Designed for experienced networking professionals with intermediate knowledge of the Juniper Networks Junos software for SRX Series devices, this written exam JNCIS-SEC verifies the candidate’s understanding of security technologies and related platform configuration and troubleshooting skills.
Learn to configure and monitor SRX Series devices while preparing for the JNCIS-SEC exam in this accelerated Boot Camp.
In this accelerated Boot Camp, you will gain the knowledge needed to succeed on the Juniper Networks Certified Internet Specialist – Security (JNCIS-SEC) exam, and you will gain hands-on experience configuring and monitoring the Junos OS for SRX Series devices.
During the first half of class, you will review SRX Series Services Gateway configuration, operation, and implementation in a typical network environment. Key topics include security zones, security policies, Intrusion Detection and Prevention (IDP), Network Address Translation (NAT), High Availability (HA) clusters, and basic implementation, configuration, and management.
In the second half, you will cover web filtering, antivirus (AV), anti-spam, and content filtering. Also, through demonstrations and hands-on labs, you will gain experience configuring and monitoring the Unified Threat Management (UTM) features of the Junos OS.
What are the Prerequisites
Attendees should meet the following prerequisites:
- Introduction to the Junos Operating System (Junos).
- Junos Routing Essentials (JRE).
What is the target audience
Network engineers, administrators, support personnel, and reseller support personnel using SRX Series devices.
Anyone seeking JNCIS-SEC certification.
Jobs Demand Trends for Juniper JNCIS-SEC Engineer
The chart below depics a 3-month moving average for salaries quoted in permanent IT jobs for Juniper JNCIS-SEC Engineer within the UK. Their average salary is £50,000 (source: itjobswatch.co.uk).
JNCIS-SEC Training Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
- Describe traditional routing and security and the current trends in internetworking.
- Provide an overview of SRX Series devices and software architecture.
- Describe the logical packet flow and session creation performed by SRX Series devices.
- Describe, configure, and monitor zones.
- Describe, configure, and monitor security policies.
- Describe, configure, and monitor firewall user authentication.
- Describe various types of network attacks.
- Configure and monitor SCREEN options to prevent network attacks.
- Explain, implement, and monitor NAT on Junos security platforms.
- Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
- Implement and monitor policy-based and route-based IPsec VPNs.
- Utilize and update the IDP signature database.
- Configure and monitor IDP policy with policy templates.
- Describe, configure, and monitor high availability chassis clusters.
- Describe the challenges that branch offices present to network managers.
- List the major features that UTM offers.
- Explain how each major feature addresses the challenges of the branch office.
Junos Security Platforms
Traditional Routing
Traditional Security
Breaking the Tradition
The Junos OS Architecture
Zones
Definition of Zones
Zone Configuration
Monitoring Security Zones
Security Policies
Policy Components
Verifying Policy Operation
Policy Scheduling and Rematching
Policy Case Study
Firewall User Authentication
Firewall User Authentication Overview
Pass-Through Authentication
Web Authentication
Client Groups
Using External Authentication Servers
Verifying Firewall User Authentication
Screen Options
Multilayer Network Protection
Stages and Types of Attacks
Using Junos SCREEN Options
Applying and Monitoring Screen Options
NAT
Source NAT Operation and Configuration
Destination NAT Operation and Configuration
Static NAT Operation and Configuration
Proxy ARP
Monitoring and Verifying NAT Operation
IPsec VPNs
VPN Types
Secure VPN Requirements
IPsec Details
Configuration of IPsec VPNs
IPsec VPN Monitoring
IDP
Junos IDP
Policy Components
Configuration
Signature Database
Case Study: Applying the Recommended IDP Policy
Monitoring IDP Operation
HA Clustering
Chassis Cluster Components
Chassis Cluster Operation
Chassis Cluster Configuration
Chassis Cluster Monitoring
Unified Threat Management
Branch Office Challenges
UTM Feature Overview
Design Basics
Hardware Support
Licensing of Features
Anti-Spam
Terminology and Process
UTM Policy
Configuration Steps
Monitoring Anti-Spam
Full File-Based and Express AV
AV Terminology and Process
AV Operation
Full File-based AV Configuration
Express AV Configuration
Monitoring AV
Content and Web Filtering
Overview and Terminology
Configuration
Verification and Monitoring
Course Labs
- Lab 1: Configuring and Monitoring Zones
- Lab 2: Security Policies
- Lab 3: Configuring Firewall Authentication
- Lab 4: Implementing SCREEN Options
- Lab 5: Network Address Translation
- Lab 6: Implementing IPsec VPNs
- Lab 7: Implementing IDP
- Lab 8: Implementing Chassis Clusters
- Lab 9: Connecting to the Lab Equipment and Testing Connectivity
- Lab 10: Configuring an Anti-Spam Policy
- Lab 11: AV Configuration and Testing
- Lab 12: Configuring Content and Web Filtering
Course Features
- Lecture 0
- Quiz 0
- Duration 20 hours
- Skill level All levels
- Language English
- Students 257
- Assessments Yes