operations
• Troubleshooting NAT
LAB: 5: Implementing Advanced NAT

Features
Logical and Tenant Systems
• Overview
• Administrative Roles
• Differences Between LSYS and TSYS
• Configuring LSYS
• Configuring TSYS
LAB 6: Implementing TSYS

Day 3
PKI and ADVPNs
• PKI Overview
• PKI Configuration
• ADVPN Overview
• ADVPN Configuration and Monitoring
LAB 7: Implementing ADVPNs

Advanced IPsec
• NAT with IPsec
• Class of Service with IPsec
• Best Practices
• Routing OSPF over VPNs
LAB 8: Implementing Advanced IPsec Solutions

Troubleshooting IPsec
• IPsec Troubleshooting Overview
• Troubleshooting IKE Phase 1 and 2
• IPsec Logging
• IPsec Case Studies
LAB 9: Troubleshooting IPsec

Day 4
Juniper Connected Security
• Security Models
• Enforcement on Every Network Device

SecIntel
• Security Feed
• Encrypted Traffic Analysis
• Use Cases for SecIntel
LAB 10: Implementing SecIntel

Advanced Juniper ATP On-Prem
• Collectors
• Private Mode
• Incident Response
• Deployment Models
LAB 11: Implementing Advanced ATP On-Prem

Automated Threat Mitigation
• Identify and Mitigate Malware Threats
• Automate Security Mitigation
LAB 12: Identifying and Mitigating Threats

A Group VPNs
• Overview
• Implementing Group VPNs