課程資訊

安全平台的進階Junos(Advanced Junos Security)

代碼 AJSEC_201707
中文名稱 安全平台的進階Junos
英文名稱 Advanced Junos Security
課程長度 5 天
上課時間 09:00-17:00
費用 110,000
點數 NA
教材 原廠教材
考試代碼 JN0-634

課程時間

無資料

課程目標

  • Demonstrate understanding of concepts covered in the prerequisite Junos Security course.
  • Describe the various forms of security supported by the Junos OS.
  • Implement features of the AppSecure suite, including AppID, AppFW, and AppTrack.
  • Configure custom application signatures.
  • Describe Junos security handling at Layer 2 versus Layer 3.
  • Implement next generation Layer 2 security features.
  • Demonstrate understanding of Logical Systems (LSYS).
  • Implement address books with dynamic addressing.
  • Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios.
  • Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems.
  • Describe Junos routing instance types used for virtualization.
  • Implement virtual routing instances.
  • Describe and configure route sharing between routing instances using logical tunnel interfaces.
  • Describe and implement static, source, destination, and dual NAT in complex LAN environments.
  • Describe and implement variations of persistent NAT.
  • Describe and implement Carrier Grade NAT (CGN) solutions for IPv6 NAT, such as NAT64, NAT46, and DS-Lite.
  • Describe the interaction between NAT and security policy.
  • Demonstrate understanding of DNS doctoring.
  • Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, AD VPNs, and group VPNs.
  • Implement IPsec tunnels using virtual routers.
  • Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls.
  • Monitor the operations of the various IPsec VPN implementations.
  • Describe public key cryptography for certificates.
  • Utilize Junos tools for troubleshooting Junos security implementations.
  • Perform successful troubleshooting of some common Junos security issues.

適合對象

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components.

課程內容

Day 1
Chapter 1: Course Introduction
Chapter 2: Junos Layer 2 Packet Handling and Security Features
  • Transparent Mode Security
  • Secure Wire
  • Layer 2 Next Generation Ethernet Switching
  • MACsec
  • Lab 1: Implementing Layer 2 Security
Chapter 3: Virtualization
  • Virtualization Overview
  • Routing Instances
  • Logical Systems
  • Lab 2: Implementing Junos Virtual Routing
Chapter 4: AppSecure Theory
  • AppSecure Overview
  • AppID
  • AppTrack
  • AppFW
  • AppQoS
Day 2
Chapter 5: AppSecure Implementation
  • AppTrack
  • AppFW
  • AppQoS
  • APBR
  • SSL Proxy
  • Lab 3: Implementing AppSecure
Chapter 6: Sky ATP Concepts and Setup
  • Sky ATP Overview
  • Sky ATP Features
  • Sky ATP Setup
  • Sky ATP Enrollment Troubleshooting
Chapter 7: Sky ATP Implementation
  • Configuring Sky ATP using the Web UI
  • Configuring Sky ATP with Security Director
  • Monitoring Infected Hosts
  • Infected Host Case Study
  • Lab 4: Implementing Sky ATP Demo
Day 3
Chapter 8: SDSN with Policy Enforcer
  • Policy Enforcer Overview
  • Configuring Policy Enforcer and SDSN
  • Infected Host Case Study
  • Lab 5: Implementing SDSN with Policy Enforcer
Chapter 9: Implementing UTM
  • UTM Overview
  • AntiSpam
  • AntiVirus
  • Content and Web Filtering
  • Lab 6: Implementing UTM
Day 4
Chapter 10: Introduction to IPS
  • IPS Overview
  • Network Asset Protection
  • Intrusion Attack Methods
  • Intrusion Prevention Systems
  • IPS Inspection Walkthrough
Chapter 11: IPS Policy and Configuration
  • SRX IPS Requirements
  • IPS Operation Modes
  • Basic IPS Policy Review
  • IPS Rulebase Operations
  • Lab 7: Implementing Basic IPS Policy
Chapter 12: SSL Proxy
  • SSL Proxy Overview
  • Client-Protection SSL Proxy
  • Server-Protection SSL Proxy
  • SSL Proxy Case Study
Day 5
Chapter 13: User Authentication
  • User Role Firewall and Integrated User Firewall Overview
  • User Role Firewall Implementation
  • Monitoring User Role Firewall
  • Integrated User Firewall Implementation
  • Monitoring Integrated User Firewall
  • Lab 8: Configure User Role Firewall and Integrated User Firewall
Chapter 14: Monitoring and Reporting
  • Log Director Overview
  • Log Director Installation
  • Working with Log Events
  • Alerts and Reports
  • Lab 9: Deploying Log Director

學前基礎

Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Introduction to the Junos Operating System (IJOS), Junos Routing Essentials (JRE), and Junos Security (JSEC) courses prior to attending this class.