This four-day, intermediate-level course provides students with the knowledge required to work with Juniper Connected Security devices. This
course uses Junos CLI, Junos Space® Security Director. The course provides further instruction on how Juniper Networks approaches a complete
security solution for current and future security problems, called Juniper Connected Security. Key topics include tasks for intrusion detection and
prevention (IDP) rules and custom attack objects, IPSec VPNs, Security Director management, Juniper® Advanced Threat Prevention management
(ATP) Cloud management, Policy Enforcer management, Identity aware security policies, Secure Sockets Layer (SSL) Proxy configuration, and Juniper
Networks® SRX Series Firewalls high availability configuration and troubleshooting. Through demonstrations and hands-on labs, students will gain
experience with the features of each of these devices.
Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos OS and monitoring basic device
operations. This course is based on Junos OS Release 24.2R1, Junos Space 23.1R1, Security Director 23.1R1, and JIMS 1.7.0R2.

COURSE LEVEL

Juniper Security is an intermediate course

• Explain the basics of intrusion detection.
• Explain the function of SSL Proxy.
• Explain IPsec VPN concepts.
• Implement site-to-site IPsec VPNs.
• Implement Juniper® Secure Connect.
• Implement identity-aware security policies.
• Explain Security Director.
• Introduce Policy Enforcer.
• Describe the Juniper ATP Cloud Anti-Malware.
• Describe the Juniper ATP Cloud features.
• Explain the concepts of a chassis cluster.
• Explain how to set up a chassis cluster.
• Review troubleshooting steps for chassis clusters.
• Explain how to set up a chassis cluster.

Individuals responsible for security operations using Juniper Networks security solutions, including network engineers, security engineers,
administrators, support personnel, and resellers.

• Basic networking knowledge and an understanding of the OSI reference model and the TCP/ IP protocol suite
• Completing the Introduction to Juniper Security course

DAY 1

Module 1: Implementing Intrusion Detection and Prevention
• Describe the purpose of IDP
• Utilize and update the IDP signature database
• Configure an IDP policy
• Utilize and configure an IDP policy using a template
• Monitor IDP operations
Lab 1: Implementing IDP
Module 2: Implementing SSL Proxy
• Explain why SSL proxy is necessary
• Describe and configure client-protection SSL proxy
• Describe and configure server-protection SSL proxy
• Discuss how to monitor SSL proxy
• Explain the SSL mirror decrypt feature
Lab 2: Implementing SSL Proxy
Module 3: IPsec VPN Concepts
• Identify various types of VPNs
• Describe IPsec VPNs and their functionalities
• Describe how IPsec VPNs are established
• Describe IPsec traffic processing
Module 4: Implementing Site-to-Site IPsec VPNs
• Describe the high-level configuration options for an IPsec VPN
• Describe the functionality of proxy IDs and traffic selectors
• Configure an IPsec site-to-site VPN
• Monitor a site-to-site IPsec VPN
Lab 3: Implementing Site-to-Site IPsec VPNs

DAY 2

Module 5: Implementing Juniper Secure Connect
• Describe Juniper Secure Connect features
• Explain Juniper Secure Connect UI options
• Configure Juniper Secure Connect on SRX Series devices
• Connect Juniper Secure Connect Client
Lab 4: Implementing Juniper Secure Connect
Module 6: Implementing Identity Aware Security Policies
• Describe identity-aware firewall and list supported identity sources
• Describe Active Directory as identity source
• Configure Active Directory as identity source
• Describe Juniper Identity Management Service
• Explain how to install Juniper Identity Management Service
• Configure Juniper Identity Management Service
• Describe how to troubleshoot Juniper Identity Management Service
Lab 5: Implementing Identity Aware Security Policies
Module 7: Introducing Security Director
• Explain the benefits of Security Director
• Explain Security Director deployment options
• Demonstrate how to access and use the Security Director UI
• Demonstrate how to onboard a device
• Demonstrate how to manage security policies
• Demonstrate how to deploy and validate configuration changes
Lab 6: Using Security Director

DAY 3

Module 8: Introducing Policy Enforcer
• Explain the benefits of Policy Enforcer
• Explain how to configure a secure fabric
• Describe how infected host remediation occurs
Module 9: Implementing Juniper ATP Cloud Anti-Malware
• Describe Juniper ATP Cloud anti-malware capabilities
• Describe the Juniper ATP Cloud Web UI options
• Configure the SRX Series Firewall to use Juniper ATP Cloud anti-malware
• Discuss a Juniper ATP Cloud anti-malware case study
Lab 7: Enrolling Devices in Juniper ATP Cloud
Module 10: Implementing Juniper ATP Cloud Features
• Explain Security Intelligence
• Describe Encrypted Traffic Insights
• Describe Adaptive Threat Profiling
• Explain IoT Security
Lab 8: Implementing ATP Cloud Features

DAY 4

Module 11: Understanding Chassis Cluster Concepts
• Describe why customers implement a chassis cluster
• Identify chassis cluster components
• Describe the causes of failover
Module 12: Implementing a Chassis Cluster
• Configure a chassis cluster
• Explain additional chassis cluster configuration options
Lab 9: Implementing a Chassis Cluster
Module 13: Troubleshooting a Chassis Cluster
• Troubleshoot a chassis cluster
• Explain the chassis cluster case studies
Lab 10: Troubleshooting a Chassis Cluster

SELF-STUDY MODULE
Module 14: Explain Junos OS Routing Fundamentals
• Explain the difference between directly connected, static, and dynamic routes
• Explain how route preference determines the active route to a destination
• Demonstrate how to display and examine the inet.0 and inet6.0 routing tables
• Configure and validate static routing
• Explain the flow process

RECOMMENDED NEXT COURSE
Advanced Juniper Security

RELATED CERTIFICATION
JNCIS-SEC