Advanced Juniper Security (AJSEC)

This four-day course, designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos OS security features with coverage of advanced logging and reporting, next-generation Layer 2 security, and next-generation advanced anti-malware with Juniper ATP On-Prem and SecIntel. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component. This course uses on Junos OS Release 20.1R1.11, Junos Space Security Director 19.4, and Juniper ATP On-Prem version 5.0.7.

Additional Details

Download Course Overview Flyer (PDF)
Questions or comments? Please contact us
Please note: course pricing may vary based on Juniper Networks Authorized Education Partner (JNAEP) offerings and locations.

2 Ways to Buy!

Enroll Below

All Access Pass
Best Value

Purchase an All Access Pass and get instant access to all on-demand and instructor-led courses at one low price!

Click To Expand Full Course Outline

Course Level

Advanced Juniper Security (AJSEC) is an advanced-level course.

Intended Audience

This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components.

Prerequisites

Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Juniper Security (JSEC) course prior to attending this class.

Objectives

After successfully completing this course, you should be able to:

Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses.
Describe the various forms of security supported by the Junos OS.
Describe the Juniper Connected Security model.
Describe Junos security handling at Layer 2 versus Layer 3.
Implement next generation Layer 2 security features.
Demonstrate understanding of Logical Systems (LSYS).
Demonstrate understanding of Tenant Systems (TSYS).
Implement virtual routing instances in a security setting.
Describe and configure route sharing between routing instances using logical tunnel interfaces.
Describe and discuss Juniper ATP and its function in the network.
Describe and implement Juniper Connected Security with Policy Enforcer in a network.
Describe firewall filters use on a security device.
Implement firewall filters to route traffic.
Explain how to troubleshoot zone problems.
Describe the tools available to troubleshoot SRX Series devices.
Describe and implement IPsec VPN in a hub-and-spoke model.
Describe the PKI infrastructure.
Implement certificates to build an ADVPN network.
Describe using NAT, CoS and routing protocols over IPsec VPNs.
Implement NAT and routing protocols over an IPsec VPN.
Describe the logs and troubleshooting methodologies to fix IPsec VPNs.
Implement working IPsec VPNs when given configuration that are broken.
Describe Incident Reporting with Juniper ATP On-Prem device.
Configure mitigation response to prevent spread of malware.
Explain SecIntel uses and when to use them.
Describe the systems that work with SecIntel.
Describe and implement advanced NAT options on the SRX Series devices.
Explain DNS doctoring and when to use it.
Describe NAT troubleshooting logs and techniques.

Course Contents

Day 1

Chapter 1: Course Introduction

Chapter 2: Junos Layer 2 Packet Handling and Security Features

Transparent Mode Security
Secure Wire
Layer 2 Next Generation Ethernet Switching
MACsec
Lab 1: Implementing Layer 2 Security

Chapter 3: Firewall Filters

Using Firewall Filters to Troubleshoot
Routing Instances
Filter-Based Forwarding
Lab 2: Implementing Firewall Filters

Chapter 4: Troubleshooting Zones and Policies

General Troubleshooting for Junos Devices
Troubleshooting Tools
Troubleshooting Zones and Policies
Zone and Policy Case Studies
Lab 3: Troubleshooting Zones and Policies

Day 2

Chapter 5: Hub-and-Spoke VPN

Overview
Configuration and Monitoring
Lab 4: Implementing Hub-and-Spoke VPNs

Chapter 6: Advanced NAT

Configuring Persistent NAT
Demonstrate DNS doctoring
Configure IPv6 NAT operations
Troubleshooting NAT
Lab 5: Implementing Advanced NAT Features

Chapter 7: Logical and Tenant Systems

Overview
Administrative Roles
Differences Between LSYS and TSYS
Configuring LSYS
Configuring TSYS
Lab 6: Implementing TSYS

Day 3

Chapter 8: PKI and ADVPNs

PKI Overview
PKI Configuration
ADVPN Overview
ADVPN Configuration and Monitoring
Lab 7: Implementing ADVPNs

Chapter 9: Advanced IPsec

NAT with IPsec
Class of Service with IPsec
Best Practices
Routing OSPF over VPNs
Lab 8: Implementing Advanced IPsec Solutions

Chapter 10: Troubleshooting IPsec

IPsec Troubleshooting Overview
Troubleshooting IKE Phase 1 and 2
IPsec Logging
IPsec Case Studies
Lab 9: Troubleshooting IPsec

Day 4

Chapter 11: Juniper Connected Security

Security Models
Enforcement on Every Network Device

Chapter 12: SecIntel

Security Feed
Encrypted Traffic Analysis
Use Cases for SecIntel
Lab 10: Implementing SecIntel

Chapter 13:Advanced Juniper ATP On-Prem

Collectors
Private Mode
Incident Response
Deployment Models
Lab 11: Implementing Advanced ATP On-Prem

Chapter 14: Automated Threat Mitigation

Identify and Mitigate Malware Threats

Automate Security Mitigation

Lab 12: Identifying and Mitigation of Threats

Appendix A: Group VPNs

Overview

Implementing Group VPNs

Jump to Top

Schedule

Below is a list of scheduled dates when this event will take place. Some events require registration for attendance so you will need to click on the date for more information regarding the specific event.

If you don't see the date you prefer, please email us at training@juniper.net to request a date or schedule your custom training session.

Display dates for

Date	Subject	Region	Location	Facilitator	Language	Status
11/30/2020	Advanced Junos Security (AJSEC) - ILT & ILO	Americas (AMER)	Phoenix, AZ + Online	Dynamic Worldwide	English	Open
11/30/2020	Advanced Junos Security (AJSEC) - ILT & ILO	Americas (AMER)	CDMX + Online	SICAP	Spanish	Open
12/7/2020 9:30 AM PST	Advanced Juniper Secuirty	Asia Pacific (APAC)	Online	Datacipher - Philippines	English	Open
12/14/2020 9:00 AM AEST	Advanced Juniper Secuirty	Asia Pacific (APAC)	Australia,Sydney	Datacipher - Australia & New Zealand	English	Open
12/14/2020 9:00 AM AEST	Advanced Juniper Security (AJSEC) - ILO	Asia Pacific (APAC)	Instructor Led Online	Juniper Networks	English	Open
12/14/2020	Advanced Junos Security (AJSEC)	Europe, Middle East and Africa (EMEA)	Amsterdam + live online	Tech Data	English	Open
12/21/2020	Advanced Junos Security (AJSEC) - ILO	Asia Pacific (APAC)	APAC Online	Spectrum - APAC	English	Open
1/18/2021 9:00 AM SGT	Advanced Junos Security (AJSEC) - ILO	Asia Pacific (APAC)	APAC Online	Juniper Networks	English	Open
1/19/2021 7:30 AM PST	Advanced Junos Security (AJSEC) - ILO	Americas (AMER)	AMER Online	Juniper Networks	English	Open
1/25/2021	Advanced Junos Security (AJSEC) - ILT & ILO	Asia Pacific (APAC)	Pune + Online	Datacipher - India & Sri Lanka	English	Open
2/8/2021 9:00 AM AEST	Advanced Junos Security (AJSEC) - ILO	Asia Pacific (APAC)	APAC Online	Juniper Networks	English	Open
2/22/2021	Advanced Junos Security (AJSEC) - ILT & ILO	Americas (AMER)	Phoenix, AZ + Online	Dynamic Worldwide	English	Open
2/22/2021 9:00 AM CET	Advanced Junos Security (AJSEC) - ILO	Europe, Middle East and Africa (EMEA)	EMEA Online	Juniper Networks	English	Open
3/15/2021	Advanced Junos Security (AJSEC) - ILT & ILO	Europe, Middle East and Africa (EMEA)	London, United Kingdom + Online	Arrow ECS - United Kingdom	English	Open
3/15/2021 9:00 AM CET	Advanced Junos Security (AJSEC) - ILO	Europe, Middle East and Africa (EMEA)	EMEA Online	Juniper Networks	English	Open
3/22/2021 7:30 AM PST	Advanced Junos Security (AJSEC) - ILO	Americas (AMER)	AMER Online	Juniper Networks	English	Open
3/29/2021	Advanced Junos Security (AJSEC)	Europe, Middle East and Africa (EMEA)	Amsterdam + live online	Tech Data	English	Open
4/12/2021 9:00 AM AEST	Advanced Junos Security (AJSEC) - ILO	Asia Pacific (APAC)	APAC Online	Juniper Networks	English	Open
4/12/2021	Advanced Junos Security (AJSEC) - ILT & ILO	Americas (AMER)	Phoenix, AZ + Online	Dynamic Worldwide	English	Open
4/19/2021 9:00 AM CET	Advanced Junos Security (AJSEC) - ILO	Europe, Middle East and Africa (EMEA)	EMEA Online	Juniper Networks	English	Open
5/17/2021	Advanced Junos Security (AJSEC) - ILT & ILO	Europe, Middle East and Africa (EMEA)	London, United Kingdom + Online	Arrow ECS - United Kingdom	English	Open
5/24/2021 9:00 AM SGT	Advanced Junos Security (AJSEC) - ILO	Asia Pacific (APAC)	APAC Online	Juniper Networks	English	Open
5/25/2021 9:00 AM CET	Advanced Junos Security (AJSEC) - ILO	Europe, Middle East and Africa (EMEA)	EMEA Online	Juniper Networks	English	Open
6/28/2021	Advanced Junos Security (AJSEC)	Europe, Middle East and Africa (EMEA)	Amsterdam + live online	Tech Data	English	Open
8/2/2021	Advanced Junos Security (AJSEC) - ILT & ILO	Europe, Middle East and Africa (EMEA)	London, United Kingdom + Online	Arrow ECS - United Kingdom	English	Open
10/25/2021	Advanced Junos Security (AJSEC) - ILT & ILO	Europe, Middle East and Africa (EMEA)	London, United Kingdom + Online	Arrow ECS - United Kingdom	English	Open